Black

This is a bugfix release to fix two regressions in the new f-string parser introduced in
24.4.1.

Parser

- Fix regression where certain complex f-strings failed to parse (4332)

Performance

- Fix bad performance on certain complex string literals (4331)

Highlights

- Add support for the new Python 3.12 f-string syntax introduced by PEP 701 (3822)

Stable style

- Fix crash involving indented dummy functions containing newlines (4318)

Parser

- Add support for type parameter defaults, a new syntactic feature added to Python 3.13
by PEP 696 (4327)

Integrations

- Github Action now works even when `git archive` is skipped (4313)

Stable style

- Fix unwanted crashes caused by AST equivalency check (4290)

Preview style

- `if` guards in `case` blocks are now wrapped in parentheses when the line is too long.
(4269)
- Stop moving multiline strings to a new line unless inside brackets (4289)

Integrations

- Add a new option `use_pyproject` to the GitHub Action `psf/black`. This will read the
Black version from `pyproject.toml`. (4294)

Highlights

This release is a milestone: it fixes Black's first CVE security vulnerability. If you
run Black on untrusted input, or if you habitually put thousands of leading tab
characters in your docstrings, you are strongly encouraged to upgrade immediately to fix
[CVE-2024-21503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503).

This release also fixes a bug in Black's AST safety check that allowed Black to make
incorrect changes to certain f-strings that are valid in Python 3.12 and higher.

Stable style

- Don't move comments along with delimiters, which could cause crashes (4248)
- Strengthen AST safety check to catch more unsafe changes to strings. Previous versions
of Black would incorrectly format the contents of certain unusual f-strings containing
nested strings with the same quote type. Now, Black will crash on such strings until
support for the new f-string syntax is implemented. (4270)
- Fix a bug where line-ranges exceeding the last code line would not work as expected
(4273)

Performance

- Fix catastrophic performance on docstrings that contain large numbers of leading tab
characters. This fixes
[CVE-2024-21503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503).
(4278)

Documentation

- Note what happens when `--check` is used with `--quiet` (4236)

Stable style

- Fixed a bug where comments where mistakenly removed along with redundant parentheses
(4218)

Preview style

- Move the `hug_parens_with_braces_and_square_brackets` feature to the unstable style
due to an outstanding crash and proposed formatting tweaks (4198)
- Fixed a bug where base expressions caused inconsistent formatting of \*\* in tenary
expression (4154)
- Checking for newline before adding one on docstring that is almost at the line limit
(4185)
- Remove redundant parentheses in `case` statement `if` guards (4214).

Configuration

- Fix issue where _Black_ would ignore input files in the presence of symlinks (4222)
- _Black_ now ignores `pyproject.toml` that is missing a `tool.black` section when
discovering project root and configuration. Since _Black_ continues to use version
control as an indicator of project root, this is expected to primarily change behavior
for users in a monorepo setup (desirably). If you wish to preserve previous behavior,
simply add an empty `[tool.black]` to the previously discovered `pyproject.toml`
(4204)

Output

- Black will swallow any `SyntaxWarning`s or `DeprecationWarning`s produced by the `ast`
module when performing equivalence checks (4189)

Integrations

- Add a JSONSchema and provide a validate-pyproject entry-point (4181)

Bugfix release to fix a bug that made Black unusable on certain file systems with strict
limits on path length.

Preview style

- Consistently add trailing comma on typed parameters (4164)

Configuration

- Shorten the length of the name of the cache file to fix crashes on file systems that
do not support long paths (4176)