Update dependency deptry to ^0.25.0

[red-hat-konflux]

This PR contains the following updates:

Package	Change	Age	Confidence
deptry (changelog)	^0.20.0 → ^0.25.0

---

Release Notes

osprey-oss/deptry (deptry)

v0.25.1

Compare Source

Release 0.25.0 was yanked in PyPI because of a failure during the release. 0.25.1 is identical, but includes a fix in the release process.

v0.25.0

Compare Source

Repository moved to Osprey OSS

deptry has moved from fpgmaas/deptry to osprey-oss/deptry under the new Osprey OSS organisation. This ensures the project is not tied to a single account and makes it easier to manage contributors and access as the project grows.

Features

• Support inline # deptry: ignore comments to suppress violations (#​1473)
• Support non-dev dependency groups with --non-dev-dependency-groups (#​1440)
• Use tomli on Python < 3.15 for TOML 1.1 support (#​1446)
• Add --optional-dependencies-dev-groups and deprecate --pep621-dev-dependency-groups (#​1391)

Bug Fixes

• Ensure that --config does not suppress output (#​1390)

Full Changelog

v0.24.0

Compare Source

Breaking changes

Python 3.9 support dropped

Support for Python 3.9 has been dropped, as it has reached its end of life.

PyPy 3.10 support dropped, 3.11 added

Support for PyPy 3.10 has been dropped, since it is unsupported. We now only test against PyPy 3.11, and only publish wheels for this version.

Features

• Add GitHub Actions annotations reporter (#​1059)
• Add support for Python 3.14 (#​1224)
• Drop support for Python 3.9 (#​1328)
• Publish wheels for PyPy 3.11 and drop 3.10 (#​1227)

Full Changelog

v0.23.1

Compare Source

Bug Fixes

• Improve handling of TYPE_CHECKING blocks by supporting import typing as t and checking t.TYPE_CHECKING (#​1218)
• Fix missing hyperlink in report output (#​1162)

Full Changelog

v0.23.0

Compare Source

Features

• Correctly detect transitive dependencies with different module names (#​1033)

Full Changelog

v0.22.0

Compare Source

Poetry 2.0 introduced support
for defining project metadata in PEP 621. This is now
supported by deptry. Documentation has been updated to
detail deptry's behavior.

Features

• Support PEP 621 in Poetry 2.0+ (#​1003)

Full Changelog

v0.21.2

Compare Source

Miscellaneous

• Provide wheels for musllinux (#​979)

Full Changelog

v0.21.1

Compare Source

Bug Fixes

• Handle string requirements files for setuptools dynamic
  dependencies (#​945)

Full Changelog

v0.21.0

Compare Source

Breaking changes

Ignore files handling

Unless --exclude is used, deptry excludes files found in common ignore
files (.gitignore, .ignore, $HOME/.config/git/ignore. ...), by using ignore
Rust crate. The default behaviour has been changed, so that now:

• git-related ignore rules (.gitignore, $HOME/.config/git/ignore, ...) are only used if deptry is run inside a git
  repository
• .gitignore files that are in parent directories of the git repository from where deptry is run are not
  used (previously, deptry would traverse parent directories up to the root system)

If you were using .gitignore files for non-git repositories, you might want to switch to .ignore files, or use
--extend-exclude.

Requirements files parsing

deptry now uses requirements-parser to parse dependencies from
requirements files, meaning that it can now extract nested requirements files referenced in other requirements files
without having to explicitly configure it in deptry.

For instance, if you have:

# requirements.txt
-r cli-requirements.txt
httpx==0.27.2

# cli-requirements.txt
click==8.1.7

With the default configuration, when parsing requirements.txt, both httpx and click will now be listed as
dependencies by deptry, while previously, only httpx was, unless deptry was instructed about
cli-requirements.txt by using --requirements-files. This new
behaviour also impacts development requirements files, that can be overridden by
using --requirements-files-dev.

Python 3.8 support dropped

Support for Python 3.8 has been dropped, as it has reached its end of life.

Features

• deptry now detects development dependencies from [dependency-groups] section, introduced
  by PEP 735 (#​892)
• deptry now supports setuptools dynamic dependencies set in [tool.setuptools.dynamic] section,
  see https://deptry.com/supported-dependency-managers/#setuptools for more
  details (#​894, #​724)
• Drop support for Python 3.8 (#​874)
• Improve ignore handling (#​908)
• Parse requirements files with requirements-parser, adding support for parsing nested requirements
  files referenced with -r <requirement_file> (#​913)

Full Changelog

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

---

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.