Ruff

Latest version: v0.11.2

Safety actively analyzes 723177 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 23 of 32

0.5.2

Preview features

- Use `space` separator before parenthesized expressions in comprehensions with leading comments ([12282](https://github.com/astral-sh/ruff/pull/12282))
- \[`flake8-async`\] Update `ASYNC100` to include `anyio` and `asyncio` ([12221](https://github.com/astral-sh/ruff/pull/12221))
- \[`flake8-async`\] Update `ASYNC109` to include `anyio` and `asyncio` ([12236](https://github.com/astral-sh/ruff/pull/12236))
- \[`flake8-async`\] Update `ASYNC110` to include `anyio` and `asyncio` ([12261](https://github.com/astral-sh/ruff/pull/12261))
- \[`flake8-async`\] Update `ASYNC115` to include `anyio` and `asyncio` ([12262](https://github.com/astral-sh/ruff/pull/12262))
- \[`flake8-async`\] Update `ASYNC116` to include `anyio` and `asyncio` ([12266](https://github.com/astral-sh/ruff/pull/12266))

Rule changes

- \[`flake8-return`\] Exempt properties from explicit return rule (`RET501`) ([12243](https://github.com/astral-sh/ruff/pull/12243))
- \[`numpy`\] Add `np.NAN`-to-`np.nan` diagnostic ([12292](https://github.com/astral-sh/ruff/pull/12292))
- \[`refurb`\] Make `list-reverse-copy` an unsafe fix ([12303](https://github.com/astral-sh/ruff/pull/12303))

Server

- Consider `include` and `extend-include` settings in native server ([12252](https://github.com/astral-sh/ruff/pull/12252))
- Include nested configurations in settings reloading ([12253](https://github.com/astral-sh/ruff/pull/12253))

CLI

- Omit code frames for fixes with empty ranges ([12304](https://github.com/astral-sh/ruff/pull/12304))
- Warn about formatter incompatibility for `D203` ([12238](https://github.com/astral-sh/ruff/pull/12238))

Bug fixes

- Make cache-write failures non-fatal on Windows ([12302](https://github.com/astral-sh/ruff/pull/12302))
- Treat `not` operations as boolean tests ([12301](https://github.com/astral-sh/ruff/pull/12301))
- \[`flake8-bandit`\] Avoid `S310` violations for HTTP-safe f-strings ([12305](https://github.com/astral-sh/ruff/pull/12305))
- \[`flake8-bandit`\] Support explicit string concatenations in S310 HTTP detection ([12315](https://github.com/astral-sh/ruff/pull/12315))
- \[`flake8-bandit`\] fix S113 false positive for httpx without `timeout` argument ([12213](https://github.com/astral-sh/ruff/pull/12213))
- \[`pycodestyle`\] Remove "non-obvious" allowance for E721 ([12300](https://github.com/astral-sh/ruff/pull/12300))
- \[`pyflakes`\] Consider `with` blocks as single-item branches for redefinition analysis ([12311](https://github.com/astral-sh/ruff/pull/12311))
- \[`refurb`\] Restrict forwarding for `newline` argument in `open()` calls to Python versions >= 3.10 ([12244](https://github.com/astral-sh/ruff/pull/12244))

Documentation

- Update help and documentation to reflect `--output-format full` default ([12248](https://github.com/astral-sh/ruff/pull/12248))

Performance

- Use more threads when discovering Python files ([12258](https://github.com/astral-sh/ruff/pull/12258))

0.5.1

Preview features

- \[`flake8-bugbear`\] Implement mutable-contextvar-default (B039) ([12113](https://github.com/astral-sh/ruff/pull/12113))
- \[`pycodestyle`\] Whitespace after decorator (`E204`) ([12140](https://github.com/astral-sh/ruff/pull/12140))
- \[`pytest`\] Reverse `PT001` and `PT0023` defaults ([12106](https://github.com/astral-sh/ruff/pull/12106))

Rule changes

- Enable token-based rules on source with syntax errors ([11950](https://github.com/astral-sh/ruff/pull/11950))
- \[`flake8-bandit`\] Detect `httpx` for `S113` ([12174](https://github.com/astral-sh/ruff/pull/12174))
- \[`numpy`\] Update `NPY201` to include exception deprecations ([12065](https://github.com/astral-sh/ruff/pull/12065))
- \[`pylint`\] Generate autofix for `duplicate-bases` (`PLE0241`) ([12105](https://github.com/astral-sh/ruff/pull/12105))

Server

- Avoid syntax error notification for source code actions ([12148](https://github.com/astral-sh/ruff/pull/12148))
- Consider the content of the new cells during notebook sync ([12203](https://github.com/astral-sh/ruff/pull/12203))
- Fix replacement edit range computation ([12171](https://github.com/astral-sh/ruff/pull/12171))

Bug fixes

- Disable auto-fix when source has syntax errors ([12134](https://github.com/astral-sh/ruff/pull/12134))
- Fix cache key collisions for paths with separators ([12159](https://github.com/astral-sh/ruff/pull/12159))
- Make `requires-python` inference robust to `==` ([12091](https://github.com/astral-sh/ruff/pull/12091))
- Use char-wise width instead of `str`-width ([12135](https://github.com/astral-sh/ruff/pull/12135))
- \[`pycodestyle`\] Avoid `E275` if keyword followed by comma ([12136](https://github.com/astral-sh/ruff/pull/12136))
- \[`pycodestyle`\] Avoid `E275` if keyword is followed by a semicolon ([12095](https://github.com/astral-sh/ruff/pull/12095))
- \[`pylint`\] Skip [dummy variables](https://docs.astral.sh/ruff/settings/#lint_dummy-variable-rgx) for `PLR1704` ([12190](https://github.com/astral-sh/ruff/pull/12190))

Performance

- Remove allocation in `parse_identifier` ([12103](https://github.com/astral-sh/ruff/pull/12103))
- Use `CompactString` for `Identifier` AST node ([12101](https://github.com/astral-sh/ruff/pull/12101))

0.5.0

Check out the [blog post](https://astral.sh/blog/ruff-v0.5.0) for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

- Follow the XDG specification to discover user-level configurations on macOS (same as on other Unix platforms)
- Selecting `ALL` now excludes deprecated rules
- The released archives now include an extra level of nesting, which can be removed with `--strip-components=1` when untarring.
- The release artifact's file name no longer includes the version tag. This enables users to install via `/latest` URLs on GitHub.
- The diagnostic ranges for some `flake8-bandit` rules were modified ([10667](https://github.com/astral-sh/ruff/pull/10667)).

Deprecations

The following rules are now deprecated:

- [`syntax-error`](https://docs.astral.sh/ruff/rules/syntax-error/) (`E999`): Syntax errors are now always shown

Remapped rules

The following rules have been remapped to new rule codes:

- [`blocking-http-call-in-async-function`](https://docs.astral.sh/ruff/rules/blocking-http-call-in-async-function/): `ASYNC100` to `ASYNC210`
- [`open-sleep-or-subprocess-in-async-function`](https://docs.astral.sh/ruff/rules/open-sleep-or-subprocess-in-async-function/): `ASYNC101` split into `ASYNC220`, `ASYNC221`, `ASYNC230`, and `ASYNC251`
- [`blocking-os-call-in-async-function`](https://docs.astral.sh/ruff/rules/blocking-os-call-in-async-function/): `ASYNC102` has been merged into `ASYNC220` and `ASYNC221`
- [`trio-timeout-without-await`](https://docs.astral.sh/ruff/rules/trio-timeout-without-await/): `TRIO100` to `ASYNC100`
- [`trio-sync-call`](https://docs.astral.sh/ruff/rules/trio-sync-call/): `TRIO105` to `ASYNC105`
- [`trio-async-function-with-timeout`](https://docs.astral.sh/ruff/rules/trio-async-function-with-timeout/): `TRIO109` to `ASYNC109`
- [`trio-unneeded-sleep`](https://docs.astral.sh/ruff/rules/trio-unneeded-sleep/): `TRIO110` to `ASYNC110`
- [`trio-zero-sleep-call`](https://docs.astral.sh/ruff/rules/trio-zero-sleep-call/): `TRIO115` to `ASYNC115`
- [`repeated-isinstance-calls`](https://docs.astral.sh/ruff/rules/repeated-isinstance-calls/): `PLR1701` to `SIM101`

Stabilization

The following rules have been stabilized and are no longer in preview:

- [`mutable-fromkeys-value`](https://docs.astral.sh/ruff/rules/mutable-fromkeys-value/) (`RUF024`)
- [`default-factory-kwarg`](https://docs.astral.sh/ruff/rules/default-factory-kwarg/) (`RUF026`)
- [`django-extra`](https://docs.astral.sh/ruff/rules/django-extra/) (`S610`)
- [`manual-dict-comprehension`](https://docs.astral.sh/ruff/rules/manual-dict-comprehension/) (`PERF403`)
- [`print-empty-string`](https://docs.astral.sh/ruff/rules/print-empty-string/) (`FURB105`)
- [`readlines-in-for`](https://docs.astral.sh/ruff/rules/readlines-in-for/) (`FURB129`)
- [`if-expr-min-max`](https://docs.astral.sh/ruff/rules/if-expr-min-max/) (`FURB136`)
- [`bit-count`](https://docs.astral.sh/ruff/rules/bit-count/) (`FURB161`)
- [`redundant-log-base`](https://docs.astral.sh/ruff/rules/redundant-log-base/) (`FURB163`)
- [`regex-flag-alias`](https://docs.astral.sh/ruff/rules/regex-flag-alias/) (`FURB167`)
- [`isinstance-type-none`](https://docs.astral.sh/ruff/rules/isinstance-type-none/) (`FURB168`)
- [`type-none-comparison`](https://docs.astral.sh/ruff/rules/type-none-comparison/) (`FURB169`)
- [`implicit-cwd`](https://docs.astral.sh/ruff/rules/implicit-cwd/) (`FURB177`)
- [`hashlib-digest-hex`](https://docs.astral.sh/ruff/rules/hashlib-digest-hex/) (`FURB181`)
- [`list-reverse-copy`](https://docs.astral.sh/ruff/rules/list-reverse-copy/) (`FURB187`)
- [`bad-open-mode`](https://docs.astral.sh/ruff/rules/bad-open-mode/) (`PLW1501`)
- [`empty-comment`](https://docs.astral.sh/ruff/rules/empty-comment/) (`PLR2044`)
- [`global-at-module-level`](https://docs.astral.sh/ruff/rules/global-at-module-level/) (`PLW0604`)
- [`misplaced-bare-raise`](https://docs.astral.sh/ruff/rules/misplaced-bare-raise/) (`PLE0744`)
- [`non-ascii-import-name`](https://docs.astral.sh/ruff/rules/non-ascii-import-name/) (`PLC2403`)
- [`non-ascii-name`](https://docs.astral.sh/ruff/rules/non-ascii-name/) (`PLC2401`)
- [`nonlocal-and-global`](https://docs.astral.sh/ruff/rules/nonlocal-and-global/) (`PLE0115`)
- [`potential-index-error`](https://docs.astral.sh/ruff/rules/potential-index-error/) (`PLE0643`)
- [`redeclared-assigned-name`](https://docs.astral.sh/ruff/rules/redeclared-assigned-name/) (`PLW0128`)
- [`redefined-argument-from-local`](https://docs.astral.sh/ruff/rules/redefined-argument-from-local/) (`PLR1704`)
- [`repeated-keyword-argument`](https://docs.astral.sh/ruff/rules/repeated-keyword-argument/) (`PLE1132`)
- [`super-without-brackets`](https://docs.astral.sh/ruff/rules/super-without-brackets/) (`PLW0245`)
- [`unnecessary-list-index-lookup`](https://docs.astral.sh/ruff/rules/unnecessary-list-index-lookup/) (`PLR1736`)
- [`useless-exception-statement`](https://docs.astral.sh/ruff/rules/useless-exception-statement/) (`PLW0133`)
- [`useless-with-lock`](https://docs.astral.sh/ruff/rules/useless-with-lock/) (`PLW2101`)

The following behaviors have been stabilized:

- [`is-literal`](https://docs.astral.sh/ruff/rules/is-literal/) (`F632`) now warns for identity checks against list, set or dictionary literals
- [`needless-bool`](https://docs.astral.sh/ruff/rules/needless-bool/) (`SIM103`) now detects `if` expressions with implicit `else` branches
- [`module-import-not-at-top-of-file`](https://docs.astral.sh/ruff/rules/module-import-not-at-top-of-file/) (`E402`) now allows `os.environ` modifications between import statements
- [`type-comparison`](https://docs.astral.sh/ruff/rules/type-comparison/) (`E721`) now allows idioms such as `type(x) is int`
- [`yoda-condition`](https://docs.astral.sh/ruff/rules/yoda-conditions/) (`SIM300`) now flags a wider range of expressions

Removals

The following deprecated settings have been removed:

- `output-format=text`; use `output-format=concise` or `output-format=full`
- `tab-size`; use `indent-width`

The following deprecated CLI options have been removed:

- `--show-source`; use `--output-format=full`
- `--no-show-source`; use `--output-format=concise`

The following deprecated CLI commands have been removed:

- `ruff <path>`; use `ruff check <path>`
- `ruff --clean`; use `ruff clean`
- `ruff --generate-shell-completion`; use `ruff generate-shell-completion`

Preview features

- \[`ruff`\] Add `assert-with-print-message` rule ([11981](https://github.com/astral-sh/ruff/pull/11981))

CLI

- Use rule name rather than message in `--statistics` ([11697](https://github.com/astral-sh/ruff/pull/11697))
- Use the output format `full` by default ([12010](https://github.com/astral-sh/ruff/pull/12010))
- Don't log syntax errors to the console ([11902](https://github.com/astral-sh/ruff/pull/11902))

Rule changes

- \[`ruff`\] Fix false positives if `gettext` is imported using an alias (`RUF027`) ([12025](https://github.com/astral-sh/ruff/pull/12025))
- \[`numpy`\] Update `trapz` and `in1d` deprecation (`NPY201`) ([11948](https://github.com/astral-sh/ruff/pull/11948))
- \[`flake8-bandit`\] Modify diagnostic ranges for shell-related rules ([10667](https://github.com/astral-sh/ruff/pull/10667))

Server

- Closing an untitled, unsaved notebook document no longer throws an error ([11942](https://github.com/astral-sh/ruff/pull/11942))
- Support the usage of tildes and environment variables in `logFile` ([11945](https://github.com/astral-sh/ruff/pull/11945))
- Add option to configure whether to show syntax errors ([12059](https://github.com/astral-sh/ruff/pull/12059))

Bug fixes

- \[`pycodestyle`\] Avoid `E203` for f-string debug expression ([12024](https://github.com/astral-sh/ruff/pull/12024))
- \[`pep8-naming`\] Match import-name ignores against both name and alias (`N812`, `N817`) ([12033](https://github.com/astral-sh/ruff/pull/12033))
- \[`pyflakes`\] Detect assignments that shadow definitions (`F811`) ([11961](https://github.com/astral-sh/ruff/pull/11961))

Parser

- Emit a syntax error for an empty type parameter list ([12030](https://github.com/astral-sh/ruff/pull/12030))
- Avoid consuming the newline for unterminated strings ([12067](https://github.com/astral-sh/ruff/pull/12067))
- Do not include the newline in the unterminated string range ([12017](https://github.com/astral-sh/ruff/pull/12017))
- Use the correct range to highlight line continuation errors ([12016](https://github.com/astral-sh/ruff/pull/12016))
- Consider 2-character EOL before line continuations ([12035](https://github.com/astral-sh/ruff/pull/12035))
- Consider line continuation character for re-lexing ([12008](https://github.com/astral-sh/ruff/pull/12008))

Other changes

- Upgrade the Unicode table used for measuring the line-length ([11194](https://github.com/astral-sh/ruff/pull/11194))
- Remove the deprecation error message for the nursery selector ([10172](https://github.com/astral-sh/ruff/pull/10172))

0.4.10

Parser

- Implement re-lexing logic for better error recovery ([11845](https://github.com/astral-sh/ruff/pull/11845))

Rule changes

- \[`flake8-copyright`\] Update `CPY001` to check the first 4096 bytes instead of 1024 ([11927](https://github.com/astral-sh/ruff/pull/11927))
- \[`pycodestyle`\] Update `E999` to show all syntax errors instead of just the first one ([11900](https://github.com/astral-sh/ruff/pull/11900))

Server

- Add tracing setup guide to Helix documentation ([11883](https://github.com/astral-sh/ruff/pull/11883))
- Add tracing setup guide to Neovim documentation ([11884](https://github.com/astral-sh/ruff/pull/11884))
- Defer notebook cell deletion to avoid an error message ([11864](https://github.com/astral-sh/ruff/pull/11864))

Security

- Guard against malicious ecosystem comment artifacts ([11879](https://github.com/astral-sh/ruff/pull/11879))

0.4.9

Preview features

- \[`pylint`\] Implement `consider-dict-items` (`C0206`) ([11688](https://github.com/astral-sh/ruff/pull/11688))
- \[`refurb`\] Implement `repeated-global` (`FURB154`) ([11187](https://github.com/astral-sh/ruff/pull/11187))

Rule changes

- \[`pycodestyle`\] Adapt fix for `E203` to work identical to `ruff format` ([10999](https://github.com/astral-sh/ruff/pull/10999))

Formatter

- Fix formatter instability for lines only consisting of zero-width characters ([11748](https://github.com/astral-sh/ruff/pull/11748))

Server

- Add supported commands in server capabilities ([11850](https://github.com/astral-sh/ruff/pull/11850))
- Use real file path when available in `ruff server` ([11800](https://github.com/astral-sh/ruff/pull/11800))
- Improve error message when a command is run on an unavailable document ([11823](https://github.com/astral-sh/ruff/pull/11823))
- Introduce the `ruff.printDebugInformation` command ([11831](https://github.com/astral-sh/ruff/pull/11831))
- Tracing system now respects log level and trace level, with options to log to a file ([11747](https://github.com/astral-sh/ruff/pull/11747))

CLI

- Handle non-printable characters in diff view ([11687](https://github.com/astral-sh/ruff/pull/11687))

Bug fixes

- \[`refurb`\] Avoid suggesting starmap when arguments are used outside call (`FURB140`) ([11830](https://github.com/astral-sh/ruff/pull/11830))
- \[`flake8-bugbear`\] Avoid panic in `B909` when checking large loop blocks ([11772](https://github.com/astral-sh/ruff/pull/11772))
- \[`refurb`\] Fix misbehavior of `operator.itemgetter` when getter param is a tuple (`FURB118`) ([11774](https://github.com/astral-sh/ruff/pull/11774))

0.4.8

Performance

- Linter performance has been improved by around 10% on some microbenchmarks by refactoring the lexer and parser to maintain synchronicity between them ([11457](https://github.com/astral-sh/ruff/pull/11457))

Preview features

- \[`flake8-bugbear`\] Implement `return-in-generator` (`B901`) ([11644](https://github.com/astral-sh/ruff/pull/11644))
- \[`flake8-pyi`\] Implement `pep484-style-positional-only-parameter` (`PYI063`) ([11699](https://github.com/astral-sh/ruff/pull/11699))
- \[`pygrep_hooks`\] Check blanket ignores via file-level pragmas (`PGH004`) ([11540](https://github.com/astral-sh/ruff/pull/11540))

Rule changes

- \[`pyupgrade`\] Update `UP035` for Python 3.13 and the latest version of `typing_extensions` ([11693](https://github.com/astral-sh/ruff/pull/11693))
- \[`numpy`\] Update `NPY001` rule for NumPy 2.0 ([11735](https://github.com/astral-sh/ruff/pull/11735))

Server

- Formatting a document with syntax problems no longer spams a visible error popup ([11745](https://github.com/astral-sh/ruff/pull/11745))

CLI

- Add RDJson support for `--output-format` flag ([11682](https://github.com/astral-sh/ruff/pull/11682))

Bug fixes

- \[`pyupgrade`\] Write empty string in lieu of panic when fixing `UP032` ([11696](https://github.com/astral-sh/ruff/pull/11696))
- \[`flake8-simplify`\] Simplify double negatives in `SIM103` ([11684](https://github.com/astral-sh/ruff/pull/11684))
- Ensure the expression generator adds a newline before `type` statements ([11720](https://github.com/astral-sh/ruff/pull/11720))
- Respect per-file ignores for blanket and redirected noqa rules ([11728](https://github.com/astral-sh/ruff/pull/11728))

Page 23 of 32

Links

Releases

Has known vulnerabilities

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.