Bump coverage from 7.10.7 to 7.13.1

[dependabot]

Bumps coverage from 7.10.7 to 7.13.1.

Changelog

Sourced from coverage's changelog.

Version 7.13.1 — 2025-12-28

• Added: the JSON report now includes a "start_line" key for function and class regions, indicating the first line of the region in the source. Closes issue 2110_.

• Added: The debug data command now takes file names as arguments on the command line, so you can inspect specific data files without needing to set the COVERAGE_FILE environment variable.

• Fix: the JSON report used to report module docstrings as executed lines, which no other report did, as described in issue 2105_. This is now fixed, thanks to Jianrong Zhao.

• Fix: coverage.py uses a more disciplined approach to detecting where third-party code is installed, and avoids measuring it. This shouldn't change any behavior. If you find that it does, please get in touch.

• Performance: data files that will be combined now record their hash as part of the file name. This lets us skip duplicate data more quickly, speeding the combining step.

• Docs: added a section explaining more about what is considered a missing branch and how it is reported: :ref:branch_explain, as requested in issue 1597. Thanks to Ayisha Mohammed <pull 2092_>.

• Tests: the test suite misunderstood what core was being tested if COVERAGE_CORE wasn't set on 3.14+. This is now fixed, closing issue 2109_.

.. _issue 1597: coveragepy/coveragepy#1597 .. _pull 2092: coveragepy/coveragepy#2092 .. _issue 2105: coveragepy/coveragepy#2105 .. _issue 2109: coveragepy/coveragepy#2109 .. _issue 2110: coveragepy/coveragepy#2110

.. _changes_7-13-0:

Version 7.13.0 — 2025-12-08

• Feature: coverage.py now supports :file:.coveragerc.toml configuration files. These files use TOML syntax and take priority over :file:pyproject.toml but lower priority than :file:.coveragerc files. Closes issue 1643_ thanks to Olena Yefymenko <pull 1952_>_.

• Fix: we now include a permanent .pth file which is installed with the code, fixing issue 2084_. In 7.12.1b1 this was done incorrectly: it didn't work when using the source wheel (py3-none-any). This is now fixed. Thanks,

... (truncated)

Commits

• a6afdc3 docs: sample HTML for 7.13.1
• a497081 docs: prep for 7.13.1
• e992033 docs: polish up CHANGES
• 18bba6e chore: bump the action-dependencies group with 4 updates (#2111)
• 80fb808 refactor: (?x:...) lets us use re.VERBOSE even when combining later
• cc272bd docs: leave a comment so we'll find this when 3.12 is the minimum
• 70d007d types: be explicit
• a2c1940 types: fully import modules that will be patched
• 57b975d types: explicit Protocol inheritance permits changing parameter names
• 63ec12d types: clarify that morfs arguments can be a single morf
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🤖 Claude Code Review

Code Review Analysis

Code Quality

✅ Code follows style guide

The changes are minimal dependency version updates in pyproject.toml. The formatting follows standard TOML conventions and is consistent with the existing file structure.

✅ No commented-out code

No commented-out code present in this diff.

✅ Meaningful variable names

N/A - This is a dependency version update, no variables introduced.

✅ DRY principle followed

The coverage version is updated in both locations where it appears (development and test dependencies), maintaining consistency. This is appropriate for dependency management.

✅ No defects identified

This is a straightforward dependency version bump for the coverage package from 7.10.7 to 7.13.1. The changes are:

• pyproject.toml:40 - Updated in development dependencies
• pyproject.toml:82 - Updated in test dependencies

No logic errors, edge cases, or security vulnerabilities introduced. This appears to be a routine dependency update, likely to incorporate bug fixes or improvements from the coverage library.

✅ Project memory configuration considered

No .claude/CLAUDE.md file was found in the repository, so no project-specific guidelines apply.

Testing

✅ Unit tests not required

This is a dependency version update that doesn't change application logic. No new functions or features added.

✅ Integration tests not required

No new endpoints or integration points introduced.

✅ Edge cases N/A

Dependency update only - the coverage library's own tests would handle edge cases.

⚠️ Test coverage impact - UNKNOWN

Cannot verify if current test coverage is >80% without running tests. However, this dependency update should not negatively impact coverage as it's just updating the tool that measures coverage.

Documentation

✅ README update not needed

This is an internal development dependency change that doesn't affect end users or require README updates.

✅ API docs not affected

No API changes in this diff.

✅ Inline comments not needed

Dependency declarations are self-documenting.

⚠️ CHANGELOG.md - NOT UPDATED

pyproject.toml:40, 82 - The coverage library was updated from 7.10.7 to 7.13.1. Consider adding an entry to CHANGELOG.md under a "Dependencies" or "Development" section if this is the project's practice for tracking dependency updates.

✅ Markdown formatting N/A

No markdown files modified in this diff.

Security

✅ No hardcoded credentials

No credentials present in the diff.

✅ Input validation N/A

No input handling code in this diff.

✅ Error handling N/A

No error handling code in this diff.

✅ No sensitive data in logs

No logging code in this diff.

✅ No license files checked in

No .lic files or AQAAAD strings detected in this diff.

---

Summary

APPROVED ✅

This is a clean dependency version update for the coverage testing tool. The changes are:

• Consistent updates in both dependency groups (development and test)
• Version bump from 7.10.7 to 7.13.1 (minor update)
• No security concerns
• No functional code changes

Minor Recommendation:

Consider documenting this dependency update in CHANGELOG.md if the project tracks such changes, though this is optional for development-only dependencies.

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

Code Review Analysis

Code Quality

✅ Code follows style guide

• This is a dependency version update in pyproject.toml, which is configuration rather than code. No style guide violations.

✅ No commented-out code

• No commented code present.

✅ Meaningful variable names

• N/A - This is a dependency version bump, not code with variables.

✅ DRY principle followed

• The coverage version is updated in both places where it appears (lines 40 and 82 in pyproject.toml), maintaining consistency. This is correct as it needs to be specified in both development and test dependency groups.

✅ No defects identified

• This is a straightforward dependency version update from coverage==7.10.7 to coverage==7.13.1
• The version bump appears to be a patch/minor version update (within the same major version 7.x), which should be backward compatible
• Both occurrences are updated consistently, preventing version conflicts
• No logic errors, edge cases, or security vulnerabilities introduced

Testing

⚠️ Unit tests for new functions

• N/A - This is a dependency version update, not new functionality

⚠️ Integration tests for new endpoints

• N/A - No new endpoints added

⚠️ Edge cases covered

• N/A - No new code logic to test

⚠️ Test coverage > 80%

• Cannot verify without running tests, but this change should not affect coverage as it only updates the testing tool version itself

Documentation

❌ Readme updated if needed

• pyproject.toml:40, pyproject.toml:82 - Dependency updates typically don't require README changes, so this is acceptable.

✅ API docs updated

• N/A - No API changes

✅ Inline comments for complex logic

• N/A - Configuration file has no complex logic requiring comments

❌ CHANGELOG.md updated

• The CHANGELOG.md should be updated to document this dependency version bump. This helps track project changes and dependency updates over time.

✅ Markdown files formatting

• N/A - No markdown files modified in this PR

Security

✅ No hardcoded credentials

• No credentials present

✅ Input validation implemented

• N/A - No input handling code

✅ Proper error handling

• N/A - No error handling code

✅ No sensitive data in logs

• N/A - No logging code

✅ No license files or AQAAAD strings

• No .lic files or strings starting with AQAAAD detected

---

Summary

Overall Assessment: ✅ APPROVED with minor recommendations

This is a clean dependency version update for the coverage package from version 7.10.7 to 7.13.1. The change is:

• Consistently applied in both locations (development and test dependency groups)
• A minor version bump within the same major version
• Low risk with no code changes

Recommendations:

1. Consider updating CHANGELOG.md to document this dependency update for traceability (minor issue)
2. Verify that the new coverage version works correctly with your test suite before merging

Files Modified:

• pyproject.toml:40 (development dependencies)
• pyproject.toml:82 (test dependencies)

No blocking issues identified. This PR is safe to merge.

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

Code Review Analysis

Overview

This PR updates the coverage package from version 7.10.7 to 7.13.1 in two dependency groups (development and test).

---

Detailed Review

✅ Code Quality

• ✅ Code follows style guide: This is a dependency version update in pyproject.toml - style guide compliance is not applicable for dependency declarations.
• ✅ No commented-out code: None present.
• ✅ Meaningful variable names: N/A - no variables introduced.
• ✅ DRY principle followed: The version number appears in two places (lines 40 and 82), which is necessary since it's used in both development and test dependency groups. This is standard for Python dependency management.
• ✅ Identify Defects: No bugs, logic errors, or security issues introduced. This is a straightforward dependency version bump.
• ✅ Project memory: No .claude/CLAUDE.md configuration found to evaluate against.

⚠️ Testing

• ❌ Unit tests for new functions: Not applicable for dependency updates, but recommendation: Consider verifying that existing tests still pass with the new coverage version.
• ❌ Integration tests for new endpoints: N/A - no new endpoints.
• ❌ Edge cases covered: N/A
• ❌ Test coverage > 80%: Cannot be determined from this diff alone. The coverage tool itself is being updated, but no test coverage metrics are provided.

Action Required: Run the test suite to ensure compatibility with coverage 7.13.1.

⚠️ Documentation

• ❌ Readme updated if needed: No README changes included. For a dependency bump, this is typically not required unless it affects user-facing behavior.
• ❌ API docs updated: N/A - no API changes.
• ❌ Inline comments for complex logic: N/A - no complex logic.
• ❌ CHANGELOG.md updated: No CHANGELOG.md update detected.

Action Required: Consider adding an entry to CHANGELOG.md documenting the dependency update, e.g.:

### Changed
- Updated coverage from 7.10.7 to 7.13.1

• ✅ Markdown files: No markdown files modified in this PR.

✅ Security

• ✅ No hardcoded credentials: None present.
• ✅ Input validation implemented: N/A
• ✅ Proper error handling: N/A
• ✅ No sensitive data in logs: N/A
• ✅ No license files (.lic) or AQAAAD strings: None detected.

---

Summary

Critical Issues

None

Warnings

1. CHANGELOG.md not updated (pyproject.toml:40, 82) - Consider documenting this dependency update
2. Test verification needed - Ensure the test suite passes with coverage 7.13.1

Recommendations

1. Run the full test suite to verify compatibility: pytest --cov
2. Add a CHANGELOG.md entry if your project maintains one
3. Check if there are any breaking changes between coverage 7.10.7 and 7.13.1 that might affect your test configuration

Approval Status

✅ Approved with minor recommendations - This is a clean dependency update with no code changes. The recommendations are best practices but not blockers.

Automated code review analyzing defects and coding standards

[dependabot]

Looks like coverage is no longer updatable, so this is no longer needed.