chore(pre-commit): bump the pre-commit-hooks group with 3 updates

[dependabot]

Bumps the pre-commit-hooks group with 3 updates: https://github.com/charliermarsh/ruff-pre-commit, https://github.com/betterleaks/betterleaks and https://github.com/PyCQA/pylint.

Updates https://github.com/charliermarsh/ruff-pre-commit from v0.15.16 to 0.15.17

Release notes

Sourced from https://github.com/charliermarsh/ruff-pre-commit's releases.

v0.15.17

See: https://github.com/astral-sh/ruff/releases/tag/0.15.17

Commits

• 3b3f7c3 Mirror: 0.15.17
• 99e6029 Various hardenings (#170)
• f69224b Bump the github-actions group with 2 updates (#169)
• See full diff in compare view

Updates https://github.com/betterleaks/betterleaks from v1.4.1 to 1.5.0

Release notes

Sourced from https://github.com/betterleaks/betterleaks's releases.

v1.5.0

What's New

• Added 50 new rules w/ validation

  1. aikido-ci-token
  2. aikido-client-id
  3. aikido-client-secret
  4. airtable-oauth-token
  5. alibaba-sts-access-key-id
  6. alibaba-sts-access-key-secret
  7. alibaba-sts-security-token
  8. amplitude-secret-key
  9. artifactory-jfrog-url
  10. bitly-access-token
  11. box-api-access-token
  12. brave-search-api-key
  13. canva-client-id
  14. canva-client-secret
  15. clerk-secret-key
  16. clickhouse-cloud-key-id
  17. clickup-personal-api-token
  18. cloudinary-api-key
  19. cloudinary-api-secret
  20. cloudinary-cloud-name
  21. cockroachlabs-cloud-api-key
  22. configcat-sdk-key
  23. configcat-sdk-key-extended
  24. couchbase-capella-api-key
  25. coveralls-personal-api-token
  26. datadog-api-key
  27. datadog-application-key
  28. datagov-api-key
  29. deno-account-token
  30. devin-personal-api-key
  31. devin-service-api-key
  32. devin-service-user-token
  33. disqus-api-key
  34. dockerhub-organization-access-token
  35. dockerhub-personal-access-token
  36. etsy-open-api-key
  37. gumroad-access-token
  38. honeycomb-api-key
  39. ibm-cloud-user-api-key
  40. influxdb-api-token
  41. jumpcloud-api-key
  42. kagi-api-key
  43. kimi-api-key
  44. klaviyo-api-key
  45. minimax-api-key
  46. supabase-management-token
</tr></table> 

... (truncated)

Commits

• ac65f47 enable archive handling by default (#206)
• 24d272c zai minimax kimi (#204)
• ea5f4cd add getOrDefault binding (#205)
• 7d3d8bf count rule script
• 86f6b05 mock files when piping (#203)
• 8daf457 small regex tweaks (#202)
• e2ae8d5 bunch more, use validate.unknown (#198)
• 5b64a83 Rules/more rules 4 (#197)
• 5324a7d Rules/more rules 3 (#196)
• d627481 more rules, removed redundant jfrog (#195)
• Additional commits viewable in compare view

Updates https://github.com/PyCQA/pylint from v4.0.5 to 4.0.6

Release notes

Sourced from https://github.com/PyCQA/pylint's releases.

v4.0.6

What's new in Pylint 4.0.6?

Release date: 2026-06-14

False Positives Fixed

• implicit-str-concat is no longer emitted for an implicit concatenation of a raw string with a non-raw one (e.g. r"\d" "\n"). Such literals cannot be merged into a single string, so the concatenation is intentional rather than a forgotten comma.

  Closes #6663

• Fix a false positive for invalid-name (C0103) where the default typevar-rgx rejected TypeVar names containing digits, such as Ec2T.

  Closes #8499

• Fix a false positive for too-many-arguments in (non-static) methods and classmethods.

  Closes #8675

• Fix a false positive for no-member when a value is inferred to several possible types and at least one of them defines a dynamic __getattr__.

  Closes #9833

• Fix a false positive for function-redefined (E0102) when reusing names that match dummy-variables-rgx (such as _), which is common for pytest-bdd step definitions. This restores the behavior from before pylint 4.0.0; as a consequence the false negative fixed in #9894 is reintroduced for functions whose name matches dummy-variables-rgx.

  Closes #10665

• Fix undefined-variable false positive when a name used as a metaclass argument in a nested class is referenced again later in the module.

  Closes #10823

• Fix a false positive for unused-variable where global variables matching dummy-variables-rgx were still reported as unused when allow-global-unused-variables was disabled.

  Closes #10890

... (truncated)

Commits

• 8a39635 Bump pylint to 4.0.6, update changelog (#11105)
• 150f23c [Backport maintenance/4.0.x] Allow digits in ParamSpec and TypeVarTuple names...
• 8b6251e [Backport maintenance/4.0.x] Fix crash when enum member inference fails (#11093)
• d57aadb [Backport maintenance/4.0.x] Fix implicit-str-concat false positive for mix...
• d9ea8d9 [Backport maintenance/4.0.x] Fix unnecessary-comprehension suggestion when ...
• cb1792a [Backport maintenance/4.0.x] Allow digits in TypeVar names for invalid-name c...
• ee2ab9a Handle InferenceError in decorator return analysis
• 5bb5498 [Backport maintenance/4.0.x] Fix crash in typecheck checker when metaclass ar...
• a940533 [Backport maintenance/4.0.x] Fix a crash in consider-using-enumerate for no...
• b7a873a [Backport maintenance/4.0.x] Fix crash in deprecated checker for non-string `...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sebastianMindee]

#428

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml