[py] Bump ruff and mypy versions

[cgoldberg]

User description

💥 What does this PR do?

Bump the versions of ruff (linter/formatter) and mypy (type checker) to the latest versions for development and CI.

🔄 Types of changes

• Dev/CI

---

PR Type

Enhancement

---

Description

• Bump ruff from 0.14.7 to 0.14.9

• Bump mypy from 1.19.0 to 1.19.1

• Update binary checksums for all platforms

---

Diagram Walkthrough

flowchart LR A["ruff 0.14.7"] -- "upgrade" --> B["ruff 0.14.9"] C["mypy 1.19.0"] -- "upgrade" --> D["mypy 1.19.1"] B -- "update checksums" --> E["multitool.lock.json"] D -- "update version" --> F["py/tox.ini"] 

Loading

File Walkthrough

Relevant files

Dependencies

multitool.lock.json Update ruff binaries and checksums to 0.14.9                          multitool.lock.json Updated ruff binary URLs from version 0.14.7 to 0.14.9 Updated SHA256 checksums for all five platform-specific binaries Affected platforms: Linux ARM64, Linux x86_64, macOS ARM64, macOS x86_64, Windows x86_64 +10/-10  tox.ini Update mypy and ruff dependency versions                                  py/tox.ini Bumped mypy from 1.19.0 to 1.19.1 Bumped ruff from 0.14.7 to 0.14.9 Updated linting and type-checking tool versions for development +2/-2

---

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
⚪	Supply chain integrity Description: The PR updates remote ruff binary download URLs and SHA256 hashes; this is a potential supply-chain risk unless the new checksums are independently verified to match the official astral-sh/ruff 0.14.9 release artifacts for each platform. multitool.lock.json [7-41] Referred Code "url": "https://github.com/astral-sh/ruff/releases/download/0.14.9/ruff-aarch64-unknown-linux-musl.tar.gz", "file": "ruff-aarch64-unknown-linux-musl/ruff", "sha256": "9bdedf2e8d6398e193c2b2feccb2b4c9f8d37a6dc87cc0b587340a60e87d14e2", "os": "linux", "cpu": "arm64" }, { "kind": "archive", "url": "https://github.com/astral-sh/ruff/releases/download/0.14.9/ruff-x86_64-unknown-linux-musl.tar.gz", "file": "ruff-x86_64-unknown-linux-musl/ruff", "sha256": "3bdbdb32f95bcf2c5bc45502a2050f30706f1c205fa0087ee3d4c688f67854fc", "os": "linux", "cpu": "x86_64" }, { "kind": "archive", "url": "https://github.com/astral-sh/ruff/releases/download/0.14.9/ruff-aarch64-apple-darwin.tar.gz", "file": "ruff-aarch64-apple-darwin/ruff", "sha256": "ea132e6d6af23dbcf21c81d7fd8c5a94ccf16b1fb36a8bc60da971e339301f10", "os": "macos", "cpu": "arm64" ... (clipped 14 lines)
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed Learn more about managing compliance generic rules or creating your own custom rules

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Fix incorrect release artifact URL Add the required 'v' prefix to the version number in all ruff binary download URLs in multitool.lock.json to prevent download failures. multitool.lock.json [7] -"url": "https://github.com/astral-sh/ruff/releases/download/0.14.9/ruff-aarch64-unknown-linux-musl.tar.gz", +"url": "https://github.com/astral-sh/ruff/releases/download/v0.14.9/ruff-aarch64-unknown-linux-musl.tar.gz", Apply / Chat Suggestion importance[1-10]: 10 __ Why: The suggestion correctly identifies a critical bug where the updated ruff download URLs are missing the required 'v' prefix, which would cause downloads to fail and break the toolchain.	High
More

[cgoldberg]

Add the required 'v' prefix to the version number in all ruff binary download
URLs in multitool.lock.json to prevent download failures.
Suggestion importance[1-10]: 10

I love when the AI gives you suggestions with importance "10" that are just blatantly wrong.