Split over-long comprehensions after in

Rename too-many-positional(-arguments) (#12905 )
Fixup description of default values for fixture-parentheses and mark-parentheses (#12904 )
2024-08-15 18:31:59 +02:00 · 2024-08-15 18:13:25 +02:00 · 2024-08-15 15:20:36 +01:00 · 2024-08-15 13:17:22 +01:00 · 2024-08-14 18:11:23 -07:00 · 2024-08-15 01:02:57 +00:00
4295 changed files with 335659 additions and 148288 deletions
--- a/.cargo/config.toml
+++ b/.cargo/config.toml
@@ -1,3 +1,10 @@
 [alias]
 dev = "run --package ruff_dev --bin ruff_dev"
 benchmark = "bench -p ruff_benchmark --bench linter --bench formatter --"
+
+# statically link the C runtime so the executable does not depend on
+# that shared/dynamic library.
+#
+# See: https://github.com/astral-sh/ruff/issues/11503
+[target.'cfg(all(target_env="msvc", target_os = "windows"))']
+rustflags = ["-C", "target-feature=+crt-static"]
--- a/.gitattributes
+++ b/.gitattributes
@@ -2,9 +2,17 @@

 crates/ruff_linter/resources/test/fixtures/isort/line_ending_crlf.py text eol=crlf
 crates/ruff_linter/resources/test/fixtures/pycodestyle/W605_1.py text eol=crlf
+crates/ruff_linter/resources/test/fixtures/pycodestyle/W391_2.py text eol=crlf
+crates/ruff_linter/resources/test/fixtures/pycodestyle/W391_3.py text eol=crlf

 crates/ruff_python_formatter/resources/test/fixtures/ruff/docstring_code_examples_crlf.py text eol=crlf
 crates/ruff_python_formatter/tests/snapshots/format@docstring_code_examples_crlf.py.snap text eol=crlf

+crates/ruff_python_parser/resources/invalid/re_lexing/line_continuation_windows_eol.py text eol=crlf
+crates/ruff_python_parser/resources/invalid/re_lex_logical_token_windows_eol.py text eol=crlf
+crates/ruff_python_parser/resources/invalid/re_lex_logical_token_mac_eol.py text eol=cr
+
+crates/ruff_python_parser/resources/inline linguist-generated=true
+
 ruff.schema.json linguist-generated=true text=auto eol=lf
 *.md.snap linguist-language=Markdown
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -5,5 +5,17 @@
 # - The '*' pattern is global owners.
 # - Order is important. The last matching pattern has the most precedence.

-# Jupyter
-/crates/ruff_linter/src/jupyter/ @dhruvmanila
+/crates/ruff_notebook/ @dhruvmanila
+/crates/ruff_formatter/ @MichaReiser
+/crates/ruff_python_formatter/ @MichaReiser
+/crates/ruff_python_parser/ @MichaReiser @dhruvmanila
+
+# flake8-pyi
+/crates/ruff_linter/src/rules/flake8_pyi/ @AlexWaygood
+
+# Script for fuzzing the parser
+/scripts/fuzz-parser/ @AlexWaygood
+
+# red-knot
+/crates/red_knot* @carljm @MichaReiser @AlexWaygood
+/crates/ruff_db/ @carljm @MichaReiser @AlexWaygood
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -3,6 +3,8 @@ Thank you for taking the time to report an issue! We're glad to have you involve

 If you're filing a bug report, please consider including the following information:

+* List of keywords you searched for before creating this issue. Write them down here so that others can find this issue more easily and help provide feedback.
+  e.g. "RUF001", "unused variable", "Jupyter notebook"
 * A minimal code snippet that reproduces the bug.
 * The command you invoked (e.g., `ruff /path/to/file.py --fix`), ideally including the `--isolated` flag.
 * The current Ruff settings (any relevant sections from your `pyproject.toml`).
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,21 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    labels: ["internal"]
-    groups:
-      actions:
-        patterns:
-          - "*"
-    ignore:
-      # The latest versions of these are not compatible with our release workflow
-      - dependency-name: "actions/upload-artifact"
-      - dependency-name: "actions/download-artifact"
-
-  - package-ecosystem: "cargo"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    labels: ["internal"]
--- a/.github/renovate.json5
+++ b/.github/renovate.json5
@@ -0,0 +1,111 @@
+{
+  $schema: "https://docs.renovatebot.com/renovate-schema.json",
+  dependencyDashboard: true,
+  suppressNotifications: ["prEditedNotification"],
+  extends: ["config:recommended"],
+  labels: ["internal"],
+  schedule: ["before 4am on Monday"],
+  semanticCommits: "disabled",
+  separateMajorMinor: false,
+  prHourlyLimit: 10,
+  enabledManagers: ["github-actions", "pre-commit", "cargo", "pep621", "pip_requirements", "npm"],
+  cargo: {
+    // See https://docs.renovatebot.com/configuration-options/#rangestrategy
+    rangeStrategy: "update-lockfile",
+  },
+  pep621: {
+    // The default for this package manager is to only search for `pyproject.toml` files
+    // found at the repository root: https://docs.renovatebot.com/modules/manager/pep621/#file-matching
+    fileMatch: ["^(python|scripts)/.*pyproject\\.toml$"],
+  },
+  pip_requirements: {
+    // The default for this package manager is to run on all requirements.txt files:
+    // https://docs.renovatebot.com/modules/manager/pip_requirements/#file-matching
+    // `fileMatch` doesn't work for excluding files; to exclude `requirements.txt` files
+    // outside the `doc/` directory, we instead have to use `ignorePaths`. Unlike `fileMatch`,
+    // which takes a regex string, `ignorePaths` takes a glob string, so we have to use
+    // a "negative glob pattern".
+    // See:
+    // - https://docs.renovatebot.com/modules/manager/#ignoring-files-that-match-the-default-filematch
+    // - https://docs.renovatebot.com/configuration-options/#ignorepaths
+    // - https://docs.renovatebot.com/string-pattern-matching/#negative-matching
+    ignorePaths: ["!docs/requirements*.txt"]
+  },
+  npm: {
+    // The default for this package manager is to only search for `package.json` files
+    // found at the repository root: https://docs.renovatebot.com/modules/manager/npm/#file-matching
+    fileMatch: ["^playground/.*package\\.json$"],
+  },
+  "pre-commit": {
+    enabled: true,
+  },
+  packageRules: [
+    {
+      // Group upload/download artifact updates, the versions are dependent
+      groupName: "Artifact GitHub Actions dependencies",
+      matchManagers: ["github-actions"],
+      matchDatasources: ["gitea-tags", "github-tags"],
+      matchPackagePatterns: ["actions/.*-artifact"],
+      description: "Weekly update of artifact-related GitHub Actions dependencies",
+    },
+    {
+      // This package rule disables updates for GitHub runners:
+      // we'd only pin them to a specific version
+      // if there was a deliberate reason to do so
+      groupName: "GitHub runners",
+      matchManagers: ["github-actions"],
+      matchDatasources: ["github-runners"],
+      description: "Disable PRs updating GitHub runners (e.g. 'runs-on: macos-14')",
+      enabled: false,
+    },
+    {
+      // Disable updates of `zip-rs`; intentionally pinned for now due to ownership change
+      // See: https://github.com/astral-sh/uv/issues/3642
+      matchPackagePatterns: ["zip"],
+      matchManagers: ["cargo"],
+      enabled: false,
+    },
+    {
+      // `mkdocs-material` requires a manual update to keep the version in sync
+      // with `mkdocs-material-insider`.
+      // See: https://squidfunk.github.io/mkdocs-material/insiders/upgrade/
+      matchManagers: ["pip_requirements"],
+      matchPackagePatterns: ["mkdocs-material"],
+      enabled: false,
+    },
+    {
+      groupName: "pre-commit dependencies",
+      matchManagers: ["pre-commit"],
+      description: "Weekly update of pre-commit dependencies",
+    },
+    {
+      groupName: "NPM Development dependencies",
+      matchManagers: ["npm"],
+      matchDepTypes: ["devDependencies"],
+      description: "Weekly update of NPM development dependencies",
+    },
+    {
+      groupName: "Monaco",
+      matchManagers: ["npm"],
+      matchPackagePatterns: ["monaco"],
+      description: "Weekly update of the Monaco editor",
+    },
+    {
+      groupName: "strum",
+      matchManagers: ["cargo"],
+      matchPackagePatterns: ["strum"],
+      description: "Weekly update of strum dependencies",
+    },
+    {
+      groupName: "ESLint",
+      matchManagers: ["npm"],
+      matchPackageNames: ["eslint"],
+      allowedVersions: "<9",
+      description: "Constraint ESLint to version 8 until TypeScript-eslint supports ESLint 9", // https://github.com/typescript-eslint/typescript-eslint/issues/8211
+    },
+  ],
+  vulnerabilityAlerts: {
+    commitMessageSuffix: "",
+    labels: ["internal", "security"],
+  },
+}
--- a/.github/workflows/build-binaries.yml
+++ b/.github/workflows/build-binaries.yml
@@ -1,21 +1,23 @@
-name: "[ruff] Release"
+# Build ruff on all platforms.
+#
+# Generates both wheels (for PyPI) and archived binaries (for GitHub releases).
+#
+# Assumed to run as a subworkflow of .github/workflows/release.yml; specifically, as a local
+# artifacts job within `cargo-dist`.
+name: "Build binaries"

 on:
-  workflow_dispatch:
+  workflow_call:
    inputs:
-      tag:
-        description: "The version to tag, without the leading 'v'. If omitted, will initiate a dry run (no uploads)."
-        type: string
-      sha:
-        description: "The full sha of the commit to be released. If omitted, the latest commit on the default branch will be used."
-        default: ""
+      plan:
+        required: true
        type: string
  pull_request:
    paths:
-      # When we change pyproject.toml, we want to ensure that the maturin builds still work
+      # When we change pyproject.toml, we want to ensure that the maturin builds still work.
      - pyproject.toml
      # And when we change this workflow itself...
-      - .github/workflows/release.yaml
+      - .github/workflows/build-binaries.yml

 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
@@ -23,6 +25,7 @@ concurrency:

 env:
  PACKAGE_NAME: ruff
+  MODULE_NAME: ruff
  PYTHON_VERSION: "3.11"
  CARGO_INCREMENTAL: 0
  CARGO_NET_RETRY: 10
@@ -31,11 +34,12 @@ env:

 jobs:
  sdist:
+    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-build') }}
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
-          ref: ${{ inputs.sha }}
+          submodules: recursive
      - uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_VERSION }}
@@ -49,20 +53,21 @@ jobs:
      - name: "Test sdist"
        run: |
          pip install dist/${{ env.PACKAGE_NAME }}-*.tar.gz --force-reinstall
-          ruff --help
-          python -m ruff --help
+          ${{ env.MODULE_NAME }} --help
+          python -m ${{ env.MODULE_NAME }} --help
      - name: "Upload sdist"
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: wheels
+          name: wheels-sdist
          path: dist

  macos-x86_64:
-    runs-on: macos-latest
+    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-build') }}
+    runs-on: macos-12
    steps:
      - uses: actions/checkout@v4
        with:
-          ref: ${{ inputs.sha }}
+          submodules: recursive
      - uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_VERSION }}
@@ -74,69 +79,77 @@ jobs:
        with:
          target: x86_64
          args: --release --locked --out dist
-      - name: "Test wheel - x86_64"
+      - name: "Upload wheels"
+        uses: actions/upload-artifact@v4
+        with:
+          name: wheels-macos-x86_64
+          path: dist
+      - name: "Archive binary"
+        run: |
+          TARGET=x86_64-apple-darwin
+          ARCHIVE_NAME=ruff-$TARGET
+          ARCHIVE_FILE=$ARCHIVE_NAME.tar.gz
+
+          mkdir -p $ARCHIVE_NAME
+          cp target/$TARGET/release/ruff $ARCHIVE_NAME/ruff
+          tar czvf $ARCHIVE_FILE $ARCHIVE_NAME
+          shasum -a 256 $ARCHIVE_FILE > $ARCHIVE_FILE.sha256
+      - name: "Upload binary"
+        uses: actions/upload-artifact@v4
+        with:
+          name: artifacts-macos-x86_64
+          path: |
+            *.tar.gz
+            *.sha256
+
+  macos-aarch64:
+    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-build') }}
+    runs-on: macos-14
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: recursive
+      - uses: actions/setup-python@v5
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+          architecture: arm64
+      - name: "Prep README.md"
+        run: python scripts/transform_readme.py --target pypi
+      - name: "Build wheels - aarch64"
+        uses: PyO3/maturin-action@v1
+        with:
+          target: aarch64
+          args: --release --locked --out dist
+      - name: "Test wheel - aarch64"
        run: |
          pip install dist/${{ env.PACKAGE_NAME }}-*.whl --force-reinstall
          ruff --help
          python -m ruff --help
      - name: "Upload wheels"
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: wheels
+          name: wheels-aarch64-apple-darwin
          path: dist
      - name: "Archive binary"
        run: |
-          ARCHIVE_FILE=ruff-${{ inputs.tag }}-x86_64-apple-darwin.tar.gz
-          tar czvf $ARCHIVE_FILE -C target/x86_64-apple-darwin/release ruff
-          shasum -a 256 $ARCHIVE_FILE > $ARCHIVE_FILE.sha256
-      - name: "Upload binary"
-        uses: actions/upload-artifact@v3
-        with:
-          name: binaries
-          path: |
-            *.tar.gz
-            *.sha256
+          TARGET=aarch64-apple-darwin
+          ARCHIVE_NAME=ruff-$TARGET
+          ARCHIVE_FILE=$ARCHIVE_NAME.tar.gz

-  macos-universal:
-    runs-on: macos-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ inputs.sha }}
-      - uses: actions/setup-python@v5
-        with:
-          python-version: ${{ env.PYTHON_VERSION }}
-          architecture: x64
-      - name: "Prep README.md"
-        run: python scripts/transform_readme.py --target pypi
-      - name: "Build wheels - universal2"
-        uses: PyO3/maturin-action@v1
-        with:
-          args: --release --locked --target universal2-apple-darwin --out dist
-      - name: "Test wheel - universal2"
-        run: |
-          pip install dist/${{ env.PACKAGE_NAME }}-*universal2.whl --force-reinstall
-          ruff --help
-          python -m ruff --help
-      - name: "Upload wheels"
-        uses: actions/upload-artifact@v3
-        with:
-          name: wheels
-          path: dist
-      - name: "Archive binary"
-        run: |
-          ARCHIVE_FILE=ruff-${{ inputs.tag }}-aarch64-apple-darwin.tar.gz
-          tar czvf $ARCHIVE_FILE -C target/aarch64-apple-darwin/release ruff
+          mkdir -p $ARCHIVE_NAME
+          cp target/$TARGET/release/ruff $ARCHIVE_NAME/ruff
+          tar czvf $ARCHIVE_FILE $ARCHIVE_NAME
          shasum -a 256 $ARCHIVE_FILE > $ARCHIVE_FILE.sha256
      - name: "Upload binary"
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: binaries
+          name: artifacts-aarch64-apple-darwin
          path: |
            *.tar.gz
            *.sha256

  windows:
+    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-build') }}
    runs-on: windows-latest
    strategy:
      matrix:
@@ -150,7 +163,7 @@ jobs:
    steps:
      - uses: actions/checkout@v4
        with:
-          ref: ${{ inputs.sha }}
+          submodules: recursive
      - uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_VERSION }}
@@ -162,33 +175,37 @@ jobs:
        with:
          target: ${{ matrix.platform.target }}
          args: --release --locked --out dist
+        env:
+          # aarch64 build fails, see https://github.com/PyO3/maturin/issues/2110
+          XWIN_VERSION: 16
      - name: "Test wheel"
        if: ${{ !startsWith(matrix.platform.target, 'aarch64') }}
        shell: bash
        run: |
          python -m pip install dist/${{ env.PACKAGE_NAME }}-*.whl --force-reinstall
-          ruff --help
-          python -m ruff --help
+          ${{ env.MODULE_NAME }} --help
+          python -m ${{ env.MODULE_NAME }} --help
      - name: "Upload wheels"
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: wheels
+          name: wheels-${{ matrix.platform.target }}
          path: dist
      - name: "Archive binary"
        shell: bash
        run: |
-          ARCHIVE_FILE=ruff-${{ inputs.tag }}-${{ matrix.platform.target }}.zip
+          ARCHIVE_FILE=ruff-${{ matrix.platform.target }}.zip
          7z a $ARCHIVE_FILE ./target/${{ matrix.platform.target }}/release/ruff.exe
          sha256sum $ARCHIVE_FILE > $ARCHIVE_FILE.sha256
      - name: "Upload binary"
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: binaries
+          name: artifacts-${{ matrix.platform.target }}
          path: |
            *.zip
            *.sha256

  linux:
+    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-build') }}
    runs-on: ubuntu-latest
    strategy:
      matrix:
@@ -198,7 +215,7 @@ jobs:
    steps:
      - uses: actions/checkout@v4
        with:
-          ref: ${{ inputs.sha }}
+          submodules: recursive
      - uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_VERSION }}
@@ -215,27 +232,36 @@ jobs:
        if: ${{ startsWith(matrix.target, 'x86_64') }}
        run: |
          pip install dist/${{ env.PACKAGE_NAME }}-*.whl --force-reinstall
-          ruff --help
-          python -m ruff --help
+          ${{ env.MODULE_NAME }} --help
+          python -m ${{ env.MODULE_NAME }} --help
      - name: "Upload wheels"
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: wheels
+          name: wheels-${{ matrix.target }}
          path: dist
      - name: "Archive binary"
+        shell: bash
        run: |
-          ARCHIVE_FILE=ruff-${{ inputs.tag }}-${{ matrix.target }}.tar.gz
-          tar czvf $ARCHIVE_FILE -C target/${{ matrix.target }}/release ruff
+          set -euo pipefail
+
+          TARGET=${{ matrix.target }}
+          ARCHIVE_NAME=ruff-$TARGET
+          ARCHIVE_FILE=$ARCHIVE_NAME.tar.gz
+
+          mkdir -p $ARCHIVE_NAME
+          cp target/$TARGET/release/ruff $ARCHIVE_NAME/ruff
+          tar czvf $ARCHIVE_FILE $ARCHIVE_NAME
          shasum -a 256 $ARCHIVE_FILE > $ARCHIVE_FILE.sha256
      - name: "Upload binary"
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: binaries
+          name: artifacts-${{ matrix.target }}
          path: |
            *.tar.gz
            *.sha256

  linux-cross:
+    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-build') }}
    runs-on: ubuntu-latest
    strategy:
      matrix:
@@ -251,13 +277,19 @@ jobs:
            arch: s390x
          - target: powerpc64le-unknown-linux-gnu
            arch: ppc64le
+            # see https://github.com/astral-sh/ruff/issues/10073
+            maturin_docker_options: -e JEMALLOC_SYS_WITH_LG_PAGE=16
          - target: powerpc64-unknown-linux-gnu
            arch: ppc64
+            # see https://github.com/astral-sh/ruff/issues/10073
+            maturin_docker_options: -e JEMALLOC_SYS_WITH_LG_PAGE=16
+          - target: arm-unknown-linux-musleabihf
+            arch: arm

    steps:
      - uses: actions/checkout@v4
        with:
-          ref: ${{ inputs.sha }}
+          submodules: recursive
      - uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_VERSION }}
@@ -274,8 +306,8 @@ jobs:
        if: matrix.platform.arch != 'ppc64'
        name: Test wheel
        with:
-          arch: ${{ matrix.platform.arch }}
-          distro: ubuntu20.04
+          arch: ${{ matrix.platform.arch == 'arm' && 'armv6' || matrix.platform.arch }}
+          distro: ${{ matrix.platform.arch == 'arm' && 'bullseye' || 'ubuntu20.04' }}
          githubToken: ${{ github.token }}
          install: |
            apt-get update
@@ -285,24 +317,33 @@ jobs:
            pip3 install ${{ env.PACKAGE_NAME }} --no-index --find-links dist/ --force-reinstall
            ruff --help
      - name: "Upload wheels"
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: wheels
+          name: wheels-${{ matrix.platform.target }}
          path: dist
      - name: "Archive binary"
+        shell: bash
        run: |
-          ARCHIVE_FILE=ruff-${{ inputs.tag }}-${{ matrix.platform.target }}.tar.gz
-          tar czvf $ARCHIVE_FILE -C target/${{ matrix.platform.target }}/release ruff
+          set -euo pipefail
+
+          TARGET=${{ matrix.platform.target }}
+          ARCHIVE_NAME=ruff-$TARGET
+          ARCHIVE_FILE=$ARCHIVE_NAME.tar.gz
+
+          mkdir -p $ARCHIVE_NAME
+          cp target/$TARGET/release/ruff $ARCHIVE_NAME/ruff
+          tar czvf $ARCHIVE_FILE $ARCHIVE_NAME
          shasum -a 256 $ARCHIVE_FILE > $ARCHIVE_FILE.sha256
      - name: "Upload binary"
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: binaries
+          name: artifacts-${{ matrix.platform.target }}
          path: |
            *.tar.gz
            *.sha256

  musllinux:
+    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-build') }}
    runs-on: ubuntu-latest
    strategy:
      matrix:
@@ -312,7 +353,7 @@ jobs:
    steps:
      - uses: actions/checkout@v4
        with:
-          ref: ${{ inputs.sha }}
+          submodules: recursive
      - uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_VERSION }}
@@ -335,26 +376,35 @@ jobs:
            apk add python3
            python -m venv .venv
            .venv/bin/pip3 install ${{ env.PACKAGE_NAME }} --no-index --find-links dist/ --force-reinstall
-            .venv/bin/ruff check --help
+            .venv/bin/${{ env.MODULE_NAME }} --help
      - name: "Upload wheels"
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: wheels
+          name: wheels-${{ matrix.target }}
          path: dist
      - name: "Archive binary"
+        shell: bash
        run: |
-          ARCHIVE_FILE=ruff-${{ inputs.tag }}-${{ matrix.target }}.tar.gz
-          tar czvf $ARCHIVE_FILE -C target/${{ matrix.target }}/release ruff
+          set -euo pipefail
+
+          TARGET=${{ matrix.target }}
+          ARCHIVE_NAME=ruff-$TARGET
+          ARCHIVE_FILE=$ARCHIVE_NAME.tar.gz
+
+          mkdir -p $ARCHIVE_NAME
+          cp target/$TARGET/release/ruff $ARCHIVE_NAME/ruff
+          tar czvf $ARCHIVE_FILE $ARCHIVE_NAME
          shasum -a 256 $ARCHIVE_FILE > $ARCHIVE_FILE.sha256
      - name: "Upload binary"
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: binaries
+          name: artifacts-${{ matrix.target }}
          path: |
            *.tar.gz
            *.sha256

  musllinux-cross:
+    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-build') }}
    runs-on: ubuntu-latest
    strategy:
      matrix:
@@ -368,7 +418,7 @@ jobs:
    steps:
      - uses: actions/checkout@v4
        with:
-          ref: ${{ inputs.sha }}
+          submodules: recursive
      - uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_VERSION }}
@@ -392,202 +442,29 @@ jobs:
          run: |
            python -m venv .venv
            .venv/bin/pip3 install ${{ env.PACKAGE_NAME }} --no-index --find-links dist/ --force-reinstall
-            .venv/bin/ruff check --help
+            .venv/bin/${{ env.MODULE_NAME }} --help
      - name: "Upload wheels"
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: wheels
+          name: wheels-${{ matrix.platform.target }}
          path: dist
      - name: "Archive binary"
+        shell: bash
        run: |
-          ARCHIVE_FILE=ruff-${{ inputs.tag }}-${{ matrix.platform.target }}.tar.gz
-          tar czvf $ARCHIVE_FILE -C target/${{ matrix.platform.target }}/release ruff
+          set -euo pipefail
+
+          TARGET=${{ matrix.platform.target }}
+          ARCHIVE_NAME=ruff-$TARGET
+          ARCHIVE_FILE=$ARCHIVE_NAME.tar.gz
+
+          mkdir -p $ARCHIVE_NAME
+          cp target/$TARGET/release/ruff $ARCHIVE_NAME/ruff
+          tar czvf $ARCHIVE_FILE $ARCHIVE_NAME
          shasum -a 256 $ARCHIVE_FILE > $ARCHIVE_FILE.sha256
      - name: "Upload binary"
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
-          name: binaries
+          name: artifacts-${{ matrix.platform.target }}
          path: |
            *.tar.gz
            *.sha256
-
-  validate-tag:
-    name: Validate tag
-    runs-on: ubuntu-latest
-    # If you don't set an input tag, it's a dry run (no uploads).
-    if: ${{ inputs.tag }}
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: main # We checkout the main branch to check for the commit
-      - name: Check main branch
-        if: ${{ inputs.sha }}
-        run: |
-          # Fetch the main branch since a shallow checkout is used by default
-          git fetch origin main --unshallow
-          if ! git branch --contains ${{ inputs.sha }} | grep -E '(^|\s)main$'; then
-            echo "The specified sha is not on the main branch" >&2
-            exit 1
-          fi
-      - name: Check tag consistency
-        run: |
-          # Switch to the commit we want to release
-          git checkout ${{ inputs.sha }}
-          version=$(grep "version = " pyproject.toml | sed -e 's/version = "\(.*\)"/\1/g')
-          if [ "${{ inputs.tag }}" != "${version}" ]; then
-            echo "The input tag does not match the version from pyproject.toml:" >&2
-            echo "${{ inputs.tag }}" >&2
-            echo "${version}" >&2
-            exit 1
-          else
-            echo "Releasing ${version}"
-          fi
-
-  upload-release:
-    name: Upload to PyPI
-    runs-on: ubuntu-latest
-    needs:
-      - macos-universal
-      - macos-x86_64
-      - windows
-      - linux
-      - linux-cross
-      - musllinux
-      - musllinux-cross
-      - validate-tag
-    # If you don't set an input tag, it's a dry run (no uploads).
-    if: ${{ inputs.tag }}
-    environment:
-      name: release
-    permissions:
-      # For pypi trusted publishing
-      id-token: write
-    steps:
-      - uses: actions/download-artifact@v3
-        with:
-          name: wheels
-          path: wheels
-      - name: Publish to PyPi
-        uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          skip-existing: true
-          packages-dir: wheels
-          verbose: true
-
-  tag-release:
-    name: Tag release
-    runs-on: ubuntu-latest
-    needs: upload-release
-    # If you don't set an input tag, it's a dry run (no uploads).
-    if: ${{ inputs.tag }}
-    permissions:
-      # For git tag
-      contents: write
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ inputs.sha }}
-      - name: git tag
-        run: |
-          git config user.email "hey@astral.sh"
-          git config user.name "Ruff Release CI"
-          git tag -m "v${{ inputs.tag }}" "v${{ inputs.tag }}"
-          # If there is duplicate tag, this will fail. The publish to pypi action will have been a noop (due to skip
-          # existing), so we make a non-destructive exit here
-          git push --tags
-
-  publish-release:
-    name: Publish to GitHub
-    runs-on: ubuntu-latest
-    needs: tag-release
-    # If you don't set an input tag, it's a dry run (no uploads).
-    if: ${{ inputs.tag }}
-    permissions:
-      # For GitHub release publishing
-      contents: write
-    steps:
-      - uses: actions/download-artifact@v3
-        with:
-          name: binaries
-          path: binaries
-      - name: "Publish to GitHub"
-        uses: softprops/action-gh-release@v1
-        with:
-          draft: true
-          files: binaries/*
-          tag_name: v${{ inputs.tag }}
-
-  docker-publish:
-    # This action doesn't need to wait on any other task, it's easy to re-tag if something failed and we're validating
-    # the tag here also
-    name: Push Docker image ghcr.io/astral-sh/ruff
-    runs-on: ubuntu-latest
-    environment:
-      name: release
-    permissions:
-      # For the docker push
-      packages: write
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ inputs.sha }}
-
-      - uses: docker/setup-buildx-action@v3
-
-      - uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract metadata (tags, labels) for Docker
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ghcr.io/astral-sh/ruff
-
-      - name: Check tag consistency
-        # Unlike validate-tag we don't check if the commit is on the main branch, but it seems good enough since we can
-        # change docker tags
-        if: ${{ inputs.tag }}
-        run: |
-          version=$(grep "version = " pyproject.toml | sed -e 's/version = "\(.*\)"/\1/g')
-          if [ "${{ inputs.tag }}" != "${version}" ]; then
-            echo "The input tag does not match the version from pyproject.toml:" >&2
-            echo "${{ inputs.tag }}" >&2
-            echo "${version}" >&2
-            exit 1
-          else
-            echo "Releasing ${version}"
-          fi
-
-      - name: "Build and push Docker image"
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          platforms: linux/amd64,linux/arm64
-          # Reuse the builder
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-          push: ${{ inputs.tag != '' }}
-          tags: ghcr.io/astral-sh/ruff:latest,ghcr.io/astral-sh/ruff:${{ inputs.tag || 'dry-run' }}
-          labels: ${{ steps.meta.outputs.labels }}
-
-  # After the release has been published, we update downstream repositories
-  # This is separate because if this fails the release is still fine, we just need to do some manual workflow triggers
-  update-dependents:
-    name: Update dependents
-    runs-on: ubuntu-latest
-    needs: publish-release
-    steps:
-      - name: "Update pre-commit mirror"
-        uses: actions/github-script@v7
-        with:
-          github-token: ${{ secrets.RUFF_PRE_COMMIT_PAT }}
-          script: |
-            github.rest.actions.createWorkflowDispatch({
-              owner: 'astral-sh',
-              repo: 'ruff-pre-commit',
-              workflow_id: 'main.yml',
-              ref: 'main',
-            })
--- a/.github/workflows/build-docker.yml
+++ b/.github/workflows/build-docker.yml
@@ -0,0 +1,68 @@
+# Build and publish a Docker image.
+#
+# Assumed to run as a subworkflow of .github/workflows/release.yml; specifically, as a local
+# artifacts job within `cargo-dist`.
+#
+# TODO(charlie): Ideally, the publish step would happen as a publish job within `cargo-dist`, but
+# sharing the built image as an artifact between jobs is challenging.
+name: "[ruff] Build Docker image"
+
+on:
+  workflow_call:
+    inputs:
+      plan:
+        required: true
+        type: string
+  pull_request:
+    paths:
+      - .github/workflows/build-docker.yml
+
+jobs:
+  docker-publish:
+    name: Build Docker image (ghcr.io/astral-sh/ruff)
+    runs-on: ubuntu-latest
+    environment:
+      name: release
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: recursive
+
+      - uses: docker/setup-buildx-action@v3
+
+      - uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/astral-sh/ruff
+
+      - name: Check tag consistency
+        if: ${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }}
+        run: |
+          version=$(grep "version = " pyproject.toml | sed -e 's/version = "\(.*\)"/\1/g')
+          if [ "${{ fromJson(inputs.plan).announcement_tag }}" != "${version}" ]; then
+            echo "The input tag does not match the version from pyproject.toml:" >&2
+            echo "${{ fromJson(inputs.plan).announcement_tag }}" >&2
+            echo "${version}" >&2
+            exit 1
+          else
+            echo "Releasing ${version}"
+          fi
+
+      - name: "Build and push Docker image"
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          # Reuse the builder
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          push: ${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }}
+          tags: ghcr.io/astral-sh/ruff:latest,ghcr.io/astral-sh/ruff:${{ (inputs.plan != '' && fromJson(inputs.plan).announcement_tag) || 'dry-run' }}
+          labels: ${{ steps.meta.outputs.labels }}
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -23,6 +23,8 @@ jobs:
    name: "Determine changes"
    runs-on: ubuntu-latest
    outputs:
+      # Flag that is raised when any code that affects parser is changed
+      parser: ${{ steps.changed.outputs.parser_any_changed }}
      # Flag that is raised when any code that affects linter is changed
      linter: ${{ steps.changed.outputs.linter_any_changed }}
      # Flag that is raised when any code that affects formatter is changed
@@ -35,10 +37,21 @@ jobs:
        with:
          fetch-depth: 0

-      - uses: tj-actions/changed-files@v42
+      - uses: tj-actions/changed-files@v44
        id: changed
        with:
          files_yaml: |
+            parser:
+              - Cargo.toml
+              - Cargo.lock
+              - crates/ruff_python_trivia/**
+              - crates/ruff_source_file/**
+              - crates/ruff_text_size/**
+              - crates/ruff_python_ast/**
+              - crates/ruff_python_parser/**
+              - scripts/fuzz-parser/**
+              - .github/workflows/ci.yaml
+
            linter:
              - Cargo.toml
              - Cargo.lock
@@ -46,7 +59,6 @@ jobs:
              - "!crates/ruff_python_formatter/**"
              - "!crates/ruff_formatter/**"
              - "!crates/ruff_dev/**"
-              - "!crates/ruff_shrinking/**"
              - scripts/*
              - python/**
              - .github/workflows/ci.yaml
@@ -99,7 +111,7 @@ jobs:
      - name: "Clippy"
        run: cargo clippy --workspace --all-targets --all-features --locked -- -D warnings
      - name: "Clippy (wasm)"
-        run: cargo clippy -p ruff_wasm --target wasm32-unknown-unknown --all-features --locked -- -D warnings
+        run: cargo clippy -p ruff_wasm -p red_knot_wasm --target wasm32-unknown-unknown --all-features --locked -- -D warnings

  cargo-test-linux:
    name: "cargo test (linux)"
@@ -130,10 +142,17 @@ jobs:

      # Check for broken links in the documentation.
      - run: cargo doc --all --no-deps
+        env:
+          RUSTDOCFLAGS: "-D warnings"
+      # Use --document-private-items so that all our doc comments are kept in
+      # sync, not just public items. Eventually we should do this for all
+      # crates; for now add crates here as they are warning-clean to prevent
+      # regression.
+      - run: cargo doc --no-deps -p red_knot_python_semantic -p red_knot -p ruff_db --document-private-items
        env:
          # Setting RUSTDOCFLAGS because `cargo doc --check` isn't yet implemented (https://github.com/rust-lang/cargo/issues/10025).
          RUSTDOCFLAGS: "-D warnings"
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
        with:
          name: ruff
          path: target/debug/ruff
@@ -155,6 +174,9 @@ jobs:
      - uses: Swatinem/rust-cache@v2
      - name: "Run tests"
        shell: bash
+        env:
+          # Workaround for <https://github.com/nextest-rs/nextest/issues/1493>.
+          RUSTUP_WINDOWS_PATH_ADD_BIN: 1
        run: |
          cargo nextest run --all-features --profile ci
          cargo test --all-features --doc
@@ -176,10 +198,62 @@ jobs:
          cache-dependency-path: playground/package-lock.json
      - uses: jetli/wasm-pack-action@v0.4.0
      - uses: Swatinem/rust-cache@v2
-      - name: "Run wasm-pack"
+      - name: "Test ruff_wasm"
        run: |
          cd crates/ruff_wasm
          wasm-pack test --node
+      - name: "Test red_knot_wasm"
+        run: |
+          cd crates/red_knot_wasm
+          wasm-pack test --node
+
+  cargo-build-release:
+    name: "cargo build (release)"
+    runs-on: macos-latest
+    needs: determine_changes
+    if: ${{ needs.determine_changes.outputs.code == 'true' || github.ref == 'refs/heads/main' }}
+    timeout-minutes: 20
+    steps:
+      - uses: actions/checkout@v4
+      - name: "Install Rust toolchain"
+        run: rustup show
+      - name: "Install mold"
+        uses: rui314/setup-mold@v1
+      - uses: Swatinem/rust-cache@v2
+      - name: "Build"
+        run: cargo build --release --locked
+
+  cargo-build-msrv:
+    name: "cargo build (msrv)"
+    runs-on: ubuntu-latest
+    needs: determine_changes
+    if: ${{ needs.determine_changes.outputs.code == 'true' || github.ref == 'refs/heads/main' }}
+    timeout-minutes: 20
+    steps:
+      - uses: actions/checkout@v4
+      - uses: SebRollen/toml-action@v1.2.0
+        id: msrv
+        with:
+          file: "Cargo.toml"
+          field: "workspace.package.rust-version"
+      - name: "Install Rust toolchain"
+        run: rustup default ${{ steps.msrv.outputs.value }}
+      - name: "Install mold"
+        uses: rui314/setup-mold@v1
+      - name: "Install cargo nextest"
+        uses: taiki-e/install-action@v2
+        with:
+          tool: cargo-nextest
+      - name: "Install cargo insta"
+        uses: taiki-e/install-action@v2
+        with:
+          tool: cargo-insta
+      - uses: Swatinem/rust-cache@v2
+      - name: "Run tests"
+        shell: bash
+        env:
+          NEXTEST_PROFILE: "ci"
+        run: cargo +${{ steps.msrv.outputs.value }} insta test --all-features --unreferenced reject --test-runner nextest

  cargo-fuzz:
    name: "cargo fuzz"
@@ -194,12 +268,47 @@ jobs:
      - uses: Swatinem/rust-cache@v2
        with:
          workspaces: "fuzz -> target"
-      - name: "Install cargo-fuzz"
-        uses: taiki-e/install-action@v2
+      - name: "Install cargo-binstall"
+        uses: cargo-bins/cargo-binstall@main
        with:
          tool: cargo-fuzz@0.11.2
+      - name: "Install cargo-fuzz"
+        # Download the latest version from quick install and not the github releases because github releases only has MUSL targets.
+        run: cargo binstall cargo-fuzz --force  --disable-strategies crate-meta-data --no-confirm
      - run: cargo fuzz build -s none

+  fuzz-parser:
+    name: "Fuzz the parser"
+    runs-on: ubuntu-latest
+    needs:
+      - cargo-test-linux
+      - determine_changes
+    if: ${{ needs.determine_changes.outputs.parser == 'true' }}
+    timeout-minutes: 20
+    env:
+      FORCE_COLOR: 1
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+      - name: Install uv
+        run: curl -LsSf https://astral.sh/uv/install.sh | sh
+      - name: Install Python requirements
+        run: uv pip install -r scripts/fuzz-parser/requirements.txt --system
+      - uses: actions/download-artifact@v4
+        name: Download Ruff binary to test
+        id: download-cached-binary
+        with:
+          name: ruff
+          path: ruff-to-test
+      - name: Fuzz
+        run: |
+          # Make executable, since artifact download doesn't preserve this
+          chmod +x ${{ steps.download-cached-binary.outputs.download-path }}/ruff
+
+          python scripts/fuzz-parser/fuzz.py 0-500 --test-executable ${{ steps.download-cached-binary.outputs.download-path }}/ruff
+
  scripts:
    name: "test scripts"
    runs-on: ubuntu-latest
@@ -228,9 +337,7 @@ jobs:
      - determine_changes
    # Only runs on pull requests, since that is the only we way we can find the base version for comparison.
    # Ecosystem check needs linter and/or formatter changes.
-    if: github.event_name == 'pull_request' && ${{
-      needs.determine_changes.outputs.code == 'true'
-      }}
+    if: ${{ github.event_name == 'pull_request' && needs.determine_changes.outputs.code == 'true' }}
    timeout-minutes: 20
    steps:
      - uses: actions/checkout@v4
@@ -238,18 +345,19 @@ jobs:
        with:
          python-version: ${{ env.PYTHON_VERSION }}

-      - uses: actions/download-artifact@v3
+      - uses: actions/download-artifact@v4
        name: Download comparison Ruff binary
        id: ruff-target
        with:
          name: ruff
          path: target/debug

-      - uses: dawidd6/action-download-artifact@v3
+      - uses: dawidd6/action-download-artifact@v6
        name: Download baseline Ruff binary
        with:
          name: ruff
          branch: ${{ github.event.pull_request.base.ref }}
+          workflow: "ci.yaml"
          check_artifacts: true

      - name: Install ruff-ecosystem
@@ -324,34 +432,28 @@ jobs:
        run: |
          echo ${{ github.event.number }} > pr-number

-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
        name: Upload PR Number
        with:
          name: pr-number
          path: pr-number

-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v4
        name: Upload Results
        with:
          name: ecosystem-result
          path: ecosystem-result

-  cargo-udeps:
-    name: "cargo udeps"
+  cargo-shear:
+    name: "cargo shear"
    runs-on: ubuntu-latest
    needs: determine_changes
    if: ${{ needs.determine_changes.outputs.code == 'true' || github.ref == 'refs/heads/main' }}
-    timeout-minutes: 20
    steps:
      - uses: actions/checkout@v4
-      - name: "Install nightly Rust toolchain"
-        # Only pinned to make caching work, update freely
-        run: rustup toolchain install nightly-2023-10-15
-      - uses: Swatinem/rust-cache@v2
-      - name: "Install cargo-udeps"
-        uses: taiki-e/install-action@cargo-udeps
-      - name: "Run cargo-udeps"
-        run: cargo +nightly-2023-10-15 udeps
+      - uses: cargo-bins/cargo-binstall@main
+      - run: cargo binstall --no-confirm cargo-shear
+      - run: cargo shear

  python-package:
    name: "python package"
@@ -471,7 +573,7 @@ jobs:
      - determine_changes
    if: ${{ needs.determine_changes.outputs.code == 'true' || github.ref == 'refs/heads/main' }}
    steps:
-      - uses: extractions/setup-just@v1
+      - uses: extractions/setup-just@v2
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

@@ -484,7 +586,7 @@ jobs:
        with:
          python-version: ${{ env.PYTHON_VERSION }}

-      - uses: actions/download-artifact@v3
+      - uses: actions/download-artifact@v4
        name: Download development ruff binary
        id: ruff-target
        with:
@@ -508,7 +610,7 @@ jobs:
  benchmarks:
    runs-on: ubuntu-latest
    needs: determine_changes
-    if: ${{ needs.determine_changes.outputs.code == 'true' || github.ref == 'refs/heads/main' }}
+    if: ${{ github.repository == 'astral-sh/ruff' && (needs.determine_changes.outputs.code == 'true' || github.ref == 'refs/heads/main') }}
    timeout-minutes: 20
    steps:
      - name: "Checkout Branch"
@@ -528,7 +630,7 @@ jobs:
        run: cargo codspeed build --features codspeed -p ruff_benchmark

      - name: "Run benchmarks"
-        uses: CodSpeedHQ/action@v2
+        uses: CodSpeedHQ/action@v3
        with:
          run: cargo codspeed run
          token: ${{ secrets.CODSPEED_TOKEN }}
--- a/.github/workflows/daily_fuzz.yaml
+++ b/.github/workflows/daily_fuzz.yaml
@@ -0,0 +1,72 @@
+name: Daily parser fuzz
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 0 * * *"
+  pull_request:
+    paths:
+      - ".github/workflows/daily_fuzz.yaml"
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+env:
+  CARGO_INCREMENTAL: 0
+  CARGO_NET_RETRY: 10
+  CARGO_TERM_COLOR: always
+  RUSTUP_MAX_RETRIES: 10
+  PACKAGE_NAME: ruff
+  FORCE_COLOR: 1
+
+jobs:
+  fuzz:
+    name: Fuzz
+    runs-on: ubuntu-latest
+    timeout-minutes: 20
+    # Don't run the cron job on forks:
+    if: ${{ github.repository == 'astral-sh/ruff' || github.event_name != 'schedule' }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+      - name: Install uv
+        run: curl -LsSf https://astral.sh/uv/install.sh | sh
+      - name: Install Python requirements
+        run: uv pip install -r scripts/fuzz-parser/requirements.txt --system
+      - name: "Install Rust toolchain"
+        run: rustup show
+      - name: "Install mold"
+        uses: rui314/setup-mold@v1
+      - uses: Swatinem/rust-cache@v2
+      - name: Build ruff
+        # A debug build means the script runs slower once it gets started,
+        # but this is outweighed by the fact that a release build takes *much* longer to compile in CI
+        run: cargo build --locked
+      - name: Fuzz
+        run: python scripts/fuzz-parser/fuzz.py $(shuf -i 0-9999999999999999999 -n 1000) --test-executable target/debug/ruff
+
+  create-issue-on-failure:
+    name: Create an issue if the daily fuzz surfaced any bugs
+    runs-on: ubuntu-latest
+    needs: fuzz
+    if: ${{ github.repository == 'astral-sh/ruff' && always() && github.event_name == 'schedule' && needs.fuzz.result == 'failure' }}
+    permissions:
+      issues: write
+    steps:
+      - uses: actions/github-script@v7
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            await github.rest.issues.create({
+              owner: "astral-sh",
+              repo: "ruff",
+              title: `Daily parser fuzz failed on ${new Date().toDateString()}`,
+              body: "Runs listed here: https://github.com/astral-sh/ruff/actions/workflows/daily_fuzz.yml",
+              labels: ["bug", "parser", "fuzzer"],
+            })
--- a/.github/workflows/docs.yaml
+++ b/.github/workflows/docs.yaml
@@ -1,55 +0,0 @@
-name: mkdocs
-
-on:
-  workflow_dispatch:
-    inputs:
-      ref:
-        description: "The commit SHA, tag, or branch to publish. Uses the default branch if not specified."
-        default: ""
-        type: string
-  release:
-    types: [published]
-
-jobs:
-  mkdocs:
-    runs-on: ubuntu-latest
-    env:
-      CF_API_TOKEN_EXISTS: ${{ secrets.CF_API_TOKEN != '' }}
-      MKDOCS_INSIDERS_SSH_KEY_EXISTS: ${{ secrets.MKDOCS_INSIDERS_SSH_KEY != '' }}
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ inputs.ref }}
-      - uses: actions/setup-python@v5
-      - name: "Add SSH key"
-        if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS == 'true' }}
-        uses: webfactory/ssh-agent@v0.9.0
-        with:
-          ssh-private-key: ${{ secrets.MKDOCS_INSIDERS_SSH_KEY }}
-      - name: "Install Rust toolchain"
-        run: rustup show
-      - uses: Swatinem/rust-cache@v2
-      - name: "Install Insiders dependencies"
-        if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS == 'true' }}
-        run: pip install -r docs/requirements-insiders.txt
-      - name: "Install dependencies"
-        if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS != 'true' }}
-        run: pip install -r docs/requirements.txt
-      - name: "Copy README File"
-        run: |
-          python scripts/transform_readme.py --target mkdocs
-          python scripts/generate_mkdocs.py
-      - name: "Build Insiders docs"
-        if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS == 'true' }}
-        run: mkdocs build --strict -f mkdocs.insiders.yml
-      - name: "Build docs"
-        if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS != 'true' }}
-        run: mkdocs build --strict -f mkdocs.public.yml
-      - name: "Deploy to Cloudflare Pages"
-        if: ${{ env.CF_API_TOKEN_EXISTS == 'true' }}
-        uses: cloudflare/wrangler-action@v3.4.1
-        with:
-          apiToken: ${{ secrets.CF_API_TOKEN }}
-          accountId: ${{ secrets.CF_ACCOUNT_ID }}
-          # `github.head_ref` is only set during pull requests and for manual runs or tags we use `main` to deploy to production
-          command: pages deploy site --project-name=astral-docs --branch ${{ github.head_ref || 'main' }} --commit-hash ${GITHUB_SHA}
--- a/.github/workflows/notify-dependents.yml
+++ b/.github/workflows/notify-dependents.yml
@@ -0,0 +1,29 @@
+# Notify downstream repositories of a new release.
+#
+# Assumed to run as a subworkflow of .github/workflows/release.yml; specifically, as a post-announce
+# job within `cargo-dist`.
+name: "[ruff] Notify dependents"
+
+on:
+  workflow_call:
+    inputs:
+      plan:
+        required: true
+        type: string
+
+jobs:
+  update-dependents:
+    name: Notify dependents
+    runs-on: ubuntu-latest
+    steps:
+      - name: "Update pre-commit mirror"
+        uses: actions/github-script@v7
+        with:
+          github-token: ${{ secrets.RUFF_PRE_COMMIT_PAT }}
+          script: |
+            github.rest.actions.createWorkflowDispatch({
+              owner: 'astral-sh',
+              repo: 'ruff-pre-commit',
+              workflow_id: 'main.yml',
+              ref: 'main',
+            })
--- a/.github/workflows/pr-comment.yaml
+++ b/.github/workflows/pr-comment.yaml
@@ -17,12 +17,13 @@ jobs:
  comment:
    runs-on: ubuntu-latest
    steps:
-      - uses: dawidd6/action-download-artifact@v3
+      - uses: dawidd6/action-download-artifact@v6
        name: Download pull request number
        with:
          name: pr-number
          run_id: ${{ github.event.workflow_run.id ||  github.event.inputs.workflow_run_id }}
          if_no_artifact_found: ignore
+          allow_forks: true

      - name: Parse pull request number
        id: pr-number
@@ -32,7 +33,7 @@ jobs:
            echo "pr-number=$(<pr-number)" >> $GITHUB_OUTPUT
          fi

-      - uses: dawidd6/action-download-artifact@v3
+      - uses: dawidd6/action-download-artifact@v6
        name: "Download ecosystem results"
        id: download-ecosystem-result
        if: steps.pr-number.outputs.pr-number
@@ -43,11 +44,20 @@ jobs:
          path: pr/ecosystem
          workflow_conclusion: completed
          if_no_artifact_found: ignore
+          allow_forks: true

      - name: Generate comment content
        id: generate-comment
        if: steps.download-ecosystem-result.outputs.found_artifact == 'true'
        run: |
+          # Guard against malicious ecosystem results that symlink to a secret
+          # file on this runner
+          if [[ -L pr/ecosystem/ecosystem-result ]]
+          then
+              echo "Error: ecosystem-result cannot be a symlink"
+              exit 1
+          fi
+
          # Note this identifier is used to find the comment to update on
          # subsequent runs
          echo '<!-- generated-comment ecosystem -->' >> comment.txt
--- a/.github/workflows/publish-docs.yml
+++ b/.github/workflows/publish-docs.yml
@@ -0,0 +1,151 @@
+# Publish the Ruff documentation.
+#
+# Assumed to run as a subworkflow of .github/workflows/release.yml; specifically, as a post-announce
+# job within `cargo-dist`.
+name: mkdocs
+
+on:
+  workflow_dispatch:
+    inputs:
+      ref:
+        description: "The commit SHA, tag, or branch to publish. Uses the default branch if not specified."
+        default: ""
+        type: string
+  workflow_call:
+    inputs:
+      plan:
+        required: true
+        type: string
+
+jobs:
+  mkdocs:
+    runs-on: ubuntu-latest
+    env:
+      MKDOCS_INSIDERS_SSH_KEY_EXISTS: ${{ secrets.MKDOCS_INSIDERS_SSH_KEY != '' }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.ref }}
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: 3.12
+
+      - name: "Set docs version"
+        run: |
+          version="${{ (inputs.plan != '' && fromJson(inputs.plan).announcement_tag) || inputs.ref }}"
+          # if version is missing, exit with error
+          if [[ -z "$version" ]]; then
+          echo "Can't build docs without a version."
+          exit 1
+          fi
+
+          # Use version as display name for now
+          display_name="$version"
+
+          echo "version=$version" >> $GITHUB_ENV
+          echo "display_name=$display_name" >> $GITHUB_ENV
+
+      - name: "Set branch name"
+        run: |
+          version="${{ env.version }}"
+          display_name="${{ env.display_name }}"
+          timestamp="$(date +%s)"
+
+          # create branch_display_name from display_name by replacing all
+          # characters disallowed in git branch names with hyphens
+          branch_display_name="$(echo "$display_name" | tr -c '[:alnum:]._' '-' | tr -s '-')"
+
+          echo "branch_name=update-docs-$branch_display_name-$timestamp" >> $GITHUB_ENV
+          echo "timestamp=$timestamp" >> $GITHUB_ENV
+
+      - name: "Add SSH key"
+        if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS == 'true' }}
+        uses: webfactory/ssh-agent@v0.9.0
+        with:
+          ssh-private-key: ${{ secrets.MKDOCS_INSIDERS_SSH_KEY }}
+
+      - name: "Install Rust toolchain"
+        run: rustup show
+
+      - uses: Swatinem/rust-cache@v2
+
+      - name: "Install Insiders dependencies"
+        if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS == 'true' }}
+        run: pip install -r docs/requirements-insiders.txt
+
+      - name: "Install dependencies"
+        if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS != 'true' }}
+        run: pip install -r docs/requirements.txt
+
+      - name: "Copy README File"
+        run: |
+          python scripts/transform_readme.py --target mkdocs
+          python scripts/generate_mkdocs.py
+
+      - name: "Build Insiders docs"
+        if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS == 'true' }}
+        run: mkdocs build --strict -f mkdocs.insiders.yml
+
+      - name: "Build docs"
+        if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS != 'true' }}
+        run: mkdocs build --strict -f mkdocs.public.yml
+
+      - name: "Clone docs repo"
+        run: |
+          version="${{ env.version }}"
+          git clone https://${{ secrets.ASTRAL_DOCS_PAT }}@github.com/astral-sh/docs.git astral-docs
+
+      - name: "Copy docs"
+        run: rm -rf astral-docs/site/ruff && mkdir -p astral-docs/site && cp -r site/ruff astral-docs/site/
+
+      - name: "Commit docs"
+        working-directory: astral-docs
+        run: |
+          branch_name="${{ env.branch_name }}"
+
+          git config user.name "astral-docs-bot"
+          git config user.email "176161322+astral-docs-bot@users.noreply.github.com"
+
+          git checkout -b $branch_name
+          git add site/ruff
+          git commit -m "Update ruff documentation for $version"
+
+      - name: "Create Pull Request"
+        working-directory: astral-docs
+        env:
+          GITHUB_TOKEN: ${{ secrets.ASTRAL_DOCS_PAT }}
+        run: |
+          version="${{ env.version }}"
+          display_name="${{ env.display_name }}"
+          branch_name="${{ env.branch_name }}"
+
+          # set the PR title
+          pull_request_title="Update ruff documentation for $display_name"
+
+          # Delete any existing pull requests that are open for this version
+          # by checking against pull_request_title because the new PR will
+          # supersede the old one.
+          gh pr list --state open --json title --jq '.[] | select(.title == "$pull_request_title") | .number' | \
+            xargs -I {} gh pr close {}
+
+          # push the branch to GitHub
+          git push origin $branch_name
+
+          # create the PR
+          gh pr create --base main --head $branch_name \
+            --title "$pull_request_title" \
+            --body "Automated documentation update for $display_name" \
+            --label "documentation"
+
+      - name: "Merge Pull Request"
+        if: ${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }}
+        working-directory: astral-docs
+        env:
+          GITHUB_TOKEN: ${{ secrets.ASTRAL_DOCS_PAT }}
+        run: |
+          branch_name="${{ env.branch_name }}"
+          # auto-merge the PR if the build was triggered by a release. Manual builds should be reviewed by a human.
+          # give the PR a few seconds to be created before trying to auto-merge it
+          sleep 10
+          gh pr merge --squash $branch_name
--- a/.github/workflows/publish-playground.yml
+++ b/.github/workflows/publish-playground.yml
@@ -1,9 +1,16 @@
+# Publish the Ruff playground.
+#
+# Assumed to run as a subworkflow of .github/workflows/release.yml; specifically, as a post-announce
+# job within `cargo-dist`.
 name: "[Playground] Release"

 on:
  workflow_dispatch:
-  release:
-    types: [published]
+  workflow_call:
+    inputs:
+      plan:
+        required: true
+        type: string

 env:
  CARGO_INCREMENTAL: 0
@@ -40,7 +47,7 @@ jobs:
        working-directory: playground
      - name: "Deploy to Cloudflare Pages"
        if: ${{ env.CF_API_TOKEN_EXISTS == 'true' }}
-        uses: cloudflare/wrangler-action@v3.4.1
+        uses: cloudflare/wrangler-action@v3.7.0
        with:
          apiToken: ${{ secrets.CF_API_TOKEN }}
          accountId: ${{ secrets.CF_ACCOUNT_ID }}
--- a/.github/workflows/publish-pypi.yml
+++ b/.github/workflows/publish-pypi.yml
@@ -0,0 +1,34 @@
+# Publish a release to PyPI.
+#
+# Assumed to run as a subworkflow of .github/workflows/release.yml; specifically, as a publish job
+# within `cargo-dist`.
+name: "[ruff] Publish to PyPI"
+
+on:
+  workflow_call:
+    inputs:
+      plan:
+        required: true
+        type: string
+
+jobs:
+  pypi-publish:
+    name: Upload to PyPI
+    runs-on: ubuntu-latest
+    environment:
+      name: release
+    permissions:
+      # For PyPI's trusted publishing.
+      id-token: write
+    steps:
+      - uses: actions/download-artifact@v4
+        with:
+          pattern: wheels-*
+          path: wheels
+          merge-multiple: true
+      - name: Publish to PyPi
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          skip-existing: true
+          packages-dir: wheels
+          verbose: true
--- a/.github/workflows/publish-wasm.yml
+++ b/.github/workflows/publish-wasm.yml
@@ -0,0 +1,55 @@
+# Build and publish ruff-api for wasm.
+#
+# Assumed to run as a subworkflow of .github/workflows/release.yml; specifically, as a publish
+# job within `cargo-dist`.
+name: "Build and publish wasm"
+
+on:
+  workflow_dispatch:
+  workflow_call:
+    inputs:
+      plan:
+        required: true
+        type: string
+
+env:
+  CARGO_INCREMENTAL: 0
+  CARGO_NET_RETRY: 10
+  CARGO_TERM_COLOR: always
+  RUSTUP_MAX_RETRIES: 10
+
+jobs:
+  ruff_wasm:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    strategy:
+      matrix:
+        target: [web, bundler, nodejs]
+      fail-fast: false
+    steps:
+      - uses: actions/checkout@v4
+      - name: "Install Rust toolchain"
+        run: rustup target add wasm32-unknown-unknown
+      - uses: jetli/wasm-pack-action@v0.4.0
+      - uses: jetli/wasm-bindgen-action@v0.2.0
+      - name: "Run wasm-pack build"
+        run: wasm-pack build --target ${{ matrix.target }} crates/ruff_wasm
+      - name: "Rename generated package"
+        run: | # Replace the package name w/ jq
+          jq '.name="@astral-sh/ruff-wasm-${{ matrix.target }}"' crates/ruff_wasm/pkg/package.json > /tmp/package.json
+          mv /tmp/package.json crates/ruff_wasm/pkg
+      - run: cp LICENSE crates/ruff_wasm/pkg # wasm-pack does not put the LICENSE file in the pkg
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 18
+          registry-url: "https://registry.npmjs.org"
+      - name: "Publish (dry-run)"
+        if: ${{ inputs.plan == '' || fromJson(inputs.plan).announcement_tag_is_implicit }}
+        run: npm publish --dry-run crates/ruff_wasm/pkg
+      - name: "Publish"
+        if: ${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }}
+        run: npm publish --provenance --access public crates/ruff_wasm/pkg
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -0,0 +1,298 @@
+# Copyright 2022-2024, axodotdev
+# SPDX-License-Identifier: MIT or Apache-2.0
+#
+# CI that:
+#
+# * checks for a Git Tag that looks like a release
+# * builds artifacts with cargo-dist (archives, installers, hashes)
+# * uploads those artifacts to temporary workflow zip
+# * on success, uploads the artifacts to a GitHub Release
+#
+# Note that the GitHub Release will be created with a generated
+# title/body based on your changelogs.
+
+name: Release
+permissions:
+  "contents": "write"
+
+# This task will run whenever you workflow_dispatch with a tag that looks like a version
+# like "1.0.0", "v0.1.0-prerelease.1", "my-app/0.1.0", "releases/v1.0.0", etc.
+# Various formats will be parsed into a VERSION and an optional PACKAGE_NAME, where
+# PACKAGE_NAME must be the name of a Cargo package in your workspace, and VERSION
+# must be a Cargo-style SemVer Version (must have at least major.minor.patch).
+#
+# If PACKAGE_NAME is specified, then the announcement will be for that
+# package (erroring out if it doesn't have the given version or isn't cargo-dist-able).
+#
+# If PACKAGE_NAME isn't specified, then the announcement will be for all
+# (cargo-dist-able) packages in the workspace with that version (this mode is
+# intended for workspaces with only one dist-able package, or with all dist-able
+# packages versioned/released in lockstep).
+#
+# If you push multiple tags at once, separate instances of this workflow will
+# spin up, creating an independent announcement for each one. However, GitHub
+# will hard limit this to 3 tags per commit, as it will assume more tags is a
+# mistake.
+#
+# If there's a prerelease-style suffix to the version, then the release(s)
+# will be marked as a prerelease.
+on:
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: Release Tag
+        required: true
+        default: dry-run
+        type: string
+
+jobs:
+  # Run 'cargo dist plan' (or host) to determine what tasks we need to do
+  plan:
+    runs-on: "ubuntu-20.04"
+    outputs:
+      val: ${{ steps.plan.outputs.manifest }}
+      tag: ${{ (inputs.tag != 'dry-run' && inputs.tag) || '' }}
+      tag-flag: ${{ inputs.tag && inputs.tag != 'dry-run' && format('--tag={0}', inputs.tag) || '' }}
+      publishing: ${{ inputs.tag && inputs.tag != 'dry-run' }}
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: recursive
+      - name: Install cargo-dist
+        # we specify bash to get pipefail; it guards against the `curl` command
+        # failing. otherwise `sh` won't catch that `curl` returned non-0
+        shell: bash
+        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/axodotdev/cargo-dist/releases/download/v0.18.0/cargo-dist-installer.sh | sh"
+      - name: Cache cargo-dist
+        uses: actions/upload-artifact@v4
+        with:
+          name: cargo-dist-cache
+          path: ~/.cargo/bin/cargo-dist
+      # sure would be cool if github gave us proper conditionals...
+      # so here's a doubly-nested ternary-via-truthiness to try to provide the best possible
+      # functionality based on whether this is a pull_request, and whether it's from a fork.
+      # (PRs run on the *source* but secrets are usually on the *target* -- that's *good*
+      # but also really annoying to build CI around when it needs secrets to work right.)
+      - id: plan
+        run: |
+          cargo dist ${{ (inputs.tag && inputs.tag != 'dry-run' && format('host --steps=create --tag={0}', inputs.tag)) || 'plan' }} --output-format=json > plan-dist-manifest.json
+          echo "cargo dist ran successfully"
+          cat plan-dist-manifest.json
+          echo "manifest=$(jq -c "." plan-dist-manifest.json)" >> "$GITHUB_OUTPUT"
+      - name: "Upload dist-manifest.json"
+        uses: actions/upload-artifact@v4
+        with:
+          name: artifacts-plan-dist-manifest
+          path: plan-dist-manifest.json
+
+  custom-build-binaries:
+    needs:
+      - plan
+    if: ${{ needs.plan.outputs.publishing == 'true' || fromJson(needs.plan.outputs.val).ci.github.pr_run_mode == 'upload' || inputs.tag == 'dry-run' }}
+    uses: ./.github/workflows/build-binaries.yml
+    with:
+      plan: ${{ needs.plan.outputs.val }}
+    secrets: inherit
+
+  custom-build-docker:
+    needs:
+      - plan
+    if: ${{ needs.plan.outputs.publishing == 'true' || fromJson(needs.plan.outputs.val).ci.github.pr_run_mode == 'upload' || inputs.tag == 'dry-run' }}
+    uses: ./.github/workflows/build-docker.yml
+    with:
+      plan: ${{ needs.plan.outputs.val }}
+    secrets: inherit
+    permissions:
+      "contents": "read"
+      "packages": "write"
+
+  # Build and package all the platform-agnostic(ish) things
+  build-global-artifacts:
+    needs:
+      - plan
+      - custom-build-binaries
+      - custom-build-docker
+    runs-on: "ubuntu-20.04"
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      BUILD_MANIFEST_NAME: target/distrib/global-dist-manifest.json
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: recursive
+      - name: Install cached cargo-dist
+        uses: actions/download-artifact@v4
+        with:
+          name: cargo-dist-cache
+          path: ~/.cargo/bin/
+      - run: chmod +x ~/.cargo/bin/cargo-dist
+      # Get all the local artifacts for the global tasks to use (for e.g. checksums)
+      - name: Fetch local artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: artifacts-*
+          path: target/distrib/
+          merge-multiple: true
+      - id: cargo-dist
+        shell: bash
+        run: |
+          cargo dist build ${{ needs.plan.outputs.tag-flag }} --output-format=json "--artifacts=global" > dist-manifest.json
+          echo "cargo dist ran successfully"
+
+          # Parse out what we just built and upload it to scratch storage
+          echo "paths<<EOF" >> "$GITHUB_OUTPUT"
+          jq --raw-output ".upload_files[]" dist-manifest.json >> "$GITHUB_OUTPUT"
+          echo "EOF" >> "$GITHUB_OUTPUT"
+
+          cp dist-manifest.json "$BUILD_MANIFEST_NAME"
+      - name: "Upload artifacts"
+        uses: actions/upload-artifact@v4
+        with:
+          name: artifacts-build-global
+          path: |
+            ${{ steps.cargo-dist.outputs.paths }}
+            ${{ env.BUILD_MANIFEST_NAME }}
+  # Determines if we should publish/announce
+  host:
+    needs:
+      - plan
+      - custom-build-binaries
+      - custom-build-docker
+      - build-global-artifacts
+    # Only run if we're "publishing", and only if local and global didn't fail (skipped is fine)
+    if: ${{ always() && needs.plan.outputs.publishing == 'true' && (needs.build-global-artifacts.result == 'skipped' || needs.build-global-artifacts.result == 'success') && (needs.custom-build-binaries.result == 'skipped' || needs.custom-build-binaries.result == 'success') && (needs.custom-build-docker.result == 'skipped' || needs.custom-build-docker.result == 'success') }}
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    runs-on: "ubuntu-20.04"
+    outputs:
+      val: ${{ steps.host.outputs.manifest }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: recursive
+      - name: Install cached cargo-dist
+        uses: actions/download-artifact@v4
+        with:
+          name: cargo-dist-cache
+          path: ~/.cargo/bin/
+      - run: chmod +x ~/.cargo/bin/cargo-dist
+      # Fetch artifacts from scratch-storage
+      - name: Fetch artifacts
+        uses: actions/download-artifact@v4
+        with:
+          pattern: artifacts-*
+          path: target/distrib/
+          merge-multiple: true
+      # This is a harmless no-op for GitHub Releases, hosting for that happens in "announce"
+      - id: host
+        shell: bash
+        run: |
+          cargo dist host ${{ needs.plan.outputs.tag-flag }} --steps=upload --steps=release --output-format=json > dist-manifest.json
+          echo "artifacts uploaded and released successfully"
+          cat dist-manifest.json
+          echo "manifest=$(jq -c "." dist-manifest.json)" >> "$GITHUB_OUTPUT"
+      - name: "Upload dist-manifest.json"
+        uses: actions/upload-artifact@v4
+        with:
+          # Overwrite the previous copy
+          name: artifacts-dist-manifest
+          path: dist-manifest.json
+
+  custom-publish-pypi:
+    needs:
+      - plan
+      - host
+    if: ${{ !fromJson(needs.plan.outputs.val).announcement_is_prerelease || fromJson(needs.plan.outputs.val).publish_prereleases }}
+    uses: ./.github/workflows/publish-pypi.yml
+    with:
+      plan: ${{ needs.plan.outputs.val }}
+    secrets: inherit
+    # publish jobs get escalated permissions
+    permissions:
+      "id-token": "write"
+      "packages": "write"
+
+  custom-publish-wasm:
+    needs:
+      - plan
+      - host
+    if: ${{ !fromJson(needs.plan.outputs.val).announcement_is_prerelease || fromJson(needs.plan.outputs.val).publish_prereleases }}
+    uses: ./.github/workflows/publish-wasm.yml
+    with:
+      plan: ${{ needs.plan.outputs.val }}
+    secrets: inherit
+    # publish jobs get escalated permissions
+    permissions:
+      "contents": "read"
+      "id-token": "write"
+      "packages": "write"
+
+  # Create a GitHub Release while uploading all files to it
+  announce:
+    needs:
+      - plan
+      - host
+      - custom-publish-pypi
+      - custom-publish-wasm
+    # use "always() && ..." to allow us to wait for all publish jobs while
+    # still allowing individual publish jobs to skip themselves (for prereleases).
+    # "host" however must run to completion, no skipping allowed!
+    if: ${{ always() && needs.host.result == 'success' && (needs.custom-publish-pypi.result == 'skipped' || needs.custom-publish-pypi.result == 'success') && (needs.custom-publish-wasm.result == 'skipped' || needs.custom-publish-wasm.result == 'success') }}
+    runs-on: "ubuntu-20.04"
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: recursive
+      # Create a GitHub Release while uploading all files to it
+      - name: "Download GitHub Artifacts"
+        uses: actions/download-artifact@v4
+        with:
+          pattern: artifacts-*
+          path: artifacts
+          merge-multiple: true
+      - name: Cleanup
+        run: |
+          # Remove the granular manifests
+          rm -f artifacts/*-dist-manifest.json
+      - name: Create GitHub Release
+        env:
+          PRERELEASE_FLAG: "${{ fromJson(needs.host.outputs.val).announcement_is_prerelease && '--prerelease' || '' }}"
+          ANNOUNCEMENT_TITLE: "${{ fromJson(needs.host.outputs.val).announcement_title }}"
+          ANNOUNCEMENT_BODY: "${{ fromJson(needs.host.outputs.val).announcement_github_body }}"
+          RELEASE_COMMIT: "${{ github.sha }}"
+        run: |
+          # Write and read notes from a file to avoid quoting breaking things
+          echo "$ANNOUNCEMENT_BODY" > $RUNNER_TEMP/notes.txt
+
+          gh release create "${{ needs.plan.outputs.tag }}" --target "$RELEASE_COMMIT" $PRERELEASE_FLAG --title "$ANNOUNCEMENT_TITLE" --notes-file "$RUNNER_TEMP/notes.txt" artifacts/*
+
+  custom-notify-dependents:
+    needs:
+      - plan
+      - announce
+    uses: ./.github/workflows/notify-dependents.yml
+    with:
+      plan: ${{ needs.plan.outputs.val }}
+    secrets: inherit
+
+  custom-publish-docs:
+    needs:
+      - plan
+      - announce
+    uses: ./.github/workflows/publish-docs.yml
+    with:
+      plan: ${{ needs.plan.outputs.val }}
+    secrets: inherit
+
+  custom-publish-playground:
+    needs:
+      - plan
+      - announce
+    uses: ./.github/workflows/publish-playground.yml
+    with:
+      plan: ${{ needs.plan.outputs.val }}
+    secrets: inherit
--- a/.github/workflows/sync_typeshed.yaml
+++ b/.github/workflows/sync_typeshed.yaml
@@ -0,0 +1,80 @@
+name: Sync typeshed
+
+on:
+  workflow_dispatch:
+  schedule:
+    # Run on the 1st and the 15th of every month:
+    - cron: "0 0 1,15 * *"
+
+env:
+  FORCE_COLOR: 1
+  GH_TOKEN: ${{ github.token }}
+
+jobs:
+  sync:
+    name: Sync typeshed
+    runs-on: ubuntu-latest
+    timeout-minutes: 20
+    # Don't run the cron job on forks:
+    if: ${{ github.repository == 'astral-sh/ruff' || github.event_name != 'schedule' }}
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - uses: actions/checkout@v4
+        name: Checkout Ruff
+        with:
+          path: ruff
+      - uses: actions/checkout@v4
+        name: Checkout typeshed
+        with:
+          repository: python/typeshed
+          path: typeshed
+      - name: Setup git
+        run: |
+          git config --global user.name typeshedbot
+          git config --global user.email '<>'
+      - name: Sync typeshed
+        id: sync
+        run: |
+          rm -rf ruff/crates/red_knot_python_semantic/vendor/typeshed
+          mkdir ruff/crates/red_knot_python_semantic/vendor/typeshed
+          cp typeshed/README.md ruff/crates/red_knot_python_semantic/vendor/typeshed
+          cp typeshed/LICENSE ruff/crates/red_knot_python_semantic/vendor/typeshed
+          cp -r typeshed/stdlib ruff/crates/red_knot_python_semantic/vendor/typeshed/stdlib
+          rm -rf ruff/crates/red_knot_python_semantic/vendor/typeshed/stdlib/@tests
+          git -C typeshed rev-parse HEAD > ruff/crates/red_knot_python_semantic/vendor/typeshed/source_commit.txt
+      - name: Commit the changes
+        id: commit
+        if: ${{ steps.sync.outcome == 'success' }}
+        run: |
+          cd ruff
+          git checkout -b typeshedbot/sync-typeshed
+          git add .
+          git diff --staged --quiet || git commit -m "Sync typeshed. Source commit: https://github.com/python/typeshed/commit/$(git -C ../typeshed rev-parse HEAD)"
+      - name: Create a PR
+        if: ${{ steps.sync.outcome == 'success' && steps.commit.outcome == 'success' }}
+        run: |
+          cd ruff
+          git push --force origin typeshedbot/sync-typeshed
+          gh pr list --repo $GITHUB_REPOSITORY --head typeshedbot/sync-typeshed --json id --jq length | grep 1 && exit 0 # exit if there is existing pr
+          gh pr create --title "Sync vendored typeshed stubs" --body "Close and reopen this PR to trigger CI" --label "internal"
+
+  create-issue-on-failure:
+    name: Create an issue if the typeshed sync failed
+    runs-on: ubuntu-latest
+    needs: [sync]
+    if: ${{ github.repository == 'astral-sh/ruff' && always() && github.event_name == 'schedule' && needs.sync.result == 'failure' }}
+    permissions:
+      issues: write
+    steps:
+      - uses: actions/github-script@v7
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            await github.rest.issues.create({
+              owner: "astral-sh",
+              repo: "ruff",
+              title: `Automated typeshed sync failed on ${new Date().toDateString()}`,
+              body: "Runs are listed here: https://github.com/astral-sh/ruff/actions/workflows/sync_typeshed.yaml",
+            })
--- a/.gitignore
+++ b/.gitignore
@@ -21,6 +21,14 @@ flamegraph.svg
 # `CARGO_TARGET_DIR=target-llvm-lines RUSTFLAGS="-Csymbol-mangling-version=v0" cargo llvm-lines -p ruff --lib`
 /target*

+# samply profiles
+profile.json
+
+# tracing-flame traces
+tracing.folded
+tracing-flamechart.svg
+tracing-flamegraph.svg
+
 ###
 # Rust.gitignore
 ###
@@ -92,6 +100,7 @@ coverage.xml
 .hypothesis/
 .pytest_cache/
 cover/
+repos/

 # Translations
 *.mo
--- a/.markdownlint.yaml
+++ b/.markdownlint.yaml
@@ -14,7 +14,10 @@ MD041: false
 # MD013/line-length
 MD013: false

+# MD014/commands-show-output
+MD014: false
+
 # MD024/no-duplicate-heading
 MD024:
  # Allow when nested under different parents e.g. CHANGELOG.md
-  allow_different_nesting: true
+  siblings_only: true
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -2,6 +2,8 @@ fail_fast: true

 exclude: |
  (?x)^(
+    crates/red_knot_python_semantic/vendor/.*|
+    crates/red_knot_workspace/resources/.*|
    crates/ruff_linter/resources/.*|
    crates/ruff_linter/src/rules/.*/snapshots/.*|
    crates/ruff/resources/.*|
@@ -13,7 +15,7 @@ exclude: |

 repos:
  - repo: https://github.com/abravalheri/validate-pyproject
-    rev: v0.15
+    rev: v0.18
    hooks:
      - id: validate-pyproject

@@ -31,7 +33,7 @@ repos:
          )$

  - repo: https://github.com/igorshubovych/markdownlint-cli
-    rev: v0.37.0
+    rev: v0.41.0
    hooks:
      - id: markdownlint-fix
        exclude: |
@@ -41,7 +43,7 @@ repos:
          )$

  - repo: https://github.com/crate-ci/typos
-    rev: v1.16.22
+    rev: v1.23.6
    hooks:
      - id: typos

@@ -55,22 +57,17 @@ repos:
        pass_filenames: false # This makes it a lot faster

  - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.1.4
+    rev: v0.5.7
    hooks:
      - id: ruff-format
      - id: ruff
        args: [--fix, --exit-non-zero-on-fix]
        types_or: [python, pyi]
        require_serial: true
-        exclude: |
-          (?x)^(
-            crates/ruff_linter/resources/.*|
-            crates/ruff_python_formatter/resources/.*
-          )$

  # Prettier
  - repo: https://github.com/pre-commit/mirrors-prettier
-    rev: v3.0.3
+    rev: v3.1.0
    hooks:
      - id: prettier
        types: [yaml]
--- a/.prettierignore
+++ b/.prettierignore
@@ -0,0 +1,2 @@
+# Auto-generated by `cargo-dist`.
+.github/workflows/release.yml
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@@ -0,0 +1,5 @@
+{
+    "recommendations": [
+        "rust-lang.rust-analyzer"
+    ]
+}
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -0,0 +1,6 @@
+{
+    "rust-analyzer.check.extraArgs": [
+        "--all-features"
+    ],
+    "rust-analyzer.check.command": "clippy",
+}
--- a/BREAKING_CHANGES.md
+++ b/BREAKING_CHANGES.md
@@ -1,5 +1,101 @@
 # Breaking Changes

+## 0.6.0
+
+- Detect imports in `src` layouts by default for `isort` rules ([#12848](https://github.com/astral-sh/ruff/pull/12848))
+
+- The pytest rules `PT001` and `PT023` now default to omitting the decorator parentheses when there are no arguments ([#12838](https://github.com/astral-sh/ruff/pull/12838)).
+
+- Lint and format Jupyter Notebook by default ([#12878](https://github.com/astral-sh/ruff/pull/12878)).
+
+    You can disable specific rules for notebooks using [`per-file-ignores`](https://docs.astral.sh/ruff/settings/#lint_per-file-ignores):
+
+    ```toml
+    [tool.ruff.lint.per-file-ignores]
+    "*.ipynb" = ["E501"] # disable line-too-long in notebooks
+    ```
+
+    If you'd prefer to either only lint or only format Jupyter Notebook files, you can use the
+    section-specific `exclude` option to do so. For example, the following would only lint Jupyter
+    Notebook files and not format them:
+
+    ```toml
+    [tool.ruff.format]
+    exclude = ["*.ipynb"]
+    ```
+
+    And, conversely, the following would only format Jupyter Notebook files and not lint them:
+
+    ```toml
+    [tool.ruff.lint]
+    exclude = ["*.ipynb"]
+    ```
+
+    You can completely disable Jupyter Notebook support by updating the [`extend-exclude`](https://docs.astral.sh/ruff/settings/#extend-exclude) setting:
+
+    ```toml
+    [tool.ruff]
+    extend-exclude = ["*.ipynb"]
+    ```
+
+## 0.5.0
+
+- Follow the XDG specification to discover user-level configurations on macOS (same as on other Unix platforms)
+- Selecting `ALL` now excludes deprecated rules
+- The released archives now include an extra level of nesting, which can be removed with `--strip-components=1` when untarring.
+- The release artifact's file name no longer includes the version tag. This enables users to install via `/latest` URLs on GitHub.
+
+## 0.3.0
+
+### Ruff 2024.2 style
+
+The formatter now formats code according to the Ruff 2024.2 style guide. Read the [changelog](./CHANGELOG.md#030) for a detailed list of stabilized style changes.
+
+### `isort`: Use one blank line after imports in typing stub files ([#9971](https://github.com/astral-sh/ruff/pull/9971))
+
+Previously, Ruff used one or two blank lines (or the number configured by `isort.lines-after-imports`) after imports in typing stub files (`.pyi` files).
+The [typing style guide for stubs](https://typing.readthedocs.io/en/latest/source/stubs.html#style-guide) recommends using at most 1 blank line for grouping.
+As of this release, `isort` now always uses one blank line after imports in stub files, the same as the formatter.
+
+### `build` is no longer excluded by default ([#10093](https://github.com/astral-sh/ruff/pull/10093))
+
+Ruff maintains a list of directories and files that are excluded by default. This list now consists of the following patterns:
+
+- `.bzr`
+- `.direnv`
+- `.eggs`
+- `.git`
+- `.git-rewrite`
+- `.hg`
+- `.ipynb_checkpoints`
+- `.mypy_cache`
+- `.nox`
+- `.pants.d`
+- `.pyenv`
+- `.pytest_cache`
+- `.pytype`
+- `.ruff_cache`
+- `.svn`
+- `.tox`
+- `.venv`
+- `.vscode`
+- `__pypackages__`
+- `_build`
+- `buck-out`
+- `dist`
+- `node_modules`
+- `site-packages`
+- `venv`
+
+Previously, the `build` directory was included in this list. However, the `build` directory tends to be a not-unpopular directory
+name, and excluding it by default caused confusion. Ruff now no longer excludes `build` except if it is excluded by a `.gitignore` file
+or because it is listed in `extend-exclude`.
+
+### `--format` is no longer a valid `rule` or `linter` command option
+
+Previously, `ruff rule` and `ruff linter` accepted the `--format <FORMAT>` option as an alias for `--output-format`. Ruff no longer
+supports this alias. Please use `ruff rule --output-format <FORMAT>` and `ruff linter --output-format <FORMAT>` instead.
+
 ## 0.1.9

 ### `site-packages` is now excluded by default ([#5513](https://github.com/astral-sh/ruff/pull/5513))
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -33,27 +33,18 @@ Welcome! We're happy to have you here. Thank you in advance for your contributio

 ## The Basics

-Ruff welcomes contributions in the form of Pull Requests.
+Ruff welcomes contributions in the form of pull requests.

 For small changes (e.g., bug fixes), feel free to submit a PR.

 For larger changes (e.g., new lint rules, new functionality, new configuration options), consider
 creating an [**issue**](https://github.com/astral-sh/ruff/issues) outlining your proposed change.
-You can also join us on [**Discord**](https://discord.gg/c9MhzV8aU5) to discuss your idea with the
+You can also join us on [Discord](https://discord.com/invite/astral-sh) to discuss your idea with the
 community. We've labeled [beginner-friendly tasks](https://github.com/astral-sh/ruff/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22)
 in the issue tracker, along with [bugs](https://github.com/astral-sh/ruff/issues?q=is%3Aissue+is%3Aopen+label%3Abug)
 and [improvements](https://github.com/astral-sh/ruff/issues?q=is%3Aissue+is%3Aopen+label%3Aaccepted)
 that are ready for contributions.

-If you're looking for a place to start, we recommend implementing a new lint rule (see:
-[_Adding a new lint rule_](#example-adding-a-new-lint-rule), which will allow you to learn from and
-pattern-match against the examples in the existing codebase. Many lint rules are inspired by
-existing Python plugins, which can be used as a reference implementation.
-
-As a concrete example: consider taking on one of the rules from the [`flake8-pyi`](https://github.com/astral-sh/ruff/issues/848)
-plugin, and looking to the originating [Python source](https://github.com/PyCQA/flake8-pyi) for
-guidance.
-
 If you have suggestions on how we might improve the contributing documentation, [let us know](https://github.com/astral-sh/ruff/discussions/5693)!

 ### Prerequisites
@@ -107,9 +98,11 @@ RUFF_UPDATE_SCHEMA=1 cargo test  # Rust testing and updating ruff.schema.json
 pre-commit run --all-files --show-diff-on-failure  # Rust and Python formatting, Markdown and Python linting, etc.
 ```

-These checks will run on GitHub Actions when you open your Pull Request, but running them locally
+These checks will run on GitHub Actions when you open your pull request, but running them locally
 will save you time and expedite the merge process.

+If you're using VS Code, you can also install the recommended [rust-analyzer](https://marketplace.visualstudio.com/items?itemName=rust-lang.rust-analyzer) extension to get these checks while editing.
+
 Note that many code changes also require updating the snapshot tests, which is done interactively
 after running `cargo test` like so:

@@ -117,7 +110,14 @@ after running `cargo test` like so:
 cargo insta review
 ```

-Your Pull Request will be reviewed by a maintainer, which may involve a few rounds of iteration
+If your pull request relates to a specific lint rule, include the category and rule code in the
+title, as in the following examples:
+
+- \[`flake8-bugbear`\] Avoid false positive for usage after `continue` (`B031`)
+- \[`flake8-simplify`\] Detect implicit `else` cases in `needless-bool` (`SIM103`)
+- \[`pycodestyle`\] Implement `redundant-backslash` (`E502`)
+
+Your pull request will be reviewed by a maintainer, which may involve a few rounds of iteration
 prior to merging.

 ### Project Structure
@@ -125,8 +125,8 @@ prior to merging.
 Ruff is structured as a monorepo with a [flat crate structure](https://matklad.github.io/2021/08/22/large-rust-workspaces.html),
 such that all crates are contained in a flat `crates` directory.

-The vast majority of the code, including all lint rules, lives in the `ruff` crate (located at
-`crates/ruff_linter`). As a contributor, that's the crate that'll be most relevant to you.
+The vast majority of the code, including all lint rules, lives in the `ruff_linter` crate (located
+at `crates/ruff_linter`). As a contributor, that's the crate that'll be most relevant to you.

 At the time of writing, the repository includes the following crates:

@@ -199,11 +199,14 @@ and calling out to lint rule analyzer functions as it goes.
 If you need to inspect the AST, you can run `cargo dev print-ast` with a Python file. Grep
 for the `Diagnostic::new` invocations to understand how other, similar rules are implemented.

-Once you're satisfied with your code, add tests for your rule. See [rule testing](#rule-testing-fixtures-and-snapshots)
-for more details.
+Once you're satisfied with your code, add tests for your rule
+(see: [rule testing](#rule-testing-fixtures-and-snapshots)), and regenerate the documentation and
+associated assets (like our JSON Schema) with `cargo dev generate-all`.

-Finally, regenerate the documentation and other generated assets (like our JSON Schema) with:
-`cargo dev generate-all`.
+Finally, submit a pull request, and include the category, rule name, and rule code in the title, as
+in:
+
+> \[`pycodestyle`\] Implement `redundant-backslash` (`E502`)

 #### Rule naming convention

@@ -277,7 +280,7 @@ These represent, respectively: the schema used to parse the `pyproject.toml` fil
 intermediate representation; and the final, internal representation used to power Ruff.

 To add a new configuration option, you'll likely want to modify these latter few files (along with
-`arg.rs`, if appropriate). If you want to pattern-match against an existing example, grep for
+`args.rs`, if appropriate). If you want to pattern-match against an existing example, grep for
 `dummy_variable_rgx`, which defines a regular expression to match against acceptable unused
 variables (e.g., `_`).

@@ -316,7 +319,7 @@ To preview any changes to the documentation locally:
    ```

 The documentation should then be available locally at
-[http://127.0.0.1:8000/docs/](http://127.0.0.1:8000/docs/).
+[http://127.0.0.1:8000/ruff/](http://127.0.0.1:8000/ruff/).

 ## Release Process

@@ -329,13 +332,13 @@ even patch releases may contain [non-backwards-compatible changes](https://semve

 ### Creating a new release

-We use an experimental in-house tool for managing releases.
-
-1. Install `rooster`: `pip install git+https://github.com/zanieb/rooster@main`
-1. Run `rooster release`; this command will:
+1. Install `uv`: `curl -LsSf https://astral.sh/uv/install.sh | sh`
+1. Run `./scripts/release.sh`; this command will:
+    - Generate a temporary virtual environment with `rooster`
    - Generate a changelog entry in `CHANGELOG.md`
    - Update versions in `pyproject.toml` and `Cargo.toml`
    - Update references to versions in the `README.md` and documentation
+    - Display contributors for the release
 1. The changelog should then be editorialized for consistency
    - Often labels will be missing from pull requests they will need to be manually organized into the proper section
    - Changes should be edited to be user-facing descriptions, avoiding internal details
@@ -343,23 +346,22 @@ We use an experimental in-house tool for managing releases.
 1. Run `cargo check`. This should update the lock file with new versions.
 1. Create a pull request with the changelog and version updates
 1. Merge the PR
-1. Run the [release workflow](https://github.com/astral-sh/ruff/actions/workflows/release.yaml) with:
+1. Run the [release workflow](https://github.com/astral-sh/ruff/actions/workflows/release.yml) with:
    - The new version number (without starting `v`)
-    - The commit hash of the merged release pull request on `main`
 1. The release workflow will do the following:
    1. Build all the assets. If this fails (even though we tested in step 4), we haven't tagged or
-        uploaded anything, you can restart after pushing a fix.
+        uploaded anything, you can restart after pushing a fix. If you just need to rerun the build,
+        make sure you're [re-running all the failed
+        jobs](https://docs.github.com/en/actions/managing-workflow-runs/re-running-workflows-and-jobs#re-running-failed-jobs-in-a-workflow) and not just a single failed job.
    1. Upload to PyPI.
    1. Create and push the Git tag (as extracted from `pyproject.toml`). We create the Git tag only
        after building the wheels and uploading to PyPI, since we can't delete or modify the tag ([#4468](https://github.com/astral-sh/ruff/issues/4468)).
    1. Attach artifacts to draft GitHub release
    1. Trigger downstream repositories. This can fail non-catastrophically, as we can run any
        downstream jobs manually if needed.
-1. Publish the GitHub release
-    1. Open the draft release in the GitHub release section
-    1. Copy the changelog for the release into the GitHub release
-        - See previous releases for formatting of section headers
-    1. Generate the contributor list with `rooster contributors` and add to the release notes
+1. Verify the GitHub release:
+    1. The Changelog should match the content of `CHANGELOG.md`
+    1. Append the contributors from the `bump.sh` script
 1. If needed, [update the schemastore](https://github.com/astral-sh/ruff/blob/main/scripts/update_schemastore.py).
    1. One can determine if an update is needed when
        `git diff old-version-tag new-version-tag -- ruff.schema.json` returns a non-empty diff.
@@ -636,11 +638,11 @@ Otherwise, follow the instructions from the linux section.
 `cargo dev` is a shortcut for `cargo run --package ruff_dev --bin ruff_dev`. You can run some useful
 utils with it:

- `cargo dev print-ast <file>`: Print the AST of a python file using the
-    [RustPython parser](https://github.com/astral-sh/ruff/tree/main/crates/ruff_python_parser) that is
-    mainly used in Ruff. For `if True: pass # comment`, you can see the syntax tree, the byte offsets
-    for start and stop of each node and also how the `:` token, the comment and whitespace are not
-    represented anymore:
+- `cargo dev print-ast <file>`: Print the AST of a python file using Ruff's
+    [Python parser](https://github.com/astral-sh/ruff/tree/main/crates/ruff_python_parser).
+    For `if True: pass # comment`, you can see the syntax tree, the byte offsets for start and
+    stop of each node and also how the `:` token, the comment and whitespace are not represented
+    anymore:

 ```text
 [
@@ -813,8 +815,8 @@ To understand Ruff's import categorization system, we first need to define two c
    "project root".)
 - "Package root": The top-most directory defining the Python package that includes a given Python
    file. To find the package root for a given Python file, traverse up its parent directories until
-    you reach a parent directory that doesn't contain an `__init__.py` file (and isn't marked as
-    a [namespace package](https://docs.astral.sh/ruff/settings/#namespace-packages)); take the directory
+    you reach a parent directory that doesn't contain an `__init__.py` file (and isn't in a subtree
+    marked as a [namespace package](https://docs.astral.sh/ruff/settings/#namespace-packages)); take the directory
    just before that, i.e., the first directory in the package.

 For example, given:
@@ -903,15 +905,11 @@ There are three ways in which an import can be categorized as "first-party":
    package (e.g., `from foo import bar` or `import foo.bar`), they'll be classified as first-party
    automatically. This check is as simple as comparing the first segment of the current file's
    module path to the first segment of the import.
-1. **Source roots**: Ruff supports a `[src](https://docs.astral.sh/ruff/settings/#src)` setting, which
+1. **Source roots**: Ruff supports a [`src`](https://docs.astral.sh/ruff/settings/#src) setting, which
    sets the directories to scan when identifying first-party imports. The algorithm is
    straightforward: given an import, like `import foo`, iterate over the directories enumerated in
    the `src` setting and, for each directory, check for the existence of a subdirectory `foo` or a
    file `foo.py`.

-By default, `src` is set to the project root. In the above example, we'd want to set
-`src = ["./src"]` to ensure that we locate `./my_project/src/foo` and thus categorize `import foo`
-as first-party in `baz.py`. In practice, for this limited example, setting `src = ["./src"]` is
-unnecessary, as all imports within `./my_project/src/foo` would be categorized as first-party via
-the same-package heuristic; but if your project contains multiple packages, you'll want to set `src`
-explicitly.
+By default, `src` is set to the project root, along with `"src"` subdirectory in the project root.
+This ensures that Ruff supports both flat and "src" layouts out of the box.
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -4,7 +4,7 @@ resolver = "2"

 [workspace.package]
 edition = "2021"
-rust-version = "1.71"
+rust-version = "1.76"
 homepage = "https://docs.astral.sh/ruff"
 documentation = "https://docs.astral.sh/ruff"
 repository = "https://github.com/astral-sh/ruff"
@@ -12,108 +12,153 @@ authors = ["Charlie Marsh <charlie.r.marsh@gmail.com>"]
 license = "MIT"

 [workspace.dependencies]
-aho-corasick = { version = "1.1.2" }
+ruff = { path = "crates/ruff" }
+ruff_cache = { path = "crates/ruff_cache" }
+ruff_db = { path = "crates/ruff_db" }
+ruff_diagnostics = { path = "crates/ruff_diagnostics" }
+ruff_formatter = { path = "crates/ruff_formatter" }
+ruff_index = { path = "crates/ruff_index" }
+ruff_linter = { path = "crates/ruff_linter" }
+ruff_macros = { path = "crates/ruff_macros" }
+ruff_notebook = { path = "crates/ruff_notebook" }
+ruff_python_ast = { path = "crates/ruff_python_ast" }
+ruff_python_codegen = { path = "crates/ruff_python_codegen" }
+ruff_python_formatter = { path = "crates/ruff_python_formatter" }
+ruff_python_index = { path = "crates/ruff_python_index" }
+ruff_python_literal = { path = "crates/ruff_python_literal" }
+ruff_python_parser = { path = "crates/ruff_python_parser" }
+ruff_python_semantic = { path = "crates/ruff_python_semantic" }
+ruff_python_stdlib = { path = "crates/ruff_python_stdlib" }
+ruff_python_trivia = { path = "crates/ruff_python_trivia" }
+ruff_server = { path = "crates/ruff_server" }
+ruff_source_file = { path = "crates/ruff_source_file" }
+ruff_text_size = { path = "crates/ruff_text_size" }
+ruff_workspace = { path = "crates/ruff_workspace" }
+
+red_knot_python_semantic = { path = "crates/red_knot_python_semantic" }
+red_knot_server = { path = "crates/red_knot_server" }
+red_knot_workspace = { path = "crates/red_knot_workspace" }
+
+aho-corasick = { version = "1.1.3" }
 annotate-snippets = { version = "0.9.2", features = ["color"] }
-anyhow = { version = "1.0.79" }
-argfile = { version = "0.1.6" }
-assert_cmd = { version = "2.0.13" }
+anyhow = { version = "1.0.80" }
+argfile = { version = "0.2.0" }
 bincode = { version = "1.3.3" }
-bitflags = { version = "2.4.1" }
-bstr = { version = "1.9.0" }
+bitflags = { version = "2.5.0" }
+bstr = { version = "1.9.1" }
 cachedir = { version = "0.3.1" }
-chrono = { version = "0.4.34", default-features = false, features = ["clock"] }
-clap = { version = "4.4.18", features = ["derive"] }
-clap_complete_command = { version = "0.5.1" }
-clearscreen = { version = "2.0.0" }
-codspeed-criterion-compat = { version = "2.3.3", default-features = false }
+camino = { version = "1.1.7" }
+chrono = { version = "0.4.35", default-features = false, features = ["clock"] }
+clap = { version = "4.5.3", features = ["derive"] }
+clap_complete_command = { version = "0.6.0" }
+clearscreen = { version = "3.0.0" }
+codspeed-criterion-compat = { version = "2.6.0", default-features = false }
 colored = { version = "2.1.0" }
-configparser = { version = "3.0.3" }
 console_error_panic_hook = { version = "0.1.7" }
 console_log = { version = "1.0.0" }
-countme = { version ="3.0.1"}
+countme = { version = "3.0.1" }
+compact_str = "0.8.0"
 criterion = { version = "0.5.1", default-features = false }
-dirs = { version = "5.0.0" }
+crossbeam = { version = "0.8.4" }
+dashmap = { version = "6.0.1" }
 drop_bomb = { version = "0.1.5" }
-env_logger = { version ="0.10.1"}
+env_logger = { version = "0.11.0" }
+etcetera = { version = "0.8.0" }
 fern = { version = "0.6.1" }
 filetime = { version = "0.2.23" }
-fs-err = { version ="2.11.0"}
 glob = { version = "0.3.1" }
 globset = { version = "0.4.14" }
-hexf-parse = { version ="0.2.1"}
+hashbrown = "0.14.3"
 ignore = { version = "0.4.22" }
-imara-diff ={ version = "0.1.5"}
+imara-diff = { version = "0.1.5" }
 imperative = { version = "1.0.4" }
-indicatif ={ version = "0.17.8"}
-indoc ={ version = "2.0.4"}
-insta = { version = "1.34.0", feature = ["filters", "glob"] }
-insta-cmd = { version = "0.4.0" }
+indicatif = { version = "0.17.8" }
+indoc = { version = "2.0.4" }
+insta = { version = "1.35.1" }
+insta-cmd = { version = "0.6.0" }
 is-macro = { version = "0.3.5" }
 is-wsl = { version = "0.4.0" }
-itertools = { version = "0.12.1" }
-js-sys = { version = "0.3.67" }
-lalrpop-util = { version = "0.20.0", default-features = false }
-lexical-parse-float = { version = "0.8.0", features = ["format"] }
+itertools = { version = "0.13.0" }
+js-sys = { version = "0.3.69" }
+jod-thread = { version = "0.1.2" }
+libc = { version = "0.2.153" }
 libcst = { version = "1.1.0", default-features = false }
 log = { version = "0.4.17" }
+lsp-server = { version = "0.7.6" }
+lsp-types = { git = "https://github.com/astral-sh/lsp-types.git", rev = "3512a9f", features = [
+  "proposed",
+] }
+matchit = { version = "0.8.1" }
 memchr = { version = "2.7.1" }
-mimalloc = { version ="0.1.39"}
+mimalloc = { version = "0.1.39" }
 natord = { version = "1.0.9" }
 notify = { version = "6.1.1" }
 once_cell = { version = "1.19.0" }
+ordermap = { version = "0.5.0" }
 path-absolutize = { version = "3.1.1" }
+path-slash = { version = "0.2.1" }
 pathdiff = { version = "0.2.1" }
-pep440_rs = { version = "0.4.0", features = ["serde"] }
+pep440_rs = { version = "0.6.0", features = ["serde"] }
 pretty_assertions = "1.3.0"
-proc-macro2 = { version = "1.0.78" }
+proc-macro2 = { version = "1.0.79" }
 pyproject-toml = { version = "0.9.0" }
-quick-junit = { version = "0.3.5" }
+quick-junit = { version = "0.4.0" }
 quote = { version = "1.0.23" }
 rand = { version = "0.8.5" }
-rayon = { version = "1.8.1" }
+rayon = { version = "1.10.0" }
 regex = { version = "1.10.2" }
-result-like = { version = "0.5.0" }
-rustc-hash = { version = "1.1.0" }
+rustc-hash = { version = "2.0.0" }
+salsa = { git = "https://github.com/MichaReiser/salsa.git", tag = "red-knot-0.0.1" }
 schemars = { version = "0.8.16" }
-seahash = { version ="4.1.0"}
-semver = { version = "1.0.21" }
-serde = { version = "1.0.196", features = ["derive"] }
-serde-wasm-bindgen = { version = "0.6.3" }
+seahash = { version = "4.1.0" }
+serde = { version = "1.0.197", features = ["derive"] }
+serde-wasm-bindgen = { version = "0.6.4" }
 serde_json = { version = "1.0.113" }
 serde_test = { version = "1.0.152" }
-serde_with = { version = "3.6.0", default-features = false, features = ["macros"] }
+serde_with = { version = "3.6.0", default-features = false, features = [
+  "macros",
+] }
 shellexpand = { version = "3.0.0" }
-shlex = { version ="1.3.0"}
 similar = { version = "2.4.0", features = ["inline"] }
-smallvec = { version = "1.13.1" }
+smallvec = { version = "1.13.2" }
 static_assertions = "1.1.0"
-strum = { version = "0.25.0", features = ["strum_macros"] }
-strum_macros = { version = "0.25.3" }
-syn = { version = "2.0.40" }
-tempfile = { version ="3.9.0"}
+strum = { version = "0.26.0", features = ["strum_macros"] }
+strum_macros = { version = "0.26.0" }
+syn = { version = "2.0.55" }
+tempfile = { version = "3.9.0" }
 test-case = { version = "3.3.1" }
-thiserror = { version = "1.0.57" }
-tikv-jemallocator = { version ="0.5.0"}
-toml = { version = "0.8.9" }
+thiserror = { version = "1.0.58" }
+tikv-jemallocator = { version = "0.6.0" }
+toml = { version = "0.8.11" }
 tracing = { version = "0.1.40" }
+tracing-flame = { version = "0.2.0" }
 tracing-indicatif = { version = "0.3.6" }
-tracing-subscriber = { version = "0.3.18", features = ["env-filter"] }
+tracing-subscriber = { version = "0.3.18", default-features = false, features = ["env-filter", "fmt"] }
+tracing-tree = { version = "0.4.0" }
 typed-arena = { version = "2.0.2" }
-unic-ucd-category = { version ="0.9"}
+unic-ucd-category = { version = "0.9" }
 unicode-ident = { version = "1.0.12" }
 unicode-width = { version = "0.1.11" }
-unicode_names2 = { version = "1.2.1" }
-ureq = { version = "2.9.1" }
+unicode_names2 = { version = "1.2.2" }
+unicode-normalization = { version = "0.1.23" }
+ureq = { version = "2.9.6" }
 url = { version = "2.5.0" }
-uuid = { version = "1.6.1", features = ["v4", "fast-rng", "macro-diagnostics", "js"] }
+uuid = { version = "1.6.1", features = [
+  "v4",
+  "fast-rng",
+  "macro-diagnostics",
+  "js",
+] }
 walkdir = { version = "2.3.2" }
-wasm-bindgen = { version = "0.2.84" }
-wasm-bindgen-test = { version = "0.3.40" }
+wasm-bindgen = { version = "0.2.92" }
+wasm-bindgen-test = { version = "0.3.42" }
 wild = { version = "2" }
+zip = { version = "0.6.6", default-features = false }

 [workspace.lints.rust]
 unsafe_code = "warn"
 unreachable_pub = "warn"
+unexpected_cfgs = { level = "warn", check-cfg = ["cfg(fuzzing)", "cfg(codspeed)"] }

 [workspace.lints.clippy]
 pedantic = { level = "warn", priority = -2 }
@@ -122,6 +167,7 @@ char_lit_as_u8 = "allow"
 collapsible_else_if = "allow"
 collapsible_if = "allow"
 implicit_hasher = "allow"
+map_unwrap_or = "allow"
 match_same_arms = "allow"
 missing_errors_doc = "allow"
 missing_panics_doc = "allow"
@@ -176,3 +222,62 @@ opt-level = 1
 [profile.profiling]
 inherits = "release"
 debug = 1
+
+# The profile that 'cargo dist' will build with.
+[profile.dist]
+inherits = "release"
+
+# Config for 'cargo dist'
+[workspace.metadata.dist]
+# The preferred cargo-dist version to use in CI (Cargo.toml SemVer syntax)
+cargo-dist-version = "0.18.0"
+# CI backends to support
+ci = ["github"]
+# The installers to generate for each app
+installers = ["shell", "powershell"]
+# The archive format to use for windows builds (defaults .zip)
+windows-archive = ".zip"
+# The archive format to use for non-windows builds (defaults .tar.xz)
+unix-archive = ".tar.gz"
+# Target platforms to build apps for (Rust target-triple syntax)
+targets = [
+  "aarch64-apple-darwin",
+  "aarch64-pc-windows-msvc",
+  "aarch64-unknown-linux-gnu",
+  "aarch64-unknown-linux-musl",
+  "arm-unknown-linux-musleabihf",
+  "armv7-unknown-linux-gnueabihf",
+  "armv7-unknown-linux-musleabihf",
+  "i686-pc-windows-msvc",
+  "i686-unknown-linux-gnu",
+  "i686-unknown-linux-musl",
+  "powerpc64-unknown-linux-gnu",
+  "powerpc64le-unknown-linux-gnu",
+  "s390x-unknown-linux-gnu",
+  "x86_64-apple-darwin",
+  "x86_64-pc-windows-msvc",
+  "x86_64-unknown-linux-gnu",
+  "x86_64-unknown-linux-musl",
+]
+# Whether to auto-include files like READMEs, LICENSEs, and CHANGELOGs (default true)
+auto-includes = false
+# Whether cargo-dist should create a GitHub Release or use an existing draft
+create-release = true
+# Publish jobs to run in CI
+pr-run-mode = "skip"
+# Whether CI should trigger releases with dispatches instead of tag pushes
+dispatch-releases = true
+# The stage during which the GitHub Release should be created
+github-release = "announce"
+# Whether CI should include auto-generated code to build local artifacts
+build-local-artifacts = false
+# Local artifacts jobs to run in CI
+local-artifacts-jobs = ["./build-binaries", "./build-docker"]
+# Publish jobs to run in CI
+publish-jobs = ["./publish-pypi", "./publish-wasm"]
+# Announcement jobs to run in CI
+post-announce-jobs = ["./notify-dependents", "./publish-docs", "./publish-playground"]
+# Custom permissions for GitHub Jobs
+github-custom-job-permissions = { "build-docker" = { packages = "write", contents = "read" }, "publish-wasm" = { contents = "read", id-token = "write", packages = "write" } }
+# Whether to install an updater program
+install-updater = false
--- a/25
+++ b/25
@@ -1371,3 +1371,28 @@ are:
    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
    SOFTWARE.
  """
+
+- pydoclint, licensed as follows:
+  """
+    MIT License
+
+    Copyright (c) 2023 jsh9
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+  """
--- a/README.md
+++ b/README.md
@@ -4,11 +4,12 @@

 [![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)
 [![image](https://img.shields.io/pypi/v/ruff.svg)](https://pypi.python.org/pypi/ruff)
-[![image](https://img.shields.io/pypi/l/ruff.svg)](https://pypi.python.org/pypi/ruff)
+[![image](https://img.shields.io/pypi/l/ruff.svg)](https://github.com/astral-sh/ruff/blob/main/LICENSE)
 [![image](https://img.shields.io/pypi/pyversions/ruff.svg)](https://pypi.python.org/pypi/ruff)
 [![Actions status](https://github.com/astral-sh/ruff/workflows/CI/badge.svg)](https://github.com/astral-sh/ruff/actions)
+[![Discord](https://img.shields.io/badge/Discord-%235865F2.svg?logo=discord&logoColor=white)](https://discord.com/invite/astral-sh)

-[**Discord**](https://discord.gg/c9MhzV8aU5) | [**Docs**](https://docs.astral.sh/ruff/) | [**Playground**](https://play.ruff.rs/)
+[**Docs**](https://docs.astral.sh/ruff/) | [**Playground**](https://play.ruff.rs/)

 An extremely fast Python linter and code formatter, written in Rust.

@@ -27,15 +28,15 @@ An extremely fast Python linter and code formatter, written in Rust.
 - ⚡️ 10-100x faster than existing linters (like Flake8) and formatters (like Black)
 - 🐍 Installable via `pip`
 - 🛠️ `pyproject.toml` support
- 🤝 Python 3.12 compatibility
- ⚖️ Drop-in parity with [Flake8](https://docs.astral.sh/ruff/faq/#how-does-ruff-compare-to-flake8), isort, and Black
+- 🤝 Python 3.13 compatibility
+- ⚖️ Drop-in parity with [Flake8](https://docs.astral.sh/ruff/faq/#how-does-ruffs-linter-compare-to-flake8), isort, and [Black](https://docs.astral.sh/ruff/faq/#how-does-ruffs-formatter-compare-to-black)
 - 📦 Built-in caching, to avoid re-analyzing unchanged files
 - 🔧 Fix support, for automatic error correction (e.g., automatically remove unused imports)
- 📏 Over [700 built-in rules](https://docs.astral.sh/ruff/rules/), with native re-implementations
+- 📏 Over [800 built-in rules](https://docs.astral.sh/ruff/rules/), with native re-implementations
    of popular Flake8 plugins, like flake8-bugbear
 - ⌨️ First-party [editor integrations](https://docs.astral.sh/ruff/integrations/) for
-    [VS Code](https://github.com/astral-sh/ruff-vscode) and [more](https://github.com/astral-sh/ruff-lsp)
- 🌎 Monorepo-friendly, with [hierarchical and cascading configuration](https://docs.astral.sh/ruff/configuration/#pyprojecttoml-discovery)
+    [VS Code](https://github.com/astral-sh/ruff-vscode) and [more](https://docs.astral.sh/ruff/editors/setup)
+- 🌎 Monorepo-friendly, with [hierarchical and cascading configuration](https://docs.astral.sh/ruff/configuration/#config-file-discovery)

 Ruff aims to be orders of magnitude faster than alternative tools while integrating more
 functionality behind a single, common interface.
@@ -49,6 +50,7 @@ times faster than any individual tool.
 Ruff is extremely actively developed and used in major open-source projects like:

 - [Apache Airflow](https://github.com/apache/airflow)
+- [Apache Superset](https://github.com/apache/superset)
 - [FastAPI](https://github.com/tiangolo/fastapi)
 - [Hugging Face](https://github.com/huggingface/transformers)
 - [Pandas](https://github.com/pandas-dev/pandas)
@@ -117,7 +119,25 @@ For more, see the [documentation](https://docs.astral.sh/ruff/).
 Ruff is available as [`ruff`](https://pypi.org/project/ruff/) on PyPI:

 ```shell
+# With pip.
 pip install ruff
+
+# With pipx.
+pipx install ruff
+```
+
+Starting with version `0.5.0`, Ruff can be installed with our standalone installers:
+
+```shell
+# On macOS and Linux.
+curl -LsSf https://astral.sh/ruff/install.sh | sh
+
+# On Windows.
+powershell -c "irm https://astral.sh/ruff/install.ps1 | iex"
+
+# For a specific version.
+curl -LsSf https://astral.sh/ruff/0.6.0/install.sh | sh
+powershell -c "irm https://astral.sh/ruff/0.6.0/install.ps1 | iex"
 ```

 You can also install Ruff via [Homebrew](https://formulae.brew.sh/formula/ruff), [Conda](https://anaconda.org/conda-forge/ruff),
@@ -128,7 +148,7 @@ and with [a variety of other package managers](https://docs.astral.sh/ruff/insta
 To run Ruff as a linter, try any of the following:

 ```shell
-ruff check .                        # Lint all files in the current directory (and any subdirectories).
+ruff check                          # Lint all files in the current directory (and any subdirectories).
 ruff check path/to/code/            # Lint all files in `/path/to/code` (and any subdirectories).
 ruff check path/to/code/*.py        # Lint all `.py` files in `/path/to/code`.
 ruff check path/to/code/to/file.py  # Lint `file.py`.
@@ -138,7 +158,7 @@ ruff check @arguments.txt           # Lint using an input file, treating its con
 Or, to run Ruff as a formatter:

 ```shell
-ruff format .                        # Format all files in the current directory (and any subdirectories).
+ruff format                          # Format all files in the current directory (and any subdirectories).
 ruff format path/to/code/            # Format all files in `/path/to/code` (and any subdirectories).
 ruff format path/to/code/*.py        # Format all `.py` files in `/path/to/code`.
 ruff format path/to/code/to/file.py  # Format `file.py`.
@@ -150,7 +170,7 @@ Ruff can also be used as a [pre-commit](https://pre-commit.com/) hook via [`ruff
 ```yaml
 - repo: https://github.com/astral-sh/ruff-pre-commit
  # Ruff version.
-  rev: v0.2.1
+  rev: v0.6.0
  hooks:
    # Run the linter.
    - id: ruff
@@ -159,8 +179,7 @@ Ruff can also be used as a [pre-commit](https://pre-commit.com/) hook via [`ruff
    - id: ruff-format
 ```

-Ruff can also be used as a [VS Code extension](https://github.com/astral-sh/ruff-vscode) or
-alongside any other editor through the [Ruff LSP](https://github.com/astral-sh/ruff-lsp).
+Ruff can also be used as a [VS Code extension](https://github.com/astral-sh/ruff-vscode) or with [various other editors](https://docs.astral.sh/ruff/editors/setup).

 Ruff can also be used as a [GitHub Action](https://github.com/features/actions) via
 [`ruff-action`](https://github.com/chartboost/ruff-action):
@@ -172,7 +191,7 @@ jobs:
  ruff:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
      - uses: chartboost/ruff-action@v1
 ```

@@ -182,10 +201,9 @@ Ruff can be configured through a `pyproject.toml`, `ruff.toml`, or `.ruff.toml`
 [_Configuration_](https://docs.astral.sh/ruff/configuration/), or [_Settings_](https://docs.astral.sh/ruff/settings/)
 for a complete list of all configuration options).

-If left unspecified, Ruff's default configuration is equivalent to:
+If left unspecified, Ruff's default configuration is equivalent to the following `ruff.toml` file:

 ```toml
-[tool.ruff]
 # Exclude a variety of commonly ignored directories.
 exclude = [
    ".bzr",
@@ -223,7 +241,7 @@ indent-width = 4
 # Assume Python 3.8
 target-version = "py38"

-[tool.ruff.lint]
+[lint]
 # Enable Pyflakes (`F`) and a subset of the pycodestyle (`E`)  codes by default.
 select = ["E4", "E7", "E9", "F"]
 ignore = []
@@ -235,7 +253,7 @@ unfixable = []
 # Allow unused variables when underscore-prefixed.
 dummy-variable-rgx = "^(_+|(_+[a-zA-Z0-9_]*[a-zA-Z0-9]+?))$"

-[tool.ruff.format]
+[format]
 # Like Black, use double quotes for strings.
 quote-style = "double"

@@ -249,13 +267,27 @@ skip-magic-trailing-comma = false
 line-ending = "auto"
 ```

-Some configuration options can be provided via the command-line, such as those related to
-rule enablement and disablement, file discovery, and logging level:
+Note that, in a `pyproject.toml`, each section header should be prefixed with `tool.ruff`. For
+example, `[lint]` should be replaced with `[tool.ruff.lint]`.
+
+Some configuration options can be provided via dedicated command-line arguments, such as those
+related to rule enablement and disablement, file discovery, and logging level:

 ```shell
-ruff check path/to/code/ --select F401 --select F403 --quiet
+ruff check --select F401 --select F403 --quiet
 ```

+The remaining configuration options can be provided through a catch-all `--config` argument:
+
+```shell
+ruff check --config "lint.per-file-ignores = {'some_file.py' = ['F841']}"
+```
+
+To opt in to the latest lint rules, formatter style changes, interface updates, and more, enable
+[preview mode](https://docs.astral.sh/ruff/rules/) by setting `preview = true` in your configuration
+file or passing `--preview` on the command line. Preview mode enables a collection of unstable
+features that may change prior to stabilization.
+
 See `ruff help` for more on Ruff's top-level commands, or `ruff help check` and `ruff help format`
 for more on the linting and formatting commands, respectively.

@@ -263,7 +295,7 @@ for more on the linting and formatting commands, respectively.

 <!-- Begin section: Rules -->

-**Ruff supports over 700 lint rules**, many of which are inspired by popular tools like Flake8,
+**Ruff supports over 800 lint rules**, many of which are inspired by popular tools like Flake8,
 isort, pyupgrade, and others. Regardless of the rule's origin, Ruff re-implements every rule in
 Rust as a first-party feature.

@@ -319,7 +351,6 @@ quality tools, including:
 - [flake8-super](https://pypi.org/project/flake8-super/)
 - [flake8-tidy-imports](https://pypi.org/project/flake8-tidy-imports/)
 - [flake8-todos](https://pypi.org/project/flake8-todos/)
- [flake8-trio](https://pypi.org/project/flake8-trio/)
 - [flake8-type-checking](https://pypi.org/project/flake8-type-checking/)
 - [flake8-use-pathlib](https://pypi.org/project/flake8-use-pathlib/)
 - [flynt](https://pypi.org/project/flynt/) ([#2102](https://github.com/astral-sh/ruff/issues/2102))
@@ -341,14 +372,14 @@ For a complete enumeration of the supported rules, see [_Rules_](https://docs.as
 Contributions are welcome and highly appreciated. To get started, check out the
 [**contributing guidelines**](https://docs.astral.sh/ruff/contributing/).

-You can also join us on [**Discord**](https://discord.gg/c9MhzV8aU5).
+You can also join us on [**Discord**](https://discord.com/invite/astral-sh).

 ## Support

 Having trouble? Check out the existing issues on [**GitHub**](https://github.com/astral-sh/ruff/issues),
 or feel free to [**open a new one**](https://github.com/astral-sh/ruff/issues/new).

-You can also ask for help on [**Discord**](https://discord.gg/c9MhzV8aU5).
+You can also ask for help on [**Discord**](https://discord.com/invite/astral-sh).

 ## Acknowledgements

@@ -378,6 +409,7 @@ Ruff is released under the MIT license.

 Ruff is used by a number of major open-source projects and companies, including:

+- [Albumentations](https://github.com/albumentations-team/albumentations)
 - Amazon ([AWS SAM](https://github.com/aws/serverless-application-model))
 - Anthropic ([Python SDK](https://github.com/anthropics/anthropic-sdk-python))
 - [Apache Airflow](https://github.com/apache/airflow)
@@ -391,7 +423,9 @@ Ruff is used by a number of major open-source projects and companies, including:
 - [Dagger](https://github.com/dagger/dagger)
 - [Dagster](https://github.com/dagster-io/dagster)
 - Databricks ([MLflow](https://github.com/mlflow/mlflow))
+- [Dify](https://github.com/langgenius/dify)
 - [FastAPI](https://github.com/tiangolo/fastapi)
+- [Godot](https://github.com/godotengine/godot)
 - [Gradio](https://github.com/gradio-app/gradio)
 - [Great Expectations](https://github.com/great-expectations/great_expectations)
 - [HTTPX](https://github.com/encode/httpx)
@@ -400,10 +434,12 @@ Ruff is used by a number of major open-source projects and companies, including:
 - Hugging Face ([Transformers](https://github.com/huggingface/transformers),
    [Datasets](https://github.com/huggingface/datasets),
    [Diffusers](https://github.com/huggingface/diffusers))
+- IBM ([Qiskit](https://github.com/Qiskit/qiskit))
 - ING Bank ([popmon](https://github.com/ing-bank/popmon), [probatus](https://github.com/ing-bank/probatus))
 - [Ibis](https://github.com/ibis-project/ibis)
 - [ivy](https://github.com/unifyai/ivy)
 - [Jupyter](https://github.com/jupyter-server/jupyter_server)
+- [Kraken Tech](https://kraken.tech/)
 - [LangChain](https://github.com/hwchase17/langchain)
 - [Litestar](https://litestar.dev/)
 - [LlamaIndex](https://github.com/jerryjliu/llama_index)
@@ -413,15 +449,18 @@ Ruff is used by a number of major open-source projects and companies, including:
 - Microsoft ([Semantic Kernel](https://github.com/microsoft/semantic-kernel),
    [ONNX Runtime](https://github.com/microsoft/onnxruntime),
    [LightGBM](https://github.com/microsoft/LightGBM))
- Modern Treasury ([Python SDK](https://github.com/Modern-Treasury/modern-treasury-python-sdk))
+- Modern Treasury ([Python SDK](https://github.com/Modern-Treasury/modern-treasury-python))
 - Mozilla ([Firefox](https://github.com/mozilla/gecko-dev))
 - [Mypy](https://github.com/python/mypy)
+- [Nautobot](https://github.com/nautobot/nautobot)
 - Netflix ([Dispatch](https://github.com/Netflix/dispatch))
 - [Neon](https://github.com/neondatabase/neon)
+- [Nokia](https://nokia.com/)
 - [NoneBot](https://github.com/nonebot/nonebot2)
 - [NumPyro](https://github.com/pyro-ppl/numpyro)
 - [ONNX](https://github.com/onnx/onnx)
 - [OpenBB](https://github.com/OpenBB-finance/OpenBBTerminal)
+- [Open Wine Components](https://github.com/Open-Wine-Components/umu-launcher)
 - [PDM](https://github.com/pdm-project/pdm)
 - [PaddlePaddle](https://github.com/PaddlePaddle/Paddle)
 - [Pandas](https://github.com/pandas-dev/pandas)
@@ -449,6 +488,7 @@ Ruff is used by a number of major open-source projects and companies, including:
 - [Sphinx](https://github.com/sphinx-doc/sphinx)
 - [Stable Baselines3](https://github.com/DLR-RM/stable-baselines3)
 - [Starlette](https://github.com/encode/starlette)
+- [Streamlit](https://github.com/streamlit/streamlit)
 - [The Algorithms](https://github.com/TheAlgorithms/Python)
 - [Vega-Altair](https://github.com/altair-viz/altair)
 - WordPress ([Openverse](https://github.com/WordPress/openverse))
@@ -486,7 +526,7 @@ If you're using Ruff, consider adding the Ruff badge to your project's `README.m

 ## License

-MIT
+This repository is licensed under the [MIT License](https://github.com/astral-sh/ruff/blob/main/LICENSE)

 <div align="center">
  <a target="_blank" href="https://astral.sh" style="background:none">
--- a/_typos.toml
+++ b/_typos.toml
@@ -1,11 +1,21 @@
 [files]
 # https://github.com/crate-ci/typos/issues/868
-extend-exclude = ["**/resources/**/*", "**/snapshots/**/*"]
+extend-exclude = ["crates/red_knot_python_semantic/vendor/**/*", "**/resources/**/*", "**/snapshots/**/*"]

 [default.extend-words]
+"arange" = "arange"  # e.g. `numpy.arange`
 hel = "hel"
 whos = "whos"
 spawnve = "spawnve"
 ned = "ned"
+pn = "pn"  # `import panel as pd` is a thing
 poit = "poit"
 BA = "BA" # acronym for "Bad Allowed", used in testing.
+jod = "jod" # e.g., `jod-thread`
+
+[default]
+extend-ignore-re = [
+  # Line ignore with trailing "spellchecker:disable-line"
+  "(?Rm)^.*#\\s*spellchecker:disable-line$",
+  "LICENSEs",
+]
--- a/clippy.toml
+++ b/clippy.toml
@@ -1,7 +1,21 @@
 doc-valid-idents = [
-  "StackOverflow",
-  "CodeQL",
-  "IPython",
-  "NumPy",
  "..",
+  "CodeQL",
+  "FastAPI",
+  "IPython",
+  "LangChain",
+  "LibCST",
+  "McCabe",
+  "NumPy",
+  "SCREAMING_SNAKE_CASE",
+  "SQLAlchemy",
+  "StackOverflow",
+  "PyCharm",
+]
+
+ignore-interior-mutability = [
+  # Interned is read-only. The wrapped `Rc` never gets updated.
+  "ruff_formatter::format_element::Interned",
+  # The expression is read-only.
+  "ruff_python_ast::hashable::HashableExpr",
 ]
--- a/crates/red_knot/Cargo.toml
+++ b/crates/red_knot/Cargo.toml
@@ -0,0 +1,40 @@
+[package]
+name = "red_knot"
+version = "0.0.0"
+edition.workspace = true
+rust-version.workspace = true
+homepage.workspace = true
+documentation.workspace = true
+repository.workspace = true
+authors.workspace = true
+license.workspace = true
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+red_knot_python_semantic = { workspace = true }
+red_knot_workspace = { workspace = true }
+red_knot_server = { workspace = true }
+
+ruff_db = { workspace = true, features = ["os", "cache"] }
+
+anyhow = { workspace = true }
+chrono = { workspace = true }
+clap = { workspace = true, features = ["wrap_help"] }
+colored = { workspace = true }
+countme = { workspace = true, features = ["enable"] }
+crossbeam = { workspace = true }
+ctrlc = { version = "3.4.4" }
+rayon = { workspace = true }
+salsa = { workspace = true }
+tracing = { workspace = true, features = ["release_max_level_debug"] }
+tracing-subscriber = { workspace = true, features = ["env-filter", "fmt"] }
+tracing-flame = { workspace = true }
+tracing-tree = { workspace = true }
+
+[dev-dependencies]
+filetime = { workspace = true }
+tempfile = { workspace = true }
+
+[lints]
+workspace = true
--- a/crates/red_knot/docs/tracing-flamegraph.png
+++ b/crates/red_knot/docs/tracing-flamegraph.png
--- a/crates/red_knot/docs/tracing.md
+++ b/crates/red_knot/docs/tracing.md
@@ -0,0 +1,123 @@
+# Tracing
+
+Traces are a useful tool to narrow down the location of a bug or, at least, to understand why the compiler is doing a particular thing.
+Note, tracing messages with severity `debug` or greater are user-facing. They should be phrased accordingly.
+Tracing spans are only shown when using `-vvv`.
+
+## Verbosity levels
+
+The CLI supports different verbosity levels.
+
+- default: Only show errors and warnings.
+- `-v` activates `info!`: Show generally useful information such as paths of configuration files, detected platform, etc., but it's not a lot of messages, it's something you'll activate in CI by default. cargo build e.g. shows you which packages are fresh.
+- `-vv` activates `debug!` and timestamps: This should be enough information to get to the bottom of bug reports. When you're processing many packages or files, you'll get pages and pages of output, but each line is link to a specific action or state change.
+- `-vvv` activates `trace!` (only in debug builds) and shows tracing-spans: At this level, you're logging everything. Most of this is wasted, it's really slow, we dump e.g. the entire resolution graph. Only useful to developers, and you almost certainly want to use `RED_KNOT_LOG` to filter it down to the area your investigating.
+
+## `RED_KNOT_LOG`
+
+By default, the CLI shows messages from the `ruff` and `red_knot` crates. Tracing messages from other crates are not shown.
+The `RED_KNOT_LOG` environment variable allows you to customize which messages are shown by specifying one
+or more [filter directives](https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct.EnvFilter.html#directives).
+
+### Examples
+
+#### Show all debug messages
+
+Shows debug messages from all crates.
+
+```bash
+RED_KNOT_LOG=debug
+```
+
+#### Show salsa query execution messages
+
+Show the salsa `execute: my_query` messages in addition to all red knot messages.
+
+```bash
+RED_KNOT_LOG=ruff=trace,red_knot=trace,salsa=info
+```
+
+#### Show typing traces
+
+Only show traces for the `red_knot_python_semantic::types` module.
+
+```bash
+RED_KNOT_LOG="red_knot_python_semantic::types"
+```
+
+Note: Ensure that you use `-vvv` to see tracing spans.
+
+#### Show messages for a single file
+
+Shows all messages that are inside of a span for a specific file.
+
+```bash
+RED_KNOT_LOG=red_knot[{file=/home/micha/astral/test/x.py}]=trace
+```
+
+**Note**: Tracing still shows all spans because tracing can't know at the time of entering the span
+whether one if its children has the file `x.py`.
+
+**Note**: Salsa currently logs the entire memoized values. In our case, the source text and parsed AST.
+This very quickly leads to extremely long outputs.
+
+## Tracing and Salsa
+
+Be mindful about using `tracing` in Salsa queries, especially when using `warn` or `error` because it isn't guaranteed
+that the query will execute after restoring from a persistent cache. In which case the user won't see the message.
+
+For example, don't use `tracing` to show the user a message when generating a lint violation failed
+because the message would only be shown when linting the file the first time, but not on subsequent analysis
+runs or when restoring from a persistent cache. This can be confusing for users because they
+don't understand why a specific lint violation isn't raised. Instead, change your
+query to return the failure as part of the query's result or use a Salsa accumulator.
+
+## Tracing in tests
+
+You can use `ruff_db::testing::setup_logging` or `ruff_db::testing::setup_logging_with_filter` to set up logging in tests.
+
+```rust
+use ruff_db::testing::setup_logging;
+
+#[test]
+fn test() {
+  let _logging = setup_logging();
+
+  tracing::info!("This message will be printed to stderr");
+}
+```
+
+Note: Most test runners capture stderr and only show its output when a test fails.
+
+Note also that `setup_logging` only sets up logging for the current thread because [`set_global_default`](https://docs.rs/tracing/latest/tracing/subscriber/fn.set_global_default.html) can only be
+called **once**.
+
+## Release builds
+
+`trace!` events are removed in release builds.
+
+## Profiling
+
+Red Knot generates a folded stack trace  to the current directory named `tracing.folded` when setting the environment variable `RED_KNOT_LOG_PROFILE` to `1` or `true`.
+
+```bash
+RED_KNOT_LOG_PROFILE=1 red_knot -- --current-directory=../test -vvv
+```
+
+You can convert the textual representation into a visual one using `inferno`.
+
+```shell
+cargo install inferno
+```
+
+```shell
+# flamegraph
+cat tracing.folded | inferno-flamegraph > tracing-flamegraph.svg
+
+# flamechart
+cat tracing.folded | inferno-flamegraph --flamechart > tracing-flamechart.svg
+```
+
+![Example flamegraph](./tracing-flamegraph.png)
+
+See [`tracing-flame`](https://crates.io/crates/tracing-flame) for more details.
--- a/crates/red_knot/src/logging.rs
+++ b/crates/red_knot/src/logging.rs
@@ -0,0 +1,254 @@
+//! Sets up logging for Red Knot
+
+use anyhow::Context;
+use colored::Colorize;
+use std::fmt;
+use std::fs::File;
+use std::io::BufWriter;
+use tracing::log::LevelFilter;
+use tracing::{Event, Subscriber};
+use tracing_subscriber::fmt::format::Writer;
+use tracing_subscriber::fmt::{FmtContext, FormatEvent, FormatFields};
+use tracing_subscriber::registry::LookupSpan;
+use tracing_subscriber::EnvFilter;
+
+/// Logging flags to `#[command(flatten)]` into your CLI
+#[derive(clap::Args, Debug, Clone, Default)]
+#[command(about = None, long_about = None)]
+pub(crate) struct Verbosity {
+    #[arg(
+        long,
+        short = 'v',
+        help = "Use verbose output (or `-vv` and `-vvv` for more verbose output)",
+        action = clap::ArgAction::Count,
+        global = true,
+    )]
+    verbose: u8,
+}
+
+impl Verbosity {
+    /// Returns the verbosity level based on the number of `-v` flags.
+    ///
+    /// Returns `None` if the user did not specify any verbosity flags.
+    pub(crate) fn level(&self) -> VerbosityLevel {
+        match self.verbose {
+            0 => VerbosityLevel::Default,
+            1 => VerbosityLevel::Verbose,
+            2 => VerbosityLevel::ExtraVerbose,
+            _ => VerbosityLevel::Trace,
+        }
+    }
+}
+
+#[derive(Debug, Copy, Clone, Eq, PartialEq, Ord, PartialOrd)]
+pub(crate) enum VerbosityLevel {
+    /// Default output level. Only shows Ruff and Red Knot events up to the [`WARN`](tracing::Level::WARN).
+    Default,
+
+    /// Enables verbose output. Emits Ruff and Red Knot events up to the [`INFO`](tracing::Level::INFO).
+    /// Corresponds to `-v`.
+    Verbose,
+
+    /// Enables a more verbose tracing format and emits Ruff and Red Knot events up to [`DEBUG`](tracing::Level::DEBUG).
+    /// Corresponds to `-vv`
+    ExtraVerbose,
+
+    /// Enables all tracing events and uses a tree-like output format. Corresponds to `-vvv`.
+    Trace,
+}
+
+impl VerbosityLevel {
+    const fn level_filter(self) -> LevelFilter {
+        match self {
+            VerbosityLevel::Default => LevelFilter::Warn,
+            VerbosityLevel::Verbose => LevelFilter::Info,
+            VerbosityLevel::ExtraVerbose => LevelFilter::Debug,
+            VerbosityLevel::Trace => LevelFilter::Trace,
+        }
+    }
+
+    pub(crate) const fn is_trace(self) -> bool {
+        matches!(self, VerbosityLevel::Trace)
+    }
+
+    pub(crate) const fn is_extra_verbose(self) -> bool {
+        matches!(self, VerbosityLevel::ExtraVerbose)
+    }
+}
+
+pub(crate) fn setup_tracing(level: VerbosityLevel) -> anyhow::Result<TracingGuard> {
+    use tracing_subscriber::prelude::*;
+
+    // The `RED_KNOT_LOG` environment variable overrides the default log level.
+    let filter = if let Ok(log_env_variable) = std::env::var("RED_KNOT_LOG") {
+        EnvFilter::builder()
+            .parse(log_env_variable)
+            .context("Failed to parse directives specified in RED_KNOT_LOG environment variable.")?
+    } else {
+        match level {
+            VerbosityLevel::Default => {
+                // Show warning traces
+                EnvFilter::default().add_directive(tracing::level_filters::LevelFilter::WARN.into())
+            }
+            level => {
+                let level_filter = level.level_filter();
+
+                // Show info|debug|trace events, but allow `RED_KNOT_LOG` to override
+                let filter = EnvFilter::default().add_directive(
+                    format!("red_knot={level_filter}")
+                        .parse()
+                        .expect("Hardcoded directive to be valid"),
+                );
+
+                filter.add_directive(
+                    format!("ruff={level_filter}")
+                        .parse()
+                        .expect("Hardcoded directive to be valid"),
+                )
+            }
+        }
+    };
+
+    let (profiling_layer, guard) = setup_profile();
+
+    let registry = tracing_subscriber::registry()
+        .with(filter)
+        .with(profiling_layer);
+
+    if level.is_trace() {
+        let subscriber = registry.with(
+            tracing_tree::HierarchicalLayer::default()
+                .with_indent_lines(true)
+                .with_indent_amount(2)
+                .with_bracketed_fields(true)
+                .with_thread_ids(true)
+                .with_targets(true)
+                .with_writer(std::io::stderr)
+                .with_timer(tracing_tree::time::Uptime::default()),
+        );
+
+        subscriber.init();
+    } else {
+        let subscriber = registry.with(
+            tracing_subscriber::fmt::layer()
+                .event_format(RedKnotFormat {
+                    display_level: true,
+                    display_timestamp: level.is_extra_verbose(),
+                    show_spans: false,
+                })
+                .with_writer(std::io::stderr),
+        );
+
+        subscriber.init();
+    }
+
+    Ok(TracingGuard {
+        _flame_guard: guard,
+    })
+}
+
+#[allow(clippy::type_complexity)]
+fn setup_profile<S>() -> (
+    Option<tracing_flame::FlameLayer<S, BufWriter<File>>>,
+    Option<tracing_flame::FlushGuard<BufWriter<File>>>,
+)
+where
+    S: Subscriber + for<'span> LookupSpan<'span>,
+{
+    if let Ok("1" | "true") = std::env::var("RED_KNOT_LOG_PROFILE").as_deref() {
+        let (layer, guard) = tracing_flame::FlameLayer::with_file("tracing.folded")
+            .expect("Flame layer to be created");
+        (Some(layer), Some(guard))
+    } else {
+        (None, None)
+    }
+}
+
+pub(crate) struct TracingGuard {
+    _flame_guard: Option<tracing_flame::FlushGuard<BufWriter<File>>>,
+}
+
+struct RedKnotFormat {
+    display_timestamp: bool,
+    display_level: bool,
+    show_spans: bool,
+}
+
+/// See <https://docs.rs/tracing-subscriber/0.3.18/src/tracing_subscriber/fmt/format/mod.rs.html#1026-1156>
+impl<S, N> FormatEvent<S, N> for RedKnotFormat
+where
+    S: Subscriber + for<'a> LookupSpan<'a>,
+    N: for<'a> FormatFields<'a> + 'static,
+{
+    fn format_event(
+        &self,
+        ctx: &FmtContext<'_, S, N>,
+        mut writer: Writer<'_>,
+        event: &Event<'_>,
+    ) -> fmt::Result {
+        let meta = event.metadata();
+        let ansi = writer.has_ansi_escapes();
+
+        if self.display_timestamp {
+            let timestamp = chrono::Local::now()
+                .format("%Y-%m-%d %H:%M:%S.%f")
+                .to_string();
+            if ansi {
+                write!(writer, "{} ", timestamp.dimmed())?;
+            } else {
+                write!(
+                    writer,
+                    "{} ",
+                    chrono::Local::now().format("%Y-%m-%d %H:%M:%S.%f")
+                )?;
+            }
+        }
+
+        if self.display_level {
+            let level = meta.level();
+            // Same colors as tracing
+            if ansi {
+                let formatted_level = level.to_string();
+                match *level {
+                    tracing::Level::TRACE => {
+                        write!(writer, "{} ", formatted_level.purple().bold())?;
+                    }
+                    tracing::Level::DEBUG => write!(writer, "{} ", formatted_level.blue().bold())?,
+                    tracing::Level::INFO => write!(writer, "{} ", formatted_level.green().bold())?,
+                    tracing::Level::WARN => write!(writer, "{} ", formatted_level.yellow().bold())?,
+                    tracing::Level::ERROR => write!(writer, "{} ", level.to_string().red().bold())?,
+                }
+            } else {
+                write!(writer, "{level} ")?;
+            }
+        }
+
+        if self.show_spans {
+            let span = event.parent();
+            let mut seen = false;
+
+            let span = span
+                .and_then(|id| ctx.span(id))
+                .or_else(|| ctx.lookup_current());
+
+            let scope = span.into_iter().flat_map(|span| span.scope().from_root());
+
+            for span in scope {
+                seen = true;
+                if ansi {
+                    write!(writer, "{}:", span.metadata().name().bold())?;
+                } else {
+                    write!(writer, "{}:", span.metadata().name())?;
+                }
+            }
+
+            if seen {
+                writer.write_char(' ')?;
+            }
+        }
+
+        ctx.field_format().format_fields(writer.by_ref(), event)?;
+
+        writeln!(writer)
+    }
+}
--- a/crates/red_knot/src/main.rs
+++ b/crates/red_knot/src/main.rs
@@ -0,0 +1,374 @@
+use std::process::{ExitCode, Termination};
+use std::sync::Mutex;
+
+use anyhow::{anyhow, Context};
+use clap::Parser;
+use colored::Colorize;
+use crossbeam::channel as crossbeam_channel;
+use salsa::plumbing::ZalsaDatabase;
+
+use red_knot_python_semantic::{ProgramSettings, SearchPathSettings};
+use red_knot_server::run_server;
+use red_knot_workspace::db::RootDatabase;
+use red_knot_workspace::site_packages::VirtualEnvironment;
+use red_knot_workspace::watch;
+use red_knot_workspace::watch::WorkspaceWatcher;
+use red_knot_workspace::workspace::WorkspaceMetadata;
+use ruff_db::system::{OsSystem, System, SystemPath, SystemPathBuf};
+use target_version::TargetVersion;
+
+use crate::logging::{setup_tracing, Verbosity};
+
+mod logging;
+mod target_version;
+mod verbosity;
+
+#[derive(Debug, Parser)]
+#[command(
+    author,
+    name = "red-knot",
+    about = "An extremely fast Python type checker."
+)]
+#[command(version)]
+struct Args {
+    #[command(subcommand)]
+    pub(crate) command: Option<Command>,
+
+    #[arg(
+        long,
+        help = "Changes the current working directory.",
+        long_help = "Changes the current working directory before any specified operations. This affects the workspace and configuration discovery.",
+        value_name = "PATH"
+    )]
+    current_directory: Option<SystemPathBuf>,
+
+    #[arg(
+        long,
+        help = "Path to the virtual environment the project uses",
+        long_help = "\
+Path to the virtual environment the project uses. \
+If provided, red-knot will use the `site-packages` directory of this virtual environment \
+to resolve type information for the project's third-party dependencies.",
+        value_name = "PATH"
+    )]
+    venv_path: Option<SystemPathBuf>,
+
+    #[arg(
+        long,
+        value_name = "DIRECTORY",
+        help = "Custom directory to use for stdlib typeshed stubs"
+    )]
+    custom_typeshed_dir: Option<SystemPathBuf>,
+
+    #[arg(
+        long,
+        value_name = "PATH",
+        help = "Additional path to use as a module-resolution source (can be passed multiple times)"
+    )]
+    extra_search_path: Vec<SystemPathBuf>,
+
+    #[arg(
+        long,
+        help = "Python version to assume when resolving types",
+        default_value_t = TargetVersion::default(),
+        value_name="VERSION")
+    ]
+    target_version: TargetVersion,
+
+    #[clap(flatten)]
+    verbosity: Verbosity,
+
+    #[arg(
+        long,
+        help = "Run in watch mode by re-running whenever files change",
+        short = 'W'
+    )]
+    watch: bool,
+}
+
+#[derive(Debug, clap::Subcommand)]
+pub enum Command {
+    /// Start the language server
+    Server,
+}
+
+#[allow(clippy::print_stdout, clippy::unnecessary_wraps, clippy::print_stderr)]
+pub fn main() -> ExitStatus {
+    run().unwrap_or_else(|error| {
+        use std::io::Write;
+
+        // Use `writeln` instead of `eprintln` to avoid panicking when the stderr pipe is broken.
+        let mut stderr = std::io::stderr().lock();
+
+        // This communicates that this isn't a linter error but Red Knot itself hard-errored for
+        // some reason (e.g. failed to resolve the configuration)
+        writeln!(stderr, "{}", "Red Knot failed".red().bold()).ok();
+        // Currently we generally only see one error, but e.g. with io errors when resolving
+        // the configuration it is help to chain errors ("resolving configuration failed" ->
+        // "failed to read file: subdir/pyproject.toml")
+        for cause in error.chain() {
+            writeln!(stderr, "  {} {cause}", "Cause:".bold()).ok();
+        }
+
+        ExitStatus::Error
+    })
+}
+
+fn run() -> anyhow::Result<ExitStatus> {
+    let Args {
+        command,
+        current_directory,
+        custom_typeshed_dir,
+        extra_search_path: extra_paths,
+        venv_path,
+        target_version,
+        verbosity,
+        watch,
+    } = Args::parse_from(std::env::args().collect::<Vec<_>>());
+
+    if matches!(command, Some(Command::Server)) {
+        return run_server().map(|()| ExitStatus::Success);
+    }
+
+    let verbosity = verbosity.level();
+    countme::enable(verbosity.is_trace());
+    let _guard = setup_tracing(verbosity)?;
+
+    // The base path to which all CLI arguments are relative to.
+    let cli_base_path = {
+        let cwd = std::env::current_dir().context("Failed to get the current working directory")?;
+        SystemPathBuf::from_path_buf(cwd)
+            .map_err(|path| {
+                anyhow!(
+                    "The current working directory '{}' contains non-unicode characters. Red Knot only supports unicode paths.",
+                    path.display()
+                )
+            })?
+    };
+
+    let cwd = current_directory
+        .map(|cwd| {
+            if cwd.as_std_path().is_dir() {
+                Ok(SystemPath::absolute(&cwd, &cli_base_path))
+            } else {
+                Err(anyhow!(
+                    "Provided current-directory path '{cwd}' is not a directory."
+                ))
+            }
+        })
+        .transpose()?
+        .unwrap_or_else(|| cli_base_path.clone());
+
+    let system = OsSystem::new(cwd.clone());
+    let workspace_metadata = WorkspaceMetadata::from_path(system.current_directory(), &system)?;
+
+    // TODO: Verify the remaining search path settings eagerly.
+    let site_packages = venv_path
+        .map(|path| {
+            VirtualEnvironment::new(path, &OsSystem::new(cli_base_path))
+                .and_then(|venv| venv.site_packages_directories(&system))
+        })
+        .transpose()?
+        .unwrap_or_default();
+
+    // TODO: Respect the settings from the workspace metadata. when resolving the program settings.
+    let program_settings = ProgramSettings {
+        target_version: target_version.into(),
+        search_paths: SearchPathSettings {
+            extra_paths,
+            src_root: workspace_metadata.root().to_path_buf(),
+            custom_typeshed: custom_typeshed_dir,
+            site_packages,
+        },
+    };
+
+    // TODO: Use the `program_settings` to compute the key for the database's persistent
+    //   cache and load the cache if it exists.
+    let mut db = RootDatabase::new(workspace_metadata, program_settings, system)?;
+
+    let (main_loop, main_loop_cancellation_token) = MainLoop::new();
+
+    // Listen to Ctrl+C and abort the watch mode.
+    let main_loop_cancellation_token = Mutex::new(Some(main_loop_cancellation_token));
+    ctrlc::set_handler(move || {
+        let mut lock = main_loop_cancellation_token.lock().unwrap();
+
+        if let Some(token) = lock.take() {
+            token.stop();
+        }
+    })?;
+
+    let exit_status = if watch {
+        main_loop.watch(&mut db)?
+    } else {
+        main_loop.run(&mut db)
+    };
+
+    tracing::trace!("Counts for entire CLI run:\n{}", countme::get_all());
+
+    std::mem::forget(db);
+
+    Ok(exit_status)
+}
+
+#[derive(Copy, Clone)]
+pub enum ExitStatus {
+    /// Checking was successful and there were no errors.
+    Success = 0,
+
+    /// Checking was successful but there were errors.
+    Failure = 1,
+
+    /// Checking failed.
+    Error = 2,
+}
+
+impl Termination for ExitStatus {
+    fn report(self) -> ExitCode {
+        ExitCode::from(self as u8)
+    }
+}
+
+struct MainLoop {
+    /// Sender that can be used to send messages to the main loop.
+    sender: crossbeam_channel::Sender<MainLoopMessage>,
+
+    /// Receiver for the messages sent **to** the main loop.
+    receiver: crossbeam_channel::Receiver<MainLoopMessage>,
+
+    /// The file system watcher, if running in watch mode.
+    watcher: Option<WorkspaceWatcher>,
+}
+
+impl MainLoop {
+    fn new() -> (Self, MainLoopCancellationToken) {
+        let (sender, receiver) = crossbeam_channel::bounded(10);
+
+        (
+            Self {
+                sender: sender.clone(),
+                receiver,
+                watcher: None,
+            },
+            MainLoopCancellationToken { sender },
+        )
+    }
+
+    fn watch(mut self, db: &mut RootDatabase) -> anyhow::Result<ExitStatus> {
+        tracing::debug!("Starting watch mode");
+        let sender = self.sender.clone();
+        let watcher = watch::directory_watcher(move |event| {
+            sender.send(MainLoopMessage::ApplyChanges(event)).unwrap();
+        })?;
+
+        self.watcher = Some(WorkspaceWatcher::new(watcher, db));
+
+        self.run(db);
+
+        Ok(ExitStatus::Success)
+    }
+
+    fn run(mut self, db: &mut RootDatabase) -> ExitStatus {
+        self.sender.send(MainLoopMessage::CheckWorkspace).unwrap();
+
+        let result = self.main_loop(db);
+
+        tracing::debug!("Exiting main loop");
+
+        result
+    }
+
+    fn main_loop(&mut self, db: &mut RootDatabase) -> ExitStatus {
+        // Schedule the first check.
+        tracing::debug!("Starting main loop");
+
+        let mut revision = 0u64;
+
+        while let Ok(message) = self.receiver.recv() {
+            match message {
+                MainLoopMessage::CheckWorkspace => {
+                    let db = db.snapshot();
+                    let sender = self.sender.clone();
+
+                    // Spawn a new task that checks the workspace. This needs to be done in a separate thread
+                    // to prevent blocking the main loop here.
+                    rayon::spawn(move || {
+                        if let Ok(result) = db.check() {
+                            // Send the result back to the main loop for printing.
+                            sender
+                                .send(MainLoopMessage::CheckCompleted { result, revision })
+                                .unwrap();
+                        }
+                    });
+                }
+
+                MainLoopMessage::CheckCompleted {
+                    result,
+                    revision: check_revision,
+                } => {
+                    let has_diagnostics = !result.is_empty();
+                    if check_revision == revision {
+                        for diagnostic in result {
+                            tracing::error!("{}", diagnostic);
+                        }
+                    } else {
+                        tracing::debug!(
+                            "Discarding check result for outdated revision: current: {revision}, result revision: {check_revision}"
+                        );
+                    }
+
+                    if self.watcher.is_none() {
+                        return if has_diagnostics {
+                            ExitStatus::Failure
+                        } else {
+                            ExitStatus::Success
+                        };
+                    }
+
+                    tracing::trace!("Counts after last check:\n{}", countme::get_all());
+                }
+
+                MainLoopMessage::ApplyChanges(changes) => {
+                    revision += 1;
+                    // Automatically cancels any pending queries and waits for them to complete.
+                    db.apply_changes(changes);
+                    if let Some(watcher) = self.watcher.as_mut() {
+                        watcher.update(db);
+                    }
+                    self.sender.send(MainLoopMessage::CheckWorkspace).unwrap();
+                }
+                MainLoopMessage::Exit => {
+                    // Cancel any pending queries and wait for them to complete.
+                    // TODO: Don't use Salsa internal APIs
+                    //  [Zulip-Thread](https://salsa.zulipchat.com/#narrow/stream/333573-salsa-3.2E0/topic/Expose.20an.20API.20to.20cancel.20other.20queries)
+                    let _ = db.zalsa_mut();
+                    return ExitStatus::Success;
+                }
+            }
+
+            tracing::debug!("Waiting for next main loop message.");
+        }
+
+        ExitStatus::Success
+    }
+}
+
+#[derive(Debug)]
+struct MainLoopCancellationToken {
+    sender: crossbeam_channel::Sender<MainLoopMessage>,
+}
+
+impl MainLoopCancellationToken {
+    fn stop(self) {
+        self.sender.send(MainLoopMessage::Exit).unwrap();
+    }
+}
+
+/// Message sent from the orchestrator to the main loop.
+#[derive(Debug)]
+enum MainLoopMessage {
+    CheckWorkspace,
+    CheckCompleted { result: Vec<String>, revision: u64 },
+    ApplyChanges(Vec<watch::ChangeEvent>),
+    Exit,
+}
--- a/crates/red_knot/src/target_version.rs
+++ b/crates/red_knot/src/target_version.rs
@@ -0,0 +1,48 @@
+/// Enumeration of all supported Python versions
+///
+/// TODO: unify with the `PythonVersion` enum in the linter/formatter crates?
+#[derive(Copy, Clone, Hash, Debug, PartialEq, Eq, PartialOrd, Ord, Default, clap::ValueEnum)]
+pub enum TargetVersion {
+    Py37,
+    #[default]
+    Py38,
+    Py39,
+    Py310,
+    Py311,
+    Py312,
+    Py313,
+}
+
+impl TargetVersion {
+    const fn as_str(self) -> &'static str {
+        match self {
+            Self::Py37 => "py37",
+            Self::Py38 => "py38",
+            Self::Py39 => "py39",
+            Self::Py310 => "py310",
+            Self::Py311 => "py311",
+            Self::Py312 => "py312",
+            Self::Py313 => "py313",
+        }
+    }
+}
+
+impl std::fmt::Display for TargetVersion {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.write_str(self.as_str())
+    }
+}
+
+impl From<TargetVersion> for red_knot_python_semantic::PythonVersion {
+    fn from(value: TargetVersion) -> Self {
+        match value {
+            TargetVersion::Py37 => Self::PY37,
+            TargetVersion::Py38 => Self::PY38,
+            TargetVersion::Py39 => Self::PY39,
+            TargetVersion::Py310 => Self::PY310,
+            TargetVersion::Py311 => Self::PY311,
+            TargetVersion::Py312 => Self::PY312,
+            TargetVersion::Py313 => Self::PY313,
+        }
+    }
+}
--- a/crates/red_knot/src/verbosity.rs
+++ b/crates/red_knot/src/verbosity.rs
@@ -0,0 +1 @@
+
--- a/crates/red_knot/tests/file_watching.rs
+++ b/crates/red_knot/tests/file_watching.rs
--- a/crates/red_knot_python_semantic/Cargo.toml
+++ b/crates/red_knot_python_semantic/Cargo.toml
@@ -0,0 +1,50 @@
+[package]
+name = "red_knot_python_semantic"
+version = "0.0.0"
+publish = false
+authors = { workspace = true }
+edition = { workspace = true }
+rust-version = { workspace = true }
+homepage = { workspace = true }
+documentation = { workspace = true }
+repository = { workspace = true }
+license = { workspace = true }
+
+[dependencies]
+ruff_db = { workspace = true }
+ruff_index = { workspace = true }
+ruff_python_ast = { workspace = true }
+ruff_python_stdlib = { workspace = true }
+ruff_source_file = { workspace = true }
+ruff_text_size = { workspace = true }
+
+anyhow = { workspace = true }
+bitflags = { workspace = true }
+camino = { workspace = true }
+compact_str = { workspace = true }
+countme = { workspace = true }
+once_cell = { workspace = true }
+ordermap = { workspace = true }
+salsa = { workspace = true }
+tracing = { workspace = true }
+rustc-hash = { workspace = true }
+hashbrown = { workspace = true }
+
+[build-dependencies]
+path-slash = { workspace = true }
+walkdir = { workspace = true }
+zip = { workspace = true, features = ["zstd", "deflate"] }
+
+[dev-dependencies]
+ruff_db = { workspace = true, features = ["os", "testing"] }
+ruff_python_parser = { workspace = true }
+
+anyhow = { workspace = true }
+insta = { workspace = true }
+tempfile = { workspace = true }
+walkdir = { workspace = true }
+zip = { workspace = true }
+
+[lints]
+workspace = true
+
--- a/crates/red_knot_python_semantic/README.md
+++ b/crates/red_knot_python_semantic/README.md
@@ -0,0 +1,9 @@
+# Red Knot
+
+Semantic analysis for the red-knot project.
+
+## Vendored types for the stdlib
+
+This crate vendors [typeshed](https://github.com/python/typeshed)'s stubs for the standard library. The vendored stubs can be found in `crates/red_knot_python_semantic/vendor/typeshed`. The file `crates/red_knot_python_semantic/vendor/typeshed/source_commit.txt` tells you the typeshed commit that our vendored stdlib stubs currently correspond to.
+
+The typeshed stubs are updated every two weeks via an automated PR using the `sync_typeshed.yaml` workflow in the `.github/workflows` directory. This workflow can also be triggered at any time via [workflow dispatch](https://docs.github.com/en/actions/using-workflows/manually-running-a-workflow#running-a-workflow).
--- a/crates/red_knot_python_semantic/build.rs
+++ b/crates/red_knot_python_semantic/build.rs
@@ -0,0 +1,87 @@
+//! Build script to package our vendored typeshed files
+//! into a zip archive that can be included in the Ruff binary.
+//!
+//! This script should be automatically run at build time
+//! whenever the script itself changes, or whenever any files
+//! in `crates/red_knot_python_semantic/vendor/typeshed` change.
+
+use std::fs::File;
+use std::path::Path;
+
+use path_slash::PathExt;
+use zip::result::ZipResult;
+use zip::write::{FileOptions, ZipWriter};
+use zip::CompressionMethod;
+
+const TYPESHED_SOURCE_DIR: &str = "vendor/typeshed";
+const TYPESHED_ZIP_LOCATION: &str = "/zipped_typeshed.zip";
+
+/// Recursively zip the contents of an entire directory.
+///
+/// This routine is adapted from a recipe at
+/// <https://github.com/zip-rs/zip-old/blob/5d0f198124946b7be4e5969719a7f29f363118cd/examples/write_dir.rs>
+fn zip_dir(directory_path: &str, writer: File) -> ZipResult<File> {
+    let mut zip = ZipWriter::new(writer);
+
+    // Use deflated compression for WASM builds because compiling `zstd-sys` requires clang
+    // [source](https://github.com/gyscos/zstd-rs/wiki/Compile-for-WASM) which complicates the build
+    // by a lot. Deflated compression is slower but it shouldn't matter much for the WASM use case
+    // (WASM itself is already slower than a native build for a specific platform).
+    // We can't use `#[cfg(...)]` here because the target-arch in a build script is the
+    // architecture of the system running the build script and not the architecture of the build-target.
+    // That's why we use the `TARGET` environment variable here.
+    let method = if std::env::var("TARGET").unwrap().contains("wasm32") {
+        CompressionMethod::Deflated
+    } else {
+        CompressionMethod::Zstd
+    };
+
+    let options = FileOptions::default()
+        .compression_method(method)
+        .unix_permissions(0o644);
+
+    for entry in walkdir::WalkDir::new(directory_path) {
+        let dir_entry = entry.unwrap();
+        let absolute_path = dir_entry.path();
+        let normalized_relative_path = absolute_path
+            .strip_prefix(Path::new(directory_path))
+            .unwrap()
+            .to_slash()
+            .expect("Unexpected non-utf8 typeshed path!");
+
+        // Write file or directory explicitly
+        // Some unzip tools unzip files with directory paths correctly, some do not!
+        if absolute_path.is_file() {
+            println!("adding file {absolute_path:?} as {normalized_relative_path:?} ...");
+            zip.start_file(normalized_relative_path, options)?;
+            let mut f = File::open(absolute_path)?;
+            std::io::copy(&mut f, &mut zip).unwrap();
+        } else if !normalized_relative_path.is_empty() {
+            // Only if not root! Avoids path spec / warning
+            // and mapname conversion failed error on unzip
+            println!("adding dir {absolute_path:?} as {normalized_relative_path:?} ...");
+            zip.add_directory(normalized_relative_path, options)?;
+        }
+    }
+    zip.finish()
+}
+
+fn main() {
+    println!("cargo:rerun-if-changed={TYPESHED_SOURCE_DIR}");
+    assert!(
+        Path::new(TYPESHED_SOURCE_DIR).is_dir(),
+        "Where is typeshed?"
+    );
+    let out_dir = std::env::var("OUT_DIR").unwrap();
+
+    // N.B. Deliberately using `format!()` instead of `Path::join()` here,
+    // so that we use `/` as a path separator on all platforms.
+    // That enables us to load the typeshed zip at compile time in `module.rs`
+    // (otherwise we'd have to dynamically determine the exact path to the typeshed zip
+    // based on the default path separator for the specific platform we're on,
+    // which can't be done at compile time.)
+    let zipped_typeshed_location = format!("{out_dir}{TYPESHED_ZIP_LOCATION}");
+
+    let zipped_typeshed = File::create(zipped_typeshed_location).unwrap();
+    zip_dir(TYPESHED_SOURCE_DIR, zipped_typeshed).unwrap();
+}
--- a/crates/red_knot_python_semantic/src/ast_node_ref.rs
+++ b/crates/red_knot_python_semantic/src/ast_node_ref.rs
@@ -0,0 +1,163 @@
+use std::hash::Hash;
+use std::ops::Deref;
+
+use ruff_db::parsed::ParsedModule;
+
+/// Ref-counted owned reference to an AST node.
+///
+/// The type holds an owned reference to the node's ref-counted [`ParsedModule`].
+/// Holding on to the node's [`ParsedModule`] guarantees that the reference to the
+/// node must still be valid.
+///
+/// Holding on to any [`AstNodeRef`] prevents the [`ParsedModule`] from being released.
+///
+/// ## Equality
+/// Two `AstNodeRef` are considered equal if their wrapped nodes are equal.
+#[derive(Clone)]
+pub struct AstNodeRef<T> {
+    /// Owned reference to the node's [`ParsedModule`].
+    ///
+    /// The node's reference is guaranteed to remain valid as long as it's enclosing
+    /// [`ParsedModule`] is alive.
+    _parsed: ParsedModule,
+
+    /// Pointer to the referenced node.
+    node: std::ptr::NonNull<T>,
+}
+
+#[allow(unsafe_code)]
+impl<T> AstNodeRef<T> {
+    /// Creates a new `AstNodeRef` that reference `node`. The `parsed` is the [`ParsedModule`] to
+    /// which the `AstNodeRef` belongs.
+    ///
+    /// ## Safety
+    /// Dereferencing the `node` can result in undefined behavior if `parsed` isn't the
+    /// [`ParsedModule`] to which `node` belongs. It's the caller's responsibility to ensure that
+    /// the invariant `node belongs to parsed` is upheld.
+
+    pub(super) unsafe fn new(parsed: ParsedModule, node: &T) -> Self {
+        Self {
+            _parsed: parsed,
+            node: std::ptr::NonNull::from(node),
+        }
+    }
+
+    /// Returns a reference to the wrapped node.
+    pub fn node(&self) -> &T {
+        // SAFETY: Holding on to `parsed` ensures that the AST to which `node` belongs is still
+        // alive and not moved.
+        unsafe { self.node.as_ref() }
+    }
+}
+
+impl<T> Deref for AstNodeRef<T> {
+    type Target = T;
+
+    fn deref(&self) -> &Self::Target {
+        self.node()
+    }
+}
+
+impl<T> std::fmt::Debug for AstNodeRef<T>
+where
+    T: std::fmt::Debug,
+{
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.debug_tuple("AstNodeRef").field(&self.node()).finish()
+    }
+}
+
+impl<T> PartialEq for AstNodeRef<T>
+where
+    T: PartialEq,
+{
+    fn eq(&self, other: &Self) -> bool {
+        self.node().eq(other.node())
+    }
+}
+
+impl<T> Eq for AstNodeRef<T> where T: Eq {}
+
+impl<T> Hash for AstNodeRef<T>
+where
+    T: Hash,
+{
+    fn hash<H: std::hash::Hasher>(&self, state: &mut H) {
+        self.node().hash(state);
+    }
+}
+
+#[allow(unsafe_code)]
+unsafe impl<T> Send for AstNodeRef<T> where T: Send {}
+#[allow(unsafe_code)]
+unsafe impl<T> Sync for AstNodeRef<T> where T: Sync {}
+
+#[cfg(test)]
+mod tests {
+    use crate::ast_node_ref::AstNodeRef;
+    use ruff_db::parsed::ParsedModule;
+    use ruff_python_ast::PySourceType;
+    use ruff_python_parser::parse_unchecked_source;
+
+    #[test]
+    #[allow(unsafe_code)]
+    fn equality() {
+        let parsed_raw = parse_unchecked_source("1 + 2", PySourceType::Python);
+        let parsed = ParsedModule::new(parsed_raw.clone());
+
+        let stmt = &parsed.syntax().body[0];
+
+        let node1 = unsafe { AstNodeRef::new(parsed.clone(), stmt) };
+        let node2 = unsafe { AstNodeRef::new(parsed.clone(), stmt) };
+
+        assert_eq!(node1, node2);
+
+        // Compare from different trees
+        let cloned = ParsedModule::new(parsed_raw);
+        let stmt_cloned = &cloned.syntax().body[0];
+        let cloned_node = unsafe { AstNodeRef::new(cloned.clone(), stmt_cloned) };
+
+        assert_eq!(node1, cloned_node);
+
+        let other_raw = parse_unchecked_source("2 + 2", PySourceType::Python);
+        let other = ParsedModule::new(other_raw);
+
+        let other_stmt = &other.syntax().body[0];
+        let other_node = unsafe { AstNodeRef::new(other.clone(), other_stmt) };
+
+        assert_ne!(node1, other_node);
+    }
+
+    #[allow(unsafe_code)]
+    #[test]
+    fn inequality() {
+        let parsed_raw = parse_unchecked_source("1 + 2", PySourceType::Python);
+        let parsed = ParsedModule::new(parsed_raw.clone());
+
+        let stmt = &parsed.syntax().body[0];
+        let node = unsafe { AstNodeRef::new(parsed.clone(), stmt) };
+
+        let other_raw = parse_unchecked_source("2 + 2", PySourceType::Python);
+        let other = ParsedModule::new(other_raw);
+
+        let other_stmt = &other.syntax().body[0];
+        let other_node = unsafe { AstNodeRef::new(other.clone(), other_stmt) };
+
+        assert_ne!(node, other_node);
+    }
+
+    #[test]
+    #[allow(unsafe_code)]
+    fn debug() {
+        let parsed_raw = parse_unchecked_source("1 + 2", PySourceType::Python);
+        let parsed = ParsedModule::new(parsed_raw.clone());
+
+        let stmt = &parsed.syntax().body[0];
+
+        let stmt_node = unsafe { AstNodeRef::new(parsed.clone(), stmt) };
+
+        let debug = format!("{stmt_node:?}");
+
+        assert_eq!(debug, format!("AstNodeRef({stmt:?})"));
+    }
+}
--- a/crates/red_knot_python_semantic/src/builtins.rs
+++ b/crates/red_knot_python_semantic/src/builtins.rs
@@ -0,0 +1,16 @@
+use crate::module_name::ModuleName;
+use crate::module_resolver::resolve_module;
+use crate::semantic_index::global_scope;
+use crate::semantic_index::symbol::ScopeId;
+use crate::Db;
+
+/// Salsa query to get the builtins scope.
+///
+/// Can return None if a custom typeshed is used that is missing `builtins.pyi`.
+#[salsa::tracked]
+pub(crate) fn builtins_scope(db: &dyn Db) -> Option<ScopeId<'_>> {
+    let builtins_name =
+        ModuleName::new_static("builtins").expect("Expected 'builtins' to be a valid module name");
+    let builtins_file = resolve_module(db, builtins_name)?.file();
+    Some(global_scope(db, builtins_file))
+}
--- a/crates/red_knot_python_semantic/src/db.rs
+++ b/crates/red_knot_python_semantic/src/db.rs
@@ -0,0 +1,105 @@
+use ruff_db::{Db as SourceDb, Upcast};
+
+/// Database giving access to semantic information about a Python program.
+#[salsa::db]
+pub trait Db: SourceDb + Upcast<dyn SourceDb> {}
+
+#[cfg(test)]
+pub(crate) mod tests {
+    use std::sync::Arc;
+
+    use crate::module_resolver::vendored_typeshed_stubs;
+    use ruff_db::files::Files;
+    use ruff_db::system::{DbWithTestSystem, System, TestSystem};
+    use ruff_db::vendored::VendoredFileSystem;
+    use ruff_db::{Db as SourceDb, Upcast};
+
+    use super::Db;
+
+    #[salsa::db]
+    pub(crate) struct TestDb {
+        storage: salsa::Storage<Self>,
+        files: Files,
+        system: TestSystem,
+        vendored: VendoredFileSystem,
+        events: std::sync::Arc<std::sync::Mutex<Vec<salsa::Event>>>,
+    }
+
+    impl TestDb {
+        pub(crate) fn new() -> Self {
+            Self {
+                storage: salsa::Storage::default(),
+                system: TestSystem::default(),
+                vendored: vendored_typeshed_stubs().clone(),
+                events: std::sync::Arc::default(),
+                files: Files::default(),
+            }
+        }
+
+        /// Takes the salsa events.
+        ///
+        /// ## Panics
+        /// If there are any pending salsa snapshots.
+        pub(crate) fn take_salsa_events(&mut self) -> Vec<salsa::Event> {
+            let inner = Arc::get_mut(&mut self.events).expect("no pending salsa snapshots");
+
+            let events = inner.get_mut().unwrap();
+            std::mem::take(&mut *events)
+        }
+
+        /// Clears the salsa events.
+        ///
+        /// ## Panics
+        /// If there are any pending salsa snapshots.
+        pub(crate) fn clear_salsa_events(&mut self) {
+            self.take_salsa_events();
+        }
+    }
+
+    impl DbWithTestSystem for TestDb {
+        fn test_system(&self) -> &TestSystem {
+            &self.system
+        }
+
+        fn test_system_mut(&mut self) -> &mut TestSystem {
+            &mut self.system
+        }
+    }
+
+    #[salsa::db]
+    impl SourceDb for TestDb {
+        fn vendored(&self) -> &VendoredFileSystem {
+            &self.vendored
+        }
+
+        fn system(&self) -> &dyn System {
+            &self.system
+        }
+
+        fn files(&self) -> &Files {
+            &self.files
+        }
+    }
+
+    impl Upcast<dyn SourceDb> for TestDb {
+        fn upcast(&self) -> &(dyn SourceDb + 'static) {
+            self
+        }
+        fn upcast_mut(&mut self) -> &mut (dyn SourceDb + 'static) {
+            self
+        }
+    }
+
+    #[salsa::db]
+    impl Db for TestDb {}
+
+    #[salsa::db]
+    impl salsa::Database for TestDb {
+        fn salsa_event(&self, event: &dyn Fn() -> salsa::Event) {
+            let event = event();
+            tracing::trace!("event: {event:?}");
+            let mut events = self.events.lock().unwrap();
+            events.push(event);
+        }
+    }
+}
--- a/crates/red_knot_python_semantic/src/lib.rs
+++ b/crates/red_knot_python_semantic/src/lib.rs
@@ -0,0 +1,24 @@
+use std::hash::BuildHasherDefault;
+
+use rustc_hash::FxHasher;
+
+pub use db::Db;
+pub use module_name::ModuleName;
+pub use module_resolver::{resolve_module, system_module_search_paths, vendored_typeshed_stubs};
+pub use program::{Program, ProgramSettings, SearchPathSettings};
+pub use python_version::PythonVersion;
+pub use semantic_model::{HasTy, SemanticModel};
+
+pub mod ast_node_ref;
+mod builtins;
+mod db;
+mod module_name;
+mod module_resolver;
+mod node_key;
+mod program;
+mod python_version;
+pub mod semantic_index;
+mod semantic_model;
+pub mod types;
+
+type FxOrderSet<V> = ordermap::set::OrderSet<V, BuildHasherDefault<FxHasher>>;
--- a/crates/red_knot_python_semantic/src/module_name.rs
+++ b/crates/red_knot_python_semantic/src/module_name.rs
@@ -0,0 +1,198 @@
+use std::fmt;
+use std::ops::Deref;
+
+use compact_str::{CompactString, ToCompactString};
+
+use ruff_python_stdlib::identifiers::is_identifier;
+
+/// A module name, e.g. `foo.bar`.
+///
+/// Always normalized to the absolute form (never a relative module name, i.e., never `.foo`).
+#[derive(Clone, Debug, Eq, PartialEq, Hash, PartialOrd, Ord)]
+pub struct ModuleName(compact_str::CompactString);
+
+impl ModuleName {
+    /// Creates a new module name for `name`. Returns `Some` if `name` is a valid, absolute
+    /// module name and `None` otherwise.
+    ///
+    /// The module name is invalid if:
+    ///
+    /// * The name is empty
+    /// * The name is relative
+    /// * The name ends with a `.`
+    /// * The name contains a sequence of multiple dots
+    /// * A component of a name (the part between two dots) isn't a valid python identifier.
+    #[inline]
+    #[must_use]
+    pub fn new(name: &str) -> Option<Self> {
+        Self::is_valid_name(name).then(|| Self(CompactString::from(name)))
+    }
+
+    /// Creates a new module name for `name` where `name` is a static string.
+    /// Returns `Some` if `name` is a valid, absolute module name and `None` otherwise.
+    ///
+    /// The module name is invalid if:
+    ///
+    /// * The name is empty
+    /// * The name is relative
+    /// * The name ends with a `.`
+    /// * The name contains a sequence of multiple dots
+    /// * A component of a name (the part between two dots) isn't a valid python identifier.
+    ///
+    /// ## Examples
+    ///
+    /// ```
+    /// use red_knot_python_semantic::ModuleName;
+    ///
+    /// assert_eq!(ModuleName::new_static("foo.bar").as_deref(), Some("foo.bar"));
+    /// assert_eq!(ModuleName::new_static(""), None);
+    /// assert_eq!(ModuleName::new_static("..foo"), None);
+    /// assert_eq!(ModuleName::new_static(".foo"), None);
+    /// assert_eq!(ModuleName::new_static("foo."), None);
+    /// assert_eq!(ModuleName::new_static("foo..bar"), None);
+    /// assert_eq!(ModuleName::new_static("2000"), None);
+    /// ```
+    #[inline]
+    #[must_use]
+    pub fn new_static(name: &'static str) -> Option<Self> {
+        Self::is_valid_name(name).then(|| Self(CompactString::const_new(name)))
+    }
+
+    #[must_use]
+    fn is_valid_name(name: &str) -> bool {
+        !name.is_empty() && name.split('.').all(is_identifier)
+    }
+
+    /// An iterator over the components of the module name:
+    ///
+    /// # Examples
+    ///
+    /// ```
+    /// use red_knot_python_semantic::ModuleName;
+    ///
+    /// assert_eq!(ModuleName::new_static("foo.bar.baz").unwrap().components().collect::<Vec<_>>(), vec!["foo", "bar", "baz"]);
+    /// ```
+    #[must_use]
+    pub fn components(&self) -> impl DoubleEndedIterator<Item = &str> {
+        self.0.split('.')
+    }
+
+    /// The name of this module's immediate parent, if it has a parent.
+    ///
+    /// # Examples
+    ///
+    /// ```
+    /// use red_knot_python_semantic::ModuleName;
+    ///
+    /// assert_eq!(ModuleName::new_static("foo.bar").unwrap().parent(), Some(ModuleName::new_static("foo").unwrap()));
+    /// assert_eq!(ModuleName::new_static("foo.bar.baz").unwrap().parent(), Some(ModuleName::new_static("foo.bar").unwrap()));
+    /// assert_eq!(ModuleName::new_static("root").unwrap().parent(), None);
+    /// ```
+    #[must_use]
+    pub fn parent(&self) -> Option<ModuleName> {
+        let (parent, _) = self.0.rsplit_once('.')?;
+        Some(Self(parent.to_compact_string()))
+    }
+
+    /// Returns `true` if the name starts with `other`.
+    ///
+    /// This is equivalent to checking if `self` is a sub-module of `other`.
+    ///
+    /// # Examples
+    ///
+    /// ```
+    /// use red_knot_python_semantic::ModuleName;
+    ///
+    /// assert!(ModuleName::new_static("foo.bar").unwrap().starts_with(&ModuleName::new_static("foo").unwrap()));
+    ///
+    /// assert!(!ModuleName::new_static("foo.bar").unwrap().starts_with(&ModuleName::new_static("bar").unwrap()));
+    /// assert!(!ModuleName::new_static("foo_bar").unwrap().starts_with(&ModuleName::new_static("foo").unwrap()));
+    /// ```
+    #[must_use]
+    pub fn starts_with(&self, other: &ModuleName) -> bool {
+        let mut self_components = self.components();
+        let other_components = other.components();
+
+        for other_component in other_components {
+            if self_components.next() != Some(other_component) {
+                return false;
+            }
+        }
+
+        true
+    }
+
+    #[must_use]
+    #[inline]
+    pub fn as_str(&self) -> &str {
+        &self.0
+    }
+
+    /// Construct a [`ModuleName`] from a sequence of parts.
+    ///
+    /// # Examples
+    ///
+    /// ```
+    /// use red_knot_python_semantic::ModuleName;
+    ///
+    /// assert_eq!(&*ModuleName::from_components(["a"]).unwrap(), "a");
+    /// assert_eq!(&*ModuleName::from_components(["a", "b"]).unwrap(), "a.b");
+    /// assert_eq!(&*ModuleName::from_components(["a", "b", "c"]).unwrap(), "a.b.c");
+    ///
+    /// assert_eq!(ModuleName::from_components(["a-b"]), None);
+    /// assert_eq!(ModuleName::from_components(["a", "a-b"]), None);
+    /// assert_eq!(ModuleName::from_components(["a", "b", "a-b-c"]), None);
+    /// ```
+    #[must_use]
+    pub fn from_components<'a>(components: impl IntoIterator<Item = &'a str>) -> Option<Self> {
+        let mut components = components.into_iter();
+        let first_part = components.next()?;
+        if !is_identifier(first_part) {
+            return None;
+        }
+        let name = if let Some(second_part) = components.next() {
+            if !is_identifier(second_part) {
+                return None;
+            }
+            let mut name = format!("{first_part}.{second_part}");
+            for part in components {
+                if !is_identifier(part) {
+                    return None;
+                }
+                name.push('.');
+                name.push_str(part);
+            }
+            CompactString::from(&name)
+        } else {
+            CompactString::from(first_part)
+        };
+        Some(Self(name))
+    }
+}
+
+impl Deref for ModuleName {
+    type Target = str;
+
+    #[inline]
+    fn deref(&self) -> &Self::Target {
+        self.as_str()
+    }
+}
+
+impl PartialEq<str> for ModuleName {
+    fn eq(&self, other: &str) -> bool {
+        self.as_str() == other
+    }
+}
+
+impl PartialEq<ModuleName> for str {
+    fn eq(&self, other: &ModuleName) -> bool {
+        self == other.as_str()
+    }
+}
+
+impl std::fmt::Display for ModuleName {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> std::fmt::Result {
+        f.write_str(&self.0)
+    }
+}
--- a/crates/red_knot_python_semantic/src/module_resolver/mod.rs
+++ b/crates/red_knot_python_semantic/src/module_resolver/mod.rs
@@ -0,0 +1,47 @@
+use std::iter::FusedIterator;
+
+pub(crate) use module::Module;
+pub use resolver::resolve_module;
+pub(crate) use resolver::SearchPaths;
+use ruff_db::system::SystemPath;
+pub use typeshed::vendored_typeshed_stubs;
+
+use crate::module_resolver::resolver::search_paths;
+use crate::Db;
+use resolver::SearchPathIterator;
+
+mod module;
+mod path;
+mod resolver;
+mod state;
+mod typeshed;
+
+#[cfg(test)]
+mod testing;
+
+/// Returns an iterator over all search paths pointing to a system path
+pub fn system_module_search_paths(db: &dyn Db) -> SystemModuleSearchPathsIter {
+    SystemModuleSearchPathsIter {
+        inner: search_paths(db),
+    }
+}
+
+pub struct SystemModuleSearchPathsIter<'db> {
+    inner: SearchPathIterator<'db>,
+}
+
+impl<'db> Iterator for SystemModuleSearchPathsIter<'db> {
+    type Item = &'db SystemPath;
+
+    fn next(&mut self) -> Option<Self::Item> {
+        loop {
+            let next = self.inner.next()?;
+
+            if let Some(system_path) = next.as_system_path() {
+                return Some(system_path);
+            }
+        }
+    }
+}
+
+impl FusedIterator for SystemModuleSearchPathsIter<'_> {}
--- a/crates/red_knot_python_semantic/src/module_resolver/module.rs
+++ b/crates/red_knot_python_semantic/src/module_resolver/module.rs
@@ -0,0 +1,79 @@
+use std::fmt::Formatter;
+use std::sync::Arc;
+
+use ruff_db::files::File;
+
+use super::path::SearchPath;
+use crate::module_name::ModuleName;
+
+/// Representation of a Python module.
+#[derive(Clone, PartialEq, Eq)]
+pub struct Module {
+    inner: Arc<ModuleInner>,
+}
+
+impl Module {
+    pub(crate) fn new(
+        name: ModuleName,
+        kind: ModuleKind,
+        search_path: SearchPath,
+        file: File,
+    ) -> Self {
+        Self {
+            inner: Arc::new(ModuleInner {
+                name,
+                kind,
+                search_path,
+                file,
+            }),
+        }
+    }
+
+    /// The absolute name of the module (e.g. `foo.bar`)
+    pub fn name(&self) -> &ModuleName {
+        &self.inner.name
+    }
+
+    /// The file to the source code that defines this module
+    pub fn file(&self) -> File {
+        self.inner.file
+    }
+
+    /// The search path from which the module was resolved.
+    pub(crate) fn search_path(&self) -> &SearchPath {
+        &self.inner.search_path
+    }
+
+    /// Determine whether this module is a single-file module or a package
+    pub fn kind(&self) -> ModuleKind {
+        self.inner.kind
+    }
+}
+
+impl std::fmt::Debug for Module {
+    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
+        f.debug_struct("Module")
+            .field("name", &self.name())
+            .field("kind", &self.kind())
+            .field("file", &self.file())
+            .field("search_path", &self.search_path())
+            .finish()
+    }
+}
+
+#[derive(PartialEq, Eq)]
+struct ModuleInner {
+    name: ModuleName,
+    kind: ModuleKind,
+    search_path: SearchPath,
+    file: File,
+}
+
+#[derive(Copy, Clone, Debug, Eq, PartialEq, Hash)]
+pub enum ModuleKind {
+    /// A single-file module (e.g. `foo.py` or `foo.pyi`)
+    Module,
+
+    /// A python package (`foo/__init__.py` or `foo/__init__.pyi`)
+    Package,
+}
--- a/crates/red_knot_python_semantic/src/module_resolver/path.rs
+++ b/crates/red_knot_python_semantic/src/module_resolver/path.rs
--- a/crates/red_knot_python_semantic/src/module_resolver/resolver.rs
+++ b/crates/red_knot_python_semantic/src/module_resolver/resolver.rs
--- a/crates/red_knot_python_semantic/src/module_resolver/state.rs
+++ b/crates/red_knot_python_semantic/src/module_resolver/state.rs
@@ -0,0 +1,25 @@
+use ruff_db::vendored::VendoredFileSystem;
+
+use super::typeshed::LazyTypeshedVersions;
+use crate::db::Db;
+use crate::python_version::PythonVersion;
+
+pub(crate) struct ResolverState<'db> {
+    pub(crate) db: &'db dyn Db,
+    pub(crate) typeshed_versions: LazyTypeshedVersions<'db>,
+    pub(crate) target_version: PythonVersion,
+}
+
+impl<'db> ResolverState<'db> {
+    pub(crate) fn new(db: &'db dyn Db, target_version: PythonVersion) -> Self {
+        Self {
+            db,
+            typeshed_versions: LazyTypeshedVersions::new(),
+            target_version,
+        }
+    }
+
+    pub(crate) fn vendored(&self) -> &VendoredFileSystem {
+        self.db.vendored()
+    }
+}
--- a/crates/red_knot_python_semantic/src/module_resolver/testing.rs
+++ b/crates/red_knot_python_semantic/src/module_resolver/testing.rs
@@ -0,0 +1,302 @@
+use ruff_db::system::{DbWithTestSystem, SystemPath, SystemPathBuf};
+use ruff_db::vendored::VendoredPathBuf;
+
+use crate::db::tests::TestDb;
+use crate::program::{Program, SearchPathSettings};
+use crate::python_version::PythonVersion;
+use crate::ProgramSettings;
+
+/// A test case for the module resolver.
+///
+/// You generally shouldn't construct instances of this struct directly;
+/// instead, use the [`TestCaseBuilder`].
+pub(crate) struct TestCase<T> {
+    pub(crate) db: TestDb,
+    pub(crate) src: SystemPathBuf,
+    pub(crate) stdlib: T,
+    // Most test cases only ever need a single `site-packages` directory,
+    // so this is a single directory instead of a `Vec` of directories,
+    // like it is in `ruff_db::Program`.
+    pub(crate) site_packages: SystemPathBuf,
+    pub(crate) target_version: PythonVersion,
+}
+
+/// A `(file_name, file_contents)` tuple
+pub(crate) type FileSpec = (&'static str, &'static str);
+
+/// Specification for a typeshed mock to be created as part of a test
+#[derive(Debug, Clone, Copy, Default)]
+pub(crate) struct MockedTypeshed {
+    /// The stdlib files to be created in the typeshed mock
+    pub(crate) stdlib_files: &'static [FileSpec],
+
+    /// The contents of the `stdlib/VERSIONS` file
+    /// to be created in the typeshed mock
+    pub(crate) versions: &'static str,
+}
+
+#[derive(Debug)]
+pub(crate) struct VendoredTypeshed;
+
+#[derive(Debug)]
+pub(crate) struct UnspecifiedTypeshed;
+
+/// A builder for a module-resolver test case.
+///
+/// The builder takes care of creating a [`TestDb`]
+/// instance, applying the module resolver settings,
+/// and creating mock directories for the stdlib, `site-packages`,
+/// first-party code, etc.
+///
+/// For simple tests that do not involve typeshed,
+/// test cases can be created as follows:
+///
+/// ```rs
+/// let test_case = TestCaseBuilder::new()
+///     .with_src_files(...)
+///     .build();
+///
+/// let test_case2 = TestCaseBuilder::new()
+///     .with_site_packages_files(...)
+///     .build();
+/// ```
+///
+/// Any tests can specify the target Python version that should be used
+/// in the module resolver settings:
+///
+/// ```rs
+/// let test_case = TestCaseBuilder::new()
+///     .with_src_files(...)
+///     .with_target_version(...)
+///     .build();
+/// ```
+///
+/// For tests checking that standard-library module resolution is working
+/// correctly, you should usually create a [`MockedTypeshed`] instance
+/// and pass it to the [`TestCaseBuilder::with_custom_typeshed`] method.
+/// If you need to check something that involves the vendored typeshed stubs
+/// we include as part of the binary, you can instead use the
+/// [`TestCaseBuilder::with_vendored_typeshed`] method.
+/// For either of these, you should almost always try to be explicit
+/// about the Python version you want to be specified in the module-resolver
+/// settings for the test:
+///
+/// ```rs
+/// const TYPESHED = MockedTypeshed { ... };
+///
+/// let test_case = resolver_test_case()
+///     .with_custom_typeshed(TYPESHED)
+///     .with_target_version(...)
+///     .build();
+///
+/// let test_case2 = resolver_test_case()
+///     .with_vendored_typeshed()
+///     .with_target_version(...)
+///     .build();
+/// ```
+///
+/// If you have not called one of those options, the `stdlib` field
+/// on the [`TestCase`] instance created from `.build()` will be set
+/// to `()`.
+pub(crate) struct TestCaseBuilder<T> {
+    typeshed_option: T,
+    target_version: PythonVersion,
+    first_party_files: Vec<FileSpec>,
+    site_packages_files: Vec<FileSpec>,
+}
+
+impl<T> TestCaseBuilder<T> {
+    /// Specify files to be created in the `src` mock directory
+    pub(crate) fn with_src_files(mut self, files: &[FileSpec]) -> Self {
+        self.first_party_files.extend(files.iter().copied());
+        self
+    }
+
+    /// Specify files to be created in the `site-packages` mock directory
+    pub(crate) fn with_site_packages_files(mut self, files: &[FileSpec]) -> Self {
+        self.site_packages_files.extend(files.iter().copied());
+        self
+    }
+
+    /// Specify the target Python version the module resolver should assume
+    pub(crate) fn with_target_version(mut self, target_version: PythonVersion) -> Self {
+        self.target_version = target_version;
+        self
+    }
+
+    fn write_mock_directory(
+        db: &mut TestDb,
+        location: impl AsRef<SystemPath>,
+        files: impl IntoIterator<Item = FileSpec>,
+    ) -> SystemPathBuf {
+        let root = location.as_ref().to_path_buf();
+        // Make sure to create the directory even if the list of files is empty:
+        db.memory_file_system().create_directory_all(&root).unwrap();
+        db.write_files(
+            files
+                .into_iter()
+                .map(|(relative_path, contents)| (root.join(relative_path), contents)),
+        )
+        .unwrap();
+        root
+    }
+}
+
+impl TestCaseBuilder<UnspecifiedTypeshed> {
+    pub(crate) fn new() -> TestCaseBuilder<UnspecifiedTypeshed> {
+        Self {
+            typeshed_option: UnspecifiedTypeshed,
+            target_version: PythonVersion::default(),
+            first_party_files: vec![],
+            site_packages_files: vec![],
+        }
+    }
+
+    /// Use the vendored stdlib stubs included in the Ruff binary for this test case
+    pub(crate) fn with_vendored_typeshed(self) -> TestCaseBuilder<VendoredTypeshed> {
+        let TestCaseBuilder {
+            typeshed_option: _,
+            target_version,
+            first_party_files,
+            site_packages_files,
+        } = self;
+        TestCaseBuilder {
+            typeshed_option: VendoredTypeshed,
+            target_version,
+            first_party_files,
+            site_packages_files,
+        }
+    }
+
+    /// Use a mock typeshed directory for this test case
+    pub(crate) fn with_custom_typeshed(
+        self,
+        typeshed: MockedTypeshed,
+    ) -> TestCaseBuilder<MockedTypeshed> {
+        let TestCaseBuilder {
+            typeshed_option: _,
+            target_version,
+            first_party_files,
+            site_packages_files,
+        } = self;
+        TestCaseBuilder {
+            typeshed_option: typeshed,
+            target_version,
+            first_party_files,
+            site_packages_files,
+        }
+    }
+
+    pub(crate) fn build(self) -> TestCase<()> {
+        let TestCase {
+            db,
+            src,
+            stdlib: _,
+            site_packages,
+            target_version,
+        } = self.with_custom_typeshed(MockedTypeshed::default()).build();
+        TestCase {
+            db,
+            src,
+            stdlib: (),
+            site_packages,
+            target_version,
+        }
+    }
+}
+
+impl TestCaseBuilder<MockedTypeshed> {
+    pub(crate) fn build(self) -> TestCase<SystemPathBuf> {
+        let TestCaseBuilder {
+            typeshed_option,
+            target_version,
+            first_party_files,
+            site_packages_files,
+        } = self;
+
+        let mut db = TestDb::new();
+
+        let site_packages =
+            Self::write_mock_directory(&mut db, "/site-packages", site_packages_files);
+        let src = Self::write_mock_directory(&mut db, "/src", first_party_files);
+        let typeshed = Self::build_typeshed_mock(&mut db, &typeshed_option);
+
+        Program::from_settings(
+            &db,
+            ProgramSettings {
+                target_version,
+                search_paths: SearchPathSettings {
+                    extra_paths: vec![],
+                    src_root: src.clone(),
+                    custom_typeshed: Some(typeshed.clone()),
+                    site_packages: vec![site_packages.clone()],
+                },
+            },
+        )
+        .expect("Valid program settings");
+
+        TestCase {
+            db,
+            src,
+            stdlib: typeshed.join("stdlib"),
+            site_packages,
+            target_version,
+        }
+    }
+
+    fn build_typeshed_mock(db: &mut TestDb, typeshed_to_build: &MockedTypeshed) -> SystemPathBuf {
+        let typeshed = SystemPathBuf::from("/typeshed");
+        let MockedTypeshed {
+            stdlib_files,
+            versions,
+        } = typeshed_to_build;
+        Self::write_mock_directory(
+            db,
+            typeshed.join("stdlib"),
+            stdlib_files
+                .iter()
+                .copied()
+                .chain(std::iter::once(("VERSIONS", *versions))),
+        );
+        typeshed
+    }
+}
+
+impl TestCaseBuilder<VendoredTypeshed> {
+    pub(crate) fn build(self) -> TestCase<VendoredPathBuf> {
+        let TestCaseBuilder {
+            typeshed_option: VendoredTypeshed,
+            target_version,
+            first_party_files,
+            site_packages_files,
+        } = self;
+
+        let mut db = TestDb::new();
+
+        let site_packages =
+            Self::write_mock_directory(&mut db, "/site-packages", site_packages_files);
+        let src = Self::write_mock_directory(&mut db, "/src", first_party_files);
+
+        Program::from_settings(
+            &db,
+            ProgramSettings {
+                target_version,
+                search_paths: SearchPathSettings {
+                    extra_paths: vec![],
+                    src_root: src.clone(),
+                    custom_typeshed: None,
+                    site_packages: vec![site_packages.clone()],
+                },
+            },
+        )
+        .expect("Valid search path settings");
+
+        TestCase {
+            db,
+            src,
+            stdlib: VendoredPathBuf::from("stdlib"),
+            site_packages,
+            target_version,
+        }
+    }
+}
--- a/crates/red_knot_python_semantic/src/module_resolver/typeshed/mod.rs
+++ b/crates/red_knot_python_semantic/src/module_resolver/typeshed/mod.rs
@@ -0,0 +1,8 @@
+pub use self::vendored::vendored_typeshed_stubs;
+pub(super) use self::versions::{
+    parse_typeshed_versions, LazyTypeshedVersions, TypeshedVersionsParseError,
+    TypeshedVersionsQueryResult,
+};
+
+mod vendored;
+mod versions;
--- a/crates/red_knot_python_semantic/src/module_resolver/typeshed/vendored.rs
+++ b/crates/red_knot_python_semantic/src/module_resolver/typeshed/vendored.rs
@@ -0,0 +1,99 @@
+use once_cell::sync::Lazy;
+
+use ruff_db::vendored::VendoredFileSystem;
+
+// The file path here is hardcoded in this crate's `build.rs` script.
+// Luckily this crate will fail to build if this file isn't available at build time.
+static TYPESHED_ZIP_BYTES: &[u8] = include_bytes!(concat!(env!("OUT_DIR"), "/zipped_typeshed.zip"));
+
+pub fn vendored_typeshed_stubs() -> &'static VendoredFileSystem {
+    static VENDORED_TYPESHED_STUBS: Lazy<VendoredFileSystem> =
+        Lazy::new(|| VendoredFileSystem::new_static(TYPESHED_ZIP_BYTES).unwrap());
+    &VENDORED_TYPESHED_STUBS
+}
+
+#[cfg(test)]
+mod tests {
+    use std::io::{self, Read};
+    use std::path::Path;
+
+    use ruff_db::vendored::VendoredPath;
+
+    use super::*;
+
+    #[test]
+    fn typeshed_zip_created_at_build_time() {
+        let mut typeshed_zip_archive =
+            zip::ZipArchive::new(io::Cursor::new(TYPESHED_ZIP_BYTES)).unwrap();
+
+        let mut functools_module_stub = typeshed_zip_archive
+            .by_name("stdlib/functools.pyi")
+            .unwrap();
+        assert!(functools_module_stub.is_file());
+
+        let mut functools_module_stub_source = String::new();
+        functools_module_stub
+            .read_to_string(&mut functools_module_stub_source)
+            .unwrap();
+
+        assert!(functools_module_stub_source.contains("def update_wrapper("));
+    }
+
+    #[test]
+    fn typeshed_vfs_consistent_with_vendored_stubs() {
+        let vendored_typeshed_dir = Path::new("vendor/typeshed").canonicalize().unwrap();
+        let vendored_typeshed_stubs = vendored_typeshed_stubs();
+
+        let mut empty_iterator = true;
+        for entry in walkdir::WalkDir::new(&vendored_typeshed_dir).min_depth(1) {
+            empty_iterator = false;
+            let entry = entry.unwrap();
+            let absolute_path = entry.path();
+            let file_type = entry.file_type();
+
+            let relative_path = absolute_path
+                .strip_prefix(&vendored_typeshed_dir)
+                .unwrap_or_else(|_| {
+                    panic!("Expected {absolute_path:?} to be a child of {vendored_typeshed_dir:?}")
+                });
+
+            let vendored_path = <&VendoredPath>::try_from(relative_path)
+                .unwrap_or_else(|_| panic!("Expected {relative_path:?} to be valid UTF-8"));
+
+            assert!(
+                vendored_typeshed_stubs.exists(vendored_path),
+                "Expected {vendored_path:?} to exist in the `VendoredFileSystem`!
+
+                Vendored file system:
+
+                {vendored_typeshed_stubs:#?}
+                "
+            );
+
+            let vendored_path_kind = vendored_typeshed_stubs
+                .metadata(vendored_path)
+                .unwrap_or_else(|_| {
+                    panic!(
+                        "Expected metadata for {vendored_path:?} to be retrievable from the `VendoredFileSystem!
+
+                        Vendored file system:
+
+                        {vendored_typeshed_stubs:#?}
+                        "
+                    )
+                })
+                .kind();
+
+            assert_eq!(
+                vendored_path_kind.is_directory(),
+                file_type.is_dir(),
+                "{vendored_path:?} had type {vendored_path_kind:?}, inconsistent with fs path {relative_path:?}: {file_type:?}"
+            );
+        }
+
+        assert!(
+            !empty_iterator,
+            "Expected there to be at least one file or directory in the vendored typeshed stubs!"
+        );
+    }
+}
--- a/crates/red_knot_python_semantic/src/module_resolver/typeshed/versions.rs
+++ b/crates/red_knot_python_semantic/src/module_resolver/typeshed/versions.rs
@@ -0,0 +1,766 @@
+use std::cell::OnceCell;
+use std::collections::BTreeMap;
+use std::fmt;
+use std::num::{NonZeroU16, NonZeroUsize};
+use std::ops::{RangeFrom, RangeInclusive};
+use std::str::FromStr;
+
+use once_cell::sync::Lazy;
+use ruff_db::system::SystemPath;
+use rustc_hash::FxHashMap;
+
+use ruff_db::files::{system_path_to_file, File};
+
+use super::vendored::vendored_typeshed_stubs;
+use crate::db::Db;
+use crate::module_name::ModuleName;
+use crate::python_version::PythonVersion;
+
+#[derive(Debug)]
+pub(crate) struct LazyTypeshedVersions<'db>(OnceCell<&'db TypeshedVersions>);
+
+impl<'db> LazyTypeshedVersions<'db> {
+    #[must_use]
+    pub(crate) fn new() -> Self {
+        Self(OnceCell::new())
+    }
+
+    /// Query whether a module exists at runtime in the stdlib on a certain Python version.
+    ///
+    /// Simply probing whether a file exists in typeshed is insufficient for this question,
+    /// as a module in the stdlib may have been added in Python 3.10, but the typeshed stub
+    /// will still be available (either in a custom typeshed dir or in our vendored copy)
+    /// even if the user specified Python 3.8 as the target version.
+    ///
+    /// For top-level modules and packages, the VERSIONS file can always provide an unambiguous answer
+    /// as to whether the module exists on the specified target version. However, VERSIONS does not
+    /// provide comprehensive information on all submodules, meaning that this method sometimes
+    /// returns [`TypeshedVersionsQueryResult::MaybeExists`].
+    /// See [`TypeshedVersionsQueryResult`] for more details.
+    #[must_use]
+    pub(crate) fn query_module(
+        &self,
+        db: &'db dyn Db,
+        module: &ModuleName,
+        stdlib_root: Option<&SystemPath>,
+        target_version: PythonVersion,
+    ) -> TypeshedVersionsQueryResult {
+        let versions = self.0.get_or_init(|| {
+            let versions_path = if let Some(system_path) = stdlib_root {
+                system_path.join("VERSIONS")
+            } else {
+                return &VENDORED_VERSIONS;
+            };
+            let Ok(versions_file) = system_path_to_file(db.upcast(), &versions_path) else {
+                todo!(
+                    "Still need to figure out how to handle VERSIONS files being deleted \
+                    from custom typeshed directories! Expected a file to exist at {versions_path}"
+                )
+            };
+            // TODO(Alex/Micha): If VERSIONS is invalid,
+            // this should invalidate not just the specific module resolution we're currently attempting,
+            // but all type inference that depends on any standard-library types.
+            // Unwrapping here is not correct...
+            parse_typeshed_versions(db, versions_file).as_ref().unwrap()
+        });
+        versions.query_module(module, target_version)
+    }
+}
+
+#[salsa::tracked(return_ref)]
+pub(crate) fn parse_typeshed_versions(
+    db: &dyn Db,
+    versions_file: File,
+) -> Result<TypeshedVersions, TypeshedVersionsParseError> {
+    // TODO: Handle IO errors
+    let file_content = versions_file
+        .read_to_string(db.upcast())
+        .unwrap_or_default();
+    file_content.parse()
+}
+
+static VENDORED_VERSIONS: Lazy<TypeshedVersions> = Lazy::new(|| {
+    TypeshedVersions::from_str(
+        &vendored_typeshed_stubs()
+            .read_to_string("stdlib/VERSIONS")
+            .unwrap(),
+    )
+    .unwrap()
+});
+
+#[derive(Debug, PartialEq, Eq, Clone)]
+pub(crate) struct TypeshedVersionsParseError {
+    line_number: Option<NonZeroU16>,
+    reason: TypeshedVersionsParseErrorKind,
+}
+
+impl fmt::Display for TypeshedVersionsParseError {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        let TypeshedVersionsParseError {
+            line_number,
+            reason,
+        } = self;
+        if let Some(line_number) = line_number {
+            write!(
+                f,
+                "Error while parsing line {line_number} of typeshed's VERSIONS file: {reason}"
+            )
+        } else {
+            write!(f, "Error while parsing typeshed's VERSIONS file: {reason}")
+        }
+    }
+}
+
+impl std::error::Error for TypeshedVersionsParseError {
+    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
+        if let TypeshedVersionsParseErrorKind::IntegerParsingFailure { err, .. } = &self.reason {
+            Some(err)
+        } else {
+            None
+        }
+    }
+}
+
+#[derive(Debug, PartialEq, Eq, Clone)]
+pub(super) enum TypeshedVersionsParseErrorKind {
+    TooManyLines(NonZeroUsize),
+    UnexpectedNumberOfColons,
+    InvalidModuleName(String),
+    UnexpectedNumberOfHyphens,
+    UnexpectedNumberOfPeriods(String),
+    IntegerParsingFailure {
+        version: String,
+        err: std::num::ParseIntError,
+    },
+}
+
+impl fmt::Display for TypeshedVersionsParseErrorKind {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        match self {
+            Self::TooManyLines(num_lines) => write!(
+                f,
+                "File has too many lines ({num_lines}); maximum allowed is {}",
+                NonZeroU16::MAX
+            ),
+            Self::UnexpectedNumberOfColons => {
+                f.write_str("Expected every non-comment line to have exactly one colon")
+            }
+            Self::InvalidModuleName(name) => write!(
+                f,
+                "Expected all components of '{name}' to be valid Python identifiers"
+            ),
+            Self::UnexpectedNumberOfHyphens => {
+                f.write_str("Expected every non-comment line to have exactly one '-' character")
+            }
+            Self::UnexpectedNumberOfPeriods(format) => write!(
+                f,
+                "Expected all versions to be in the form {{MAJOR}}.{{MINOR}}; got '{format}'"
+            ),
+            Self::IntegerParsingFailure { version, err } => write!(
+                f,
+                "Failed to convert '{version}' to a pair of integers due to {err}",
+            ),
+        }
+    }
+}
+
+#[derive(Debug, PartialEq, Eq)]
+pub(crate) struct TypeshedVersions(FxHashMap<ModuleName, PyVersionRange>);
+
+impl TypeshedVersions {
+    #[must_use]
+    fn exact(&self, module_name: &ModuleName) -> Option<&PyVersionRange> {
+        self.0.get(module_name)
+    }
+
+    #[must_use]
+    fn query_module(
+        &self,
+        module: &ModuleName,
+        target_version: PythonVersion,
+    ) -> TypeshedVersionsQueryResult {
+        if let Some(range) = self.exact(module) {
+            if range.contains(target_version) {
+                TypeshedVersionsQueryResult::Exists
+            } else {
+                TypeshedVersionsQueryResult::DoesNotExist
+            }
+        } else {
+            let mut module = module.parent();
+            while let Some(module_to_try) = module {
+                if let Some(range) = self.exact(&module_to_try) {
+                    return {
+                        if range.contains(target_version) {
+                            TypeshedVersionsQueryResult::MaybeExists
+                        } else {
+                            TypeshedVersionsQueryResult::DoesNotExist
+                        }
+                    };
+                }
+                module = module_to_try.parent();
+            }
+            TypeshedVersionsQueryResult::DoesNotExist
+        }
+    }
+}
+
+/// Possible answers [`LazyTypeshedVersions::query_module()`] could give to the question:
+/// "Does this module exist in the stdlib at runtime on a certain target version?"
+#[derive(Debug, Copy, PartialEq, Eq, Clone, Hash)]
+pub(crate) enum TypeshedVersionsQueryResult {
+    /// The module definitely exists in the stdlib at runtime on the user-specified target version.
+    ///
+    /// For example:
+    /// - The target version is Python 3.8
+    /// - We're querying whether the `asyncio.tasks` module exists in the stdlib
+    /// - The VERSIONS file contains the line `asyncio.tasks: 3.8-`
+    Exists,
+
+    /// The module definitely does not exist in the stdlib on the user-specified target version.
+    ///
+    /// For example:
+    /// - We're querying whether the `foo` module exists in the stdlib
+    /// - There is no top-level `foo` module in VERSIONS
+    ///
+    /// OR:
+    /// - The target version is Python 3.8
+    /// - We're querying whether the module `importlib.abc` exists in the stdlib
+    /// - The VERSIONS file contains the line `importlib.abc: 3.10-`,
+    ///   indicating that the module was added in 3.10
+    ///
+    /// OR:
+    /// - The target version is Python 3.8
+    /// - We're querying whether the module `collections.abc` exists in the stdlib
+    /// - The VERSIONS file does not contain any information about the `collections.abc` submodule,
+    ///   but *does* contain the line `collections: 3.10-`,
+    ///   indicating that the entire `collections` package was added in Python 3.10.
+    DoesNotExist,
+
+    /// The module potentially exists in the stdlib and, if it does,
+    /// it definitely exists on the user-specified target version.
+    ///
+    /// This variant is only relevant for submodules,
+    /// for which the typeshed VERSIONS file does not provide comprehensive information.
+    /// (The VERSIONS file is guaranteed to provide information about all top-level stdlib modules and packages,
+    /// but not necessarily about all submodules within each top-level package.)
+    ///
+    /// For example:
+    /// - The target version is Python 3.8
+    /// - We're querying whether the `asyncio.staggered` module exists in the stdlib
+    /// - The typeshed VERSIONS file contains the line `asyncio: 3.8`,
+    ///   indicating that the `asyncio` package was added in Python 3.8,
+    ///   but does not contain any explicit information about the `asyncio.staggered` submodule.
+    MaybeExists,
+}
+
+impl FromStr for TypeshedVersions {
+    type Err = TypeshedVersionsParseError;
+
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        let mut map = FxHashMap::default();
+
+        for (line_index, line) in s.lines().enumerate() {
+            // humans expect line numbers to be 1-indexed
+            let line_number = NonZeroUsize::new(line_index.saturating_add(1)).unwrap();
+
+            let Ok(line_number) = NonZeroU16::try_from(line_number) else {
+                return Err(TypeshedVersionsParseError {
+                    line_number: None,
+                    reason: TypeshedVersionsParseErrorKind::TooManyLines(line_number),
+                });
+            };
+
+            let Some(content) = line.split('#').map(str::trim).next() else {
+                continue;
+            };
+            if content.is_empty() {
+                continue;
+            }
+
+            let mut parts = content.split(':').map(str::trim);
+            let (Some(module_name), Some(rest), None) = (parts.next(), parts.next(), parts.next())
+            else {
+                return Err(TypeshedVersionsParseError {
+                    line_number: Some(line_number),
+                    reason: TypeshedVersionsParseErrorKind::UnexpectedNumberOfColons,
+                });
+            };
+
+            let Some(module_name) = ModuleName::new(module_name) else {
+                return Err(TypeshedVersionsParseError {
+                    line_number: Some(line_number),
+                    reason: TypeshedVersionsParseErrorKind::InvalidModuleName(
+                        module_name.to_string(),
+                    ),
+                });
+            };
+
+            match PyVersionRange::from_str(rest) {
+                Ok(version) => map.insert(module_name, version),
+                Err(reason) => {
+                    return Err(TypeshedVersionsParseError {
+                        line_number: Some(line_number),
+                        reason,
+                    })
+                }
+            };
+        }
+
+        Ok(Self(map))
+    }
+}
+
+impl fmt::Display for TypeshedVersions {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        let sorted_items: BTreeMap<&ModuleName, &PyVersionRange> = self.0.iter().collect();
+        for (module_name, range) in sorted_items {
+            writeln!(f, "{module_name}: {range}")?;
+        }
+        Ok(())
+    }
+}
+
+#[derive(Debug, Clone, Eq, PartialEq, Hash)]
+enum PyVersionRange {
+    AvailableFrom(RangeFrom<PythonVersion>),
+    AvailableWithin(RangeInclusive<PythonVersion>),
+}
+
+impl PyVersionRange {
+    #[must_use]
+    fn contains(&self, version: PythonVersion) -> bool {
+        match self {
+            Self::AvailableFrom(inner) => inner.contains(&version),
+            Self::AvailableWithin(inner) => inner.contains(&version),
+        }
+    }
+}
+
+impl FromStr for PyVersionRange {
+    type Err = TypeshedVersionsParseErrorKind;
+
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        let mut parts = s.split('-').map(str::trim);
+        match (parts.next(), parts.next(), parts.next()) {
+            (Some(lower), Some(""), None) => {
+                let lower = PythonVersion::from_versions_file_string(lower)?;
+                Ok(Self::AvailableFrom(lower..))
+            }
+            (Some(lower), Some(upper), None) => {
+                let lower = PythonVersion::from_versions_file_string(lower)?;
+                let upper = PythonVersion::from_versions_file_string(upper)?;
+                Ok(Self::AvailableWithin(lower..=upper))
+            }
+            _ => Err(TypeshedVersionsParseErrorKind::UnexpectedNumberOfHyphens),
+        }
+    }
+}
+
+impl fmt::Display for PyVersionRange {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        match self {
+            Self::AvailableFrom(range_from) => write!(f, "{}-", range_from.start),
+            Self::AvailableWithin(range_inclusive) => {
+                write!(f, "{}-{}", range_inclusive.start(), range_inclusive.end())
+            }
+        }
+    }
+}
+
+impl PythonVersion {
+    fn from_versions_file_string(s: &str) -> Result<Self, TypeshedVersionsParseErrorKind> {
+        let mut parts = s.split('.').map(str::trim);
+        let (Some(major), Some(minor), None) = (parts.next(), parts.next(), parts.next()) else {
+            return Err(TypeshedVersionsParseErrorKind::UnexpectedNumberOfPeriods(
+                s.to_string(),
+            ));
+        };
+        PythonVersion::try_from((major, minor)).map_err(|int_parse_error| {
+            TypeshedVersionsParseErrorKind::IntegerParsingFailure {
+                version: s.to_string(),
+                err: int_parse_error,
+            }
+        })
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use std::num::{IntErrorKind, NonZeroU16};
+    use std::path::Path;
+
+    use insta::assert_snapshot;
+
+    use super::*;
+
+    const TYPESHED_STDLIB_DIR: &str = "stdlib";
+
+    #[allow(unsafe_code)]
+    const ONE: Option<NonZeroU16> = Some(unsafe { NonZeroU16::new_unchecked(1) });
+
+    impl TypeshedVersions {
+        #[must_use]
+        fn contains_exact(&self, module: &ModuleName) -> bool {
+            self.exact(module).is_some()
+        }
+
+        #[must_use]
+        fn len(&self) -> usize {
+            self.0.len()
+        }
+    }
+
+    #[test]
+    fn can_parse_vendored_versions_file() {
+        let versions_data = include_str!(concat!(
+            env!("CARGO_MANIFEST_DIR"),
+            "/vendor/typeshed/stdlib/VERSIONS"
+        ));
+
+        let versions = TypeshedVersions::from_str(versions_data).unwrap();
+        assert!(versions.len() > 100);
+        assert!(versions.len() < 1000);
+
+        let asyncio = ModuleName::new_static("asyncio").unwrap();
+        let asyncio_staggered = ModuleName::new_static("asyncio.staggered").unwrap();
+        let audioop = ModuleName::new_static("audioop").unwrap();
+
+        assert!(versions.contains_exact(&asyncio));
+        assert_eq!(
+            versions.query_module(&asyncio, PythonVersion::PY310),
+            TypeshedVersionsQueryResult::Exists
+        );
+
+        assert!(versions.contains_exact(&asyncio_staggered));
+        assert_eq!(
+            versions.query_module(&asyncio_staggered, PythonVersion::PY38),
+            TypeshedVersionsQueryResult::Exists
+        );
+        assert_eq!(
+            versions.query_module(&asyncio_staggered, PythonVersion::PY37),
+            TypeshedVersionsQueryResult::DoesNotExist
+        );
+
+        assert!(versions.contains_exact(&audioop));
+        assert_eq!(
+            versions.query_module(&audioop, PythonVersion::PY312),
+            TypeshedVersionsQueryResult::Exists
+        );
+        assert_eq!(
+            versions.query_module(&audioop, PythonVersion::PY313),
+            TypeshedVersionsQueryResult::DoesNotExist
+        );
+    }
+
+    #[test]
+    fn typeshed_versions_consistent_with_vendored_stubs() {
+        const VERSIONS_DATA: &str = include_str!("../../../vendor/typeshed/stdlib/VERSIONS");
+        let vendored_typeshed_dir = Path::new("vendor/typeshed").canonicalize().unwrap();
+        let vendored_typeshed_versions = TypeshedVersions::from_str(VERSIONS_DATA).unwrap();
+
+        let mut empty_iterator = true;
+
+        let stdlib_stubs_path = vendored_typeshed_dir.join(TYPESHED_STDLIB_DIR);
+
+        for entry in std::fs::read_dir(&stdlib_stubs_path).unwrap() {
+            empty_iterator = false;
+            let entry = entry.unwrap();
+            let absolute_path = entry.path();
+
+            let relative_path = absolute_path
+                .strip_prefix(&stdlib_stubs_path)
+                .unwrap_or_else(|_| panic!("Expected path to be a child of {stdlib_stubs_path:?} but found {absolute_path:?}"));
+
+            let relative_path_str = relative_path.as_os_str().to_str().unwrap_or_else(|| {
+                panic!("Expected all typeshed paths to be valid UTF-8; got {relative_path:?}")
+            });
+            if relative_path_str == "VERSIONS" {
+                continue;
+            }
+
+            let top_level_module = if let Some(extension) = relative_path.extension() {
+                // It was a file; strip off the file extension to get the module name:
+                let extension = extension
+                    .to_str()
+                    .unwrap_or_else(||panic!("Expected all file extensions to be UTF-8; was not true for {relative_path:?}"));
+
+                relative_path_str
+                    .strip_suffix(extension)
+                    .and_then(|string| string.strip_suffix('.')).unwrap_or_else(|| {
+                        panic!("Expected path {relative_path_str:?} to end with computed extension {extension:?}")
+                })
+            } else {
+                // It was a directory; no need to do anything to get the module name
+                relative_path_str
+            };
+
+            let top_level_module = ModuleName::new(top_level_module)
+                .unwrap_or_else(|| panic!("{top_level_module:?} was not a valid module name!"));
+
+            assert!(vendored_typeshed_versions.contains_exact(&top_level_module));
+        }
+
+        assert!(
+            !empty_iterator,
+            "Expected there to be at least one file or directory in the vendored typeshed stubs"
+        );
+    }
+
+    #[test]
+    fn can_parse_mock_versions_file() {
+        const VERSIONS: &str = "\
+# a comment
+    # some more comment
+# yet more comment
+
+
+# and some more comment
+
+bar: 2.7-3.10
+
+# more comment
+bar.baz: 3.1-3.9
+foo: 3.8-   # trailing comment
+";
+        let parsed_versions = TypeshedVersions::from_str(VERSIONS).unwrap();
+        assert_eq!(parsed_versions.len(), 3);
+        assert_snapshot!(parsed_versions.to_string(), @r###"
+        bar: 2.7-3.10
+        bar.baz: 3.1-3.9
+        foo: 3.8-
+        "###
+        );
+    }
+
+    #[test]
+    fn version_within_range_parsed_correctly() {
+        let parsed_versions = TypeshedVersions::from_str("bar: 2.7-3.10").unwrap();
+        let bar = ModuleName::new_static("bar").unwrap();
+
+        assert!(parsed_versions.contains_exact(&bar));
+        assert_eq!(
+            parsed_versions.query_module(&bar, PythonVersion::PY37),
+            TypeshedVersionsQueryResult::Exists
+        );
+        assert_eq!(
+            parsed_versions.query_module(&bar, PythonVersion::PY310),
+            TypeshedVersionsQueryResult::Exists
+        );
+        assert_eq!(
+            parsed_versions.query_module(&bar, PythonVersion::PY311),
+            TypeshedVersionsQueryResult::DoesNotExist
+        );
+    }
+
+    #[test]
+    fn version_from_range_parsed_correctly() {
+        let parsed_versions = TypeshedVersions::from_str("foo: 3.8-").unwrap();
+        let foo = ModuleName::new_static("foo").unwrap();
+
+        assert!(parsed_versions.contains_exact(&foo));
+        assert_eq!(
+            parsed_versions.query_module(&foo, PythonVersion::PY37),
+            TypeshedVersionsQueryResult::DoesNotExist
+        );
+        assert_eq!(
+            parsed_versions.query_module(&foo, PythonVersion::PY38),
+            TypeshedVersionsQueryResult::Exists
+        );
+        assert_eq!(
+            parsed_versions.query_module(&foo, PythonVersion::PY311),
+            TypeshedVersionsQueryResult::Exists
+        );
+    }
+
+    #[test]
+    fn explicit_submodule_parsed_correctly() {
+        let parsed_versions = TypeshedVersions::from_str("bar.baz: 3.1-3.9").unwrap();
+        let bar_baz = ModuleName::new_static("bar.baz").unwrap();
+
+        assert!(parsed_versions.contains_exact(&bar_baz));
+        assert_eq!(
+            parsed_versions.query_module(&bar_baz, PythonVersion::PY37),
+            TypeshedVersionsQueryResult::Exists
+        );
+        assert_eq!(
+            parsed_versions.query_module(&bar_baz, PythonVersion::PY39),
+            TypeshedVersionsQueryResult::Exists
+        );
+        assert_eq!(
+            parsed_versions.query_module(&bar_baz, PythonVersion::PY310),
+            TypeshedVersionsQueryResult::DoesNotExist
+        );
+    }
+
+    #[test]
+    fn implicit_submodule_queried_correctly() {
+        let parsed_versions = TypeshedVersions::from_str("bar: 2.7-3.10").unwrap();
+        let bar_eggs = ModuleName::new_static("bar.eggs").unwrap();
+
+        assert!(!parsed_versions.contains_exact(&bar_eggs));
+        assert_eq!(
+            parsed_versions.query_module(&bar_eggs, PythonVersion::PY37),
+            TypeshedVersionsQueryResult::MaybeExists
+        );
+        assert_eq!(
+            parsed_versions.query_module(&bar_eggs, PythonVersion::PY310),
+            TypeshedVersionsQueryResult::MaybeExists
+        );
+        assert_eq!(
+            parsed_versions.query_module(&bar_eggs, PythonVersion::PY311),
+            TypeshedVersionsQueryResult::DoesNotExist
+        );
+    }
+
+    #[test]
+    fn nonexistent_module_queried_correctly() {
+        let parsed_versions = TypeshedVersions::from_str("eggs: 3.8-").unwrap();
+        let spam = ModuleName::new_static("spam").unwrap();
+
+        assert!(!parsed_versions.contains_exact(&spam));
+        assert_eq!(
+            parsed_versions.query_module(&spam, PythonVersion::PY37),
+            TypeshedVersionsQueryResult::DoesNotExist
+        );
+        assert_eq!(
+            parsed_versions.query_module(&spam, PythonVersion::PY313),
+            TypeshedVersionsQueryResult::DoesNotExist
+        );
+    }
+
+    #[test]
+    fn invalid_huge_versions_file() {
+        let offset = 100;
+        let too_many = u16::MAX as usize + offset;
+
+        let mut massive_versions_file = String::new();
+        for i in 0..too_many {
+            massive_versions_file.push_str(&format!("x{i}: 3.8-\n"));
+        }
+
+        assert_eq!(
+            TypeshedVersions::from_str(&massive_versions_file),
+            Err(TypeshedVersionsParseError {
+                line_number: None,
+                reason: TypeshedVersionsParseErrorKind::TooManyLines(
+                    NonZeroUsize::new(too_many + 1 - offset).unwrap()
+                )
+            })
+        );
+    }
+
+    #[test]
+    fn invalid_typeshed_versions_bad_colon_number() {
+        assert_eq!(
+            TypeshedVersions::from_str("foo 3.7"),
+            Err(TypeshedVersionsParseError {
+                line_number: ONE,
+                reason: TypeshedVersionsParseErrorKind::UnexpectedNumberOfColons
+            })
+        );
+        assert_eq!(
+            TypeshedVersions::from_str("foo:: 3.7"),
+            Err(TypeshedVersionsParseError {
+                line_number: ONE,
+                reason: TypeshedVersionsParseErrorKind::UnexpectedNumberOfColons
+            })
+        );
+    }
+
+    #[test]
+    fn invalid_typeshed_versions_non_identifier_modules() {
+        assert_eq!(
+            TypeshedVersions::from_str("not!an!identifier!: 3.7"),
+            Err(TypeshedVersionsParseError {
+                line_number: ONE,
+                reason: TypeshedVersionsParseErrorKind::InvalidModuleName(
+                    "not!an!identifier!".to_string()
+                )
+            })
+        );
+        assert_eq!(
+            TypeshedVersions::from_str("(also_not).(an_identifier): 3.7"),
+            Err(TypeshedVersionsParseError {
+                line_number: ONE,
+                reason: TypeshedVersionsParseErrorKind::InvalidModuleName(
+                    "(also_not).(an_identifier)".to_string()
+                )
+            })
+        );
+    }
+
+    #[test]
+    fn invalid_typeshed_versions_bad_hyphen_number() {
+        assert_eq!(
+            TypeshedVersions::from_str("foo: 3.8"),
+            Err(TypeshedVersionsParseError {
+                line_number: ONE,
+                reason: TypeshedVersionsParseErrorKind::UnexpectedNumberOfHyphens
+            })
+        );
+        assert_eq!(
+            TypeshedVersions::from_str("foo: 3.8--"),
+            Err(TypeshedVersionsParseError {
+                line_number: ONE,
+                reason: TypeshedVersionsParseErrorKind::UnexpectedNumberOfHyphens
+            })
+        );
+        assert_eq!(
+            TypeshedVersions::from_str("foo: 3.8--3.9"),
+            Err(TypeshedVersionsParseError {
+                line_number: ONE,
+                reason: TypeshedVersionsParseErrorKind::UnexpectedNumberOfHyphens
+            })
+        );
+    }
+
+    #[test]
+    fn invalid_typeshed_versions_bad_period_number() {
+        assert_eq!(
+            TypeshedVersions::from_str("foo: 38-"),
+            Err(TypeshedVersionsParseError {
+                line_number: ONE,
+                reason: TypeshedVersionsParseErrorKind::UnexpectedNumberOfPeriods("38".to_string())
+            })
+        );
+        assert_eq!(
+            TypeshedVersions::from_str("foo: 3..8-"),
+            Err(TypeshedVersionsParseError {
+                line_number: ONE,
+                reason: TypeshedVersionsParseErrorKind::UnexpectedNumberOfPeriods(
+                    "3..8".to_string()
+                )
+            })
+        );
+        assert_eq!(
+            TypeshedVersions::from_str("foo: 3.8-3..11"),
+            Err(TypeshedVersionsParseError {
+                line_number: ONE,
+                reason: TypeshedVersionsParseErrorKind::UnexpectedNumberOfPeriods(
+                    "3..11".to_string()
+                )
+            })
+        );
+    }
+
+    #[test]
+    fn invalid_typeshed_versions_non_digits() {
+        let err = TypeshedVersions::from_str("foo: 1.two-").unwrap_err();
+        assert_eq!(err.line_number, ONE);
+        let TypeshedVersionsParseErrorKind::IntegerParsingFailure { version, err } = err.reason
+        else {
+            panic!()
+        };
+        assert_eq!(version, "1.two".to_string());
+        assert_eq!(*err.kind(), IntErrorKind::InvalidDigit);
+
+        let err = TypeshedVersions::from_str("foo: 3.8-four.9").unwrap_err();
+        assert_eq!(err.line_number, ONE);
+        let TypeshedVersionsParseErrorKind::IntegerParsingFailure { version, err } = err.reason
+        else {
+            panic!()
+        };
+        assert_eq!(version, "four.9".to_string());
+        assert_eq!(*err.kind(), IntErrorKind::InvalidDigit);
+    }
+}
--- a/crates/red_knot_python_semantic/src/node_key.rs
+++ b/crates/red_knot_python_semantic/src/node_key.rs
@@ -0,0 +1,24 @@
+use ruff_python_ast::{AnyNodeRef, NodeKind};
+use ruff_text_size::{Ranged, TextRange};
+
+/// Compact key for a node for use in a hash map.
+///
+/// Compares two nodes by their kind and text range.
+#[derive(Copy, Clone, Debug, Eq, PartialEq, Hash)]
+pub(super) struct NodeKey {
+    kind: NodeKind,
+    range: TextRange,
+}
+
+impl NodeKey {
+    pub(super) fn from_node<'a, N>(node: N) -> Self
+    where
+        N: Into<AnyNodeRef<'a>>,
+    {
+        let node = node.into();
+        NodeKey {
+            kind: node.kind(),
+            range: node.range(),
+        }
+    }
+}
--- a/crates/red_knot_python_semantic/src/program.rs
+++ b/crates/red_knot_python_semantic/src/program.rs
@@ -0,0 +1,78 @@
+use crate::python_version::PythonVersion;
+use anyhow::Context;
+use salsa::Durability;
+use salsa::Setter;
+
+use ruff_db::system::SystemPathBuf;
+
+use crate::module_resolver::SearchPaths;
+use crate::Db;
+
+#[salsa::input(singleton)]
+pub struct Program {
+    pub target_version: PythonVersion,
+
+    #[default]
+    #[return_ref]
+    pub(crate) search_paths: SearchPaths,
+}
+
+impl Program {
+    pub fn from_settings(db: &dyn Db, settings: ProgramSettings) -> anyhow::Result<Self> {
+        let ProgramSettings {
+            target_version,
+            search_paths,
+        } = settings;
+
+        tracing::info!("Target version: {target_version}");
+
+        let search_paths = SearchPaths::from_settings(db, search_paths)
+            .with_context(|| "Invalid search path settings")?;
+
+        Ok(Program::builder(settings.target_version)
+            .durability(Durability::HIGH)
+            .search_paths(search_paths)
+            .new(db))
+    }
+
+    pub fn update_search_paths(
+        &self,
+        db: &mut dyn Db,
+        search_path_settings: SearchPathSettings,
+    ) -> anyhow::Result<()> {
+        let search_paths = SearchPaths::from_settings(db, search_path_settings)?;
+
+        if self.search_paths(db) != &search_paths {
+            tracing::debug!("Update search paths");
+            self.set_search_paths(db).to(search_paths);
+        }
+
+        Ok(())
+    }
+}
+
+#[derive(Debug, Eq, PartialEq)]
+pub struct ProgramSettings {
+    pub target_version: PythonVersion,
+    pub search_paths: SearchPathSettings,
+}
+
+/// Configures the search paths for module resolution.
+#[derive(Eq, PartialEq, Debug, Clone, Default)]
+pub struct SearchPathSettings {
+    /// List of user-provided paths that should take first priority in the module resolution.
+    /// Examples in other type checkers are mypy's MYPYPATH environment variable,
+    /// or pyright's stubPath configuration setting.
+    pub extra_paths: Vec<SystemPathBuf>,
+
+    /// The root of the workspace, used for finding first-party modules.
+    pub src_root: SystemPathBuf,
+
+    /// Optional path to a "custom typeshed" directory on disk for us to use for standard-library types.
+    /// If this is not provided, we will fallback to our vendored typeshed stubs for the stdlib,
+    /// bundled as a zip file in the binary
+    pub custom_typeshed: Option<SystemPathBuf>,
+
+    /// The path to the user's `site-packages` directory, where third-party packages from ``PyPI`` are installed.
+    pub site_packages: Vec<SystemPathBuf>,
+}
--- a/crates/red_knot_python_semantic/src/python_version.rs
+++ b/crates/red_knot_python_semantic/src/python_version.rs
@@ -0,0 +1,62 @@
+use std::fmt;
+
+/// Representation of a Python version.
+///
+/// Unlike the `TargetVersion` enums in the CLI crates,
+/// this does not necessarily represent a Python version that we actually support.
+#[derive(Debug, Clone, Copy, Eq, PartialEq, Ord, PartialOrd, Hash)]
+pub struct PythonVersion {
+    pub major: u8,
+    pub minor: u8,
+}
+
+impl PythonVersion {
+    pub const PY37: PythonVersion = PythonVersion { major: 3, minor: 7 };
+    pub const PY38: PythonVersion = PythonVersion { major: 3, minor: 8 };
+    pub const PY39: PythonVersion = PythonVersion { major: 3, minor: 9 };
+    pub const PY310: PythonVersion = PythonVersion {
+        major: 3,
+        minor: 10,
+    };
+    pub const PY311: PythonVersion = PythonVersion {
+        major: 3,
+        minor: 11,
+    };
+    pub const PY312: PythonVersion = PythonVersion {
+        major: 3,
+        minor: 12,
+    };
+    pub const PY313: PythonVersion = PythonVersion {
+        major: 3,
+        minor: 13,
+    };
+
+    pub fn free_threaded_build_available(self) -> bool {
+        self >= PythonVersion::PY313
+    }
+}
+
+impl Default for PythonVersion {
+    fn default() -> Self {
+        Self::PY38
+    }
+}
+
+impl TryFrom<(&str, &str)> for PythonVersion {
+    type Error = std::num::ParseIntError;
+
+    fn try_from(value: (&str, &str)) -> Result<Self, Self::Error> {
+        let (major, minor) = value;
+        Ok(Self {
+            major: major.parse()?,
+            minor: minor.parse()?,
+        })
+    }
+}
+
+impl fmt::Display for PythonVersion {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        let PythonVersion { major, minor } = self;
+        write!(f, "{major}.{minor}")
+    }
+}
--- a/crates/red_knot_python_semantic/src/semantic_index.rs
+++ b/crates/red_knot_python_semantic/src/semantic_index.rs
@@ -0,0 +1,896 @@
+use std::iter::FusedIterator;
+use std::sync::Arc;
+
+use rustc_hash::FxHashMap;
+use salsa::plumbing::AsId;
+
+use ruff_db::files::File;
+use ruff_db::parsed::parsed_module;
+use ruff_index::{IndexSlice, IndexVec};
+
+use crate::semantic_index::ast_ids::node_key::ExpressionNodeKey;
+use crate::semantic_index::ast_ids::AstIds;
+use crate::semantic_index::builder::SemanticIndexBuilder;
+use crate::semantic_index::definition::{Definition, DefinitionNodeKey};
+use crate::semantic_index::expression::Expression;
+use crate::semantic_index::symbol::{
+    FileScopeId, NodeWithScopeKey, NodeWithScopeRef, Scope, ScopeId, ScopedSymbolId, SymbolTable,
+};
+use crate::Db;
+
+pub(crate) use self::use_def::UseDefMap;
+
+pub mod ast_ids;
+mod builder;
+pub mod definition;
+pub mod expression;
+pub mod symbol;
+mod use_def;
+
+type SymbolMap = hashbrown::HashMap<ScopedSymbolId, (), ()>;
+
+/// Returns the semantic index for `file`.
+///
+/// Prefer using [`symbol_table`] when working with symbols from a single scope.
+#[salsa::tracked(return_ref, no_eq)]
+pub(crate) fn semantic_index(db: &dyn Db, file: File) -> SemanticIndex<'_> {
+    let _span = tracing::trace_span!("semantic_index", file = %file.path(db)).entered();
+
+    let parsed = parsed_module(db.upcast(), file);
+
+    SemanticIndexBuilder::new(db, file, parsed).build()
+}
+
+/// Returns the symbol table for a specific `scope`.
+///
+/// Using [`symbol_table`] over [`semantic_index`] has the advantage that
+/// Salsa can avoid invalidating dependent queries if this scope's symbol table
+/// is unchanged.
+#[salsa::tracked]
+pub(crate) fn symbol_table<'db>(db: &'db dyn Db, scope: ScopeId<'db>) -> Arc<SymbolTable> {
+    let file = scope.file(db);
+    let _span =
+        tracing::trace_span!("symbol_table", scope=?scope.as_id(), file=%file.path(db)).entered();
+    let index = semantic_index(db, file);
+
+    index.symbol_table(scope.file_scope_id(db))
+}
+
+/// Returns the use-def map for a specific `scope`.
+///
+/// Using [`use_def_map`] over [`semantic_index`] has the advantage that
+/// Salsa can avoid invalidating dependent queries if this scope's use-def map
+/// is unchanged.
+#[salsa::tracked]
+pub(crate) fn use_def_map<'db>(db: &'db dyn Db, scope: ScopeId<'db>) -> Arc<UseDefMap<'db>> {
+    let file = scope.file(db);
+    let _span =
+        tracing::trace_span!("use_def_map", scope=?scope.as_id(), file=%file.path(db)).entered();
+    let index = semantic_index(db, file);
+
+    index.use_def_map(scope.file_scope_id(db))
+}
+
+/// Returns the module global scope of `file`.
+#[salsa::tracked]
+pub(crate) fn global_scope(db: &dyn Db, file: File) -> ScopeId<'_> {
+    let _span = tracing::trace_span!("global_scope", file = %file.path(db)).entered();
+
+    FileScopeId::global().to_scope_id(db, file)
+}
+
+/// The symbol tables and use-def maps for all scopes in a file.
+#[derive(Debug)]
+pub(crate) struct SemanticIndex<'db> {
+    /// List of all symbol tables in this file, indexed by scope.
+    symbol_tables: IndexVec<FileScopeId, Arc<SymbolTable>>,
+
+    /// List of all scopes in this file.
+    scopes: IndexVec<FileScopeId, Scope>,
+
+    /// Map expressions to their corresponding scope.
+    scopes_by_expression: FxHashMap<ExpressionNodeKey, FileScopeId>,
+
+    /// Map from a node creating a definition to its definition.
+    definitions_by_node: FxHashMap<DefinitionNodeKey, Definition<'db>>,
+
+    /// Map from a standalone expression to its [`Expression`] ingredient.
+    expressions_by_node: FxHashMap<ExpressionNodeKey, Expression<'db>>,
+
+    /// Map from nodes that create a scope to the scope they create.
+    scopes_by_node: FxHashMap<NodeWithScopeKey, FileScopeId>,
+
+    /// Map from the file-local [`FileScopeId`] to the salsa-ingredient [`ScopeId`].
+    scope_ids_by_scope: IndexVec<FileScopeId, ScopeId<'db>>,
+
+    /// Use-def map for each scope in this file.
+    use_def_maps: IndexVec<FileScopeId, Arc<UseDefMap<'db>>>,
+
+    /// Lookup table to map between node ids and ast nodes.
+    ///
+    /// Note: We should not depend on this map when analysing other files or
+    /// changing a file invalidates all dependents.
+    ast_ids: IndexVec<FileScopeId, AstIds>,
+}
+
+impl<'db> SemanticIndex<'db> {
+    /// Returns the symbol table for a specific scope.
+    ///
+    /// Use the Salsa cached [`symbol_table()`] query if you only need the
+    /// symbol table for a single scope.
+    pub(super) fn symbol_table(&self, scope_id: FileScopeId) -> Arc<SymbolTable> {
+        self.symbol_tables[scope_id].clone()
+    }
+
+    /// Returns the use-def map for a specific scope.
+    ///
+    /// Use the Salsa cached [`use_def_map()`] query if you only need the
+    /// use-def map for a single scope.
+    pub(super) fn use_def_map(&self, scope_id: FileScopeId) -> Arc<UseDefMap> {
+        self.use_def_maps[scope_id].clone()
+    }
+
+    pub(crate) fn ast_ids(&self, scope_id: FileScopeId) -> &AstIds {
+        &self.ast_ids[scope_id]
+    }
+
+    /// Returns the ID of the `expression`'s enclosing scope.
+    pub(crate) fn expression_scope_id(
+        &self,
+        expression: impl Into<ExpressionNodeKey>,
+    ) -> FileScopeId {
+        self.scopes_by_expression[&expression.into()]
+    }
+
+    /// Returns the [`Scope`] of the `expression`'s enclosing scope.
+    #[allow(unused)]
+    pub(crate) fn expression_scope(&self, expression: impl Into<ExpressionNodeKey>) -> &Scope {
+        &self.scopes[self.expression_scope_id(expression)]
+    }
+
+    /// Returns the [`Scope`] with the given id.
+    pub(crate) fn scope(&self, id: FileScopeId) -> &Scope {
+        &self.scopes[id]
+    }
+
+    /// Returns the id of the parent scope.
+    pub(crate) fn parent_scope_id(&self, scope_id: FileScopeId) -> Option<FileScopeId> {
+        let scope = self.scope(scope_id);
+        scope.parent
+    }
+
+    /// Returns the parent scope of `scope_id`.
+    #[allow(unused)]
+    pub(crate) fn parent_scope(&self, scope_id: FileScopeId) -> Option<&Scope> {
+        Some(&self.scopes[self.parent_scope_id(scope_id)?])
+    }
+
+    /// Returns an iterator over the descendent scopes of `scope`.
+    #[allow(unused)]
+    pub(crate) fn descendent_scopes(&self, scope: FileScopeId) -> DescendentsIter {
+        DescendentsIter::new(self, scope)
+    }
+
+    /// Returns an iterator over the direct child scopes of `scope`.
+    #[allow(unused)]
+    pub(crate) fn child_scopes(&self, scope: FileScopeId) -> ChildrenIter {
+        ChildrenIter::new(self, scope)
+    }
+
+    /// Returns an iterator over all ancestors of `scope`, starting with `scope` itself.
+    #[allow(unused)]
+    pub(crate) fn ancestor_scopes(&self, scope: FileScopeId) -> AncestorsIter {
+        AncestorsIter::new(self, scope)
+    }
+
+    /// Returns the [`Definition`] salsa ingredient for `definition_key`.
+    pub(crate) fn definition(
+        &self,
+        definition_key: impl Into<DefinitionNodeKey>,
+    ) -> Definition<'db> {
+        self.definitions_by_node[&definition_key.into()]
+    }
+
+    /// Returns the [`Expression`] ingredient for an expression node.
+    /// Panics if we have no expression ingredient for that node. We can only call this method for
+    /// standalone-inferable expressions, which we call `add_standalone_expression` for in
+    /// [`SemanticIndexBuilder`].
+    pub(crate) fn expression(
+        &self,
+        expression_key: impl Into<ExpressionNodeKey>,
+    ) -> Expression<'db> {
+        self.expressions_by_node[&expression_key.into()]
+    }
+
+    /// Returns the id of the scope that `node` creates. This is different from [`Definition::scope`] which
+    /// returns the scope in which that definition is defined in.
+    pub(crate) fn node_scope(&self, node: NodeWithScopeRef) -> FileScopeId {
+        self.scopes_by_node[&node.node_key()]
+    }
+}
+
+pub struct AncestorsIter<'a> {
+    scopes: &'a IndexSlice<FileScopeId, Scope>,
+    next_id: Option<FileScopeId>,
+}
+
+impl<'a> AncestorsIter<'a> {
+    fn new(module_symbol_table: &'a SemanticIndex, start: FileScopeId) -> Self {
+        Self {
+            scopes: &module_symbol_table.scopes,
+            next_id: Some(start),
+        }
+    }
+}
+
+impl<'a> Iterator for AncestorsIter<'a> {
+    type Item = (FileScopeId, &'a Scope);
+
+    fn next(&mut self) -> Option<Self::Item> {
+        let current_id = self.next_id?;
+        let current = &self.scopes[current_id];
+        self.next_id = current.parent;
+
+        Some((current_id, current))
+    }
+}
+
+impl FusedIterator for AncestorsIter<'_> {}
+
+pub struct DescendentsIter<'a> {
+    next_id: FileScopeId,
+    descendents: std::slice::Iter<'a, Scope>,
+}
+
+impl<'a> DescendentsIter<'a> {
+    fn new(symbol_table: &'a SemanticIndex, scope_id: FileScopeId) -> Self {
+        let scope = &symbol_table.scopes[scope_id];
+        let scopes = &symbol_table.scopes[scope.descendents.clone()];
+
+        Self {
+            next_id: scope_id + 1,
+            descendents: scopes.iter(),
+        }
+    }
+}
+
+impl<'a> Iterator for DescendentsIter<'a> {
+    type Item = (FileScopeId, &'a Scope);
+
+    fn next(&mut self) -> Option<Self::Item> {
+        let descendent = self.descendents.next()?;
+        let id = self.next_id;
+        self.next_id = self.next_id + 1;
+
+        Some((id, descendent))
+    }
+
+    fn size_hint(&self) -> (usize, Option<usize>) {
+        self.descendents.size_hint()
+    }
+}
+
+impl FusedIterator for DescendentsIter<'_> {}
+
+impl ExactSizeIterator for DescendentsIter<'_> {}
+
+pub struct ChildrenIter<'a> {
+    parent: FileScopeId,
+    descendents: DescendentsIter<'a>,
+}
+
+impl<'a> ChildrenIter<'a> {
+    fn new(module_symbol_table: &'a SemanticIndex, parent: FileScopeId) -> Self {
+        let descendents = DescendentsIter::new(module_symbol_table, parent);
+
+        Self {
+            parent,
+            descendents,
+        }
+    }
+}
+
+impl<'a> Iterator for ChildrenIter<'a> {
+    type Item = (FileScopeId, &'a Scope);
+
+    fn next(&mut self) -> Option<Self::Item> {
+        self.descendents
+            .find(|(_, scope)| scope.parent == Some(self.parent))
+    }
+}
+
+impl FusedIterator for ChildrenIter<'_> {}
+
+#[cfg(test)]
+mod tests {
+    use ruff_db::files::{system_path_to_file, File};
+    use ruff_db::parsed::parsed_module;
+    use ruff_db::system::DbWithTestSystem;
+    use ruff_python_ast as ast;
+    use ruff_text_size::{Ranged, TextRange};
+
+    use crate::db::tests::TestDb;
+    use crate::semantic_index::ast_ids::HasScopedUseId;
+    use crate::semantic_index::definition::DefinitionKind;
+    use crate::semantic_index::symbol::{FileScopeId, Scope, ScopeKind, SymbolTable};
+    use crate::semantic_index::{global_scope, semantic_index, symbol_table, use_def_map};
+    use crate::Db;
+
+    struct TestCase {
+        db: TestDb,
+        file: File,
+    }
+
+    fn test_case(content: impl ToString) -> TestCase {
+        let mut db = TestDb::new();
+        db.write_file("test.py", content).unwrap();
+
+        let file = system_path_to_file(&db, "test.py").unwrap();
+
+        TestCase { db, file }
+    }
+
+    fn names(table: &SymbolTable) -> Vec<String> {
+        table
+            .symbols()
+            .map(|symbol| symbol.name().to_string())
+            .collect()
+    }
+
+    #[test]
+    fn empty() {
+        let TestCase { db, file } = test_case("");
+        let global_table = symbol_table(&db, global_scope(&db, file));
+
+        let global_names = names(&global_table);
+
+        assert_eq!(global_names, Vec::<&str>::new());
+    }
+
+    #[test]
+    fn simple() {
+        let TestCase { db, file } = test_case("x");
+        let global_table = symbol_table(&db, global_scope(&db, file));
+
+        assert_eq!(names(&global_table), vec!["x"]);
+    }
+
+    #[test]
+    fn annotation_only() {
+        let TestCase { db, file } = test_case("x: int");
+        let global_table = symbol_table(&db, global_scope(&db, file));
+
+        assert_eq!(names(&global_table), vec!["int", "x"]);
+        // TODO record definition
+    }
+
+    #[test]
+    fn import() {
+        let TestCase { db, file } = test_case("import foo");
+        let scope = global_scope(&db, file);
+        let global_table = symbol_table(&db, scope);
+
+        assert_eq!(names(&global_table), vec!["foo"]);
+        let foo = global_table.symbol_id_by_name("foo").unwrap();
+
+        let use_def = use_def_map(&db, scope);
+        let [definition] = use_def.public_definitions(foo) else {
+            panic!("expected one definition");
+        };
+        assert!(matches!(definition.node(&db), DefinitionKind::Import(_)));
+    }
+
+    #[test]
+    fn import_sub() {
+        let TestCase { db, file } = test_case("import foo.bar");
+        let global_table = symbol_table(&db, global_scope(&db, file));
+
+        assert_eq!(names(&global_table), vec!["foo"]);
+    }
+
+    #[test]
+    fn import_as() {
+        let TestCase { db, file } = test_case("import foo.bar as baz");
+        let global_table = symbol_table(&db, global_scope(&db, file));
+
+        assert_eq!(names(&global_table), vec!["baz"]);
+    }
+
+    #[test]
+    fn import_from() {
+        let TestCase { db, file } = test_case("from bar import foo");
+        let scope = global_scope(&db, file);
+        let global_table = symbol_table(&db, scope);
+
+        assert_eq!(names(&global_table), vec!["foo"]);
+        assert!(
+            global_table
+                .symbol_by_name("foo")
+                .is_some_and(|symbol| { symbol.is_defined() && !symbol.is_used() }),
+            "symbols that are defined get the defined flag"
+        );
+
+        let use_def = use_def_map(&db, scope);
+        let [definition] = use_def.public_definitions(
+            global_table
+                .symbol_id_by_name("foo")
+                .expect("symbol to exist"),
+        ) else {
+            panic!("expected one definition");
+        };
+        assert!(matches!(
+            definition.node(&db),
+            DefinitionKind::ImportFrom(_)
+        ));
+    }
+
+    #[test]
+    fn assign() {
+        let TestCase { db, file } = test_case("x = foo");
+        let scope = global_scope(&db, file);
+        let global_table = symbol_table(&db, scope);
+
+        assert_eq!(names(&global_table), vec!["foo", "x"]);
+        assert!(
+            global_table
+                .symbol_by_name("foo")
+                .is_some_and(|symbol| { !symbol.is_defined() && symbol.is_used() }),
+            "a symbol used but not defined in a scope should have only the used flag"
+        );
+        let use_def = use_def_map(&db, scope);
+        let [definition] =
+            use_def.public_definitions(global_table.symbol_id_by_name("x").expect("symbol exists"))
+        else {
+            panic!("expected one definition");
+        };
+        assert!(matches!(
+            definition.node(&db),
+            DefinitionKind::Assignment(_)
+        ));
+    }
+
+    #[test]
+    fn class_scope() {
+        let TestCase { db, file } = test_case(
+            "
+class C:
+    x = 1
+y = 2
+",
+        );
+        let global_table = symbol_table(&db, global_scope(&db, file));
+
+        assert_eq!(names(&global_table), vec!["C", "y"]);
+
+        let index = semantic_index(&db, file);
+
+        let [(class_scope_id, class_scope)] = index
+            .child_scopes(FileScopeId::global())
+            .collect::<Vec<_>>()[..]
+        else {
+            panic!("expected one child scope")
+        };
+        assert_eq!(class_scope.kind(), ScopeKind::Class);
+        assert_eq!(class_scope_id.to_scope_id(&db, file).name(&db), "C");
+
+        let class_table = index.symbol_table(class_scope_id);
+        assert_eq!(names(&class_table), vec!["x"]);
+
+        let use_def = index.use_def_map(class_scope_id);
+        let [definition] =
+            use_def.public_definitions(class_table.symbol_id_by_name("x").expect("symbol exists"))
+        else {
+            panic!("expected one definition");
+        };
+        assert!(matches!(
+            definition.node(&db),
+            DefinitionKind::Assignment(_)
+        ));
+    }
+
+    #[test]
+    fn function_scope() {
+        let TestCase { db, file } = test_case(
+            "
+def func():
+    x = 1
+y = 2
+",
+        );
+        let index = semantic_index(&db, file);
+        let global_table = index.symbol_table(FileScopeId::global());
+
+        assert_eq!(names(&global_table), vec!["func", "y"]);
+
+        let [(function_scope_id, function_scope)] = index
+            .child_scopes(FileScopeId::global())
+            .collect::<Vec<_>>()[..]
+        else {
+            panic!("expected one child scope")
+        };
+        assert_eq!(function_scope.kind(), ScopeKind::Function);
+        assert_eq!(function_scope_id.to_scope_id(&db, file).name(&db), "func");
+
+        let function_table = index.symbol_table(function_scope_id);
+        assert_eq!(names(&function_table), vec!["x"]);
+
+        let use_def = index.use_def_map(function_scope_id);
+        let [definition] = use_def.public_definitions(
+            function_table
+                .symbol_id_by_name("x")
+                .expect("symbol exists"),
+        ) else {
+            panic!("expected one definition");
+        };
+        assert!(matches!(
+            definition.node(&db),
+            DefinitionKind::Assignment(_)
+        ));
+    }
+
+    /// Test case to validate that the comprehension scope is correctly identified and that the target
+    /// variable is defined only in the comprehension scope and not in the global scope.
+    #[test]
+    fn comprehension_scope() {
+        let TestCase { db, file } = test_case(
+            "
+[x for x in iter1]
+",
+        );
+
+        let index = semantic_index(&db, file);
+        let global_table = index.symbol_table(FileScopeId::global());
+
+        assert_eq!(names(&global_table), vec!["iter1"]);
+
+        let [(comprehension_scope_id, comprehension_scope)] = index
+            .child_scopes(FileScopeId::global())
+            .collect::<Vec<_>>()[..]
+        else {
+            panic!("expected one child scope")
+        };
+
+        assert_eq!(comprehension_scope.kind(), ScopeKind::Comprehension);
+        assert_eq!(
+            comprehension_scope_id.to_scope_id(&db, file).name(&db),
+            "<listcomp>"
+        );
+
+        let comprehension_symbol_table = index.symbol_table(comprehension_scope_id);
+
+        assert_eq!(names(&comprehension_symbol_table), vec!["x"]);
+    }
+
+    /// Test case to validate that the `x` variable used in the comprehension is referencing the
+    /// `x` variable defined by the inner generator (`for x in iter2`) and not the outer one.
+    #[test]
+    fn multiple_generators() {
+        let TestCase { db, file } = test_case(
+            "
+[x for x in iter1 for x in iter2]
+",
+        );
+
+        let index = semantic_index(&db, file);
+        let [(comprehension_scope_id, _)] = index
+            .child_scopes(FileScopeId::global())
+            .collect::<Vec<_>>()[..]
+        else {
+            panic!("expected one child scope")
+        };
+
+        let use_def = index.use_def_map(comprehension_scope_id);
+
+        let module = parsed_module(&db, file).syntax();
+        let element = module.body[0]
+            .as_expr_stmt()
+            .unwrap()
+            .value
+            .as_list_comp_expr()
+            .unwrap()
+            .elt
+            .as_name_expr()
+            .unwrap();
+        let element_use_id =
+            element.scoped_use_id(&db, comprehension_scope_id.to_scope_id(&db, file));
+
+        let [definition] = use_def.use_definitions(element_use_id) else {
+            panic!("expected one definition")
+        };
+        let DefinitionKind::Comprehension(comprehension) = definition.node(&db) else {
+            panic!("expected generator definition")
+        };
+        let ast::Comprehension { target, .. } = comprehension.node();
+        let name = target.as_name_expr().unwrap().id().as_str();
+
+        assert_eq!(name, "x");
+        assert_eq!(target.range(), TextRange::new(23.into(), 24.into()));
+    }
+
+    /// Test case to validate that the nested comprehension creates a new scope which is a child of
+    /// the outer comprehension scope and the variables are correctly defined in the respective
+    /// scopes.
+    #[test]
+    fn nested_generators() {
+        let TestCase { db, file } = test_case(
+            "
+[{x for x in iter2} for y in iter1]
+",
+        );
+
+        let index = semantic_index(&db, file);
+        let global_table = index.symbol_table(FileScopeId::global());
+
+        assert_eq!(names(&global_table), vec!["iter1"]);
+
+        let [(comprehension_scope_id, comprehension_scope)] = index
+            .child_scopes(FileScopeId::global())
+            .collect::<Vec<_>>()[..]
+        else {
+            panic!("expected one child scope")
+        };
+
+        assert_eq!(comprehension_scope.kind(), ScopeKind::Comprehension);
+        assert_eq!(
+            comprehension_scope_id.to_scope_id(&db, file).name(&db),
+            "<listcomp>"
+        );
+
+        let comprehension_symbol_table = index.symbol_table(comprehension_scope_id);
+
+        assert_eq!(names(&comprehension_symbol_table), vec!["y", "iter2"]);
+
+        let [(inner_comprehension_scope_id, inner_comprehension_scope)] = index
+            .child_scopes(comprehension_scope_id)
+            .collect::<Vec<_>>()[..]
+        else {
+            panic!("expected one inner generator scope")
+        };
+
+        assert_eq!(inner_comprehension_scope.kind(), ScopeKind::Comprehension);
+        assert_eq!(
+            inner_comprehension_scope_id
+                .to_scope_id(&db, file)
+                .name(&db),
+            "<setcomp>"
+        );
+
+        let inner_comprehension_symbol_table = index.symbol_table(inner_comprehension_scope_id);
+
+        assert_eq!(names(&inner_comprehension_symbol_table), vec!["x"]);
+    }
+
+    #[test]
+    fn dupes() {
+        let TestCase { db, file } = test_case(
+            "
+def func():
+    x = 1
+def func():
+    y = 2
+",
+        );
+        let index = semantic_index(&db, file);
+        let global_table = index.symbol_table(FileScopeId::global());
+
+        assert_eq!(names(&global_table), vec!["func"]);
+        let [(func_scope1_id, func_scope_1), (func_scope2_id, func_scope_2)] = index
+            .child_scopes(FileScopeId::global())
+            .collect::<Vec<_>>()[..]
+        else {
+            panic!("expected two child scopes");
+        };
+
+        assert_eq!(func_scope_1.kind(), ScopeKind::Function);
+
+        assert_eq!(func_scope1_id.to_scope_id(&db, file).name(&db), "func");
+        assert_eq!(func_scope_2.kind(), ScopeKind::Function);
+        assert_eq!(func_scope2_id.to_scope_id(&db, file).name(&db), "func");
+
+        let func1_table = index.symbol_table(func_scope1_id);
+        let func2_table = index.symbol_table(func_scope2_id);
+        assert_eq!(names(&func1_table), vec!["x"]);
+        assert_eq!(names(&func2_table), vec!["y"]);
+
+        let use_def = index.use_def_map(FileScopeId::global());
+        let [definition] = use_def.public_definitions(
+            global_table
+                .symbol_id_by_name("func")
+                .expect("symbol exists"),
+        ) else {
+            panic!("expected one definition");
+        };
+        assert!(matches!(definition.node(&db), DefinitionKind::Function(_)));
+    }
+
+    #[test]
+    fn generic_function() {
+        let TestCase { db, file } = test_case(
+            "
+def func[T]():
+    x = 1
+",
+        );
+
+        let index = semantic_index(&db, file);
+        let global_table = index.symbol_table(FileScopeId::global());
+
+        assert_eq!(names(&global_table), vec!["func"]);
+
+        let [(ann_scope_id, ann_scope)] = index
+            .child_scopes(FileScopeId::global())
+            .collect::<Vec<_>>()[..]
+        else {
+            panic!("expected one child scope");
+        };
+
+        assert_eq!(ann_scope.kind(), ScopeKind::Annotation);
+        assert_eq!(ann_scope_id.to_scope_id(&db, file).name(&db), "func");
+        let ann_table = index.symbol_table(ann_scope_id);
+        assert_eq!(names(&ann_table), vec!["T"]);
+
+        let [(func_scope_id, func_scope)] =
+            index.child_scopes(ann_scope_id).collect::<Vec<_>>()[..]
+        else {
+            panic!("expected one child scope");
+        };
+        assert_eq!(func_scope.kind(), ScopeKind::Function);
+        assert_eq!(func_scope_id.to_scope_id(&db, file).name(&db), "func");
+        let func_table = index.symbol_table(func_scope_id);
+        assert_eq!(names(&func_table), vec!["x"]);
+    }
+
+    #[test]
+    fn generic_class() {
+        let TestCase { db, file } = test_case(
+            "
+class C[T]:
+    x = 1
+",
+        );
+
+        let index = semantic_index(&db, file);
+        let global_table = index.symbol_table(FileScopeId::global());
+
+        assert_eq!(names(&global_table), vec!["C"]);
+
+        let [(ann_scope_id, ann_scope)] = index
+            .child_scopes(FileScopeId::global())
+            .collect::<Vec<_>>()[..]
+        else {
+            panic!("expected one child scope");
+        };
+
+        assert_eq!(ann_scope.kind(), ScopeKind::Annotation);
+        assert_eq!(ann_scope_id.to_scope_id(&db, file).name(&db), "C");
+        let ann_table = index.symbol_table(ann_scope_id);
+        assert_eq!(names(&ann_table), vec!["T"]);
+        assert!(
+            ann_table
+                .symbol_by_name("T")
+                .is_some_and(|s| s.is_defined() && !s.is_used()),
+            "type parameters are defined by the scope that introduces them"
+        );
+
+        let [(class_scope_id, class_scope)] =
+            index.child_scopes(ann_scope_id).collect::<Vec<_>>()[..]
+        else {
+            panic!("expected one child scope");
+        };
+
+        assert_eq!(class_scope.kind(), ScopeKind::Class);
+        assert_eq!(class_scope_id.to_scope_id(&db, file).name(&db), "C");
+        assert_eq!(names(&index.symbol_table(class_scope_id)), vec!["x"]);
+    }
+
+    #[test]
+    fn reachability_trivial() {
+        let TestCase { db, file } = test_case("x = 1; x");
+        let parsed = parsed_module(&db, file);
+        let scope = global_scope(&db, file);
+        let ast = parsed.syntax();
+        let ast::Stmt::Expr(ast::StmtExpr {
+            value: x_use_expr, ..
+        }) = &ast.body[1]
+        else {
+            panic!("should be an expr")
+        };
+        let ast::Expr::Name(x_use_expr_name) = x_use_expr.as_ref() else {
+            panic!("expected a Name");
+        };
+        let x_use_id = x_use_expr_name.scoped_use_id(&db, scope);
+        let use_def = use_def_map(&db, scope);
+        let [definition] = use_def.use_definitions(x_use_id) else {
+            panic!("expected one definition");
+        };
+        let DefinitionKind::Assignment(assignment) = definition.node(&db) else {
+            panic!("should be an assignment definition")
+        };
+        let ast::Expr::NumberLiteral(ast::ExprNumberLiteral {
+            value: ast::Number::Int(num),
+            ..
+        }) = &*assignment.assignment().value
+        else {
+            panic!("should be a number literal")
+        };
+        assert_eq!(*num, 1);
+    }
+
+    #[test]
+    fn expression_scope() {
+        let TestCase { db, file } = test_case("x = 1;\ndef test():\n  y = 4");
+
+        let index = semantic_index(&db, file);
+        let parsed = parsed_module(&db, file);
+        let ast = parsed.syntax();
+
+        let x_stmt = ast.body[0].as_assign_stmt().unwrap();
+        let x = &x_stmt.targets[0];
+
+        assert_eq!(index.expression_scope(x).kind(), ScopeKind::Module);
+        assert_eq!(index.expression_scope_id(x), FileScopeId::global());
+
+        let def = ast.body[1].as_function_def_stmt().unwrap();
+        let y_stmt = def.body[0].as_assign_stmt().unwrap();
+        let y = &y_stmt.targets[0];
+
+        assert_eq!(index.expression_scope(y).kind(), ScopeKind::Function);
+    }
+
+    #[test]
+    fn scope_iterators() {
+        fn scope_names<'a>(
+            scopes: impl Iterator<Item = (FileScopeId, &'a Scope)>,
+            db: &'a dyn Db,
+            file: File,
+        ) -> Vec<&'a str> {
+            scopes
+                .into_iter()
+                .map(|(scope_id, _)| scope_id.to_scope_id(db, file).name(db))
+                .collect()
+        }
+
+        let TestCase { db, file } = test_case(
+            r#"
+class Test:
+    def foo():
+        def bar():
+            ...
+    def baz():
+        pass
+
+def x():
+    pass"#,
+        );
+
+        let index = semantic_index(&db, file);
+
+        let descendents = index.descendent_scopes(FileScopeId::global());
+        assert_eq!(
+            scope_names(descendents, &db, file),
+            vec!["Test", "foo", "bar", "baz", "x"]
+        );
+
+        let children = index.child_scopes(FileScopeId::global());
+        assert_eq!(scope_names(children, &db, file), vec!["Test", "x"]);
+
+        let test_class = index.child_scopes(FileScopeId::global()).next().unwrap().0;
+        let test_child_scopes = index.child_scopes(test_class);
+        assert_eq!(
+            scope_names(test_child_scopes, &db, file),
+            vec!["foo", "baz"]
+        );
+
+        let bar_scope = index
+            .descendent_scopes(FileScopeId::global())
+            .nth(2)
+            .unwrap()
+            .0;
+        let ancestors = index.ancestor_scopes(bar_scope);
+
+        assert_eq!(
+            scope_names(ancestors, &db, file),
+            vec!["bar", "foo", "Test", "<module>"]
+        );
+    }
+}
--- a/crates/red_knot_python_semantic/src/semantic_index/ast_ids.rs
+++ b/crates/red_knot_python_semantic/src/semantic_index/ast_ids.rs
@@ -0,0 +1,210 @@
+use rustc_hash::FxHashMap;
+
+use ruff_index::newtype_index;
+use ruff_python_ast as ast;
+use ruff_python_ast::ExpressionRef;
+
+use crate::semantic_index::ast_ids::node_key::ExpressionNodeKey;
+use crate::semantic_index::semantic_index;
+use crate::semantic_index::symbol::ScopeId;
+use crate::Db;
+
+/// AST ids for a single scope.
+///
+/// The motivation for building the AST ids per scope isn't about reducing invalidation because
+/// the struct changes whenever the parsed AST changes. Instead, it's mainly that we can
+/// build the AST ids struct when building the symbol table and also keep the property that
+/// IDs of outer scopes are unaffected by changes in inner scopes.
+///
+/// For example, we don't want that adding new statements to `foo` changes the statement id of `x = foo()` in:
+///
+/// ```python
+/// def foo():
+///     return 5
+///
+/// x = foo()
+/// ```
+#[derive(Debug)]
+pub(crate) struct AstIds {
+    /// Maps expressions to their expression id.
+    expressions_map: FxHashMap<ExpressionNodeKey, ScopedExpressionId>,
+    /// Maps expressions which "use" a symbol (that is, [`ast::ExprName`]) to a use id.
+    uses_map: FxHashMap<ExpressionNodeKey, ScopedUseId>,
+}
+
+impl AstIds {
+    fn expression_id(&self, key: impl Into<ExpressionNodeKey>) -> ScopedExpressionId {
+        self.expressions_map[&key.into()]
+    }
+
+    fn use_id(&self, key: impl Into<ExpressionNodeKey>) -> ScopedUseId {
+        self.uses_map[&key.into()]
+    }
+}
+
+fn ast_ids<'db>(db: &'db dyn Db, scope: ScopeId) -> &'db AstIds {
+    semantic_index(db, scope.file(db)).ast_ids(scope.file_scope_id(db))
+}
+
+pub trait HasScopedUseId {
+    /// The type of the ID uniquely identifying the use.
+    type Id: Copy;
+
+    /// Returns the ID that uniquely identifies the use in `scope`.
+    fn scoped_use_id(&self, db: &dyn Db, scope: ScopeId) -> Self::Id;
+}
+
+/// Uniquely identifies a use of a name in a [`crate::semantic_index::symbol::FileScopeId`].
+#[newtype_index]
+pub struct ScopedUseId;
+
+impl HasScopedUseId for ast::ExprName {
+    type Id = ScopedUseId;
+
+    fn scoped_use_id(&self, db: &dyn Db, scope: ScopeId) -> Self::Id {
+        let expression_ref = ExpressionRef::from(self);
+        expression_ref.scoped_use_id(db, scope)
+    }
+}
+
+impl HasScopedUseId for ast::ExpressionRef<'_> {
+    type Id = ScopedUseId;
+
+    fn scoped_use_id(&self, db: &dyn Db, scope: ScopeId) -> Self::Id {
+        let ast_ids = ast_ids(db, scope);
+        ast_ids.use_id(*self)
+    }
+}
+
+pub trait HasScopedAstId {
+    /// The type of the ID uniquely identifying the node.
+    type Id: Copy;
+
+    /// Returns the ID that uniquely identifies the node in `scope`.
+    fn scoped_ast_id(&self, db: &dyn Db, scope: ScopeId) -> Self::Id;
+}
+
+/// Uniquely identifies an [`ast::Expr`] in a [`crate::semantic_index::symbol::FileScopeId`].
+#[newtype_index]
+pub struct ScopedExpressionId;
+
+macro_rules! impl_has_scoped_expression_id {
+    ($ty: ty) => {
+        impl HasScopedAstId for $ty {
+            type Id = ScopedExpressionId;
+
+            fn scoped_ast_id(&self, db: &dyn Db, scope: ScopeId) -> Self::Id {
+                let expression_ref = ExpressionRef::from(self);
+                expression_ref.scoped_ast_id(db, scope)
+            }
+        }
+    };
+}
+
+impl_has_scoped_expression_id!(ast::ExprBoolOp);
+impl_has_scoped_expression_id!(ast::ExprName);
+impl_has_scoped_expression_id!(ast::ExprBinOp);
+impl_has_scoped_expression_id!(ast::ExprUnaryOp);
+impl_has_scoped_expression_id!(ast::ExprLambda);
+impl_has_scoped_expression_id!(ast::ExprIf);
+impl_has_scoped_expression_id!(ast::ExprDict);
+impl_has_scoped_expression_id!(ast::ExprSet);
+impl_has_scoped_expression_id!(ast::ExprListComp);
+impl_has_scoped_expression_id!(ast::ExprSetComp);
+impl_has_scoped_expression_id!(ast::ExprDictComp);
+impl_has_scoped_expression_id!(ast::ExprGenerator);
+impl_has_scoped_expression_id!(ast::ExprAwait);
+impl_has_scoped_expression_id!(ast::ExprYield);
+impl_has_scoped_expression_id!(ast::ExprYieldFrom);
+impl_has_scoped_expression_id!(ast::ExprCompare);
+impl_has_scoped_expression_id!(ast::ExprCall);
+impl_has_scoped_expression_id!(ast::ExprFString);
+impl_has_scoped_expression_id!(ast::ExprStringLiteral);
+impl_has_scoped_expression_id!(ast::ExprBytesLiteral);
+impl_has_scoped_expression_id!(ast::ExprNumberLiteral);
+impl_has_scoped_expression_id!(ast::ExprBooleanLiteral);
+impl_has_scoped_expression_id!(ast::ExprNoneLiteral);
+impl_has_scoped_expression_id!(ast::ExprEllipsisLiteral);
+impl_has_scoped_expression_id!(ast::ExprAttribute);
+impl_has_scoped_expression_id!(ast::ExprSubscript);
+impl_has_scoped_expression_id!(ast::ExprStarred);
+impl_has_scoped_expression_id!(ast::ExprNamed);
+impl_has_scoped_expression_id!(ast::ExprList);
+impl_has_scoped_expression_id!(ast::ExprTuple);
+impl_has_scoped_expression_id!(ast::ExprSlice);
+impl_has_scoped_expression_id!(ast::ExprIpyEscapeCommand);
+impl_has_scoped_expression_id!(ast::Expr);
+
+impl HasScopedAstId for ast::ExpressionRef<'_> {
+    type Id = ScopedExpressionId;
+
+    fn scoped_ast_id(&self, db: &dyn Db, scope: ScopeId) -> Self::Id {
+        let ast_ids = ast_ids(db, scope);
+        ast_ids.expression_id(*self)
+    }
+}
+
+#[derive(Debug)]
+pub(super) struct AstIdsBuilder {
+    expressions_map: FxHashMap<ExpressionNodeKey, ScopedExpressionId>,
+    uses_map: FxHashMap<ExpressionNodeKey, ScopedUseId>,
+}
+
+impl AstIdsBuilder {
+    pub(super) fn new() -> Self {
+        Self {
+            expressions_map: FxHashMap::default(),
+            uses_map: FxHashMap::default(),
+        }
+    }
+
+    /// Adds `expr` to the expression ids map and returns its id.
+    pub(super) fn record_expression(&mut self, expr: &ast::Expr) -> ScopedExpressionId {
+        let expression_id = self.expressions_map.len().into();
+
+        self.expressions_map.insert(expr.into(), expression_id);
+
+        expression_id
+    }
+
+    /// Adds `expr` to the use ids map and returns its id.
+    pub(super) fn record_use(&mut self, expr: &ast::Expr) -> ScopedUseId {
+        let use_id = self.uses_map.len().into();
+
+        self.uses_map.insert(expr.into(), use_id);
+
+        use_id
+    }
+
+    pub(super) fn finish(mut self) -> AstIds {
+        self.expressions_map.shrink_to_fit();
+        self.uses_map.shrink_to_fit();
+
+        AstIds {
+            expressions_map: self.expressions_map,
+            uses_map: self.uses_map,
+        }
+    }
+}
+
+/// Node key that can only be constructed for expressions.
+pub(crate) mod node_key {
+    use ruff_python_ast as ast;
+
+    use crate::node_key::NodeKey;
+
+    #[derive(Copy, Clone, Eq, PartialEq, Hash, Debug)]
+    pub(crate) struct ExpressionNodeKey(NodeKey);
+
+    impl From<ast::ExpressionRef<'_>> for ExpressionNodeKey {
+        fn from(value: ast::ExpressionRef<'_>) -> Self {
+            Self(NodeKey::from_node(value))
+        }
+    }
+
+    impl From<&ast::Expr> for ExpressionNodeKey {
+        fn from(value: &ast::Expr) -> Self {
+            Self(NodeKey::from_node(value))
+        }
+    }
+}
--- a/crates/red_knot_python_semantic/src/semantic_index/builder.rs
+++ b/crates/red_knot_python_semantic/src/semantic_index/builder.rs
@@ -0,0 +1,686 @@
+use std::sync::Arc;
+
+use rustc_hash::FxHashMap;
+
+use ruff_db::files::File;
+use ruff_db::parsed::ParsedModule;
+use ruff_index::IndexVec;
+use ruff_python_ast as ast;
+use ruff_python_ast::name::Name;
+use ruff_python_ast::visitor::{walk_expr, walk_stmt, Visitor};
+
+use crate::ast_node_ref::AstNodeRef;
+use crate::semantic_index::ast_ids::node_key::ExpressionNodeKey;
+use crate::semantic_index::ast_ids::AstIdsBuilder;
+use crate::semantic_index::definition::{
+    AssignmentDefinitionNodeRef, ComprehensionDefinitionNodeRef, Definition, DefinitionNodeKey,
+    DefinitionNodeRef, ImportFromDefinitionNodeRef,
+};
+use crate::semantic_index::expression::Expression;
+use crate::semantic_index::symbol::{
+    FileScopeId, NodeWithScopeKey, NodeWithScopeRef, Scope, ScopeId, ScopedSymbolId, SymbolFlags,
+    SymbolTableBuilder,
+};
+use crate::semantic_index::use_def::{FlowSnapshot, UseDefMapBuilder};
+use crate::semantic_index::SemanticIndex;
+use crate::Db;
+
+pub(super) struct SemanticIndexBuilder<'db> {
+    // Builder state
+    db: &'db dyn Db,
+    file: File,
+    module: &'db ParsedModule,
+    scope_stack: Vec<FileScopeId>,
+    /// The assignment we're currently visiting.
+    current_assignment: Option<CurrentAssignment<'db>>,
+    /// Flow states at each `break` in the current loop.
+    loop_break_states: Vec<FlowSnapshot>,
+
+    // Semantic Index fields
+    scopes: IndexVec<FileScopeId, Scope>,
+    scope_ids_by_scope: IndexVec<FileScopeId, ScopeId<'db>>,
+    symbol_tables: IndexVec<FileScopeId, SymbolTableBuilder>,
+    ast_ids: IndexVec<FileScopeId, AstIdsBuilder>,
+    use_def_maps: IndexVec<FileScopeId, UseDefMapBuilder<'db>>,
+    scopes_by_node: FxHashMap<NodeWithScopeKey, FileScopeId>,
+    scopes_by_expression: FxHashMap<ExpressionNodeKey, FileScopeId>,
+    definitions_by_node: FxHashMap<DefinitionNodeKey, Definition<'db>>,
+    expressions_by_node: FxHashMap<ExpressionNodeKey, Expression<'db>>,
+}
+
+impl<'db> SemanticIndexBuilder<'db> {
+    pub(super) fn new(db: &'db dyn Db, file: File, parsed: &'db ParsedModule) -> Self {
+        let mut builder = Self {
+            db,
+            file,
+            module: parsed,
+            scope_stack: Vec::new(),
+            current_assignment: None,
+            loop_break_states: vec![],
+
+            scopes: IndexVec::new(),
+            symbol_tables: IndexVec::new(),
+            ast_ids: IndexVec::new(),
+            scope_ids_by_scope: IndexVec::new(),
+            use_def_maps: IndexVec::new(),
+
+            scopes_by_expression: FxHashMap::default(),
+            scopes_by_node: FxHashMap::default(),
+            definitions_by_node: FxHashMap::default(),
+            expressions_by_node: FxHashMap::default(),
+        };
+
+        builder.push_scope_with_parent(NodeWithScopeRef::Module, None);
+
+        builder
+    }
+
+    fn current_scope(&self) -> FileScopeId {
+        *self
+            .scope_stack
+            .last()
+            .expect("Always to have a root scope")
+    }
+
+    fn push_scope(&mut self, node: NodeWithScopeRef) {
+        let parent = self.current_scope();
+        self.push_scope_with_parent(node, Some(parent));
+    }
+
+    fn push_scope_with_parent(&mut self, node: NodeWithScopeRef, parent: Option<FileScopeId>) {
+        let children_start = self.scopes.next_index() + 1;
+
+        let scope = Scope {
+            parent,
+            kind: node.scope_kind(),
+            descendents: children_start..children_start,
+        };
+
+        let file_scope_id = self.scopes.push(scope);
+        self.symbol_tables.push(SymbolTableBuilder::new());
+        self.use_def_maps.push(UseDefMapBuilder::new());
+        let ast_id_scope = self.ast_ids.push(AstIdsBuilder::new());
+
+        #[allow(unsafe_code)]
+        // SAFETY: `node` is guaranteed to be a child of `self.module`
+        let scope_id = ScopeId::new(
+            self.db,
+            self.file,
+            file_scope_id,
+            unsafe { node.to_kind(self.module.clone()) },
+            countme::Count::default(),
+        );
+
+        self.scope_ids_by_scope.push(scope_id);
+        self.scopes_by_node.insert(node.node_key(), file_scope_id);
+
+        debug_assert_eq!(ast_id_scope, file_scope_id);
+
+        self.scope_stack.push(file_scope_id);
+    }
+
+    fn pop_scope(&mut self) -> FileScopeId {
+        let id = self.scope_stack.pop().expect("Root scope to be present");
+        let children_end = self.scopes.next_index();
+        let scope = &mut self.scopes[id];
+        scope.descendents = scope.descendents.start..children_end;
+        id
+    }
+
+    fn current_symbol_table(&mut self) -> &mut SymbolTableBuilder {
+        let scope_id = self.current_scope();
+        &mut self.symbol_tables[scope_id]
+    }
+
+    fn current_use_def_map_mut(&mut self) -> &mut UseDefMapBuilder<'db> {
+        let scope_id = self.current_scope();
+        &mut self.use_def_maps[scope_id]
+    }
+
+    fn current_use_def_map(&self) -> &UseDefMapBuilder<'db> {
+        let scope_id = self.current_scope();
+        &self.use_def_maps[scope_id]
+    }
+
+    fn current_ast_ids(&mut self) -> &mut AstIdsBuilder {
+        let scope_id = self.current_scope();
+        &mut self.ast_ids[scope_id]
+    }
+
+    fn flow_snapshot(&self) -> FlowSnapshot {
+        self.current_use_def_map().snapshot()
+    }
+
+    fn flow_restore(&mut self, state: FlowSnapshot) {
+        self.current_use_def_map_mut().restore(state);
+    }
+
+    fn flow_merge(&mut self, state: &FlowSnapshot) {
+        self.current_use_def_map_mut().merge(state);
+    }
+
+    fn add_or_update_symbol(&mut self, name: Name, flags: SymbolFlags) -> ScopedSymbolId {
+        let symbol_table = self.current_symbol_table();
+        let (symbol_id, added) = symbol_table.add_or_update_symbol(name, flags);
+        if added {
+            let use_def_map = self.current_use_def_map_mut();
+            use_def_map.add_symbol(symbol_id);
+        }
+        symbol_id
+    }
+
+    fn add_definition<'a>(
+        &mut self,
+        symbol: ScopedSymbolId,
+        definition_node: impl Into<DefinitionNodeRef<'a>>,
+    ) -> Definition<'db> {
+        let definition_node: DefinitionNodeRef<'_> = definition_node.into();
+        let definition = Definition::new(
+            self.db,
+            self.file,
+            self.current_scope(),
+            symbol,
+            #[allow(unsafe_code)]
+            unsafe {
+                definition_node.into_owned(self.module.clone())
+            },
+            countme::Count::default(),
+        );
+
+        self.definitions_by_node
+            .insert(definition_node.key(), definition);
+        self.current_use_def_map_mut()
+            .record_definition(symbol, definition);
+
+        definition
+    }
+
+    /// Record an expression that needs to be a Salsa ingredient, because we need to infer its type
+    /// standalone (type narrowing tests, RHS of an assignment.)
+    fn add_standalone_expression(&mut self, expression_node: &ast::Expr) {
+        let expression = Expression::new(
+            self.db,
+            self.file,
+            self.current_scope(),
+            #[allow(unsafe_code)]
+            unsafe {
+                AstNodeRef::new(self.module.clone(), expression_node)
+            },
+            countme::Count::default(),
+        );
+        self.expressions_by_node
+            .insert(expression_node.into(), expression);
+    }
+
+    fn with_type_params(
+        &mut self,
+        with_scope: NodeWithScopeRef,
+        type_params: Option<&'db ast::TypeParams>,
+        nested: impl FnOnce(&mut Self) -> FileScopeId,
+    ) -> FileScopeId {
+        if let Some(type_params) = type_params {
+            self.push_scope(with_scope);
+
+            for type_param in &type_params.type_params {
+                let (name, bound, default) = match type_param {
+                    ast::TypeParam::TypeVar(ast::TypeParamTypeVar {
+                        range: _,
+                        name,
+                        bound,
+                        default,
+                    }) => (name, bound, default),
+                    ast::TypeParam::ParamSpec(ast::TypeParamParamSpec {
+                        name, default, ..
+                    }) => (name, &None, default),
+                    ast::TypeParam::TypeVarTuple(ast::TypeParamTypeVarTuple {
+                        name,
+                        default,
+                        ..
+                    }) => (name, &None, default),
+                };
+                // TODO create Definition for typevars
+                self.add_or_update_symbol(name.id.clone(), SymbolFlags::IS_DEFINED);
+                if let Some(bound) = bound {
+                    self.visit_expr(bound);
+                }
+                if let Some(default) = default {
+                    self.visit_expr(default);
+                }
+            }
+        }
+
+        let nested_scope = nested(self);
+
+        if type_params.is_some() {
+            self.pop_scope();
+        }
+
+        nested_scope
+    }
+
+    /// Visit a list of [`Comprehension`] nodes, assumed to be the "generators" that compose a
+    /// comprehension (that is, the `for x in y` and `for y in z` parts of `x for x in y for y in z`.)
+    ///
+    /// [`Comprehension`]: ast::Comprehension
+    fn visit_generators(&mut self, scope: NodeWithScopeRef, generators: &'db [ast::Comprehension]) {
+        let mut generators_iter = generators.iter();
+
+        let Some(generator) = generators_iter.next() else {
+            unreachable!("Expression must contain at least one generator");
+        };
+
+        // The `iter` of the first generator is evaluated in the outer scope, while all subsequent
+        // nodes are evaluated in the inner scope.
+        self.visit_expr(&generator.iter);
+        self.push_scope(scope);
+
+        self.current_assignment = Some(CurrentAssignment::Comprehension {
+            node: generator,
+            first: true,
+        });
+        self.visit_expr(&generator.target);
+        self.current_assignment = None;
+
+        for expr in &generator.ifs {
+            self.visit_expr(expr);
+        }
+
+        for generator in generators_iter {
+            self.visit_expr(&generator.iter);
+
+            self.current_assignment = Some(CurrentAssignment::Comprehension {
+                node: generator,
+                first: false,
+            });
+            self.visit_expr(&generator.target);
+            self.current_assignment = None;
+
+            for expr in &generator.ifs {
+                self.visit_expr(expr);
+            }
+        }
+    }
+
+    pub(super) fn build(mut self) -> SemanticIndex<'db> {
+        let module = self.module;
+        self.visit_body(module.suite());
+
+        // Pop the root scope
+        self.pop_scope();
+        assert!(self.scope_stack.is_empty());
+
+        assert!(self.current_assignment.is_none());
+
+        let mut symbol_tables: IndexVec<_, _> = self
+            .symbol_tables
+            .into_iter()
+            .map(|builder| Arc::new(builder.finish()))
+            .collect();
+
+        let mut use_def_maps: IndexVec<_, _> = self
+            .use_def_maps
+            .into_iter()
+            .map(|builder| Arc::new(builder.finish()))
+            .collect();
+
+        let mut ast_ids: IndexVec<_, _> = self
+            .ast_ids
+            .into_iter()
+            .map(super::ast_ids::AstIdsBuilder::finish)
+            .collect();
+
+        self.scopes.shrink_to_fit();
+        symbol_tables.shrink_to_fit();
+        use_def_maps.shrink_to_fit();
+        ast_ids.shrink_to_fit();
+        self.scopes_by_expression.shrink_to_fit();
+        self.definitions_by_node.shrink_to_fit();
+
+        self.scope_ids_by_scope.shrink_to_fit();
+        self.scopes_by_node.shrink_to_fit();
+
+        SemanticIndex {
+            symbol_tables,
+            scopes: self.scopes,
+            definitions_by_node: self.definitions_by_node,
+            expressions_by_node: self.expressions_by_node,
+            scope_ids_by_scope: self.scope_ids_by_scope,
+            ast_ids,
+            scopes_by_expression: self.scopes_by_expression,
+            scopes_by_node: self.scopes_by_node,
+            use_def_maps,
+        }
+    }
+}
+
+impl<'db, 'ast> Visitor<'ast> for SemanticIndexBuilder<'db>
+where
+    'ast: 'db,
+{
+    fn visit_stmt(&mut self, stmt: &'ast ast::Stmt) {
+        match stmt {
+            ast::Stmt::FunctionDef(function_def) => {
+                for decorator in &function_def.decorator_list {
+                    self.visit_decorator(decorator);
+                }
+
+                let symbol = self
+                    .add_or_update_symbol(function_def.name.id.clone(), SymbolFlags::IS_DEFINED);
+                self.add_definition(symbol, function_def);
+
+                self.with_type_params(
+                    NodeWithScopeRef::FunctionTypeParameters(function_def),
+                    function_def.type_params.as_deref(),
+                    |builder| {
+                        builder.visit_parameters(&function_def.parameters);
+                        if let Some(expr) = &function_def.returns {
+                            builder.visit_annotation(expr);
+                        }
+
+                        builder.push_scope(NodeWithScopeRef::Function(function_def));
+                        builder.visit_body(&function_def.body);
+                        builder.pop_scope()
+                    },
+                );
+            }
+            ast::Stmt::ClassDef(class) => {
+                for decorator in &class.decorator_list {
+                    self.visit_decorator(decorator);
+                }
+
+                let symbol =
+                    self.add_or_update_symbol(class.name.id.clone(), SymbolFlags::IS_DEFINED);
+                self.add_definition(symbol, class);
+
+                self.with_type_params(
+                    NodeWithScopeRef::ClassTypeParameters(class),
+                    class.type_params.as_deref(),
+                    |builder| {
+                        if let Some(arguments) = &class.arguments {
+                            builder.visit_arguments(arguments);
+                        }
+
+                        builder.push_scope(NodeWithScopeRef::Class(class));
+                        builder.visit_body(&class.body);
+
+                        builder.pop_scope()
+                    },
+                );
+            }
+            ast::Stmt::Import(node) => {
+                for alias in &node.names {
+                    let symbol_name = if let Some(asname) = &alias.asname {
+                        asname.id.clone()
+                    } else {
+                        Name::new(alias.name.id.split('.').next().unwrap())
+                    };
+
+                    let symbol = self.add_or_update_symbol(symbol_name, SymbolFlags::IS_DEFINED);
+                    self.add_definition(symbol, alias);
+                }
+            }
+            ast::Stmt::ImportFrom(node) => {
+                for (alias_index, alias) in node.names.iter().enumerate() {
+                    let symbol_name = if let Some(asname) = &alias.asname {
+                        &asname.id
+                    } else {
+                        &alias.name.id
+                    };
+
+                    let symbol =
+                        self.add_or_update_symbol(symbol_name.clone(), SymbolFlags::IS_DEFINED);
+                    self.add_definition(symbol, ImportFromDefinitionNodeRef { node, alias_index });
+                }
+            }
+            ast::Stmt::Assign(node) => {
+                debug_assert!(self.current_assignment.is_none());
+                self.visit_expr(&node.value);
+                self.add_standalone_expression(&node.value);
+                self.current_assignment = Some(node.into());
+                for target in &node.targets {
+                    self.visit_expr(target);
+                }
+                self.current_assignment = None;
+            }
+            ast::Stmt::AnnAssign(node) => {
+                debug_assert!(self.current_assignment.is_none());
+                // TODO deferred annotation visiting
+                self.visit_expr(&node.annotation);
+                if let Some(value) = &node.value {
+                    self.visit_expr(value);
+                }
+                self.current_assignment = Some(node.into());
+                self.visit_expr(&node.target);
+                self.current_assignment = None;
+            }
+            ast::Stmt::If(node) => {
+                self.visit_expr(&node.test);
+                let pre_if = self.flow_snapshot();
+                self.visit_body(&node.body);
+                let mut post_clauses: Vec<FlowSnapshot> = vec![];
+                for clause in &node.elif_else_clauses {
+                    // snapshot after every block except the last; the last one will just become
+                    // the state that we merge the other snapshots into
+                    post_clauses.push(self.flow_snapshot());
+                    // we can only take an elif/else branch if none of the previous ones were
+                    // taken, so the block entry state is always `pre_if`
+                    self.flow_restore(pre_if.clone());
+                    self.visit_elif_else_clause(clause);
+                }
+                for post_clause_state in post_clauses {
+                    self.flow_merge(&post_clause_state);
+                }
+                let has_else = node
+                    .elif_else_clauses
+                    .last()
+                    .is_some_and(|clause| clause.test.is_none());
+                if !has_else {
+                    // if there's no else clause, then it's possible we took none of the branches,
+                    // and the pre_if state can reach here
+                    self.flow_merge(&pre_if);
+                }
+            }
+            ast::Stmt::While(node) => {
+                self.visit_expr(&node.test);
+
+                let pre_loop = self.flow_snapshot();
+
+                // Save aside any break states from an outer loop
+                let saved_break_states = std::mem::take(&mut self.loop_break_states);
+                self.visit_body(&node.body);
+                // Get the break states from the body of this loop, and restore the saved outer
+                // ones.
+                let break_states =
+                    std::mem::replace(&mut self.loop_break_states, saved_break_states);
+
+                // We may execute the `else` clause without ever executing the body, so merge in
+                // the pre-loop state before visiting `else`.
+                self.flow_merge(&pre_loop);
+                self.visit_body(&node.orelse);
+
+                // Breaking out of a while loop bypasses the `else` clause, so merge in the break
+                // states after visiting `else`.
+                for break_state in break_states {
+                    self.flow_merge(&break_state);
+                }
+            }
+            ast::Stmt::Break(_) => {
+                self.loop_break_states.push(self.flow_snapshot());
+            }
+            _ => {
+                walk_stmt(self, stmt);
+            }
+        }
+    }
+
+    fn visit_expr(&mut self, expr: &'ast ast::Expr) {
+        self.scopes_by_expression
+            .insert(expr.into(), self.current_scope());
+        self.current_ast_ids().record_expression(expr);
+
+        match expr {
+            ast::Expr::Name(name_node @ ast::ExprName { id, ctx, .. }) => {
+                let flags = match ctx {
+                    ast::ExprContext::Load => SymbolFlags::IS_USED,
+                    ast::ExprContext::Store => SymbolFlags::IS_DEFINED,
+                    ast::ExprContext::Del => SymbolFlags::IS_DEFINED,
+                    ast::ExprContext::Invalid => SymbolFlags::empty(),
+                };
+                let symbol = self.add_or_update_symbol(id.clone(), flags);
+                if flags.contains(SymbolFlags::IS_DEFINED) {
+                    match self.current_assignment {
+                        Some(CurrentAssignment::Assign(assignment)) => {
+                            self.add_definition(
+                                symbol,
+                                AssignmentDefinitionNodeRef {
+                                    assignment,
+                                    target: name_node,
+                                },
+                            );
+                        }
+                        Some(CurrentAssignment::AnnAssign(ann_assign)) => {
+                            self.add_definition(symbol, ann_assign);
+                        }
+                        Some(CurrentAssignment::Named(named)) => {
+                            // TODO(dhruvmanila): If the current scope is a comprehension, then the
+                            // named expression is implicitly nonlocal. This is yet to be
+                            // implemented.
+                            self.add_definition(symbol, named);
+                        }
+                        Some(CurrentAssignment::Comprehension { node, first }) => {
+                            self.add_definition(
+                                symbol,
+                                ComprehensionDefinitionNodeRef { node, first },
+                            );
+                        }
+                        None => {}
+                    }
+                }
+
+                if flags.contains(SymbolFlags::IS_USED) {
+                    let use_id = self.current_ast_ids().record_use(expr);
+                    self.current_use_def_map_mut().record_use(symbol, use_id);
+                }
+
+                walk_expr(self, expr);
+            }
+            ast::Expr::Named(node) => {
+                debug_assert!(self.current_assignment.is_none());
+                self.current_assignment = Some(node.into());
+                // TODO walrus in comprehensions is implicitly nonlocal
+                self.visit_expr(&node.target);
+                self.current_assignment = None;
+                self.visit_expr(&node.value);
+            }
+            ast::Expr::Lambda(lambda) => {
+                if let Some(parameters) = &lambda.parameters {
+                    self.visit_parameters(parameters);
+                }
+                self.push_scope(NodeWithScopeRef::Lambda(lambda));
+                self.visit_expr(lambda.body.as_ref());
+            }
+            ast::Expr::If(ast::ExprIf {
+                body, test, orelse, ..
+            }) => {
+                // TODO detect statically known truthy or falsy test (via type inference, not naive
+                // AST inspection, so we can't simplify here, need to record test expression for
+                // later checking)
+                self.visit_expr(test);
+                let pre_if = self.flow_snapshot();
+                self.visit_expr(body);
+                let post_body = self.flow_snapshot();
+                self.flow_restore(pre_if);
+                self.visit_expr(orelse);
+                self.flow_merge(&post_body);
+            }
+            ast::Expr::ListComp(
+                list_comprehension @ ast::ExprListComp {
+                    elt, generators, ..
+                },
+            ) => {
+                self.visit_generators(
+                    NodeWithScopeRef::ListComprehension(list_comprehension),
+                    generators,
+                );
+                self.visit_expr(elt);
+            }
+            ast::Expr::SetComp(
+                set_comprehension @ ast::ExprSetComp {
+                    elt, generators, ..
+                },
+            ) => {
+                self.visit_generators(
+                    NodeWithScopeRef::SetComprehension(set_comprehension),
+                    generators,
+                );
+                self.visit_expr(elt);
+            }
+            ast::Expr::Generator(
+                generator @ ast::ExprGenerator {
+                    elt, generators, ..
+                },
+            ) => {
+                self.visit_generators(NodeWithScopeRef::GeneratorExpression(generator), generators);
+                self.visit_expr(elt);
+            }
+            ast::Expr::DictComp(
+                dict_comprehension @ ast::ExprDictComp {
+                    key,
+                    value,
+                    generators,
+                    ..
+                },
+            ) => {
+                self.visit_generators(
+                    NodeWithScopeRef::DictComprehension(dict_comprehension),
+                    generators,
+                );
+                self.visit_expr(key);
+                self.visit_expr(value);
+            }
+            _ => {
+                walk_expr(self, expr);
+            }
+        }
+
+        if matches!(
+            expr,
+            ast::Expr::Lambda(_)
+                | ast::Expr::ListComp(_)
+                | ast::Expr::SetComp(_)
+                | ast::Expr::Generator(_)
+                | ast::Expr::DictComp(_)
+        ) {
+            self.pop_scope();
+        }
+    }
+}
+
+#[derive(Copy, Clone, Debug)]
+enum CurrentAssignment<'a> {
+    Assign(&'a ast::StmtAssign),
+    AnnAssign(&'a ast::StmtAnnAssign),
+    Named(&'a ast::ExprNamed),
+    Comprehension {
+        node: &'a ast::Comprehension,
+        first: bool,
+    },
+}
+
+impl<'a> From<&'a ast::StmtAssign> for CurrentAssignment<'a> {
+    fn from(value: &'a ast::StmtAssign) -> Self {
+        Self::Assign(value)
+    }
+}
+
+impl<'a> From<&'a ast::StmtAnnAssign> for CurrentAssignment<'a> {
+    fn from(value: &'a ast::StmtAnnAssign) -> Self {
+        Self::AnnAssign(value)
+    }
+}
+
+impl<'a> From<&'a ast::ExprNamed> for CurrentAssignment<'a> {
+    fn from(value: &'a ast::ExprNamed) -> Self {
+        Self::Named(value)
+    }
+}
--- a/crates/red_knot_python_semantic/src/semantic_index/definition.rs
+++ b/crates/red_knot_python_semantic/src/semantic_index/definition.rs
@@ -0,0 +1,275 @@
+use ruff_db::files::File;
+use ruff_db::parsed::ParsedModule;
+use ruff_python_ast as ast;
+
+use crate::ast_node_ref::AstNodeRef;
+use crate::node_key::NodeKey;
+use crate::semantic_index::symbol::{FileScopeId, ScopeId, ScopedSymbolId};
+use crate::Db;
+
+#[salsa::tracked]
+pub struct Definition<'db> {
+    /// The file in which the definition occurs.
+    #[id]
+    pub(crate) file: File,
+
+    /// The scope in which the definition occurs.
+    #[id]
+    pub(crate) file_scope: FileScopeId,
+
+    /// The symbol defined.
+    #[id]
+    pub(crate) symbol: ScopedSymbolId,
+
+    #[no_eq]
+    #[return_ref]
+    pub(crate) node: DefinitionKind,
+
+    #[no_eq]
+    count: countme::Count<Definition<'static>>,
+}
+
+impl<'db> Definition<'db> {
+    pub(crate) fn scope(self, db: &'db dyn Db) -> ScopeId<'db> {
+        self.file_scope(db).to_scope_id(db, self.file(db))
+    }
+}
+
+#[derive(Copy, Clone, Debug)]
+pub(crate) enum DefinitionNodeRef<'a> {
+    Import(&'a ast::Alias),
+    ImportFrom(ImportFromDefinitionNodeRef<'a>),
+    Function(&'a ast::StmtFunctionDef),
+    Class(&'a ast::StmtClassDef),
+    NamedExpression(&'a ast::ExprNamed),
+    Assignment(AssignmentDefinitionNodeRef<'a>),
+    AnnotatedAssignment(&'a ast::StmtAnnAssign),
+    Comprehension(ComprehensionDefinitionNodeRef<'a>),
+}
+
+impl<'a> From<&'a ast::StmtFunctionDef> for DefinitionNodeRef<'a> {
+    fn from(node: &'a ast::StmtFunctionDef) -> Self {
+        Self::Function(node)
+    }
+}
+
+impl<'a> From<&'a ast::StmtClassDef> for DefinitionNodeRef<'a> {
+    fn from(node: &'a ast::StmtClassDef) -> Self {
+        Self::Class(node)
+    }
+}
+
+impl<'a> From<&'a ast::ExprNamed> for DefinitionNodeRef<'a> {
+    fn from(node: &'a ast::ExprNamed) -> Self {
+        Self::NamedExpression(node)
+    }
+}
+
+impl<'a> From<&'a ast::StmtAnnAssign> for DefinitionNodeRef<'a> {
+    fn from(node: &'a ast::StmtAnnAssign) -> Self {
+        Self::AnnotatedAssignment(node)
+    }
+}
+
+impl<'a> From<&'a ast::Alias> for DefinitionNodeRef<'a> {
+    fn from(node_ref: &'a ast::Alias) -> Self {
+        Self::Import(node_ref)
+    }
+}
+
+impl<'a> From<ImportFromDefinitionNodeRef<'a>> for DefinitionNodeRef<'a> {
+    fn from(node_ref: ImportFromDefinitionNodeRef<'a>) -> Self {
+        Self::ImportFrom(node_ref)
+    }
+}
+
+impl<'a> From<AssignmentDefinitionNodeRef<'a>> for DefinitionNodeRef<'a> {
+    fn from(node_ref: AssignmentDefinitionNodeRef<'a>) -> Self {
+        Self::Assignment(node_ref)
+    }
+}
+
+impl<'a> From<ComprehensionDefinitionNodeRef<'a>> for DefinitionNodeRef<'a> {
+    fn from(node: ComprehensionDefinitionNodeRef<'a>) -> Self {
+        Self::Comprehension(node)
+    }
+}
+
+#[derive(Copy, Clone, Debug)]
+pub(crate) struct ImportFromDefinitionNodeRef<'a> {
+    pub(crate) node: &'a ast::StmtImportFrom,
+    pub(crate) alias_index: usize,
+}
+
+#[derive(Copy, Clone, Debug)]
+pub(crate) struct AssignmentDefinitionNodeRef<'a> {
+    pub(crate) assignment: &'a ast::StmtAssign,
+    pub(crate) target: &'a ast::ExprName,
+}
+
+#[derive(Copy, Clone, Debug)]
+pub(crate) struct ComprehensionDefinitionNodeRef<'a> {
+    pub(crate) node: &'a ast::Comprehension,
+    pub(crate) first: bool,
+}
+
+impl DefinitionNodeRef<'_> {
+    #[allow(unsafe_code)]
+    pub(super) unsafe fn into_owned(self, parsed: ParsedModule) -> DefinitionKind {
+        match self {
+            DefinitionNodeRef::Import(alias) => {
+                DefinitionKind::Import(AstNodeRef::new(parsed, alias))
+            }
+            DefinitionNodeRef::ImportFrom(ImportFromDefinitionNodeRef { node, alias_index }) => {
+                DefinitionKind::ImportFrom(ImportFromDefinitionKind {
+                    node: AstNodeRef::new(parsed, node),
+                    alias_index,
+                })
+            }
+            DefinitionNodeRef::Function(function) => {
+                DefinitionKind::Function(AstNodeRef::new(parsed, function))
+            }
+            DefinitionNodeRef::Class(class) => {
+                DefinitionKind::Class(AstNodeRef::new(parsed, class))
+            }
+            DefinitionNodeRef::NamedExpression(named) => {
+                DefinitionKind::NamedExpression(AstNodeRef::new(parsed, named))
+            }
+            DefinitionNodeRef::Assignment(AssignmentDefinitionNodeRef { assignment, target }) => {
+                DefinitionKind::Assignment(AssignmentDefinitionKind {
+                    assignment: AstNodeRef::new(parsed.clone(), assignment),
+                    target: AstNodeRef::new(parsed, target),
+                })
+            }
+            DefinitionNodeRef::AnnotatedAssignment(assign) => {
+                DefinitionKind::AnnotatedAssignment(AstNodeRef::new(parsed, assign))
+            }
+            DefinitionNodeRef::Comprehension(ComprehensionDefinitionNodeRef { node, first }) => {
+                DefinitionKind::Comprehension(ComprehensionDefinitionKind {
+                    node: AstNodeRef::new(parsed, node),
+                    first,
+                })
+            }
+        }
+    }
+
+    pub(super) fn key(self) -> DefinitionNodeKey {
+        match self {
+            Self::Import(node) => node.into(),
+            Self::ImportFrom(ImportFromDefinitionNodeRef { node, alias_index }) => {
+                (&node.names[alias_index]).into()
+            }
+            Self::Function(node) => node.into(),
+            Self::Class(node) => node.into(),
+            Self::NamedExpression(node) => node.into(),
+            Self::Assignment(AssignmentDefinitionNodeRef {
+                assignment: _,
+                target,
+            }) => target.into(),
+            Self::AnnotatedAssignment(node) => node.into(),
+            Self::Comprehension(ComprehensionDefinitionNodeRef { node, first: _ }) => node.into(),
+        }
+    }
+}
+
+#[derive(Clone, Debug)]
+pub enum DefinitionKind {
+    Import(AstNodeRef<ast::Alias>),
+    ImportFrom(ImportFromDefinitionKind),
+    Function(AstNodeRef<ast::StmtFunctionDef>),
+    Class(AstNodeRef<ast::StmtClassDef>),
+    NamedExpression(AstNodeRef<ast::ExprNamed>),
+    Assignment(AssignmentDefinitionKind),
+    AnnotatedAssignment(AstNodeRef<ast::StmtAnnAssign>),
+    Comprehension(ComprehensionDefinitionKind),
+}
+
+#[derive(Clone, Debug)]
+pub struct ComprehensionDefinitionKind {
+    node: AstNodeRef<ast::Comprehension>,
+    first: bool,
+}
+
+impl ComprehensionDefinitionKind {
+    pub(crate) fn node(&self) -> &ast::Comprehension {
+        self.node.node()
+    }
+
+    pub(crate) fn is_first(&self) -> bool {
+        self.first
+    }
+}
+
+#[derive(Clone, Debug)]
+pub struct ImportFromDefinitionKind {
+    node: AstNodeRef<ast::StmtImportFrom>,
+    alias_index: usize,
+}
+
+impl ImportFromDefinitionKind {
+    pub(crate) fn import(&self) -> &ast::StmtImportFrom {
+        self.node.node()
+    }
+
+    pub(crate) fn alias(&self) -> &ast::Alias {
+        &self.node.node().names[self.alias_index]
+    }
+}
+
+#[derive(Clone, Debug)]
+#[allow(dead_code)]
+pub struct AssignmentDefinitionKind {
+    assignment: AstNodeRef<ast::StmtAssign>,
+    target: AstNodeRef<ast::ExprName>,
+}
+
+impl AssignmentDefinitionKind {
+    pub(crate) fn assignment(&self) -> &ast::StmtAssign {
+        self.assignment.node()
+    }
+}
+
+#[derive(Copy, Clone, Eq, PartialEq, Hash, Debug)]
+pub(crate) struct DefinitionNodeKey(NodeKey);
+
+impl From<&ast::Alias> for DefinitionNodeKey {
+    fn from(node: &ast::Alias) -> Self {
+        Self(NodeKey::from_node(node))
+    }
+}
+
+impl From<&ast::StmtFunctionDef> for DefinitionNodeKey {
+    fn from(node: &ast::StmtFunctionDef) -> Self {
+        Self(NodeKey::from_node(node))
+    }
+}
+
+impl From<&ast::StmtClassDef> for DefinitionNodeKey {
+    fn from(node: &ast::StmtClassDef) -> Self {
+        Self(NodeKey::from_node(node))
+    }
+}
+
+impl From<&ast::ExprName> for DefinitionNodeKey {
+    fn from(node: &ast::ExprName) -> Self {
+        Self(NodeKey::from_node(node))
+    }
+}
+
+impl From<&ast::ExprNamed> for DefinitionNodeKey {
+    fn from(node: &ast::ExprNamed) -> Self {
+        Self(NodeKey::from_node(node))
+    }
+}
+
+impl From<&ast::StmtAnnAssign> for DefinitionNodeKey {
+    fn from(node: &ast::StmtAnnAssign) -> Self {
+        Self(NodeKey::from_node(node))
+    }
+}
+
+impl From<&ast::Comprehension> for DefinitionNodeKey {
+    fn from(node: &ast::Comprehension) -> Self {
+        Self(NodeKey::from_node(node))
+    }
+}
--- a/crates/red_knot_python_semantic/src/semantic_index/expression.rs
+++ b/crates/red_knot_python_semantic/src/semantic_index/expression.rs
@@ -0,0 +1,34 @@
+use crate::ast_node_ref::AstNodeRef;
+use crate::db::Db;
+use crate::semantic_index::symbol::{FileScopeId, ScopeId};
+use ruff_db::files::File;
+use ruff_python_ast as ast;
+use salsa;
+
+/// An independently type-inferable expression.
+///
+/// Includes constraint expressions (e.g. if tests) and the RHS of an unpacking assignment.
+#[salsa::tracked]
+pub(crate) struct Expression<'db> {
+    /// The file in which the expression occurs.
+    #[id]
+    pub(crate) file: File,
+
+    /// The scope in which the expression occurs.
+    #[id]
+    pub(crate) file_scope: FileScopeId,
+
+    /// The expression node.
+    #[no_eq]
+    #[return_ref]
+    pub(crate) node: AstNodeRef<ast::Expr>,
+
+    #[no_eq]
+    count: countme::Count<Expression<'static>>,
+}
+
+impl<'db> Expression<'db> {
+    pub(crate) fn scope(self, db: &'db dyn Db) -> ScopeId<'db> {
+        self.file_scope(db).to_scope_id(db, self.file(db))
+    }
+}
--- a/crates/red_knot_python_semantic/src/semantic_index/symbol.rs
+++ b/crates/red_knot_python_semantic/src/semantic_index/symbol.rs
@@ -0,0 +1,437 @@
+use std::hash::{Hash, Hasher};
+use std::ops::Range;
+
+use bitflags::bitflags;
+use hashbrown::hash_map::RawEntryMut;
+use ruff_db::files::File;
+use ruff_db::parsed::ParsedModule;
+use ruff_index::{newtype_index, IndexVec};
+use ruff_python_ast::name::Name;
+use ruff_python_ast::{self as ast};
+use rustc_hash::FxHasher;
+
+use crate::ast_node_ref::AstNodeRef;
+use crate::node_key::NodeKey;
+use crate::semantic_index::{semantic_index, SymbolMap};
+use crate::Db;
+
+#[derive(Eq, PartialEq, Debug)]
+pub struct Symbol {
+    name: Name,
+    flags: SymbolFlags,
+}
+
+impl Symbol {
+    fn new(name: Name) -> Self {
+        Self {
+            name,
+            flags: SymbolFlags::empty(),
+        }
+    }
+
+    fn insert_flags(&mut self, flags: SymbolFlags) {
+        self.flags.insert(flags);
+    }
+
+    /// The symbol's name.
+    pub fn name(&self) -> &Name {
+        &self.name
+    }
+
+    /// Is the symbol used in its containing scope?
+    pub fn is_used(&self) -> bool {
+        self.flags.contains(SymbolFlags::IS_USED)
+    }
+
+    /// Is the symbol defined in its containing scope?
+    pub fn is_defined(&self) -> bool {
+        self.flags.contains(SymbolFlags::IS_DEFINED)
+    }
+}
+
+bitflags! {
+    #[derive(Copy, Clone, Debug, Eq, PartialEq)]
+    pub(super) struct SymbolFlags: u8 {
+        const IS_USED         = 1 << 0;
+        const IS_DEFINED      = 1 << 1;
+        /// TODO: This flag is not yet set by anything
+        const MARKED_GLOBAL   = 1 << 2;
+        /// TODO: This flag is not yet set by anything
+        const MARKED_NONLOCAL = 1 << 3;
+    }
+}
+
+/// ID that uniquely identifies a symbol in a file.
+#[derive(Copy, Clone, Debug, Eq, PartialEq, Hash)]
+pub struct FileSymbolId {
+    scope: FileScopeId,
+    scoped_symbol_id: ScopedSymbolId,
+}
+
+impl FileSymbolId {
+    pub fn scope(self) -> FileScopeId {
+        self.scope
+    }
+
+    pub(crate) fn scoped_symbol_id(self) -> ScopedSymbolId {
+        self.scoped_symbol_id
+    }
+}
+
+impl From<FileSymbolId> for ScopedSymbolId {
+    fn from(val: FileSymbolId) -> Self {
+        val.scoped_symbol_id()
+    }
+}
+
+/// Symbol ID that uniquely identifies a symbol inside a [`Scope`].
+#[newtype_index]
+pub struct ScopedSymbolId;
+
+/// A cross-module identifier of a scope that can be used as a salsa query parameter.
+#[salsa::tracked]
+pub struct ScopeId<'db> {
+    #[id]
+    pub file: File,
+    #[id]
+    pub file_scope_id: FileScopeId,
+
+    /// The node that introduces this scope.
+    #[no_eq]
+    #[return_ref]
+    pub node: NodeWithScopeKind,
+
+    #[no_eq]
+    count: countme::Count<ScopeId<'static>>,
+}
+
+impl<'db> ScopeId<'db> {
+    pub(crate) fn is_function_like(self, db: &'db dyn Db) -> bool {
+        // Type parameter scopes behave like function scopes in terms of name resolution; CPython
+        // symbol table also uses the term "function-like" for these scopes.
+        matches!(
+            self.node(db),
+            NodeWithScopeKind::ClassTypeParameters(_)
+                | NodeWithScopeKind::FunctionTypeParameters(_)
+                | NodeWithScopeKind::Function(_)
+                | NodeWithScopeKind::ListComprehension(_)
+                | NodeWithScopeKind::SetComprehension(_)
+                | NodeWithScopeKind::DictComprehension(_)
+                | NodeWithScopeKind::GeneratorExpression(_)
+        )
+    }
+
+    #[cfg(test)]
+    pub(crate) fn name(self, db: &'db dyn Db) -> &'db str {
+        match self.node(db) {
+            NodeWithScopeKind::Module => "<module>",
+            NodeWithScopeKind::Class(class) | NodeWithScopeKind::ClassTypeParameters(class) => {
+                class.name.as_str()
+            }
+            NodeWithScopeKind::Function(function)
+            | NodeWithScopeKind::FunctionTypeParameters(function) => function.name.as_str(),
+            NodeWithScopeKind::Lambda(_) => "<lambda>",
+            NodeWithScopeKind::ListComprehension(_) => "<listcomp>",
+            NodeWithScopeKind::SetComprehension(_) => "<setcomp>",
+            NodeWithScopeKind::DictComprehension(_) => "<dictcomp>",
+            NodeWithScopeKind::GeneratorExpression(_) => "<generator>",
+        }
+    }
+}
+
+/// ID that uniquely identifies a scope inside of a module.
+#[newtype_index]
+pub struct FileScopeId;
+
+impl FileScopeId {
+    /// Returns the scope id of the module-global scope.
+    pub fn global() -> Self {
+        FileScopeId::from_u32(0)
+    }
+
+    pub fn to_scope_id(self, db: &dyn Db, file: File) -> ScopeId<'_> {
+        let index = semantic_index(db, file);
+        index.scope_ids_by_scope[self]
+    }
+}
+
+#[derive(Debug, Eq, PartialEq)]
+pub struct Scope {
+    pub(super) parent: Option<FileScopeId>,
+    pub(super) kind: ScopeKind,
+    pub(super) descendents: Range<FileScopeId>,
+}
+
+impl Scope {
+    pub fn parent(self) -> Option<FileScopeId> {
+        self.parent
+    }
+
+    pub fn kind(&self) -> ScopeKind {
+        self.kind
+    }
+}
+
+#[derive(Copy, Clone, Debug, PartialEq, Eq)]
+pub enum ScopeKind {
+    Module,
+    Annotation,
+    Class,
+    Function,
+    Comprehension,
+}
+
+impl ScopeKind {
+    pub const fn is_comprehension(self) -> bool {
+        matches!(self, ScopeKind::Comprehension)
+    }
+}
+
+/// Symbol table for a specific [`Scope`].
+#[derive(Debug)]
+pub struct SymbolTable {
+    /// The symbols in this scope.
+    symbols: IndexVec<ScopedSymbolId, Symbol>,
+
+    /// The symbols indexed by name.
+    symbols_by_name: SymbolMap,
+}
+
+impl SymbolTable {
+    fn new() -> Self {
+        Self {
+            symbols: IndexVec::new(),
+            symbols_by_name: SymbolMap::default(),
+        }
+    }
+
+    fn shrink_to_fit(&mut self) {
+        self.symbols.shrink_to_fit();
+    }
+
+    pub(crate) fn symbol(&self, symbol_id: impl Into<ScopedSymbolId>) -> &Symbol {
+        &self.symbols[symbol_id.into()]
+    }
+
+    #[allow(unused)]
+    pub(crate) fn symbol_ids(&self) -> impl Iterator<Item = ScopedSymbolId> {
+        self.symbols.indices()
+    }
+
+    pub fn symbols(&self) -> impl Iterator<Item = &Symbol> {
+        self.symbols.iter()
+    }
+
+    /// Returns the symbol named `name`.
+    pub(crate) fn symbol_by_name(&self, name: &str) -> Option<&Symbol> {
+        let id = self.symbol_id_by_name(name)?;
+        Some(self.symbol(id))
+    }
+
+    /// Returns the [`ScopedSymbolId`] of the symbol named `name`.
+    pub(crate) fn symbol_id_by_name(&self, name: &str) -> Option<ScopedSymbolId> {
+        let (id, ()) = self
+            .symbols_by_name
+            .raw_entry()
+            .from_hash(Self::hash_name(name), |id| {
+                self.symbol(*id).name().as_str() == name
+            })?;
+
+        Some(*id)
+    }
+
+    fn hash_name(name: &str) -> u64 {
+        let mut hasher = FxHasher::default();
+        name.hash(&mut hasher);
+        hasher.finish()
+    }
+}
+
+impl PartialEq for SymbolTable {
+    fn eq(&self, other: &Self) -> bool {
+        // We don't need to compare the symbols_by_name because the name is already captured in `Symbol`.
+        self.symbols == other.symbols
+    }
+}
+
+impl Eq for SymbolTable {}
+
+#[derive(Debug)]
+pub(super) struct SymbolTableBuilder {
+    table: SymbolTable,
+}
+
+impl SymbolTableBuilder {
+    pub(super) fn new() -> Self {
+        Self {
+            table: SymbolTable::new(),
+        }
+    }
+
+    pub(super) fn add_or_update_symbol(
+        &mut self,
+        name: Name,
+        flags: SymbolFlags,
+    ) -> (ScopedSymbolId, bool) {
+        let hash = SymbolTable::hash_name(&name);
+        let entry = self
+            .table
+            .symbols_by_name
+            .raw_entry_mut()
+            .from_hash(hash, |id| self.table.symbols[*id].name() == &name);
+
+        match entry {
+            RawEntryMut::Occupied(entry) => {
+                let symbol = &mut self.table.symbols[*entry.key()];
+                symbol.insert_flags(flags);
+
+                (*entry.key(), false)
+            }
+            RawEntryMut::Vacant(entry) => {
+                let mut symbol = Symbol::new(name);
+                symbol.insert_flags(flags);
+
+                let id = self.table.symbols.push(symbol);
+                entry.insert_with_hasher(hash, id, (), |id| {
+                    SymbolTable::hash_name(self.table.symbols[*id].name().as_str())
+                });
+                (id, true)
+            }
+        }
+    }
+
+    pub(super) fn finish(mut self) -> SymbolTable {
+        self.table.shrink_to_fit();
+        self.table
+    }
+}
+
+/// Reference to a node that introduces a new scope.
+#[derive(Copy, Clone, Debug)]
+pub(crate) enum NodeWithScopeRef<'a> {
+    Module,
+    Class(&'a ast::StmtClassDef),
+    Function(&'a ast::StmtFunctionDef),
+    Lambda(&'a ast::ExprLambda),
+    FunctionTypeParameters(&'a ast::StmtFunctionDef),
+    ClassTypeParameters(&'a ast::StmtClassDef),
+    ListComprehension(&'a ast::ExprListComp),
+    SetComprehension(&'a ast::ExprSetComp),
+    DictComprehension(&'a ast::ExprDictComp),
+    GeneratorExpression(&'a ast::ExprGenerator),
+}
+
+impl NodeWithScopeRef<'_> {
+    /// Converts the unowned reference to an owned [`NodeWithScopeKind`].
+    ///
+    /// # Safety
+    /// The node wrapped by `self` must be a child of `module`.
+    #[allow(unsafe_code)]
+    pub(super) unsafe fn to_kind(self, module: ParsedModule) -> NodeWithScopeKind {
+        match self {
+            NodeWithScopeRef::Module => NodeWithScopeKind::Module,
+            NodeWithScopeRef::Class(class) => {
+                NodeWithScopeKind::Class(AstNodeRef::new(module, class))
+            }
+            NodeWithScopeRef::Function(function) => {
+                NodeWithScopeKind::Function(AstNodeRef::new(module, function))
+            }
+            NodeWithScopeRef::Lambda(lambda) => {
+                NodeWithScopeKind::Lambda(AstNodeRef::new(module, lambda))
+            }
+            NodeWithScopeRef::FunctionTypeParameters(function) => {
+                NodeWithScopeKind::FunctionTypeParameters(AstNodeRef::new(module, function))
+            }
+            NodeWithScopeRef::ClassTypeParameters(class) => {
+                NodeWithScopeKind::ClassTypeParameters(AstNodeRef::new(module, class))
+            }
+            NodeWithScopeRef::ListComprehension(comprehension) => {
+                NodeWithScopeKind::ListComprehension(AstNodeRef::new(module, comprehension))
+            }
+            NodeWithScopeRef::SetComprehension(comprehension) => {
+                NodeWithScopeKind::SetComprehension(AstNodeRef::new(module, comprehension))
+            }
+            NodeWithScopeRef::DictComprehension(comprehension) => {
+                NodeWithScopeKind::DictComprehension(AstNodeRef::new(module, comprehension))
+            }
+            NodeWithScopeRef::GeneratorExpression(generator) => {
+                NodeWithScopeKind::GeneratorExpression(AstNodeRef::new(module, generator))
+            }
+        }
+    }
+
+    pub(super) fn scope_kind(self) -> ScopeKind {
+        match self {
+            NodeWithScopeRef::Module => ScopeKind::Module,
+            NodeWithScopeRef::Class(_) => ScopeKind::Class,
+            NodeWithScopeRef::Function(_) => ScopeKind::Function,
+            NodeWithScopeRef::Lambda(_) => ScopeKind::Function,
+            NodeWithScopeRef::FunctionTypeParameters(_)
+            | NodeWithScopeRef::ClassTypeParameters(_) => ScopeKind::Annotation,
+            NodeWithScopeRef::ListComprehension(_)
+            | NodeWithScopeRef::SetComprehension(_)
+            | NodeWithScopeRef::DictComprehension(_)
+            | NodeWithScopeRef::GeneratorExpression(_) => ScopeKind::Comprehension,
+        }
+    }
+
+    pub(crate) fn node_key(self) -> NodeWithScopeKey {
+        match self {
+            NodeWithScopeRef::Module => NodeWithScopeKey::Module,
+            NodeWithScopeRef::Class(class) => NodeWithScopeKey::Class(NodeKey::from_node(class)),
+            NodeWithScopeRef::Function(function) => {
+                NodeWithScopeKey::Function(NodeKey::from_node(function))
+            }
+            NodeWithScopeRef::Lambda(lambda) => {
+                NodeWithScopeKey::Lambda(NodeKey::from_node(lambda))
+            }
+            NodeWithScopeRef::FunctionTypeParameters(function) => {
+                NodeWithScopeKey::FunctionTypeParameters(NodeKey::from_node(function))
+            }
+            NodeWithScopeRef::ClassTypeParameters(class) => {
+                NodeWithScopeKey::ClassTypeParameters(NodeKey::from_node(class))
+            }
+            NodeWithScopeRef::ListComprehension(comprehension) => {
+                NodeWithScopeKey::ListComprehension(NodeKey::from_node(comprehension))
+            }
+            NodeWithScopeRef::SetComprehension(comprehension) => {
+                NodeWithScopeKey::SetComprehension(NodeKey::from_node(comprehension))
+            }
+            NodeWithScopeRef::DictComprehension(comprehension) => {
+                NodeWithScopeKey::DictComprehension(NodeKey::from_node(comprehension))
+            }
+            NodeWithScopeRef::GeneratorExpression(generator) => {
+                NodeWithScopeKey::GeneratorExpression(NodeKey::from_node(generator))
+            }
+        }
+    }
+}
+
+/// Node that introduces a new scope.
+#[derive(Clone, Debug)]
+pub enum NodeWithScopeKind {
+    Module,
+    Class(AstNodeRef<ast::StmtClassDef>),
+    ClassTypeParameters(AstNodeRef<ast::StmtClassDef>),
+    Function(AstNodeRef<ast::StmtFunctionDef>),
+    FunctionTypeParameters(AstNodeRef<ast::StmtFunctionDef>),
+    Lambda(AstNodeRef<ast::ExprLambda>),
+    ListComprehension(AstNodeRef<ast::ExprListComp>),
+    SetComprehension(AstNodeRef<ast::ExprSetComp>),
+    DictComprehension(AstNodeRef<ast::ExprDictComp>),
+    GeneratorExpression(AstNodeRef<ast::ExprGenerator>),
+}
+
+#[derive(Copy, Clone, Debug, Eq, PartialEq, Hash)]
+pub(crate) enum NodeWithScopeKey {
+    Module,
+    Class(NodeKey),
+    ClassTypeParameters(NodeKey),
+    Function(NodeKey),
+    FunctionTypeParameters(NodeKey),
+    Lambda(NodeKey),
+    ListComprehension(NodeKey),
+    SetComprehension(NodeKey),
+    DictComprehension(NodeKey),
+    GeneratorExpression(NodeKey),
+}
--- a/crates/red_knot_python_semantic/src/semantic_index/use_def.rs
+++ b/crates/red_knot_python_semantic/src/semantic_index/use_def.rs
@@ -0,0 +1,354 @@
+//! Build a map from each use of a symbol to the definitions visible from that use.
+//!
+//! Let's take this code sample:
+//!
+//! ```python
+//! x = 1
+//! x = 2
+//! y = x
+//! if flag:
+//!     x = 3
+//! else:
+//!     x = 4
+//! z = x
+//! ```
+//!
+//! In this snippet, we have four definitions of `x` (the statements assigning `1`, `2`, `3`,
+//! and `4` to it), and two uses of `x` (the `y = x` and `z = x` assignments). The first
+//! [`Definition`] of `x` is never visible to any use, because it's immediately replaced by the
+//! second definition, before any use happens. (A linter could thus flag the statement `x = 1`
+//! as likely superfluous.)
+//!
+//! The first use of `x` has one definition visible to it: the assignment `x = 2`.
+//!
+//! Things get a bit more complex when we have branches. We will definitely take either the `if` or
+//! the `else` branch. Thus, the second use of `x` has two definitions visible to it: `x = 3` and
+//! `x = 4`. The `x = 2` definition is no longer visible, because it must be replaced by either `x
+//! = 3` or `x = 4`, no matter which branch was taken. We don't know which branch was taken, so we
+//! must consider both definitions as visible, which means eventually we would (in type inference)
+//! look at these two definitions and infer a type of `Literal[3, 4]` -- the union of `Literal[3]`
+//! and `Literal[4]` -- for the second use of `x`.
+//!
+//! So that's one question our use-def map needs to answer: given a specific use of a symbol, which
+//! definition(s) is/are visible from that use. In
+//! [`AstIds`](crate::semantic_index::ast_ids::AstIds) we number all uses (that means a `Name` node
+//! with `Load` context) so we have a `ScopedUseId` to efficiently represent each use.
+//!
+//! The other case we need to handle is when a symbol is referenced from a different scope (the
+//! most obvious example of this is an import). We call this "public" use of a symbol. So the other
+//! question we need to be able to answer is, what are the publicly-visible definitions of each
+//! symbol?
+//!
+//! Technically, public use of a symbol could also occur from any point in control flow of the
+//! scope where the symbol is defined (via inline imports and import cycles, in the case of an
+//! import, or via a function call partway through the local scope that ends up using a symbol from
+//! the scope via a global or nonlocal reference.) But modeling this fully accurately requires
+//! whole-program analysis that isn't tractable for an efficient incremental compiler, since it
+//! means a given symbol could have a different type every place it's referenced throughout the
+//! program, depending on the shape of arbitrarily-sized call/import graphs. So we follow other
+//! Python type-checkers in making the simplifying assumption that usually the scope will finish
+//! execution before its symbols are made visible to other scopes; for instance, most imports will
+//! import from a complete module, not a partially-executed module. (We may want to get a little
+//! smarter than this in the future, in particular for closures, but for now this is where we
+//! start.)
+//!
+//! So this means that the publicly-visible definitions of a symbol are the definitions still
+//! visible at the end of the scope.
+//!
+//! The data structure we build to answer these two questions is the `UseDefMap`. It has a
+//! `definitions_by_use` vector indexed by [`ScopedUseId`] and a `public_definitions` vector
+//! indexed by [`ScopedSymbolId`]. The values in each of these vectors are (in principle) a list of
+//! visible definitions at that use, or at the end of the scope for that symbol.
+//!
+//! In order to avoid vectors-of-vectors and all the allocations that would entail, we don't
+//! actually store these "list of visible definitions" as a vector of [`Definition`] IDs. Instead,
+//! the values in `definitions_by_use` and `public_definitions` are a [`Definitions`] struct that
+//! keeps a [`Range`] into a third vector of [`Definition`] IDs, `all_definitions`. The trick with
+//! this representation is that it requires that the definitions visible at any given use of a
+//! symbol are stored sequentially in `all_definitions`.
+//!
+//! There is another special kind of possible "definition" for a symbol: it might be unbound in the
+//! scope. (This isn't equivalent to "zero visible definitions", since we may go through an `if`
+//! that has a definition for the symbol, leaving us with one visible definition, but still also
+//! the "unbound" possibility, since we might not have taken the `if` branch.)
+//!
+//! The simplest way to model "unbound" would be as an actual [`Definition`] itself: the initial
+//! visible [`Definition`] for each symbol in a scope. But actually modeling it this way would
+//! dramatically increase the number of [`Definition`] that Salsa must track. Since "unbound" is a
+//! special definition in that all symbols share it, and it doesn't have any additional per-symbol
+//! state, we can represent it more efficiently: we use the `may_be_unbound` boolean on the
+//! [`Definitions`] struct. If this flag is `true`, it means the symbol/use really has one
+//! additional visible "definition", which is the unbound state. If this flag is `false`, it means
+//! we've eliminated the possibility of unbound: every path we've followed includes a definition
+//! for this symbol.
+//!
+//! To build a [`UseDefMap`], the [`UseDefMapBuilder`] is notified of each new use and definition
+//! as they are encountered by the
+//! [`SemanticIndexBuilder`](crate::semantic_index::builder::SemanticIndexBuilder) AST visit. For
+//! each symbol, the builder tracks the currently-visible definitions for that symbol. When we hit
+//! a use of a symbol, it records the currently-visible definitions for that symbol as the visible
+//! definitions for that use. When we reach the end of the scope, it records the currently-visible
+//! definitions for each symbol as the public definitions of that symbol.
+//!
+//! Let's walk through the above example. Initially we record for `x` that it has no visible
+//! definitions, and may be unbound. When we see `x = 1`, we record that as the sole visible
+//! definition of `x`, and flip `may_be_unbound` to `false`. Then we see `x = 2`, and it replaces
+//! `x = 1` as the sole visible definition of `x`. When we get to `y = x`, we record that the
+//! visible definitions for that use of `x` are just the `x = 2` definition.
+//!
+//! Then we hit the `if` branch. We visit the `test` node (`flag` in this case), since that will
+//! happen regardless. Then we take a pre-branch snapshot of the currently visible definitions for
+//! all symbols, which we'll need later. Then we go ahead and visit the `if` body. When we see `x =
+//! 3`, it replaces `x = 2` as the sole visible definition of `x`. At the end of the `if` body, we
+//! take another snapshot of the currently-visible definitions; we'll call this the post-if-body
+//! snapshot.
+//!
+//! Now we need to visit the `else` clause. The conditions when entering the `else` clause should
+//! be the pre-if conditions; if we are entering the `else` clause, we know that the `if` test
+//! failed and we didn't execute the `if` body. So we first reset the builder to the pre-if state,
+//! using the snapshot we took previously (meaning we now have `x = 2` as the sole visible
+//! definition for `x` again), then visit the `else` clause, where `x = 4` replaces `x = 2` as the
+//! sole visible definition of `x`.
+//!
+//! Now we reach the end of the if/else, and want to visit the following code. The state here needs
+//! to reflect that we might have gone through the `if` branch, or we might have gone through the
+//! `else` branch, and we don't know which. So we need to "merge" our current builder state
+//! (reflecting the end-of-else state, with `x = 4` as the only visible definition) with our
+//! post-if-body snapshot (which has `x = 3` as the only visible definition). The result of this
+//! merge is that we now have two visible definitions of `x`: `x = 3` and `x = 4`.
+//!
+//! The [`UseDefMapBuilder`] itself just exposes methods for taking a snapshot, resetting to a
+//! snapshot, and merging a snapshot into the current state. The logic using these methods lives in
+//! [`SemanticIndexBuilder`](crate::semantic_index::builder::SemanticIndexBuilder), e.g. where it
+//! visits a `StmtIf` node.
+//!
+//! (In the future we may have some other questions we want to answer as well, such as "is this
+//! definition used?", which will require tracking a bit more info in our map, e.g. a "used" bit
+//! for each [`Definition`] which is flipped to true when we record that definition for a use.)
+use crate::semantic_index::ast_ids::ScopedUseId;
+use crate::semantic_index::definition::Definition;
+use crate::semantic_index::symbol::ScopedSymbolId;
+use ruff_index::IndexVec;
+use std::ops::Range;
+
+/// All definitions that can reach a given use of a name.
+#[derive(Debug, PartialEq, Eq)]
+pub(crate) struct UseDefMap<'db> {
+    // TODO store constraints with definitions for type narrowing
+    /// Definition IDs array for `definitions_by_use` and `public_definitions` to slice into.
+    all_definitions: Vec<Definition<'db>>,
+
+    /// Definitions that can reach a [`ScopedUseId`].
+    definitions_by_use: IndexVec<ScopedUseId, Definitions>,
+
+    /// Definitions of each symbol visible at end of scope.
+    public_definitions: IndexVec<ScopedSymbolId, Definitions>,
+}
+
+impl<'db> UseDefMap<'db> {
+    pub(crate) fn use_definitions(&self, use_id: ScopedUseId) -> &[Definition<'db>] {
+        &self.all_definitions[self.definitions_by_use[use_id].definitions_range.clone()]
+    }
+
+    pub(crate) fn use_may_be_unbound(&self, use_id: ScopedUseId) -> bool {
+        self.definitions_by_use[use_id].may_be_unbound
+    }
+
+    pub(crate) fn public_definitions(&self, symbol: ScopedSymbolId) -> &[Definition<'db>] {
+        &self.all_definitions[self.public_definitions[symbol].definitions_range.clone()]
+    }
+
+    pub(crate) fn public_may_be_unbound(&self, symbol: ScopedSymbolId) -> bool {
+        self.public_definitions[symbol].may_be_unbound
+    }
+}
+
+/// Definitions visible for a symbol at a particular use (or end-of-scope).
+#[derive(Clone, Debug, PartialEq, Eq)]
+struct Definitions {
+    /// [`Range`] in `all_definitions` of the visible definition IDs.
+    definitions_range: Range<usize>,
+    /// Is the symbol possibly unbound at this point?
+    may_be_unbound: bool,
+}
+
+impl Definitions {
+    /// The default state of a symbol is "no definitions, may be unbound", aka definitely-unbound.
+    fn unbound() -> Self {
+        Self {
+            definitions_range: Range::default(),
+            may_be_unbound: true,
+        }
+    }
+}
+
+impl Default for Definitions {
+    fn default() -> Self {
+        Definitions::unbound()
+    }
+}
+
+/// A snapshot of the visible definitions for each symbol at a particular point in control flow.
+#[derive(Clone, Debug)]
+pub(super) struct FlowSnapshot {
+    definitions_by_symbol: IndexVec<ScopedSymbolId, Definitions>,
+}
+
+#[derive(Debug)]
+pub(super) struct UseDefMapBuilder<'db> {
+    /// Definition IDs array for `definitions_by_use` and `definitions_by_symbol` to slice into.
+    all_definitions: Vec<Definition<'db>>,
+
+    /// Visible definitions at each so-far-recorded use.
+    definitions_by_use: IndexVec<ScopedUseId, Definitions>,
+
+    /// Currently visible definitions for each symbol.
+    definitions_by_symbol: IndexVec<ScopedSymbolId, Definitions>,
+}
+
+impl<'db> UseDefMapBuilder<'db> {
+    pub(super) fn new() -> Self {
+        Self {
+            all_definitions: Vec::new(),
+            definitions_by_use: IndexVec::new(),
+            definitions_by_symbol: IndexVec::new(),
+        }
+    }
+
+    pub(super) fn add_symbol(&mut self, symbol: ScopedSymbolId) {
+        let new_symbol = self.definitions_by_symbol.push(Definitions::unbound());
+        debug_assert_eq!(symbol, new_symbol);
+    }
+
+    pub(super) fn record_definition(
+        &mut self,
+        symbol: ScopedSymbolId,
+        definition: Definition<'db>,
+    ) {
+        // We have a new definition of a symbol; this replaces any previous definitions in this
+        // path.
+        let def_idx = self.all_definitions.len();
+        self.all_definitions.push(definition);
+        self.definitions_by_symbol[symbol] = Definitions {
+            #[allow(clippy::range_plus_one)]
+            definitions_range: def_idx..(def_idx + 1),
+            may_be_unbound: false,
+        };
+    }
+
+    pub(super) fn record_use(&mut self, symbol: ScopedSymbolId, use_id: ScopedUseId) {
+        // We have a use of a symbol; clone the currently visible definitions for that symbol, and
+        // record them as the visible definitions for this use.
+        let new_use = self
+            .definitions_by_use
+            .push(self.definitions_by_symbol[symbol].clone());
+        debug_assert_eq!(use_id, new_use);
+    }
+
+    /// Take a snapshot of the current visible-symbols state.
+    pub(super) fn snapshot(&self) -> FlowSnapshot {
+        FlowSnapshot {
+            definitions_by_symbol: self.definitions_by_symbol.clone(),
+        }
+    }
+
+    /// Restore the current builder visible-definitions state to the given snapshot.
+    pub(super) fn restore(&mut self, snapshot: FlowSnapshot) {
+        // We never remove symbols from `definitions_by_symbol` (it's an IndexVec, and the symbol
+        // IDs must line up), so the current number of known symbols must always be equal to or
+        // greater than the number of known symbols in a previously-taken snapshot.
+        let num_symbols = self.definitions_by_symbol.len();
+        debug_assert!(num_symbols >= snapshot.definitions_by_symbol.len());
+
+        // Restore the current visible-definitions state to the given snapshot.
+        self.definitions_by_symbol = snapshot.definitions_by_symbol;
+
+        // If the snapshot we are restoring is missing some symbols we've recorded since, we need
+        // to fill them in so the symbol IDs continue to line up. Since they don't exist in the
+        // snapshot, the correct state to fill them in with is "unbound", the default.
+        self.definitions_by_symbol
+            .resize(num_symbols, Definitions::unbound());
+    }
+
+    /// Merge the given snapshot into the current state, reflecting that we might have taken either
+    /// path to get here. The new visible-definitions state for each symbol should include
+    /// definitions from both the prior state and the snapshot.
+    pub(super) fn merge(&mut self, snapshot: &FlowSnapshot) {
+        // The tricky thing about merging two Ranges pointing into `all_definitions` is that if the
+        // two Ranges aren't already adjacent in `all_definitions`, we will have to copy at least
+        // one or the other of the ranges to the end of `all_definitions` so as to make them
+        // adjacent. We can't ever move things around in `all_definitions` because previously
+        // recorded uses may still have ranges pointing to any part of it; all we can do is append.
+        // It's possible we may end up with some old entries in `all_definitions` that nobody is
+        // pointing to, but that's OK.
+
+        // We never remove symbols from `definitions_by_symbol` (it's an IndexVec, and the symbol
+        // IDs must line up), so the current number of known symbols must always be equal to or
+        // greater than the number of known symbols in a previously-taken snapshot.
+        debug_assert!(self.definitions_by_symbol.len() >= snapshot.definitions_by_symbol.len());
+
+        for (symbol_id, current) in self.definitions_by_symbol.iter_mut_enumerated() {
+            let Some(snapshot) = snapshot.definitions_by_symbol.get(symbol_id) else {
+                // Symbol not present in snapshot, so it's unbound from that path.
+                current.may_be_unbound = true;
+                continue;
+            };
+
+            // If the symbol can be unbound in either predecessor, it can be unbound post-merge.
+            current.may_be_unbound |= snapshot.may_be_unbound;
+
+            // Merge the definition ranges.
+            let current = &mut current.definitions_range;
+            let snapshot = &snapshot.definitions_range;
+
+            // We never create reversed ranges.
+            debug_assert!(current.end >= current.start);
+            debug_assert!(snapshot.end >= snapshot.start);
+
+            if current == snapshot {
+                // Ranges already identical, nothing to do.
+            } else if snapshot.is_empty() {
+                // Merging from an empty range; nothing to do.
+            } else if (*current).is_empty() {
+                // Merging to an empty range; just use the incoming range.
+                *current = snapshot.clone();
+            } else if snapshot.end >= current.start && snapshot.start <= current.end {
+                // Ranges are adjacent or overlapping, merge them in-place.
+                *current = current.start.min(snapshot.start)..current.end.max(snapshot.end);
+            } else if current.end == self.all_definitions.len() {
+                // Ranges are not adjacent or overlapping, `current` is at the end of
+                // `all_definitions`, we need to copy `snapshot` to the end so they are adjacent
+                // and can be merged into one range.
+                self.all_definitions.extend_from_within(snapshot.clone());
+                current.end = self.all_definitions.len();
+            } else if snapshot.end == self.all_definitions.len() {
+                // Ranges are not adjacent or overlapping, `snapshot` is at the end of
+                // `all_definitions`, we need to copy `current` to the end so they are adjacent and
+                // can be merged into one range.
+                self.all_definitions.extend_from_within(current.clone());
+                current.start = snapshot.start;
+                current.end = self.all_definitions.len();
+            } else {
+                // Ranges are not adjacent and neither one is at the end of `all_definitions`, we
+                // have to copy both to the end so they are adjacent and we can merge them.
+                let start = self.all_definitions.len();
+                self.all_definitions.extend_from_within(current.clone());
+                self.all_definitions.extend_from_within(snapshot.clone());
+                current.start = start;
+                current.end = self.all_definitions.len();
+            }
+        }
+    }
+
+    pub(super) fn finish(mut self) -> UseDefMap<'db> {
+        self.all_definitions.shrink_to_fit();
+        self.definitions_by_symbol.shrink_to_fit();
+        self.definitions_by_use.shrink_to_fit();
+
+        UseDefMap {
+            all_definitions: self.all_definitions,
+            definitions_by_use: self.definitions_by_use,
+            public_definitions: self.definitions_by_symbol,
+        }
+    }
+}
--- a/crates/red_knot_python_semantic/src/semantic_model.rs
+++ b/crates/red_knot_python_semantic/src/semantic_model.rs
@@ -0,0 +1,260 @@
+use ruff_db::files::{File, FilePath};
+use ruff_db::source::line_index;
+use ruff_python_ast as ast;
+use ruff_python_ast::{Expr, ExpressionRef, StmtClassDef};
+use ruff_source_file::LineIndex;
+
+use crate::module_name::ModuleName;
+use crate::module_resolver::{resolve_module, Module};
+use crate::semantic_index::ast_ids::HasScopedAstId;
+use crate::semantic_index::semantic_index;
+use crate::types::{definition_ty, global_symbol_ty_by_name, infer_scope_types, Type};
+use crate::Db;
+
+pub struct SemanticModel<'db> {
+    db: &'db dyn Db,
+    file: File,
+}
+
+impl<'db> SemanticModel<'db> {
+    pub fn new(db: &'db dyn Db, file: File) -> Self {
+        Self { db, file }
+    }
+
+    // TODO we don't actually want to expose the Db directly to lint rules, but we need to find a
+    // solution for exposing information from types
+    pub fn db(&self) -> &dyn Db {
+        self.db
+    }
+
+    pub fn file_path(&self) -> &FilePath {
+        self.file.path(self.db)
+    }
+
+    pub fn line_index(&self) -> LineIndex {
+        line_index(self.db.upcast(), self.file)
+    }
+
+    pub fn resolve_module(&self, module_name: ModuleName) -> Option<Module> {
+        resolve_module(self.db, module_name)
+    }
+
+    pub fn global_symbol_ty(&self, module: &Module, symbol_name: &str) -> Type<'db> {
+        global_symbol_ty_by_name(self.db, module.file(), symbol_name)
+    }
+}
+
+pub trait HasTy {
+    /// Returns the inferred type of `self`.
+    ///
+    /// ## Panics
+    /// May panic if `self` is from another file than `model`.
+    fn ty<'db>(&self, model: &SemanticModel<'db>) -> Type<'db>;
+}
+
+impl HasTy for ast::ExpressionRef<'_> {
+    fn ty<'db>(&self, model: &SemanticModel<'db>) -> Type<'db> {
+        let index = semantic_index(model.db, model.file);
+        let file_scope = index.expression_scope_id(*self);
+        let scope = file_scope.to_scope_id(model.db, model.file);
+
+        let expression_id = self.scoped_ast_id(model.db, scope);
+        infer_scope_types(model.db, scope).expression_ty(expression_id)
+    }
+}
+
+macro_rules! impl_expression_has_ty {
+    ($ty: ty) => {
+        impl HasTy for $ty {
+            #[inline]
+            fn ty<'db>(&self, model: &SemanticModel<'db>) -> Type<'db> {
+                let expression_ref = ExpressionRef::from(self);
+                expression_ref.ty(model)
+            }
+        }
+    };
+}
+
+impl_expression_has_ty!(ast::ExprBoolOp);
+impl_expression_has_ty!(ast::ExprNamed);
+impl_expression_has_ty!(ast::ExprBinOp);
+impl_expression_has_ty!(ast::ExprUnaryOp);
+impl_expression_has_ty!(ast::ExprLambda);
+impl_expression_has_ty!(ast::ExprIf);
+impl_expression_has_ty!(ast::ExprDict);
+impl_expression_has_ty!(ast::ExprSet);
+impl_expression_has_ty!(ast::ExprListComp);
+impl_expression_has_ty!(ast::ExprSetComp);
+impl_expression_has_ty!(ast::ExprDictComp);
+impl_expression_has_ty!(ast::ExprGenerator);
+impl_expression_has_ty!(ast::ExprAwait);
+impl_expression_has_ty!(ast::ExprYield);
+impl_expression_has_ty!(ast::ExprYieldFrom);
+impl_expression_has_ty!(ast::ExprCompare);
+impl_expression_has_ty!(ast::ExprCall);
+impl_expression_has_ty!(ast::ExprFString);
+impl_expression_has_ty!(ast::ExprStringLiteral);
+impl_expression_has_ty!(ast::ExprBytesLiteral);
+impl_expression_has_ty!(ast::ExprNumberLiteral);
+impl_expression_has_ty!(ast::ExprBooleanLiteral);
+impl_expression_has_ty!(ast::ExprNoneLiteral);
+impl_expression_has_ty!(ast::ExprEllipsisLiteral);
+impl_expression_has_ty!(ast::ExprAttribute);
+impl_expression_has_ty!(ast::ExprSubscript);
+impl_expression_has_ty!(ast::ExprStarred);
+impl_expression_has_ty!(ast::ExprName);
+impl_expression_has_ty!(ast::ExprList);
+impl_expression_has_ty!(ast::ExprTuple);
+impl_expression_has_ty!(ast::ExprSlice);
+impl_expression_has_ty!(ast::ExprIpyEscapeCommand);
+
+impl HasTy for ast::Expr {
+    fn ty<'db>(&self, model: &SemanticModel<'db>) -> Type<'db> {
+        match self {
+            Expr::BoolOp(inner) => inner.ty(model),
+            Expr::Named(inner) => inner.ty(model),
+            Expr::BinOp(inner) => inner.ty(model),
+            Expr::UnaryOp(inner) => inner.ty(model),
+            Expr::Lambda(inner) => inner.ty(model),
+            Expr::If(inner) => inner.ty(model),
+            Expr::Dict(inner) => inner.ty(model),
+            Expr::Set(inner) => inner.ty(model),
+            Expr::ListComp(inner) => inner.ty(model),
+            Expr::SetComp(inner) => inner.ty(model),
+            Expr::DictComp(inner) => inner.ty(model),
+            Expr::Generator(inner) => inner.ty(model),
+            Expr::Await(inner) => inner.ty(model),
+            Expr::Yield(inner) => inner.ty(model),
+            Expr::YieldFrom(inner) => inner.ty(model),
+            Expr::Compare(inner) => inner.ty(model),
+            Expr::Call(inner) => inner.ty(model),
+            Expr::FString(inner) => inner.ty(model),
+            Expr::StringLiteral(inner) => inner.ty(model),
+            Expr::BytesLiteral(inner) => inner.ty(model),
+            Expr::NumberLiteral(inner) => inner.ty(model),
+            Expr::BooleanLiteral(inner) => inner.ty(model),
+            Expr::NoneLiteral(inner) => inner.ty(model),
+            Expr::EllipsisLiteral(inner) => inner.ty(model),
+            Expr::Attribute(inner) => inner.ty(model),
+            Expr::Subscript(inner) => inner.ty(model),
+            Expr::Starred(inner) => inner.ty(model),
+            Expr::Name(inner) => inner.ty(model),
+            Expr::List(inner) => inner.ty(model),
+            Expr::Tuple(inner) => inner.ty(model),
+            Expr::Slice(inner) => inner.ty(model),
+            Expr::IpyEscapeCommand(inner) => inner.ty(model),
+        }
+    }
+}
+
+impl HasTy for ast::StmtFunctionDef {
+    fn ty<'db>(&self, model: &SemanticModel<'db>) -> Type<'db> {
+        let index = semantic_index(model.db, model.file);
+        let definition = index.definition(self);
+        definition_ty(model.db, definition)
+    }
+}
+
+impl HasTy for StmtClassDef {
+    fn ty<'db>(&self, model: &SemanticModel<'db>) -> Type<'db> {
+        let index = semantic_index(model.db, model.file);
+        let definition = index.definition(self);
+        definition_ty(model.db, definition)
+    }
+}
+
+impl HasTy for ast::Alias {
+    fn ty<'db>(&self, model: &SemanticModel<'db>) -> Type<'db> {
+        let index = semantic_index(model.db, model.file);
+        let definition = index.definition(self);
+        definition_ty(model.db, definition)
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use ruff_db::files::system_path_to_file;
+    use ruff_db::parsed::parsed_module;
+    use ruff_db::system::{DbWithTestSystem, SystemPathBuf};
+
+    use crate::db::tests::TestDb;
+    use crate::program::{Program, SearchPathSettings};
+    use crate::python_version::PythonVersion;
+    use crate::types::Type;
+    use crate::{HasTy, ProgramSettings, SemanticModel};
+
+    fn setup_db<'a>(files: impl IntoIterator<Item = (&'a str, &'a str)>) -> anyhow::Result<TestDb> {
+        let mut db = TestDb::new();
+        db.write_files(files)?;
+
+        Program::from_settings(
+            &db,
+            ProgramSettings {
+                target_version: PythonVersion::default(),
+                search_paths: SearchPathSettings {
+                    extra_paths: vec![],
+                    src_root: SystemPathBuf::from("/src"),
+                    site_packages: vec![],
+                    custom_typeshed: None,
+                },
+            },
+        )?;
+
+        Ok(db)
+    }
+
+    #[test]
+    fn function_ty() -> anyhow::Result<()> {
+        let db = setup_db([("/src/foo.py", "def test(): pass")])?;
+
+        let foo = system_path_to_file(&db, "/src/foo.py").unwrap();
+
+        let ast = parsed_module(&db, foo);
+
+        let function = ast.suite()[0].as_function_def_stmt().unwrap();
+        let model = SemanticModel::new(&db, foo);
+        let ty = function.ty(&model);
+
+        assert!(matches!(ty, Type::Function(_)));
+
+        Ok(())
+    }
+
+    #[test]
+    fn class_ty() -> anyhow::Result<()> {
+        let db = setup_db([("/src/foo.py", "class Test: pass")])?;
+
+        let foo = system_path_to_file(&db, "/src/foo.py").unwrap();
+
+        let ast = parsed_module(&db, foo);
+
+        let class = ast.suite()[0].as_class_def_stmt().unwrap();
+        let model = SemanticModel::new(&db, foo);
+        let ty = class.ty(&model);
+
+        assert!(matches!(ty, Type::Class(_)));
+
+        Ok(())
+    }
+
+    #[test]
+    fn alias_ty() -> anyhow::Result<()> {
+        let db = setup_db([
+            ("/src/foo.py", "class Test: pass"),
+            ("/src/bar.py", "from foo import Test"),
+        ])?;
+
+        let bar = system_path_to_file(&db, "/src/bar.py").unwrap();
+
+        let ast = parsed_module(&db, bar);
+
+        let import = ast.suite()[0].as_import_from_stmt().unwrap();
+        let alias = &import.names[0];
+        let model = SemanticModel::new(&db, bar);
+        let ty = alias.ty(&model);
+
+        assert!(matches!(ty, Type::Class(_)));
+
+        Ok(())
+    }
+}
--- a/crates/red_knot_python_semantic/src/types.rs
+++ b/crates/red_knot_python_semantic/src/types.rs
@@ -0,0 +1,278 @@
+use ruff_db::files::File;
+use ruff_python_ast::name::Name;
+
+use crate::builtins::builtins_scope;
+use crate::semantic_index::definition::Definition;
+use crate::semantic_index::symbol::{ScopeId, ScopedSymbolId};
+use crate::semantic_index::{global_scope, symbol_table, use_def_map};
+use crate::{Db, FxOrderSet};
+
+mod builder;
+mod display;
+mod infer;
+
+pub(crate) use self::builder::UnionBuilder;
+pub(crate) use self::infer::{infer_definition_types, infer_scope_types};
+
+/// Infer the public type of a symbol (its type as seen from outside its scope).
+pub(crate) fn symbol_ty<'db>(
+    db: &'db dyn Db,
+    scope: ScopeId<'db>,
+    symbol: ScopedSymbolId,
+) -> Type<'db> {
+    let _span = tracing::trace_span!("symbol_ty", ?symbol).entered();
+
+    let use_def = use_def_map(db, scope);
+    definitions_ty(
+        db,
+        use_def.public_definitions(symbol),
+        use_def
+            .public_may_be_unbound(symbol)
+            .then_some(Type::Unbound),
+    )
+}
+
+/// Shorthand for `symbol_ty` that takes a symbol name instead of an ID.
+pub(crate) fn symbol_ty_by_name<'db>(
+    db: &'db dyn Db,
+    scope: ScopeId<'db>,
+    name: &str,
+) -> Type<'db> {
+    let table = symbol_table(db, scope);
+    table
+        .symbol_id_by_name(name)
+        .map(|symbol| symbol_ty(db, scope, symbol))
+        .unwrap_or(Type::Unbound)
+}
+
+/// Shorthand for `symbol_ty` that looks up a module-global symbol by name in a file.
+pub(crate) fn global_symbol_ty_by_name<'db>(db: &'db dyn Db, file: File, name: &str) -> Type<'db> {
+    symbol_ty_by_name(db, global_scope(db, file), name)
+}
+
+/// Shorthand for `symbol_ty` that looks up a symbol in the builtins.
+///
+/// Returns `Unbound` if the builtins module isn't available for some reason.
+pub(crate) fn builtins_symbol_ty_by_name<'db>(db: &'db dyn Db, name: &str) -> Type<'db> {
+    builtins_scope(db)
+        .map(|builtins| symbol_ty_by_name(db, builtins, name))
+        .unwrap_or(Type::Unbound)
+}
+
+/// Infer the type of a [`Definition`].
+pub(crate) fn definition_ty<'db>(db: &'db dyn Db, definition: Definition<'db>) -> Type<'db> {
+    let inference = infer_definition_types(db, definition);
+    inference.definition_ty(definition)
+}
+
+/// Infer the combined type of an array of [`Definition`]s, plus one optional "unbound type".
+///
+/// Will return a union if there is more than one definition, or at least one plus an unbound
+/// type.
+///
+/// The "unbound type" represents the type in case control flow may not have passed through any
+/// definitions in this scope. If this isn't possible, then it will be `None`. If it is possible,
+/// and the result in that case should be Unbound (e.g. an unbound function local), then it will be
+/// `Some(Type::Unbound)`. If it is possible and the result should be something else (e.g. an
+/// implicit global lookup), then `unbound_type` will be `Some(the_global_symbol_type)`.
+///
+/// # Panics
+/// Will panic if called with zero definitions and no `unbound_ty`. This is a logic error,
+/// as any symbol with zero visible definitions clearly may be unbound, and the caller should
+/// provide an `unbound_ty`.
+pub(crate) fn definitions_ty<'db>(
+    db: &'db dyn Db,
+    definitions: &[Definition<'db>],
+    unbound_ty: Option<Type<'db>>,
+) -> Type<'db> {
+    let def_types = definitions.iter().map(|def| definition_ty(db, *def));
+    let mut all_types = unbound_ty.into_iter().chain(def_types);
+
+    let Some(first) = all_types.next() else {
+        panic!("definitions_ty should never be called with zero definitions and no unbound_ty.")
+    };
+
+    if let Some(second) = all_types.next() {
+        let mut builder = UnionBuilder::new(db);
+        builder = builder.add(first).add(second);
+
+        for variant in all_types {
+            builder = builder.add(variant);
+        }
+
+        builder.build()
+    } else {
+        first
+    }
+}
+
+/// Unique ID for a type.
+#[derive(Copy, Clone, Debug, PartialOrd, Ord, PartialEq, Eq, Hash)]
+pub enum Type<'db> {
+    /// the dynamic type: a statically-unknown set of values
+    Any,
+    /// the empty set of values
+    Never,
+    /// unknown type (no annotation)
+    /// equivalent to Any, or possibly to object in strict mode
+    Unknown,
+    /// name does not exist or is not bound to any value (this represents an error, but with some
+    /// leniency options it could be silently resolved to Unknown in some cases)
+    Unbound,
+    /// the None object -- TODO remove this in favor of Instance(types.NoneType)
+    None,
+    /// a specific function object
+    Function(FunctionType<'db>),
+    /// a specific module object
+    Module(File),
+    /// a specific class object
+    Class(ClassType<'db>),
+    /// the set of Python objects with the given class in their __class__'s method resolution order
+    Instance(ClassType<'db>),
+    /// the set of objects in any of the types in the union
+    Union(UnionType<'db>),
+    /// the set of objects in all of the types in the intersection
+    Intersection(IntersectionType<'db>),
+    /// An integer literal
+    IntLiteral(i64),
+    /// A boolean literal, either `True` or `False`.
+    BooleanLiteral(bool),
+    // TODO protocols, callable types, overloads, generics, type vars
+}
+
+impl<'db> Type<'db> {
+    pub const fn is_unbound(&self) -> bool {
+        matches!(self, Type::Unbound)
+    }
+
+    pub const fn is_unknown(&self) -> bool {
+        matches!(self, Type::Unknown)
+    }
+
+    #[must_use]
+    pub fn member(&self, db: &'db dyn Db, name: &Name) -> Type<'db> {
+        match self {
+            Type::Any => Type::Any,
+            Type::Never => todo!("attribute lookup on Never type"),
+            Type::Unknown => Type::Unknown,
+            Type::Unbound => Type::Unbound,
+            Type::None => todo!("attribute lookup on None type"),
+            Type::Function(_) => todo!("attribute lookup on Function type"),
+            Type::Module(file) => global_symbol_ty_by_name(db, *file, name),
+            Type::Class(class) => class.class_member(db, name),
+            Type::Instance(_) => {
+                // TODO MRO? get_own_instance_member, get_instance_member
+                todo!("attribute lookup on Instance type")
+            }
+            Type::Union(union) => union
+                .elements(db)
+                .iter()
+                .fold(UnionBuilder::new(db), |builder, element_ty| {
+                    builder.add(element_ty.member(db, name))
+                })
+                .build(),
+            Type::Intersection(_) => {
+                // TODO perform the get_member on each type in the intersection
+                // TODO return the intersection of those results
+                todo!("attribute lookup on Intersection type")
+            }
+            Type::IntLiteral(_) => {
+                // TODO raise error
+                Type::Unknown
+            }
+            Type::BooleanLiteral(_) => Type::Unknown,
+        }
+    }
+
+    #[must_use]
+    pub fn instance(&self) -> Type<'db> {
+        match self {
+            Type::Any => Type::Any,
+            Type::Unknown => Type::Unknown,
+            Type::Class(class) => Type::Instance(*class),
+            _ => Type::Unknown, // TODO type errors
+        }
+    }
+}
+
+#[salsa::interned]
+pub struct FunctionType<'db> {
+    /// name of the function at definition
+    pub name: Name,
+
+    /// types of all decorators on this function
+    decorators: Vec<Type<'db>>,
+}
+
+impl<'db> FunctionType<'db> {
+    pub fn has_decorator(self, db: &dyn Db, decorator: Type<'_>) -> bool {
+        self.decorators(db).contains(&decorator)
+    }
+}
+
+#[salsa::interned]
+pub struct ClassType<'db> {
+    /// Name of the class at definition
+    pub name: Name,
+
+    /// Types of all class bases
+    bases: Vec<Type<'db>>,
+
+    body_scope: ScopeId<'db>,
+}
+
+impl<'db> ClassType<'db> {
+    /// Returns the class member of this class named `name`.
+    ///
+    /// The member resolves to a member of the class itself or any of its bases.
+    pub fn class_member(self, db: &'db dyn Db, name: &Name) -> Type<'db> {
+        let member = self.own_class_member(db, name);
+        if !member.is_unbound() {
+            return member;
+        }
+
+        self.inherited_class_member(db, name)
+    }
+
+    /// Returns the inferred type of the class member named `name`.
+    pub fn own_class_member(self, db: &'db dyn Db, name: &Name) -> Type<'db> {
+        let scope = self.body_scope(db);
+        symbol_ty_by_name(db, scope, name)
+    }
+
+    pub fn inherited_class_member(self, db: &'db dyn Db, name: &Name) -> Type<'db> {
+        for base in self.bases(db) {
+            let member = base.member(db, name);
+            if !member.is_unbound() {
+                return member;
+            }
+        }
+
+        Type::Unbound
+    }
+}
+
+#[salsa::interned]
+pub struct UnionType<'db> {
+    /// The union type includes values in any of these types.
+    elements: FxOrderSet<Type<'db>>,
+}
+
+impl<'db> UnionType<'db> {
+    pub fn contains(&self, db: &'db dyn Db, ty: Type<'db>) -> bool {
+        self.elements(db).contains(&ty)
+    }
+}
+
+#[salsa::interned]
+pub struct IntersectionType<'db> {
+    /// The intersection type includes only values in all of these types.
+    positive: FxOrderSet<Type<'db>>,
+
+    /// The intersection type does not include any value in any of these types.
+    ///
+    /// Negation types aren't expressible in annotations, and are most likely to arise from type
+    /// narrowing along with intersections (e.g. `if not isinstance(...)`), so we represent them
+    /// directly in intersections rather than as a separate type.
+    negative: FxOrderSet<Type<'db>>,
+}
--- a/crates/red_knot_python_semantic/src/types/builder.rs
+++ b/crates/red_knot_python_semantic/src/types/builder.rs
@@ -0,0 +1,429 @@
+//! Smart builders for union and intersection types.
+//!
+//! Invariants we maintain here:
+//!   * No single-element union types (should just be the contained type instead.)
+//!   * No single-positive-element intersection types. Single-negative-element are OK, we don't
+//!     have a standalone negation type so there's no other representation for this.
+//!   * The same type should never appear more than once in a union or intersection. (This should
+//!     be expanded to cover subtyping -- see below -- but for now we only implement it for type
+//!     identity.)
+//!   * Disjunctive normal form (DNF): the tree of unions and intersections can never be deeper
+//!     than a union-of-intersections. Unions cannot contain other unions (the inner union just
+//!     flattens into the outer one), intersections cannot contain other intersections (also
+//!     flattens), and intersections cannot contain unions (the intersection distributes over the
+//!     union, inverting it into a union-of-intersections).
+//!
+//! The implication of these invariants is that a [`UnionBuilder`] does not necessarily build a
+//! [`Type::Union`]. For example, if only one type is added to the [`UnionBuilder`], `build()` will
+//! just return that type directly. The same is true for [`IntersectionBuilder`]; for example, if a
+//! union type is added to the intersection, it will distribute and [`IntersectionBuilder::build`]
+//! may end up returning a [`Type::Union`] of intersections.
+//!
+//! In the future we should have these additional invariants, but they aren't implemented yet:
+//!   * No type in a union can be a subtype of any other type in the union (just eliminate the
+//!     subtype from the union).
+//!   * No type in an intersection can be a supertype of any other type in the intersection (just
+//!     eliminate the supertype from the intersection).
+//!   * An intersection containing two non-overlapping types should simplify to [`Type::Never`].
+use crate::types::{IntersectionType, Type, UnionType};
+use crate::{Db, FxOrderSet};
+
+pub(crate) struct UnionBuilder<'db> {
+    elements: FxOrderSet<Type<'db>>,
+    db: &'db dyn Db,
+}
+
+impl<'db> UnionBuilder<'db> {
+    pub(crate) fn new(db: &'db dyn Db) -> Self {
+        Self {
+            db,
+            elements: FxOrderSet::default(),
+        }
+    }
+
+    /// Adds a type to this union.
+    pub(crate) fn add(mut self, ty: Type<'db>) -> Self {
+        match ty {
+            Type::Union(union) => {
+                self.elements.extend(&union.elements(self.db));
+            }
+            Type::Never => {}
+            _ => {
+                self.elements.insert(ty);
+            }
+        }
+
+        self
+    }
+
+    pub(crate) fn build(self) -> Type<'db> {
+        match self.elements.len() {
+            0 => Type::Never,
+            1 => self.elements[0],
+            _ => Type::Union(UnionType::new(self.db, self.elements)),
+        }
+    }
+}
+
+#[allow(unused)]
+#[derive(Clone)]
+pub(crate) struct IntersectionBuilder<'db> {
+    // Really this builds a union-of-intersections, because we always keep our set-theoretic types
+    // in disjunctive normal form (DNF), a union of intersections. In the simplest case there's
+    // just a single intersection in this vector, and we are building a single intersection type,
+    // but if a union is added to the intersection, we'll distribute ourselves over that union and
+    // create a union of intersections.
+    intersections: Vec<InnerIntersectionBuilder<'db>>,
+    db: &'db dyn Db,
+}
+
+impl<'db> IntersectionBuilder<'db> {
+    #[allow(dead_code)]
+    fn new(db: &'db dyn Db) -> Self {
+        Self {
+            db,
+            intersections: vec![InnerIntersectionBuilder::new()],
+        }
+    }
+
+    fn empty(db: &'db dyn Db) -> Self {
+        Self {
+            db,
+            intersections: vec![],
+        }
+    }
+
+    #[allow(dead_code)]
+    fn add_positive(mut self, ty: Type<'db>) -> Self {
+        if let Type::Union(union) = ty {
+            // Distribute ourself over this union: for each union element, clone ourself and
+            // intersect with that union element, then create a new union-of-intersections with all
+            // of those sub-intersections in it. E.g. if `self` is a simple intersection `T1 & T2`
+            // and we add `T3 | T4` to the intersection, we don't get `T1 & T2 & (T3 | T4)` (that's
+            // not in DNF), we distribute the union and get `(T1 & T3) | (T2 & T3) | (T1 & T4) |
+            // (T2 & T4)`. If `self` is already a union-of-intersections `(T1 & T2) | (T3 & T4)`
+            // and we add `T5 | T6` to it, that flattens all the way out to `(T1 & T2 & T5) | (T1 &
+            // T2 & T6) | (T3 & T4 & T5) ...` -- you get the idea.
+            union
+                .elements(self.db)
+                .iter()
+                .map(|elem| self.clone().add_positive(*elem))
+                .fold(IntersectionBuilder::empty(self.db), |mut builder, sub| {
+                    builder.intersections.extend(sub.intersections);
+                    builder
+                })
+        } else {
+            // If we are already a union-of-intersections, distribute the new intersected element
+            // across all of those intersections.
+            for inner in &mut self.intersections {
+                inner.add_positive(self.db, ty);
+            }
+            self
+        }
+    }
+
+    #[allow(dead_code)]
+    fn add_negative(mut self, ty: Type<'db>) -> Self {
+        // See comments above in `add_positive`; this is just the negated version.
+        if let Type::Union(union) = ty {
+            union
+                .elements(self.db)
+                .iter()
+                .map(|elem| self.clone().add_negative(*elem))
+                .fold(IntersectionBuilder::empty(self.db), |mut builder, sub| {
+                    builder.intersections.extend(sub.intersections);
+                    builder
+                })
+        } else {
+            for inner in &mut self.intersections {
+                inner.add_negative(self.db, ty);
+            }
+            self
+        }
+    }
+
+    #[allow(dead_code)]
+    fn build(mut self) -> Type<'db> {
+        // Avoid allocating the UnionBuilder unnecessarily if we have just one intersection:
+        if self.intersections.len() == 1 {
+            self.intersections.pop().unwrap().build(self.db)
+        } else {
+            let mut builder = UnionBuilder::new(self.db);
+            for inner in self.intersections {
+                builder = builder.add(inner.build(self.db));
+            }
+            builder.build()
+        }
+    }
+}
+
+#[allow(unused)]
+#[derive(Debug, Clone, Default)]
+struct InnerIntersectionBuilder<'db> {
+    positive: FxOrderSet<Type<'db>>,
+    negative: FxOrderSet<Type<'db>>,
+}
+
+impl<'db> InnerIntersectionBuilder<'db> {
+    fn new() -> Self {
+        Self::default()
+    }
+
+    /// Adds a positive type to this intersection.
+    fn add_positive(&mut self, db: &'db dyn Db, ty: Type<'db>) {
+        match ty {
+            Type::Intersection(inter) => {
+                let pos = inter.positive(db);
+                let neg = inter.negative(db);
+                self.positive.extend(pos.difference(&self.negative));
+                self.negative.extend(neg.difference(&self.positive));
+                self.positive.retain(|elem| !neg.contains(elem));
+                self.negative.retain(|elem| !pos.contains(elem));
+            }
+            _ => {
+                if !self.negative.remove(&ty) {
+                    self.positive.insert(ty);
+                };
+            }
+        }
+    }
+
+    /// Adds a negative type to this intersection.
+    fn add_negative(&mut self, db: &'db dyn Db, ty: Type<'db>) {
+        // TODO Any/Unknown actually should not self-cancel
+        match ty {
+            Type::Intersection(intersection) => {
+                let pos = intersection.negative(db);
+                let neg = intersection.positive(db);
+                self.positive.extend(pos.difference(&self.negative));
+                self.negative.extend(neg.difference(&self.positive));
+                self.positive.retain(|elem| !neg.contains(elem));
+                self.negative.retain(|elem| !pos.contains(elem));
+            }
+            Type::Never => {}
+            _ => {
+                if !self.positive.remove(&ty) {
+                    self.negative.insert(ty);
+                };
+            }
+        }
+    }
+
+    fn simplify(&mut self) {
+        // TODO this should be generalized based on subtyping, for now we just handle a few cases
+
+        // Never is a subtype of all types
+        if self.positive.contains(&Type::Never) {
+            self.positive.clear();
+            self.negative.clear();
+            self.positive.insert(Type::Never);
+        }
+    }
+
+    fn build(mut self, db: &'db dyn Db) -> Type<'db> {
+        self.simplify();
+        match (self.positive.len(), self.negative.len()) {
+            (0, 0) => Type::Never,
+            (1, 0) => self.positive[0],
+            _ => {
+                self.positive.shrink_to_fit();
+                self.negative.shrink_to_fit();
+                Type::Intersection(IntersectionType::new(db, self.positive, self.negative))
+            }
+        }
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use super::{IntersectionBuilder, IntersectionType, Type, UnionBuilder, UnionType};
+    use crate::db::tests::TestDb;
+
+    fn setup_db() -> TestDb {
+        TestDb::new()
+    }
+
+    impl<'db> UnionType<'db> {
+        fn elements_vec(self, db: &'db TestDb) -> Vec<Type<'db>> {
+            self.elements(db).into_iter().collect()
+        }
+    }
+
+    #[test]
+    fn build_union() {
+        let db = setup_db();
+        let t0 = Type::IntLiteral(0);
+        let t1 = Type::IntLiteral(1);
+        let Type::Union(union) = UnionBuilder::new(&db).add(t0).add(t1).build() else {
+            panic!("expected a union");
+        };
+
+        assert_eq!(union.elements_vec(&db), &[t0, t1]);
+    }
+
+    #[test]
+    fn build_union_single() {
+        let db = setup_db();
+        let t0 = Type::IntLiteral(0);
+        let ty = UnionBuilder::new(&db).add(t0).build();
+
+        assert_eq!(ty, t0);
+    }
+
+    #[test]
+    fn build_union_empty() {
+        let db = setup_db();
+        let ty = UnionBuilder::new(&db).build();
+
+        assert_eq!(ty, Type::Never);
+    }
+
+    #[test]
+    fn build_union_never() {
+        let db = setup_db();
+        let t0 = Type::IntLiteral(0);
+        let ty = UnionBuilder::new(&db).add(t0).add(Type::Never).build();
+
+        assert_eq!(ty, t0);
+    }
+
+    #[test]
+    fn build_union_flatten() {
+        let db = setup_db();
+        let t0 = Type::IntLiteral(0);
+        let t1 = Type::IntLiteral(1);
+        let t2 = Type::IntLiteral(2);
+        let u1 = UnionBuilder::new(&db).add(t0).add(t1).build();
+        let Type::Union(union) = UnionBuilder::new(&db).add(u1).add(t2).build() else {
+            panic!("expected a union");
+        };
+
+        assert_eq!(union.elements_vec(&db), &[t0, t1, t2]);
+    }
+
+    impl<'db> IntersectionType<'db> {
+        fn pos_vec(self, db: &'db TestDb) -> Vec<Type<'db>> {
+            self.positive(db).into_iter().collect()
+        }
+
+        fn neg_vec(self, db: &'db TestDb) -> Vec<Type<'db>> {
+            self.negative(db).into_iter().collect()
+        }
+    }
+
+    #[test]
+    fn build_intersection() {
+        let db = setup_db();
+        let t0 = Type::IntLiteral(0);
+        let ta = Type::Any;
+        let Type::Intersection(inter) = IntersectionBuilder::new(&db)
+            .add_positive(ta)
+            .add_negative(t0)
+            .build()
+        else {
+            panic!("expected to be an intersection");
+        };
+
+        assert_eq!(inter.pos_vec(&db), &[ta]);
+        assert_eq!(inter.neg_vec(&db), &[t0]);
+    }
+
+    #[test]
+    fn build_intersection_flatten_positive() {
+        let db = setup_db();
+        let ta = Type::Any;
+        let t1 = Type::IntLiteral(1);
+        let t2 = Type::IntLiteral(2);
+        let i0 = IntersectionBuilder::new(&db)
+            .add_positive(ta)
+            .add_negative(t1)
+            .build();
+        let Type::Intersection(inter) = IntersectionBuilder::new(&db)
+            .add_positive(t2)
+            .add_positive(i0)
+            .build()
+        else {
+            panic!("expected to be an intersection");
+        };
+
+        assert_eq!(inter.pos_vec(&db), &[t2, ta]);
+        assert_eq!(inter.neg_vec(&db), &[t1]);
+    }
+
+    #[test]
+    fn build_intersection_flatten_negative() {
+        let db = setup_db();
+        let ta = Type::Any;
+        let t1 = Type::IntLiteral(1);
+        let t2 = Type::IntLiteral(2);
+        let i0 = IntersectionBuilder::new(&db)
+            .add_positive(ta)
+            .add_negative(t1)
+            .build();
+        let Type::Intersection(inter) = IntersectionBuilder::new(&db)
+            .add_positive(t2)
+            .add_negative(i0)
+            .build()
+        else {
+            panic!("expected to be an intersection");
+        };
+
+        assert_eq!(inter.pos_vec(&db), &[t2, t1]);
+        assert_eq!(inter.neg_vec(&db), &[ta]);
+    }
+
+    #[test]
+    fn intersection_distributes_over_union() {
+        let db = setup_db();
+        let t0 = Type::IntLiteral(0);
+        let t1 = Type::IntLiteral(1);
+        let ta = Type::Any;
+        let u0 = UnionBuilder::new(&db).add(t0).add(t1).build();
+
+        let Type::Union(union) = IntersectionBuilder::new(&db)
+            .add_positive(ta)
+            .add_positive(u0)
+            .build()
+        else {
+            panic!("expected a union");
+        };
+        let [Type::Intersection(i0), Type::Intersection(i1)] = union.elements_vec(&db)[..] else {
+            panic!("expected a union of two intersections");
+        };
+        assert_eq!(i0.pos_vec(&db), &[ta, t0]);
+        assert_eq!(i1.pos_vec(&db), &[ta, t1]);
+    }
+
+    #[test]
+    fn build_intersection_self_negation() {
+        let db = setup_db();
+        let ty = IntersectionBuilder::new(&db)
+            .add_positive(Type::None)
+            .add_negative(Type::None)
+            .build();
+
+        assert_eq!(ty, Type::Never);
+    }
+
+    #[test]
+    fn build_intersection_simplify_negative_never() {
+        let db = setup_db();
+        let ty = IntersectionBuilder::new(&db)
+            .add_positive(Type::None)
+            .add_negative(Type::Never)
+            .build();
+
+        assert_eq!(ty, Type::None);
+    }
+
+    #[test]
+    fn build_intersection_simplify_positive_never() {
+        let db = setup_db();
+        let ty = IntersectionBuilder::new(&db)
+            .add_positive(Type::None)
+            .add_positive(Type::Never)
+            .build();
+
+        assert_eq!(ty, Type::Never);
+    }
+}
--- a/crates/red_knot_python_semantic/src/types/display.rs
+++ b/crates/red_knot_python_semantic/src/types/display.rs
@@ -0,0 +1,152 @@
+//! Display implementations for types.
+
+use std::fmt::{Display, Formatter};
+
+use crate::types::{IntersectionType, Type, UnionType};
+use crate::Db;
+
+impl<'db> Type<'db> {
+    pub fn display(&'db self, db: &'db dyn Db) -> DisplayType<'db> {
+        DisplayType { ty: self, db }
+    }
+}
+
+#[derive(Copy, Clone)]
+pub struct DisplayType<'db> {
+    ty: &'db Type<'db>,
+    db: &'db dyn Db,
+}
+
+impl Display for DisplayType<'_> {
+    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
+        match self.ty {
+            Type::Any => f.write_str("Any"),
+            Type::Never => f.write_str("Never"),
+            Type::Unknown => f.write_str("Unknown"),
+            Type::Unbound => f.write_str("Unbound"),
+            Type::None => f.write_str("None"),
+            Type::Module(file) => {
+                write!(f, "<module '{:?}'>", file.path(self.db))
+            }
+            // TODO functions and classes should display using a fully qualified name
+            Type::Class(class) => write!(f, "Literal[{}]", class.name(self.db)),
+            Type::Instance(class) => f.write_str(&class.name(self.db)),
+            Type::Function(function) => write!(f, "Literal[{}]", function.name(self.db)),
+            Type::Union(union) => union.display(self.db).fmt(f),
+            Type::Intersection(intersection) => intersection.display(self.db).fmt(f),
+            Type::IntLiteral(n) => write!(f, "Literal[{n}]"),
+            Type::BooleanLiteral(boolean) => {
+                write!(f, "Literal[{}]", if *boolean { "True" } else { "False" })
+            }
+        }
+    }
+}
+
+impl std::fmt::Debug for DisplayType<'_> {
+    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
+        std::fmt::Display::fmt(self, f)
+    }
+}
+
+impl<'db> UnionType<'db> {
+    fn display(&'db self, db: &'db dyn Db) -> DisplayUnionType<'db> {
+        DisplayUnionType { db, ty: self }
+    }
+}
+
+struct DisplayUnionType<'db> {
+    ty: &'db UnionType<'db>,
+    db: &'db dyn Db,
+}
+
+impl Display for DisplayUnionType<'_> {
+    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
+        let union = self.ty;
+
+        let (int_literals, other_types): (Vec<Type>, Vec<Type>) = union
+            .elements(self.db)
+            .iter()
+            .copied()
+            .partition(|ty| matches!(ty, Type::IntLiteral(_)));
+
+        let mut first = true;
+        if !int_literals.is_empty() {
+            f.write_str("Literal[")?;
+            let mut nums: Vec<_> = int_literals
+                .into_iter()
+                .filter_map(|ty| {
+                    if let Type::IntLiteral(n) = ty {
+                        Some(n)
+                    } else {
+                        None
+                    }
+                })
+                .collect();
+            nums.sort_unstable();
+            for num in nums {
+                if !first {
+                    f.write_str(", ")?;
+                }
+                write!(f, "{num}")?;
+                first = false;
+            }
+            f.write_str("]")?;
+        }
+
+        for ty in other_types {
+            if !first {
+                f.write_str(" | ")?;
+            };
+            first = false;
+            write!(f, "{}", ty.display(self.db))?;
+        }
+
+        Ok(())
+    }
+}
+
+impl std::fmt::Debug for DisplayUnionType<'_> {
+    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
+        std::fmt::Display::fmt(self, f)
+    }
+}
+
+impl<'db> IntersectionType<'db> {
+    fn display(&'db self, db: &'db dyn Db) -> DisplayIntersectionType<'db> {
+        DisplayIntersectionType { db, ty: self }
+    }
+}
+
+struct DisplayIntersectionType<'db> {
+    ty: &'db IntersectionType<'db>,
+    db: &'db dyn Db,
+}
+
+impl Display for DisplayIntersectionType<'_> {
+    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
+        let mut first = true;
+        for (neg, ty) in self
+            .ty
+            .positive(self.db)
+            .iter()
+            .map(|ty| (false, ty))
+            .chain(self.ty.negative(self.db).iter().map(|ty| (true, ty)))
+        {
+            if !first {
+                f.write_str(" & ")?;
+            };
+            first = false;
+            if neg {
+                f.write_str("~")?;
+            };
+            write!(f, "{}", ty.display(self.db))?;
+        }
+        Ok(())
+    }
+}
+
+impl std::fmt::Debug for DisplayIntersectionType<'_> {
+    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
+        std::fmt::Display::fmt(self, f)
+    }
+}
--- a/crates/red_knot_python_semantic/src/types/infer.rs
+++ b/crates/red_knot_python_semantic/src/types/infer.rs
--- a/crates/red_knot_python_semantic/vendor/typeshed/LICENSE
+++ b/crates/red_knot_python_semantic/vendor/typeshed/LICENSE
@@ -0,0 +1,237 @@
+The "typeshed" project is licensed under the terms of the Apache license, as
+reproduced below.
+
+= = = = =
+
+Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "{}"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright {yyyy} {name of copyright owner}
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+= = = = =
+
+Parts of typeshed are licensed under different licenses (like the MIT
+license), reproduced below.
+
+= = = = =
+
+The MIT License
+
+Copyright (c) 2015 Jukka Lehtosalo and contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a
+copy of this software and associated documentation files (the "Software"),
+to deal in the Software without restriction, including without limitation
+the rights to use, copy, modify, merge, publish, distribute, sublicense,
+and/or sell copies of the Software, and to permit persons to whom the
+Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.
+
+= = = = =
--- a/crates/red_knot_python_semantic/vendor/typeshed/README.md
+++ b/crates/red_knot_python_semantic/vendor/typeshed/README.md
@@ -0,0 +1,124 @@
+# typeshed
+
+[![Tests](https://github.com/python/typeshed/actions/workflows/tests.yml/badge.svg)](https://github.com/python/typeshed/actions/workflows/tests.yml)
+[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+[![Pull Requests Welcome](https://img.shields.io/badge/pull%20requests-welcome-brightgreen.svg)](https://github.com/python/typeshed/blob/main/CONTRIBUTING.md)
+
+## About
+
+Typeshed contains external type annotations for the Python standard library
+and Python builtins, as well as third party packages as contributed by
+people external to those projects.
+
+This data can e.g. be used for static analysis, type checking, type inference,
+and autocompletion.
+
+For information on how to use typeshed, read below.  Information for
+contributors can be found in [CONTRIBUTING.md](CONTRIBUTING.md).  **Please read
+it before submitting pull requests; do not report issues with annotations to
+the project the stubs are for, but instead report them here to typeshed.**
+
+Further documentation on stub files, typeshed, and Python's typing system in
+general, can also be found at https://typing.readthedocs.io/en/latest/.
+
+Typeshed supports Python versions 3.8 and up.
+
+## Using
+
+If you're just using a type checker ([mypy](https://github.com/python/mypy/),
+[pyright](https://github.com/microsoft/pyright),
+[pytype](https://github.com/google/pytype/), PyCharm, ...), as opposed to
+developing it, you don't need to interact with the typeshed repo at
+all: a copy of standard library part of typeshed is bundled with type checkers.
+And type stubs for third party packages and modules you are using can
+be installed from PyPI. For example, if you are using `html5lib` and `requests`,
+you can install the type stubs using
+
+```bash
+$ pip install types-html5lib types-requests
+```
+
+These PyPI packages follow [PEP 561](http://www.python.org/dev/peps/pep-0561/)
+and are automatically released (up to once a day) by
+[typeshed internal machinery](https://github.com/typeshed-internal/stub_uploader).
+
+Type checkers should be able to use these stub packages when installed. For more
+details, see the documentation for your type checker.
+
+### Package versioning for third-party stubs
+
+Version numbers of third-party stub packages consist of at least four parts.
+All parts of the stub version, except for the last part, correspond to the
+version of the runtime package being stubbed. For example, if the `types-foo`
+package has version `1.2.0.20240309`, this guarantees that the `types-foo` package
+contains stubs targeted against `foo==1.2.*` and tested against the latest
+version of `foo` matching that specifier. In this example, the final element
+of the version number (20240309) indicates that the stub package was pushed on
+March 9, 2024.
+
+At typeshed, we try to keep breaking changes to a minimum. However, due to the
+nature of stubs, any version bump can introduce changes that might make your
+code fail to type check.
+
+There are several strategies available for specifying the version of a stubs
+package you're using, each with its own tradeoffs:
+
+1. Use the same bounds that you use for the package being stubbed. For example,
+   if you use `requests>=2.30.0,<2.32`, you can use
+   `types-requests>=2.30.0,<2.32`. This ensures that the stubs are compatible
+   with the package you are using, but it carries a small risk of breaking
+   type checking due to changes in the stubs.
+
+   Another risk of this strategy is that stubs often lag behind
+   the package being stubbed. You might want to force the package being stubbed
+   to a certain minimum version because it fixes a critical bug, but if
+   correspondingly updated stubs have not been released, your type
+   checking results may not be fully accurate.
+2. Pin the stubs to a known good version and update the pin from time to time
+   (either manually, or using a tool such as dependabot or renovate).
+
+   For example, if you use `types-requests==2.31.0.1`, you can have confidence
+   that upgrading dependencies will not break type checking. However, you will
+   miss out on improvements in the stubs that could potentially improve type
+   checking until you update the pin. This strategy also has the risk that the
+   stubs you are using might become incompatible with the package being stubbed.
+3. Don't pin the stubs. This is the option that demands the least work from
+   you when it comes to updating version pins, and has the advantage that you
+   will automatically benefit from improved stubs whenever a new version of the
+   stubs package is released. However, it carries the risk that the stubs
+   become incompatible with the package being stubbed.
+
+   For example, if a new major version of the package is released, there's a
+   chance the stubs might be updated to reflect the new version of the runtime
+   package before you update the package being stubbed.
+
+You can also switch between the different strategies as needed. For example,
+you could default to strategy (1), but fall back to strategy (2) when
+a problem arises that can't easily be fixed.
+
+### The `_typeshed` package
+
+typeshed includes a package `_typeshed` as part of the standard library.
+This package and its submodules contain utility types, but are not
+available at runtime. For more information about how to use this package,
+[see the `stdlib/_typeshed` directory](https://github.com/python/typeshed/tree/main/stdlib/_typeshed).
+
+## Discussion
+
+If you've run into behavior in the type checker that suggests the type
+stubs for a given library are incorrect or incomplete,
+we want to hear from you!
+
+Our main forum for discussion is the project's [GitHub issue
+tracker](https://github.com/python/typeshed/issues).  This is the right
+place to start a discussion of any of the above or most any other
+topic concerning the project.
+
+If you have general questions about typing with Python, or you need
+a review of your type annotations or stubs outside of typeshed, head over to
+[our discussion forum](https://github.com/python/typing/discussions).
+For less formal discussion, try the typing chat room on
+[gitter.im](https://gitter.im/python/typing).  Some typeshed maintainers
+are almost always present; feel free to find us there and we're happy
+to chat.  Substantive technical discussion will be directed to the
+issue tracker.
--- a/crates/red_knot_python_semantic/vendor/typeshed/source_commit.txt
+++ b/crates/red_knot_python_semantic/vendor/typeshed/source_commit.txt
@@ -0,0 +1 @@
+1ace5718deaf3041f8e3d1dc9c9e8a8e830e517f
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/VERSIONS
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/VERSIONS
@@ -0,0 +1,315 @@
+# The structure of this file is as follows:
+# - Blank lines and comments starting with `#` are ignored.
+# - Lines contain the name of a module, followed by a colon,
+#   a space, and a version range (for example: `symbol: 3.0-3.9`).
+#
+# Version ranges may be of the form "X.Y-A.B" or "X.Y-". The
+# first form means that a module was introduced in version X.Y and last
+# available in version A.B. The second form means that the module was
+# introduced in version X.Y and is still available in the latest
+# version of Python.
+#
+# If a submodule is not listed separately, it has the same lifetime as
+# its parent module.
+#
+# Python versions before 3.0 are ignored, so any module that was already
+# present in 3.0 will have "3.0" as its minimum version. Version ranges
+# for unsupported versions of Python 3 are generally accurate but we do
+# not guarantee their correctness.
+
+__future__: 3.0-
+__main__: 3.0-
+_ast: 3.0-
+_bisect: 3.0-
+_bootlocale: 3.4-3.9
+_codecs: 3.0-
+_collections_abc: 3.3-
+_compat_pickle: 3.1-
+_compression: 3.5-
+_csv: 3.0-
+_ctypes: 3.0-
+_curses: 3.0-
+_decimal: 3.3-
+_dummy_thread: 3.0-3.8
+_dummy_threading: 3.0-3.8
+_heapq: 3.0-
+_imp: 3.0-
+_interpchannels: 3.13-
+_interpqueues: 3.13-
+_interpreters: 3.13-
+_json: 3.0-
+_locale: 3.0-
+_lsprof: 3.0-
+_markupbase: 3.0-
+_msi: 3.0-
+_operator: 3.4-
+_osx_support: 3.0-
+_posixsubprocess: 3.2-
+_py_abc: 3.7-
+_pydecimal: 3.5-
+_random: 3.0-
+_sitebuiltins: 3.4-
+_socket: 3.0-  # present in 3.0 at runtime, but not in typeshed
+_stat: 3.4-
+_thread: 3.0-
+_threading_local: 3.0-
+_tkinter: 3.0-
+_tracemalloc: 3.4-
+_typeshed: 3.0-  # not present at runtime, only for type checking
+_warnings: 3.0-
+_weakref: 3.0-
+_weakrefset: 3.0-
+_winapi: 3.3-
+abc: 3.0-
+aifc: 3.0-3.12
+antigravity: 3.0-
+argparse: 3.0-
+array: 3.0-
+ast: 3.0-
+asynchat: 3.0-3.11
+asyncio: 3.4-
+asyncio.exceptions: 3.8-
+asyncio.format_helpers: 3.7-
+asyncio.mixins: 3.10-
+asyncio.runners: 3.7-
+asyncio.staggered: 3.8-
+asyncio.taskgroups: 3.11-
+asyncio.threads: 3.9-
+asyncio.timeouts: 3.11-
+asyncio.trsock: 3.8-
+asyncore: 3.0-3.11
+atexit: 3.0-
+audioop: 3.0-3.12
+base64: 3.0-
+bdb: 3.0-
+binascii: 3.0-
+binhex: 3.0-3.10
+bisect: 3.0-
+builtins: 3.0-
+bz2: 3.0-
+cProfile: 3.0-
+calendar: 3.0-
+cgi: 3.0-3.12
+cgitb: 3.0-3.12
+chunk: 3.0-3.12
+cmath: 3.0-
+cmd: 3.0-
+code: 3.0-
+codecs: 3.0-
+codeop: 3.0-
+collections: 3.0-
+collections.abc: 3.3-
+colorsys: 3.0-
+compileall: 3.0-
+concurrent: 3.2-
+configparser: 3.0-
+contextlib: 3.0-
+contextvars: 3.7-
+copy: 3.0-
+copyreg: 3.0-
+crypt: 3.0-3.12
+csv: 3.0-
+ctypes: 3.0-
+curses: 3.0-
+dataclasses: 3.7-
+datetime: 3.0-
+dbm: 3.0-
+dbm.sqlite3: 3.13-
+decimal: 3.0-
+difflib: 3.0-
+dis: 3.0-
+distutils: 3.0-3.11
+distutils.command.bdist_msi: 3.0-3.10
+distutils.command.bdist_wininst: 3.0-3.9
+doctest: 3.0-
+dummy_threading: 3.0-3.8
+email: 3.0-
+encodings: 3.0-
+ensurepip: 3.0-
+enum: 3.4-
+errno: 3.0-
+faulthandler: 3.3-
+fcntl: 3.0-
+filecmp: 3.0-
+fileinput: 3.0-
+fnmatch: 3.0-
+formatter: 3.0-3.9
+fractions: 3.0-
+ftplib: 3.0-
+functools: 3.0-
+gc: 3.0-
+genericpath: 3.0-
+getopt: 3.0-
+getpass: 3.0-
+gettext: 3.0-
+glob: 3.0-
+graphlib: 3.9-
+grp: 3.0-
+gzip: 3.0-
+hashlib: 3.0-
+heapq: 3.0-
+hmac: 3.0-
+html: 3.0-
+http: 3.0-
+imaplib: 3.0-
+imghdr: 3.0-3.12
+imp: 3.0-3.11
+importlib: 3.0-
+importlib._abc: 3.10-
+importlib.metadata: 3.8-
+importlib.metadata._meta: 3.10-
+importlib.metadata.diagnose: 3.13-
+importlib.readers: 3.10-
+importlib.resources: 3.7-
+importlib.resources.abc: 3.11-
+importlib.resources.readers: 3.11-
+importlib.resources.simple: 3.11-
+importlib.simple: 3.11-
+inspect: 3.0-
+io: 3.0-
+ipaddress: 3.3-
+itertools: 3.0-
+json: 3.0-
+keyword: 3.0-
+lib2to3: 3.0-3.12
+linecache: 3.0-
+locale: 3.0-
+logging: 3.0-
+lzma: 3.3-
+mailbox: 3.0-
+mailcap: 3.0-3.12
+marshal: 3.0-
+math: 3.0-
+mimetypes: 3.0-
+mmap: 3.0-
+modulefinder: 3.0-
+msilib: 3.0-3.12
+msvcrt: 3.0-
+multiprocessing: 3.0-
+multiprocessing.resource_tracker: 3.8-
+multiprocessing.shared_memory: 3.8-
+netrc: 3.0-
+nis: 3.0-3.12
+nntplib: 3.0-3.12
+nt: 3.0-
+ntpath: 3.0-
+nturl2path: 3.0-
+numbers: 3.0-
+opcode: 3.0-
+operator: 3.0-
+optparse: 3.0-
+os: 3.0-
+ossaudiodev: 3.0-3.12
+parser: 3.0-3.9
+pathlib: 3.4-
+pdb: 3.0-
+pickle: 3.0-
+pickletools: 3.0-
+pipes: 3.0-3.12
+pkgutil: 3.0-
+platform: 3.0-
+plistlib: 3.0-
+poplib: 3.0-
+posix: 3.0-
+posixpath: 3.0-
+pprint: 3.0-
+profile: 3.0-
+pstats: 3.0-
+pty: 3.0-
+pwd: 3.0-
+py_compile: 3.0-
+pyclbr: 3.0-
+pydoc: 3.0-
+pydoc_data: 3.0-
+pyexpat: 3.0-
+queue: 3.0-
+quopri: 3.0-
+random: 3.0-
+re: 3.0-
+readline: 3.0-
+reprlib: 3.0-
+resource: 3.0-
+rlcompleter: 3.0-
+runpy: 3.0-
+sched: 3.0-
+secrets: 3.6-
+select: 3.0-
+selectors: 3.4-
+shelve: 3.0-
+shlex: 3.0-
+shutil: 3.0-
+signal: 3.0-
+site: 3.0-
+smtpd: 3.0-3.11
+smtplib: 3.0-
+sndhdr: 3.0-3.12
+socket: 3.0-
+socketserver: 3.0-
+spwd: 3.0-3.12
+sqlite3: 3.0-
+sre_compile: 3.0-
+sre_constants: 3.0-
+sre_parse: 3.0-
+ssl: 3.0-
+stat: 3.0-
+statistics: 3.4-
+string: 3.0-
+stringprep: 3.0-
+struct: 3.0-
+subprocess: 3.0-
+sunau: 3.0-3.12
+symbol: 3.0-3.9
+symtable: 3.0-
+sys: 3.0-
+sys._monitoring: 3.12-  # Doesn't actually exist. See comments in the stub.
+sysconfig: 3.0-
+syslog: 3.0-
+tabnanny: 3.0-
+tarfile: 3.0-
+telnetlib: 3.0-3.12
+tempfile: 3.0-
+termios: 3.0-
+textwrap: 3.0-
+this: 3.0-
+threading: 3.0-
+time: 3.0-
+timeit: 3.0-
+tkinter: 3.0-
+tkinter.tix: 3.0-3.12
+token: 3.0-
+tokenize: 3.0-
+tomllib: 3.11-
+trace: 3.0-
+traceback: 3.0-
+tracemalloc: 3.4-
+tty: 3.0-
+turtle: 3.0-
+types: 3.0-
+typing: 3.5-
+typing_extensions: 3.0-
+unicodedata: 3.0-
+unittest: 3.0-
+unittest._log: 3.9-
+unittest.async_case: 3.8-
+urllib: 3.0-
+uu: 3.0-3.12
+uuid: 3.0-
+venv: 3.3-
+warnings: 3.0-
+wave: 3.0-
+weakref: 3.0-
+webbrowser: 3.0-
+winreg: 3.0-
+winsound: 3.0-
+wsgiref: 3.0-
+wsgiref.types: 3.11-
+xdrlib: 3.0-3.12
+xml: 3.0-
+xmlrpc: 3.0-
+xxlimited: 3.2-
+zipapp: 3.5-
+zipfile: 3.0-
+zipfile._path: 3.12-
+zipimport: 3.0-
+zlib: 3.0-
+zoneinfo: 3.9-
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/future.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/future.pyi
@@ -0,0 +1,36 @@
+from typing_extensions import TypeAlias
+
+_VersionInfo: TypeAlias = tuple[int, int, int, str, int]
+
+class _Feature:
+    def __init__(self, optionalRelease: _VersionInfo, mandatoryRelease: _VersionInfo | None, compiler_flag: int) -> None: ...
+    def getOptionalRelease(self) -> _VersionInfo: ...
+    def getMandatoryRelease(self) -> _VersionInfo | None: ...
+    compiler_flag: int
+
+absolute_import: _Feature
+division: _Feature
+generators: _Feature
+nested_scopes: _Feature
+print_function: _Feature
+unicode_literals: _Feature
+with_statement: _Feature
+barry_as_FLUFL: _Feature
+generator_stop: _Feature
+annotations: _Feature
+
+all_feature_names: list[str]  # undocumented
+
+__all__ = [
+    "all_feature_names",
+    "absolute_import",
+    "division",
+    "generators",
+    "nested_scopes",
+    "print_function",
+    "unicode_literals",
+    "with_statement",
+    "barry_as_FLUFL",
+    "generator_stop",
+    "annotations",
+]
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/main.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/main.pyi
@@ -0,0 +1,3 @@
+from typing import Any
+
+def __getattr__(name: str) -> Any: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_ast.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_ast.pyi
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_bisect.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_bisect.pyi
@@ -0,0 +1,84 @@
+import sys
+from _typeshed import SupportsLenAndGetItem, SupportsRichComparisonT
+from collections.abc import Callable, MutableSequence
+from typing import TypeVar, overload
+
+_T = TypeVar("_T")
+
+if sys.version_info >= (3, 10):
+    @overload
+    def bisect_left(
+        a: SupportsLenAndGetItem[SupportsRichComparisonT],
+        x: SupportsRichComparisonT,
+        lo: int = 0,
+        hi: int | None = None,
+        *,
+        key: None = None,
+    ) -> int: ...
+    @overload
+    def bisect_left(
+        a: SupportsLenAndGetItem[_T],
+        x: SupportsRichComparisonT,
+        lo: int = 0,
+        hi: int | None = None,
+        *,
+        key: Callable[[_T], SupportsRichComparisonT],
+    ) -> int: ...
+    @overload
+    def bisect_right(
+        a: SupportsLenAndGetItem[SupportsRichComparisonT],
+        x: SupportsRichComparisonT,
+        lo: int = 0,
+        hi: int | None = None,
+        *,
+        key: None = None,
+    ) -> int: ...
+    @overload
+    def bisect_right(
+        a: SupportsLenAndGetItem[_T],
+        x: SupportsRichComparisonT,
+        lo: int = 0,
+        hi: int | None = None,
+        *,
+        key: Callable[[_T], SupportsRichComparisonT],
+    ) -> int: ...
+    @overload
+    def insort_left(
+        a: MutableSequence[SupportsRichComparisonT],
+        x: SupportsRichComparisonT,
+        lo: int = 0,
+        hi: int | None = None,
+        *,
+        key: None = None,
+    ) -> None: ...
+    @overload
+    def insort_left(
+        a: MutableSequence[_T], x: _T, lo: int = 0, hi: int | None = None, *, key: Callable[[_T], SupportsRichComparisonT]
+    ) -> None: ...
+    @overload
+    def insort_right(
+        a: MutableSequence[SupportsRichComparisonT],
+        x: SupportsRichComparisonT,
+        lo: int = 0,
+        hi: int | None = None,
+        *,
+        key: None = None,
+    ) -> None: ...
+    @overload
+    def insort_right(
+        a: MutableSequence[_T], x: _T, lo: int = 0, hi: int | None = None, *, key: Callable[[_T], SupportsRichComparisonT]
+    ) -> None: ...
+
+else:
+    def bisect_left(
+        a: SupportsLenAndGetItem[SupportsRichComparisonT], x: SupportsRichComparisonT, lo: int = 0, hi: int | None = None
+    ) -> int: ...
+    def bisect_right(
+        a: SupportsLenAndGetItem[SupportsRichComparisonT], x: SupportsRichComparisonT, lo: int = 0, hi: int | None = None
+    ) -> int: ...
+    def insort_left(
+        a: MutableSequence[SupportsRichComparisonT], x: SupportsRichComparisonT, lo: int = 0, hi: int | None = None
+    ) -> None: ...
+    def insort_right(
+        a: MutableSequence[SupportsRichComparisonT], x: SupportsRichComparisonT, lo: int = 0, hi: int | None = None
+    ) -> None: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_bootlocale.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_bootlocale.pyi
@@ -0,0 +1 @@
+def getpreferredencoding(do_setlocale: bool = True) -> str: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_codecs.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_codecs.pyi
@@ -0,0 +1,133 @@
+import codecs
+import sys
+from _typeshed import ReadableBuffer
+from collections.abc import Callable
+from typing import Literal, overload
+from typing_extensions import TypeAlias
+
+# This type is not exposed; it is defined in unicodeobject.c
+class _EncodingMap:
+    def size(self) -> int: ...
+
+_CharMap: TypeAlias = dict[int, int] | _EncodingMap
+_Handler: TypeAlias = Callable[[UnicodeError], tuple[str | bytes, int]]
+_SearchFunction: TypeAlias = Callable[[str], codecs.CodecInfo | None]
+
+def register(search_function: _SearchFunction, /) -> None: ...
+
+if sys.version_info >= (3, 10):
+    def unregister(search_function: _SearchFunction, /) -> None: ...
+
+def register_error(errors: str, handler: _Handler, /) -> None: ...
+def lookup_error(name: str, /) -> _Handler: ...
+
+# The type ignore on `encode` and `decode` is to avoid issues with overlapping overloads, for more details, see #300
+# https://docs.python.org/3/library/codecs.html#binary-transforms
+_BytesToBytesEncoding: TypeAlias = Literal[
+    "base64",
+    "base_64",
+    "base64_codec",
+    "bz2",
+    "bz2_codec",
+    "hex",
+    "hex_codec",
+    "quopri",
+    "quotedprintable",
+    "quoted_printable",
+    "quopri_codec",
+    "uu",
+    "uu_codec",
+    "zip",
+    "zlib",
+    "zlib_codec",
+]
+# https://docs.python.org/3/library/codecs.html#text-transforms
+_StrToStrEncoding: TypeAlias = Literal["rot13", "rot_13"]
+
+@overload
+def encode(obj: ReadableBuffer, encoding: _BytesToBytesEncoding, errors: str = "strict") -> bytes: ...
+@overload
+def encode(obj: str, encoding: _StrToStrEncoding, errors: str = "strict") -> str: ...  # type: ignore[overload-overlap]
+@overload
+def encode(obj: str, encoding: str = "utf-8", errors: str = "strict") -> bytes: ...
+@overload
+def decode(obj: ReadableBuffer, encoding: _BytesToBytesEncoding, errors: str = "strict") -> bytes: ...  # type: ignore[overload-overlap]
+@overload
+def decode(obj: str, encoding: _StrToStrEncoding, errors: str = "strict") -> str: ...
+
+# these are documented as text encodings but in practice they also accept str as input
+@overload
+def decode(
+    obj: str,
+    encoding: Literal["unicode_escape", "unicode-escape", "raw_unicode_escape", "raw-unicode-escape"],
+    errors: str = "strict",
+) -> str: ...
+
+# hex is officially documented as a bytes to bytes encoding, but it appears to also work with str
+@overload
+def decode(obj: str, encoding: Literal["hex", "hex_codec"], errors: str = "strict") -> bytes: ...
+@overload
+def decode(obj: ReadableBuffer, encoding: str = "utf-8", errors: str = "strict") -> str: ...
+def lookup(encoding: str, /) -> codecs.CodecInfo: ...
+def charmap_build(map: str, /) -> _CharMap: ...
+def ascii_decode(data: ReadableBuffer, errors: str | None = None, /) -> tuple[str, int]: ...
+def ascii_encode(str: str, errors: str | None = None, /) -> tuple[bytes, int]: ...
+def charmap_decode(data: ReadableBuffer, errors: str | None = None, mapping: _CharMap | None = None, /) -> tuple[str, int]: ...
+def charmap_encode(str: str, errors: str | None = None, mapping: _CharMap | None = None, /) -> tuple[bytes, int]: ...
+def escape_decode(data: str | ReadableBuffer, errors: str | None = None, /) -> tuple[str, int]: ...
+def escape_encode(data: bytes, errors: str | None = None, /) -> tuple[bytes, int]: ...
+def latin_1_decode(data: ReadableBuffer, errors: str | None = None, /) -> tuple[str, int]: ...
+def latin_1_encode(str: str, errors: str | None = None, /) -> tuple[bytes, int]: ...
+
+if sys.version_info >= (3, 9):
+    def raw_unicode_escape_decode(
+        data: str | ReadableBuffer, errors: str | None = None, final: bool = True, /
+    ) -> tuple[str, int]: ...
+
+else:
+    def raw_unicode_escape_decode(data: str | ReadableBuffer, errors: str | None = None, /) -> tuple[str, int]: ...
+
+def raw_unicode_escape_encode(str: str, errors: str | None = None, /) -> tuple[bytes, int]: ...
+def readbuffer_encode(data: str | ReadableBuffer, errors: str | None = None, /) -> tuple[bytes, int]: ...
+
+if sys.version_info >= (3, 9):
+    def unicode_escape_decode(
+        data: str | ReadableBuffer, errors: str | None = None, final: bool = True, /
+    ) -> tuple[str, int]: ...
+
+else:
+    def unicode_escape_decode(data: str | ReadableBuffer, errors: str | None = None, /) -> tuple[str, int]: ...
+
+def unicode_escape_encode(str: str, errors: str | None = None, /) -> tuple[bytes, int]: ...
+def utf_16_be_decode(data: ReadableBuffer, errors: str | None = None, final: bool = False, /) -> tuple[str, int]: ...
+def utf_16_be_encode(str: str, errors: str | None = None, /) -> tuple[bytes, int]: ...
+def utf_16_decode(data: ReadableBuffer, errors: str | None = None, final: bool = False, /) -> tuple[str, int]: ...
+def utf_16_encode(str: str, errors: str | None = None, byteorder: int = 0, /) -> tuple[bytes, int]: ...
+def utf_16_ex_decode(
+    data: ReadableBuffer, errors: str | None = None, byteorder: int = 0, final: bool = False, /
+) -> tuple[str, int, int]: ...
+def utf_16_le_decode(data: ReadableBuffer, errors: str | None = None, final: bool = False, /) -> tuple[str, int]: ...
+def utf_16_le_encode(str: str, errors: str | None = None, /) -> tuple[bytes, int]: ...
+def utf_32_be_decode(data: ReadableBuffer, errors: str | None = None, final: bool = False, /) -> tuple[str, int]: ...
+def utf_32_be_encode(str: str, errors: str | None = None, /) -> tuple[bytes, int]: ...
+def utf_32_decode(data: ReadableBuffer, errors: str | None = None, final: bool = False, /) -> tuple[str, int]: ...
+def utf_32_encode(str: str, errors: str | None = None, byteorder: int = 0, /) -> tuple[bytes, int]: ...
+def utf_32_ex_decode(
+    data: ReadableBuffer, errors: str | None = None, byteorder: int = 0, final: bool = False, /
+) -> tuple[str, int, int]: ...
+def utf_32_le_decode(data: ReadableBuffer, errors: str | None = None, final: bool = False, /) -> tuple[str, int]: ...
+def utf_32_le_encode(str: str, errors: str | None = None, /) -> tuple[bytes, int]: ...
+def utf_7_decode(data: ReadableBuffer, errors: str | None = None, final: bool = False, /) -> tuple[str, int]: ...
+def utf_7_encode(str: str, errors: str | None = None, /) -> tuple[bytes, int]: ...
+def utf_8_decode(data: ReadableBuffer, errors: str | None = None, final: bool = False, /) -> tuple[str, int]: ...
+def utf_8_encode(str: str, errors: str | None = None, /) -> tuple[bytes, int]: ...
+
+if sys.platform == "win32":
+    def mbcs_decode(data: ReadableBuffer, errors: str | None = None, final: bool = False, /) -> tuple[str, int]: ...
+    def mbcs_encode(str: str, errors: str | None = None, /) -> tuple[bytes, int]: ...
+    def code_page_decode(
+        codepage: int, data: ReadableBuffer, errors: str | None = None, final: bool = False, /
+    ) -> tuple[str, int]: ...
+    def code_page_encode(code_page: int, str: str, errors: str | None = None, /) -> tuple[bytes, int]: ...
+    def oem_decode(data: ReadableBuffer, errors: str | None = None, final: bool = False, /) -> tuple[str, int]: ...
+    def oem_encode(str: str, errors: str | None = None, /) -> tuple[bytes, int]: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_collections_abc.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_collections_abc.pyi
@@ -0,0 +1,101 @@
+import sys
+from abc import abstractmethod
+from types import MappingProxyType
+from typing import (  # noqa: Y022,Y038
+    AbstractSet as Set,
+    AsyncGenerator as AsyncGenerator,
+    AsyncIterable as AsyncIterable,
+    AsyncIterator as AsyncIterator,
+    Awaitable as Awaitable,
+    Callable as Callable,
+    Collection as Collection,
+    Container as Container,
+    Coroutine as Coroutine,
+    Generator as Generator,
+    Generic,
+    Hashable as Hashable,
+    ItemsView as ItemsView,
+    Iterable as Iterable,
+    Iterator as Iterator,
+    KeysView as KeysView,
+    Mapping as Mapping,
+    MappingView as MappingView,
+    MutableMapping as MutableMapping,
+    MutableSequence as MutableSequence,
+    MutableSet as MutableSet,
+    Protocol,
+    Reversible as Reversible,
+    Sequence as Sequence,
+    Sized as Sized,
+    TypeVar,
+    ValuesView as ValuesView,
+    final,
+    runtime_checkable,
+)
+
+__all__ = [
+    "Awaitable",
+    "Coroutine",
+    "AsyncIterable",
+    "AsyncIterator",
+    "AsyncGenerator",
+    "Hashable",
+    "Iterable",
+    "Iterator",
+    "Generator",
+    "Reversible",
+    "Sized",
+    "Container",
+    "Callable",
+    "Collection",
+    "Set",
+    "MutableSet",
+    "Mapping",
+    "MutableMapping",
+    "MappingView",
+    "KeysView",
+    "ItemsView",
+    "ValuesView",
+    "Sequence",
+    "MutableSequence",
+]
+if sys.version_info < (3, 14):
+    from typing import ByteString as ByteString  # noqa: Y057
+
+    __all__ += ["ByteString"]
+
+if sys.version_info >= (3, 12):
+    __all__ += ["Buffer"]
+
+_KT_co = TypeVar("_KT_co", covariant=True)  # Key type covariant containers.
+_VT_co = TypeVar("_VT_co", covariant=True)  # Value type covariant containers.
+
+@final
+class dict_keys(KeysView[_KT_co], Generic[_KT_co, _VT_co]):  # undocumented
+    def __eq__(self, value: object, /) -> bool: ...
+    if sys.version_info >= (3, 13):
+        def isdisjoint(self, other: Iterable[_KT_co], /) -> bool: ...
+    if sys.version_info >= (3, 10):
+        @property
+        def mapping(self) -> MappingProxyType[_KT_co, _VT_co]: ...
+
+@final
+class dict_values(ValuesView[_VT_co], Generic[_KT_co, _VT_co]):  # undocumented
+    if sys.version_info >= (3, 10):
+        @property
+        def mapping(self) -> MappingProxyType[_KT_co, _VT_co]: ...
+
+@final
+class dict_items(ItemsView[_KT_co, _VT_co]):  # undocumented
+    def __eq__(self, value: object, /) -> bool: ...
+    if sys.version_info >= (3, 13):
+        def isdisjoint(self, other: Iterable[tuple[_KT_co, _VT_co]], /) -> bool: ...
+    if sys.version_info >= (3, 10):
+        @property
+        def mapping(self) -> MappingProxyType[_KT_co, _VT_co]: ...
+
+if sys.version_info >= (3, 12):
+    @runtime_checkable
+    class Buffer(Protocol):
+        @abstractmethod
+        def __buffer__(self, flags: int, /) -> memoryview: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_compat_pickle.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_compat_pickle.pyi
@@ -0,0 +1,8 @@
+IMPORT_MAPPING: dict[str, str]
+NAME_MAPPING: dict[tuple[str, str], tuple[str, str]]
+PYTHON2_EXCEPTIONS: tuple[str, ...]
+MULTIPROCESSING_EXCEPTIONS: tuple[str, ...]
+REVERSE_IMPORT_MAPPING: dict[str, str]
+REVERSE_NAME_MAPPING: dict[tuple[str, str], tuple[str, str]]
+PYTHON3_OSERROR_EXCEPTIONS: tuple[str, ...]
+PYTHON3_IMPORTERROR_EXCEPTIONS: tuple[str, ...]
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_compression.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_compression.pyi
@@ -0,0 +1,25 @@
+from _typeshed import WriteableBuffer
+from collections.abc import Callable
+from io import DEFAULT_BUFFER_SIZE, BufferedIOBase, RawIOBase
+from typing import Any, Protocol
+
+BUFFER_SIZE = DEFAULT_BUFFER_SIZE
+
+class _Reader(Protocol):
+    def read(self, n: int, /) -> bytes: ...
+    def seekable(self) -> bool: ...
+    def seek(self, n: int, /) -> Any: ...
+
+class BaseStream(BufferedIOBase): ...
+
+class DecompressReader(RawIOBase):
+    def __init__(
+        self,
+        fp: _Reader,
+        decomp_factory: Callable[..., object],
+        trailing_error: type[Exception] | tuple[type[Exception], ...] = (),
+        **decomp_args: Any,
+    ) -> None: ...
+    def readinto(self, b: WriteableBuffer) -> int: ...
+    def read(self, size: int = -1) -> bytes: ...
+    def seek(self, offset: int, whence: int = 0) -> int: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_csv.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_csv.pyi
@@ -0,0 +1,90 @@
+import sys
+from _typeshed import SupportsWrite
+from collections.abc import Iterable, Iterator
+from typing import Any, Final
+from typing_extensions import TypeAlias
+
+__version__: Final[str]
+
+QUOTE_ALL: Final = 1
+QUOTE_MINIMAL: Final = 0
+QUOTE_NONE: Final = 3
+QUOTE_NONNUMERIC: Final = 2
+if sys.version_info >= (3, 12):
+    QUOTE_STRINGS: Final = 4
+    QUOTE_NOTNULL: Final = 5
+
+# Ideally this would be `QUOTE_ALL | QUOTE_MINIMAL | QUOTE_NONE | QUOTE_NONNUMERIC`
+# However, using literals in situations like these can cause false-positives (see #7258)
+_QuotingType: TypeAlias = int
+
+class Error(Exception): ...
+
+class Dialect:
+    delimiter: str
+    quotechar: str | None
+    escapechar: str | None
+    doublequote: bool
+    skipinitialspace: bool
+    lineterminator: str
+    quoting: _QuotingType
+    strict: bool
+    def __init__(self) -> None: ...
+
+_DialectLike: TypeAlias = str | Dialect | type[Dialect]
+
+class _reader(Iterator[list[str]]):
+    @property
+    def dialect(self) -> Dialect: ...
+    line_num: int
+    def __next__(self) -> list[str]: ...
+
+class _writer:
+    @property
+    def dialect(self) -> Dialect: ...
+    def writerow(self, row: Iterable[Any]) -> Any: ...
+    def writerows(self, rows: Iterable[Iterable[Any]]) -> None: ...
+
+def writer(
+    csvfile: SupportsWrite[str],
+    dialect: _DialectLike = "excel",
+    *,
+    delimiter: str = ",",
+    quotechar: str | None = '"',
+    escapechar: str | None = None,
+    doublequote: bool = True,
+    skipinitialspace: bool = False,
+    lineterminator: str = "\r\n",
+    quoting: _QuotingType = 0,
+    strict: bool = False,
+) -> _writer: ...
+def reader(
+    csvfile: Iterable[str],
+    dialect: _DialectLike = "excel",
+    *,
+    delimiter: str = ",",
+    quotechar: str | None = '"',
+    escapechar: str | None = None,
+    doublequote: bool = True,
+    skipinitialspace: bool = False,
+    lineterminator: str = "\r\n",
+    quoting: _QuotingType = 0,
+    strict: bool = False,
+) -> _reader: ...
+def register_dialect(
+    name: str,
+    dialect: type[Dialect] = ...,
+    *,
+    delimiter: str = ",",
+    quotechar: str | None = '"',
+    escapechar: str | None = None,
+    doublequote: bool = True,
+    skipinitialspace: bool = False,
+    lineterminator: str = "\r\n",
+    quoting: _QuotingType = 0,
+    strict: bool = False,
+) -> None: ...
+def unregister_dialect(name: str) -> None: ...
+def get_dialect(name: str) -> Dialect: ...
+def list_dialects() -> list[str]: ...
+def field_size_limit(new_limit: int = ...) -> int: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_ctypes.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_ctypes.pyi
@@ -0,0 +1,210 @@
+import sys
+from _typeshed import ReadableBuffer, WriteableBuffer
+from abc import abstractmethod
+from collections.abc import Callable, Iterable, Iterator, Mapping, Sequence
+from ctypes import CDLL, ArgumentError as ArgumentError
+from typing import Any, ClassVar, Generic, TypeVar, overload
+from typing_extensions import Self, TypeAlias
+
+if sys.version_info >= (3, 9):
+    from types import GenericAlias
+
+_T = TypeVar("_T")
+_CT = TypeVar("_CT", bound=_CData)
+
+FUNCFLAG_CDECL: int
+FUNCFLAG_PYTHONAPI: int
+FUNCFLAG_USE_ERRNO: int
+FUNCFLAG_USE_LASTERROR: int
+RTLD_GLOBAL: int
+RTLD_LOCAL: int
+
+if sys.version_info >= (3, 11):
+    CTYPES_MAX_ARGCOUNT: int
+
+if sys.version_info >= (3, 12):
+    SIZEOF_TIME_T: int
+
+if sys.platform == "win32":
+    # Description, Source, HelpFile, HelpContext, scode
+    _COMError_Details: TypeAlias = tuple[str | None, str | None, str | None, int | None, int | None]
+
+    class COMError(Exception):
+        hresult: int
+        text: str | None
+        details: _COMError_Details
+
+        def __init__(self, hresult: int, text: str | None, details: _COMError_Details) -> None: ...
+
+    def CopyComPointer(src: _PointerLike, dst: _PointerLike | _CArgObject) -> int: ...
+
+    FUNCFLAG_HRESULT: int
+    FUNCFLAG_STDCALL: int
+
+    def FormatError(code: int = ...) -> str: ...
+    def get_last_error() -> int: ...
+    def set_last_error(value: int) -> int: ...
+    def LoadLibrary(name: str, load_flags: int = 0, /) -> int: ...
+    def FreeLibrary(handle: int, /) -> None: ...
+
+class _CDataMeta(type):
+    # By default mypy complains about the following two methods, because strictly speaking cls
+    # might not be a Type[_CT]. However this can never actually happen, because the only class that
+    # uses _CDataMeta as its metaclass is _CData. So it's safe to ignore the errors here.
+    def __mul__(cls: type[_CT], other: int) -> type[Array[_CT]]: ...  # type: ignore[misc]  # pyright: ignore[reportGeneralTypeIssues]
+    def __rmul__(cls: type[_CT], other: int) -> type[Array[_CT]]: ...  # type: ignore[misc]  # pyright: ignore[reportGeneralTypeIssues]
+
+class _CData(metaclass=_CDataMeta):
+    _b_base_: int
+    _b_needsfree_: bool
+    _objects: Mapping[Any, int] | None
+    # At runtime the following classmethods are available only on classes, not
+    # on instances. This can't be reflected properly in the type system:
+    #
+    # Structure.from_buffer(...)  # valid at runtime
+    # Structure(...).from_buffer(...)  # invalid at runtime
+    #
+    @classmethod
+    def from_buffer(cls, source: WriteableBuffer, offset: int = ...) -> Self: ...
+    @classmethod
+    def from_buffer_copy(cls, source: ReadableBuffer, offset: int = ...) -> Self: ...
+    @classmethod
+    def from_address(cls, address: int) -> Self: ...
+    @classmethod
+    def from_param(cls, value: Any, /) -> Self | _CArgObject: ...
+    @classmethod
+    def in_dll(cls, library: CDLL, name: str) -> Self: ...
+    def __buffer__(self, flags: int, /) -> memoryview: ...
+    def __release_buffer__(self, buffer: memoryview, /) -> None: ...
+
+class _SimpleCData(_CData, Generic[_T]):
+    value: _T
+    # The TypeVar can be unsolved here,
+    # but we can't use overloads without creating many, many mypy false-positive errors
+    def __init__(self, value: _T = ...) -> None: ...  # pyright: ignore[reportInvalidTypeVarUse]
+
+class _CanCastTo(_CData): ...
+class _PointerLike(_CanCastTo): ...
+
+class _Pointer(_PointerLike, _CData, Generic[_CT]):
+    _type_: type[_CT]
+    contents: _CT
+    @overload
+    def __init__(self) -> None: ...
+    @overload
+    def __init__(self, arg: _CT) -> None: ...
+    @overload
+    def __getitem__(self, key: int, /) -> Any: ...
+    @overload
+    def __getitem__(self, key: slice, /) -> list[Any]: ...
+    def __setitem__(self, key: int, value: Any, /) -> None: ...
+
+def POINTER(type: type[_CT], /) -> type[_Pointer[_CT]]: ...
+def pointer(obj: _CT, /) -> _Pointer[_CT]: ...
+
+class _CArgObject: ...
+
+def byref(obj: _CData, offset: int = ...) -> _CArgObject: ...
+
+_ECT: TypeAlias = Callable[[_CData | None, CFuncPtr, tuple[_CData, ...]], _CData]
+_PF: TypeAlias = tuple[int] | tuple[int, str | None] | tuple[int, str | None, Any]
+
+class CFuncPtr(_PointerLike, _CData):
+    restype: type[_CData] | Callable[[int], Any] | None
+    argtypes: Sequence[type[_CData]]
+    errcheck: _ECT
+    # Abstract attribute that must be defined on subclasses
+    _flags_: ClassVar[int]
+    @overload
+    def __init__(self) -> None: ...
+    @overload
+    def __init__(self, address: int, /) -> None: ...
+    @overload
+    def __init__(self, callable: Callable[..., Any], /) -> None: ...
+    @overload
+    def __init__(self, func_spec: tuple[str | int, CDLL], paramflags: tuple[_PF, ...] | None = ..., /) -> None: ...
+    if sys.platform == "win32":
+        @overload
+        def __init__(
+            self, vtbl_index: int, name: str, paramflags: tuple[_PF, ...] | None = ..., iid: _CData | None = ..., /
+        ) -> None: ...
+
+    def __call__(self, *args: Any, **kwargs: Any) -> Any: ...
+
+_GetT = TypeVar("_GetT")
+_SetT = TypeVar("_SetT")
+
+class _CField(Generic[_CT, _GetT, _SetT]):
+    offset: int
+    size: int
+    @overload
+    def __get__(self, instance: None, owner: type[Any] | None, /) -> Self: ...
+    @overload
+    def __get__(self, instance: Any, owner: type[Any] | None, /) -> _GetT: ...
+    def __set__(self, instance: Any, value: _SetT, /) -> None: ...
+
+class _StructUnionMeta(_CDataMeta):
+    _fields_: Sequence[tuple[str, type[_CData]] | tuple[str, type[_CData], int]]
+    _pack_: int
+    _anonymous_: Sequence[str]
+    def __getattr__(self, name: str) -> _CField[Any, Any, Any]: ...
+
+class _StructUnionBase(_CData, metaclass=_StructUnionMeta):
+    def __init__(self, *args: Any, **kw: Any) -> None: ...
+    def __getattr__(self, name: str) -> Any: ...
+    def __setattr__(self, name: str, value: Any) -> None: ...
+
+class Union(_StructUnionBase): ...
+class Structure(_StructUnionBase): ...
+
+class Array(_CData, Generic[_CT]):
+    @property
+    @abstractmethod
+    def _length_(self) -> int: ...
+    @_length_.setter
+    def _length_(self, value: int) -> None: ...
+    @property
+    @abstractmethod
+    def _type_(self) -> type[_CT]: ...
+    @_type_.setter
+    def _type_(self, value: type[_CT]) -> None: ...
+    # Note: only available if _CT == c_char
+    @property
+    def raw(self) -> bytes: ...
+    @raw.setter
+    def raw(self, value: ReadableBuffer) -> None: ...
+    value: Any  # Note: bytes if _CT == c_char, str if _CT == c_wchar, unavailable otherwise
+    # TODO These methods cannot be annotated correctly at the moment.
+    # All of these "Any"s stand for the array's element type, but it's not possible to use _CT
+    # here, because of a special feature of ctypes.
+    # By default, when accessing an element of an Array[_CT], the returned object has type _CT.
+    # However, when _CT is a "simple type" like c_int, ctypes automatically "unboxes" the object
+    # and converts it to the corresponding Python primitive. For example, when accessing an element
+    # of an Array[c_int], a Python int object is returned, not a c_int.
+    # This behavior does *not* apply to subclasses of "simple types".
+    # If MyInt is a subclass of c_int, then accessing an element of an Array[MyInt] returns
+    # a MyInt, not an int.
+    # This special behavior is not easy to model in a stub, so for now all places where
+    # the array element type would belong are annotated with Any instead.
+    def __init__(self, *args: Any) -> None: ...
+    @overload
+    def __getitem__(self, key: int, /) -> Any: ...
+    @overload
+    def __getitem__(self, key: slice, /) -> list[Any]: ...
+    @overload
+    def __setitem__(self, key: int, value: Any, /) -> None: ...
+    @overload
+    def __setitem__(self, key: slice, value: Iterable[Any], /) -> None: ...
+    def __iter__(self) -> Iterator[Any]: ...
+    # Can't inherit from Sized because the metaclass conflict between
+    # Sized and _CData prevents using _CDataMeta.
+    def __len__(self) -> int: ...
+    if sys.version_info >= (3, 9):
+        def __class_getitem__(cls, item: Any, /) -> GenericAlias: ...
+
+def addressof(obj: _CData, /) -> int: ...
+def alignment(obj_or_type: _CData | type[_CData], /) -> int: ...
+def get_errno() -> int: ...
+def resize(obj: _CData, size: int, /) -> None: ...
+def set_errno(value: int, /) -> int: ...
+def sizeof(obj_or_type: _CData | type[_CData], /) -> int: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_curses.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_curses.pyi
@@ -0,0 +1,558 @@
+import sys
+from _typeshed import ReadOnlyBuffer, SupportsRead
+from typing import IO, Any, NamedTuple, final, overload
+from typing_extensions import TypeAlias
+
+# NOTE: This module is ordinarily only available on Unix, but the windows-curses
+# package makes it available on Windows as well with the same contents.
+
+# Handled by PyCurses_ConvertToChtype in _cursesmodule.c.
+_ChType: TypeAlias = str | bytes | int
+
+# ACS codes are only initialized after initscr is called
+ACS_BBSS: int
+ACS_BLOCK: int
+ACS_BOARD: int
+ACS_BSBS: int
+ACS_BSSB: int
+ACS_BSSS: int
+ACS_BTEE: int
+ACS_BULLET: int
+ACS_CKBOARD: int
+ACS_DARROW: int
+ACS_DEGREE: int
+ACS_DIAMOND: int
+ACS_GEQUAL: int
+ACS_HLINE: int
+ACS_LANTERN: int
+ACS_LARROW: int
+ACS_LEQUAL: int
+ACS_LLCORNER: int
+ACS_LRCORNER: int
+ACS_LTEE: int
+ACS_NEQUAL: int
+ACS_PI: int
+ACS_PLMINUS: int
+ACS_PLUS: int
+ACS_RARROW: int
+ACS_RTEE: int
+ACS_S1: int
+ACS_S3: int
+ACS_S7: int
+ACS_S9: int
+ACS_SBBS: int
+ACS_SBSB: int
+ACS_SBSS: int
+ACS_SSBB: int
+ACS_SSBS: int
+ACS_SSSB: int
+ACS_SSSS: int
+ACS_STERLING: int
+ACS_TTEE: int
+ACS_UARROW: int
+ACS_ULCORNER: int
+ACS_URCORNER: int
+ACS_VLINE: int
+ALL_MOUSE_EVENTS: int
+A_ALTCHARSET: int
+A_ATTRIBUTES: int
+A_BLINK: int
+A_BOLD: int
+A_CHARTEXT: int
+A_COLOR: int
+A_DIM: int
+A_HORIZONTAL: int
+A_INVIS: int
+A_ITALIC: int
+A_LEFT: int
+A_LOW: int
+A_NORMAL: int
+A_PROTECT: int
+A_REVERSE: int
+A_RIGHT: int
+A_STANDOUT: int
+A_TOP: int
+A_UNDERLINE: int
+A_VERTICAL: int
+BUTTON1_CLICKED: int
+BUTTON1_DOUBLE_CLICKED: int
+BUTTON1_PRESSED: int
+BUTTON1_RELEASED: int
+BUTTON1_TRIPLE_CLICKED: int
+BUTTON2_CLICKED: int
+BUTTON2_DOUBLE_CLICKED: int
+BUTTON2_PRESSED: int
+BUTTON2_RELEASED: int
+BUTTON2_TRIPLE_CLICKED: int
+BUTTON3_CLICKED: int
+BUTTON3_DOUBLE_CLICKED: int
+BUTTON3_PRESSED: int
+BUTTON3_RELEASED: int
+BUTTON3_TRIPLE_CLICKED: int
+BUTTON4_CLICKED: int
+BUTTON4_DOUBLE_CLICKED: int
+BUTTON4_PRESSED: int
+BUTTON4_RELEASED: int
+BUTTON4_TRIPLE_CLICKED: int
+# Darwin ncurses doesn't provide BUTTON5_* constants
+if sys.version_info >= (3, 10) and sys.platform != "darwin":
+    BUTTON5_PRESSED: int
+    BUTTON5_RELEASED: int
+    BUTTON5_CLICKED: int
+    BUTTON5_DOUBLE_CLICKED: int
+    BUTTON5_TRIPLE_CLICKED: int
+BUTTON_ALT: int
+BUTTON_CTRL: int
+BUTTON_SHIFT: int
+COLOR_BLACK: int
+COLOR_BLUE: int
+COLOR_CYAN: int
+COLOR_GREEN: int
+COLOR_MAGENTA: int
+COLOR_RED: int
+COLOR_WHITE: int
+COLOR_YELLOW: int
+ERR: int
+KEY_A1: int
+KEY_A3: int
+KEY_B2: int
+KEY_BACKSPACE: int
+KEY_BEG: int
+KEY_BREAK: int
+KEY_BTAB: int
+KEY_C1: int
+KEY_C3: int
+KEY_CANCEL: int
+KEY_CATAB: int
+KEY_CLEAR: int
+KEY_CLOSE: int
+KEY_COMMAND: int
+KEY_COPY: int
+KEY_CREATE: int
+KEY_CTAB: int
+KEY_DC: int
+KEY_DL: int
+KEY_DOWN: int
+KEY_EIC: int
+KEY_END: int
+KEY_ENTER: int
+KEY_EOL: int
+KEY_EOS: int
+KEY_EXIT: int
+KEY_F0: int
+KEY_F1: int
+KEY_F10: int
+KEY_F11: int
+KEY_F12: int
+KEY_F13: int
+KEY_F14: int
+KEY_F15: int
+KEY_F16: int
+KEY_F17: int
+KEY_F18: int
+KEY_F19: int
+KEY_F2: int
+KEY_F20: int
+KEY_F21: int
+KEY_F22: int
+KEY_F23: int
+KEY_F24: int
+KEY_F25: int
+KEY_F26: int
+KEY_F27: int
+KEY_F28: int
+KEY_F29: int
+KEY_F3: int
+KEY_F30: int
+KEY_F31: int
+KEY_F32: int
+KEY_F33: int
+KEY_F34: int
+KEY_F35: int
+KEY_F36: int
+KEY_F37: int
+KEY_F38: int
+KEY_F39: int
+KEY_F4: int
+KEY_F40: int
+KEY_F41: int
+KEY_F42: int
+KEY_F43: int
+KEY_F44: int
+KEY_F45: int
+KEY_F46: int
+KEY_F47: int
+KEY_F48: int
+KEY_F49: int
+KEY_F5: int
+KEY_F50: int
+KEY_F51: int
+KEY_F52: int
+KEY_F53: int
+KEY_F54: int
+KEY_F55: int
+KEY_F56: int
+KEY_F57: int
+KEY_F58: int
+KEY_F59: int
+KEY_F6: int
+KEY_F60: int
+KEY_F61: int
+KEY_F62: int
+KEY_F63: int
+KEY_F7: int
+KEY_F8: int
+KEY_F9: int
+KEY_FIND: int
+KEY_HELP: int
+KEY_HOME: int
+KEY_IC: int
+KEY_IL: int
+KEY_LEFT: int
+KEY_LL: int
+KEY_MARK: int
+KEY_MAX: int
+KEY_MESSAGE: int
+KEY_MIN: int
+KEY_MOUSE: int
+KEY_MOVE: int
+KEY_NEXT: int
+KEY_NPAGE: int
+KEY_OPEN: int
+KEY_OPTIONS: int
+KEY_PPAGE: int
+KEY_PREVIOUS: int
+KEY_PRINT: int
+KEY_REDO: int
+KEY_REFERENCE: int
+KEY_REFRESH: int
+KEY_REPLACE: int
+KEY_RESET: int
+KEY_RESIZE: int
+KEY_RESTART: int
+KEY_RESUME: int
+KEY_RIGHT: int
+KEY_SAVE: int
+KEY_SBEG: int
+KEY_SCANCEL: int
+KEY_SCOMMAND: int
+KEY_SCOPY: int
+KEY_SCREATE: int
+KEY_SDC: int
+KEY_SDL: int
+KEY_SELECT: int
+KEY_SEND: int
+KEY_SEOL: int
+KEY_SEXIT: int
+KEY_SF: int
+KEY_SFIND: int
+KEY_SHELP: int
+KEY_SHOME: int
+KEY_SIC: int
+KEY_SLEFT: int
+KEY_SMESSAGE: int
+KEY_SMOVE: int
+KEY_SNEXT: int
+KEY_SOPTIONS: int
+KEY_SPREVIOUS: int
+KEY_SPRINT: int
+KEY_SR: int
+KEY_SREDO: int
+KEY_SREPLACE: int
+KEY_SRESET: int
+KEY_SRIGHT: int
+KEY_SRSUME: int
+KEY_SSAVE: int
+KEY_SSUSPEND: int
+KEY_STAB: int
+KEY_SUNDO: int
+KEY_SUSPEND: int
+KEY_UNDO: int
+KEY_UP: int
+OK: int
+REPORT_MOUSE_POSITION: int
+_C_API: Any
+version: bytes
+
+def baudrate() -> int: ...
+def beep() -> None: ...
+def can_change_color() -> bool: ...
+def cbreak(flag: bool = True, /) -> None: ...
+def color_content(color_number: int, /) -> tuple[int, int, int]: ...
+def color_pair(pair_number: int, /) -> int: ...
+def curs_set(visibility: int, /) -> int: ...
+def def_prog_mode() -> None: ...
+def def_shell_mode() -> None: ...
+def delay_output(ms: int, /) -> None: ...
+def doupdate() -> None: ...
+def echo(flag: bool = True, /) -> None: ...
+def endwin() -> None: ...
+def erasechar() -> bytes: ...
+def filter() -> None: ...
+def flash() -> None: ...
+def flushinp() -> None: ...
+
+if sys.version_info >= (3, 9):
+    def get_escdelay() -> int: ...
+    def get_tabsize() -> int: ...
+
+def getmouse() -> tuple[int, int, int, int, int]: ...
+def getsyx() -> tuple[int, int]: ...
+def getwin(file: SupportsRead[bytes], /) -> _CursesWindow: ...
+def halfdelay(tenths: int, /) -> None: ...
+def has_colors() -> bool: ...
+
+if sys.version_info >= (3, 10):
+    def has_extended_color_support() -> bool: ...
+
+def has_ic() -> bool: ...
+def has_il() -> bool: ...
+def has_key(key: int, /) -> bool: ...
+def init_color(color_number: int, r: int, g: int, b: int, /) -> None: ...
+def init_pair(pair_number: int, fg: int, bg: int, /) -> None: ...
+def initscr() -> _CursesWindow: ...
+def intrflush(flag: bool, /) -> None: ...
+def is_term_resized(nlines: int, ncols: int, /) -> bool: ...
+def isendwin() -> bool: ...
+def keyname(key: int, /) -> bytes: ...
+def killchar() -> bytes: ...
+def longname() -> bytes: ...
+def meta(yes: bool, /) -> None: ...
+def mouseinterval(interval: int, /) -> None: ...
+def mousemask(newmask: int, /) -> tuple[int, int]: ...
+def napms(ms: int, /) -> int: ...
+def newpad(nlines: int, ncols: int, /) -> _CursesWindow: ...
+def newwin(nlines: int, ncols: int, begin_y: int = ..., begin_x: int = ..., /) -> _CursesWindow: ...
+def nl(flag: bool = True, /) -> None: ...
+def nocbreak() -> None: ...
+def noecho() -> None: ...
+def nonl() -> None: ...
+def noqiflush() -> None: ...
+def noraw() -> None: ...
+def pair_content(pair_number: int, /) -> tuple[int, int]: ...
+def pair_number(attr: int, /) -> int: ...
+def putp(string: ReadOnlyBuffer, /) -> None: ...
+def qiflush(flag: bool = True, /) -> None: ...
+def raw(flag: bool = True, /) -> None: ...
+def reset_prog_mode() -> None: ...
+def reset_shell_mode() -> None: ...
+def resetty() -> None: ...
+def resize_term(nlines: int, ncols: int, /) -> None: ...
+def resizeterm(nlines: int, ncols: int, /) -> None: ...
+def savetty() -> None: ...
+
+if sys.version_info >= (3, 9):
+    def set_escdelay(ms: int, /) -> None: ...
+    def set_tabsize(size: int, /) -> None: ...
+
+def setsyx(y: int, x: int, /) -> None: ...
+def setupterm(term: str | None = None, fd: int = -1) -> None: ...
+def start_color() -> None: ...
+def termattrs() -> int: ...
+def termname() -> bytes: ...
+def tigetflag(capname: str, /) -> int: ...
+def tigetnum(capname: str, /) -> int: ...
+def tigetstr(capname: str, /) -> bytes | None: ...
+def tparm(
+    str: ReadOnlyBuffer,
+    i1: int = 0,
+    i2: int = 0,
+    i3: int = 0,
+    i4: int = 0,
+    i5: int = 0,
+    i6: int = 0,
+    i7: int = 0,
+    i8: int = 0,
+    i9: int = 0,
+    /,
+) -> bytes: ...
+def typeahead(fd: int, /) -> None: ...
+def unctrl(ch: _ChType, /) -> bytes: ...
+def unget_wch(ch: int | str, /) -> None: ...
+def ungetch(ch: _ChType, /) -> None: ...
+def ungetmouse(id: int, x: int, y: int, z: int, bstate: int, /) -> None: ...
+def update_lines_cols() -> None: ...
+def use_default_colors() -> None: ...
+def use_env(flag: bool, /) -> None: ...
+
+class error(Exception): ...
+
+@final
+class _CursesWindow:
+    encoding: str
+    @overload
+    def addch(self, ch: _ChType, attr: int = ...) -> None: ...
+    @overload
+    def addch(self, y: int, x: int, ch: _ChType, attr: int = ...) -> None: ...
+    @overload
+    def addnstr(self, str: str, n: int, attr: int = ...) -> None: ...
+    @overload
+    def addnstr(self, y: int, x: int, str: str, n: int, attr: int = ...) -> None: ...
+    @overload
+    def addstr(self, str: str, attr: int = ...) -> None: ...
+    @overload
+    def addstr(self, y: int, x: int, str: str, attr: int = ...) -> None: ...
+    def attroff(self, attr: int, /) -> None: ...
+    def attron(self, attr: int, /) -> None: ...
+    def attrset(self, attr: int, /) -> None: ...
+    def bkgd(self, ch: _ChType, attr: int = ..., /) -> None: ...
+    def bkgdset(self, ch: _ChType, attr: int = ..., /) -> None: ...
+    def border(
+        self,
+        ls: _ChType = ...,
+        rs: _ChType = ...,
+        ts: _ChType = ...,
+        bs: _ChType = ...,
+        tl: _ChType = ...,
+        tr: _ChType = ...,
+        bl: _ChType = ...,
+        br: _ChType = ...,
+    ) -> None: ...
+    @overload
+    def box(self) -> None: ...
+    @overload
+    def box(self, vertch: _ChType = ..., horch: _ChType = ...) -> None: ...
+    @overload
+    def chgat(self, attr: int) -> None: ...
+    @overload
+    def chgat(self, num: int, attr: int) -> None: ...
+    @overload
+    def chgat(self, y: int, x: int, attr: int) -> None: ...
+    @overload
+    def chgat(self, y: int, x: int, num: int, attr: int) -> None: ...
+    def clear(self) -> None: ...
+    def clearok(self, yes: int) -> None: ...
+    def clrtobot(self) -> None: ...
+    def clrtoeol(self) -> None: ...
+    def cursyncup(self) -> None: ...
+    @overload
+    def delch(self) -> None: ...
+    @overload
+    def delch(self, y: int, x: int) -> None: ...
+    def deleteln(self) -> None: ...
+    @overload
+    def derwin(self, begin_y: int, begin_x: int) -> _CursesWindow: ...
+    @overload
+    def derwin(self, nlines: int, ncols: int, begin_y: int, begin_x: int) -> _CursesWindow: ...
+    def echochar(self, ch: _ChType, attr: int = ..., /) -> None: ...
+    def enclose(self, y: int, x: int, /) -> bool: ...
+    def erase(self) -> None: ...
+    def getbegyx(self) -> tuple[int, int]: ...
+    def getbkgd(self) -> tuple[int, int]: ...
+    @overload
+    def getch(self) -> int: ...
+    @overload
+    def getch(self, y: int, x: int) -> int: ...
+    @overload
+    def get_wch(self) -> int | str: ...
+    @overload
+    def get_wch(self, y: int, x: int) -> int | str: ...
+    @overload
+    def getkey(self) -> str: ...
+    @overload
+    def getkey(self, y: int, x: int) -> str: ...
+    def getmaxyx(self) -> tuple[int, int]: ...
+    def getparyx(self) -> tuple[int, int]: ...
+    @overload
+    def getstr(self) -> bytes: ...
+    @overload
+    def getstr(self, n: int) -> bytes: ...
+    @overload
+    def getstr(self, y: int, x: int) -> bytes: ...
+    @overload
+    def getstr(self, y: int, x: int, n: int) -> bytes: ...
+    def getyx(self) -> tuple[int, int]: ...
+    @overload
+    def hline(self, ch: _ChType, n: int) -> None: ...
+    @overload
+    def hline(self, y: int, x: int, ch: _ChType, n: int) -> None: ...
+    def idcok(self, flag: bool) -> None: ...
+    def idlok(self, yes: bool) -> None: ...
+    def immedok(self, flag: bool) -> None: ...
+    @overload
+    def inch(self) -> int: ...
+    @overload
+    def inch(self, y: int, x: int) -> int: ...
+    @overload
+    def insch(self, ch: _ChType, attr: int = ...) -> None: ...
+    @overload
+    def insch(self, y: int, x: int, ch: _ChType, attr: int = ...) -> None: ...
+    def insdelln(self, nlines: int) -> None: ...
+    def insertln(self) -> None: ...
+    @overload
+    def insnstr(self, str: str, n: int, attr: int = ...) -> None: ...
+    @overload
+    def insnstr(self, y: int, x: int, str: str, n: int, attr: int = ...) -> None: ...
+    @overload
+    def insstr(self, str: str, attr: int = ...) -> None: ...
+    @overload
+    def insstr(self, y: int, x: int, str: str, attr: int = ...) -> None: ...
+    @overload
+    def instr(self, n: int = ...) -> bytes: ...
+    @overload
+    def instr(self, y: int, x: int, n: int = ...) -> bytes: ...
+    def is_linetouched(self, line: int, /) -> bool: ...
+    def is_wintouched(self) -> bool: ...
+    def keypad(self, yes: bool) -> None: ...
+    def leaveok(self, yes: bool) -> None: ...
+    def move(self, new_y: int, new_x: int) -> None: ...
+    def mvderwin(self, y: int, x: int) -> None: ...
+    def mvwin(self, new_y: int, new_x: int) -> None: ...
+    def nodelay(self, yes: bool) -> None: ...
+    def notimeout(self, yes: bool) -> None: ...
+    @overload
+    def noutrefresh(self) -> None: ...
+    @overload
+    def noutrefresh(self, pminrow: int, pmincol: int, sminrow: int, smincol: int, smaxrow: int, smaxcol: int) -> None: ...
+    @overload
+    def overlay(self, destwin: _CursesWindow) -> None: ...
+    @overload
+    def overlay(
+        self, destwin: _CursesWindow, sminrow: int, smincol: int, dminrow: int, dmincol: int, dmaxrow: int, dmaxcol: int
+    ) -> None: ...
+    @overload
+    def overwrite(self, destwin: _CursesWindow) -> None: ...
+    @overload
+    def overwrite(
+        self, destwin: _CursesWindow, sminrow: int, smincol: int, dminrow: int, dmincol: int, dmaxrow: int, dmaxcol: int
+    ) -> None: ...
+    def putwin(self, file: IO[Any], /) -> None: ...
+    def redrawln(self, beg: int, num: int, /) -> None: ...
+    def redrawwin(self) -> None: ...
+    @overload
+    def refresh(self) -> None: ...
+    @overload
+    def refresh(self, pminrow: int, pmincol: int, sminrow: int, smincol: int, smaxrow: int, smaxcol: int) -> None: ...
+    def resize(self, nlines: int, ncols: int) -> None: ...
+    def scroll(self, lines: int = ...) -> None: ...
+    def scrollok(self, flag: bool) -> None: ...
+    def setscrreg(self, top: int, bottom: int, /) -> None: ...
+    def standend(self) -> None: ...
+    def standout(self) -> None: ...
+    @overload
+    def subpad(self, begin_y: int, begin_x: int) -> _CursesWindow: ...
+    @overload
+    def subpad(self, nlines: int, ncols: int, begin_y: int, begin_x: int) -> _CursesWindow: ...
+    @overload
+    def subwin(self, begin_y: int, begin_x: int) -> _CursesWindow: ...
+    @overload
+    def subwin(self, nlines: int, ncols: int, begin_y: int, begin_x: int) -> _CursesWindow: ...
+    def syncdown(self) -> None: ...
+    def syncok(self, flag: bool) -> None: ...
+    def syncup(self) -> None: ...
+    def timeout(self, delay: int) -> None: ...
+    def touchline(self, start: int, count: int, changed: bool = ...) -> None: ...
+    def touchwin(self) -> None: ...
+    def untouchwin(self) -> None: ...
+    @overload
+    def vline(self, ch: _ChType, n: int) -> None: ...
+    @overload
+    def vline(self, y: int, x: int, ch: _ChType, n: int) -> None: ...
+
+class _ncurses_version(NamedTuple):
+    major: int
+    minor: int
+    patch: int
+
+ncurses_version: _ncurses_version
+window = _CursesWindow  # undocumented
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_decimal.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_decimal.pyi
@@ -0,0 +1,281 @@
+import numbers
+import sys
+from collections.abc import Container, Sequence
+from types import TracebackType
+from typing import Any, ClassVar, Final, Literal, NamedTuple, overload
+from typing_extensions import Self, TypeAlias
+
+_Decimal: TypeAlias = Decimal | int
+_DecimalNew: TypeAlias = Decimal | float | str | tuple[int, Sequence[int], int]
+_ComparableNum: TypeAlias = Decimal | float | numbers.Rational
+
+__version__: Final[str]
+__libmpdec_version__: Final[str]
+
+class DecimalTuple(NamedTuple):
+    sign: int
+    digits: tuple[int, ...]
+    exponent: int | Literal["n", "N", "F"]
+
+ROUND_DOWN: Final[str]
+ROUND_HALF_UP: Final[str]
+ROUND_HALF_EVEN: Final[str]
+ROUND_CEILING: Final[str]
+ROUND_FLOOR: Final[str]
+ROUND_UP: Final[str]
+ROUND_HALF_DOWN: Final[str]
+ROUND_05UP: Final[str]
+HAVE_CONTEXTVAR: Final[bool]
+HAVE_THREADS: Final[bool]
+MAX_EMAX: Final[int]
+MAX_PREC: Final[int]
+MIN_EMIN: Final[int]
+MIN_ETINY: Final[int]
+
+class DecimalException(ArithmeticError): ...
+class Clamped(DecimalException): ...
+class InvalidOperation(DecimalException): ...
+class ConversionSyntax(InvalidOperation): ...
+class DivisionByZero(DecimalException, ZeroDivisionError): ...
+class DivisionImpossible(InvalidOperation): ...
+class DivisionUndefined(InvalidOperation, ZeroDivisionError): ...
+class Inexact(DecimalException): ...
+class InvalidContext(InvalidOperation): ...
+class Rounded(DecimalException): ...
+class Subnormal(DecimalException): ...
+class Overflow(Inexact, Rounded): ...
+class Underflow(Inexact, Rounded, Subnormal): ...
+class FloatOperation(DecimalException, TypeError): ...
+
+def setcontext(context: Context, /) -> None: ...
+def getcontext() -> Context: ...
+
+if sys.version_info >= (3, 11):
+    def localcontext(
+        ctx: Context | None = None,
+        *,
+        prec: int | None = ...,
+        rounding: str | None = ...,
+        Emin: int | None = ...,
+        Emax: int | None = ...,
+        capitals: int | None = ...,
+        clamp: int | None = ...,
+        traps: dict[_TrapType, bool] | None = ...,
+        flags: dict[_TrapType, bool] | None = ...,
+    ) -> _ContextManager: ...
+
+else:
+    def localcontext(ctx: Context | None = None) -> _ContextManager: ...
+
+class Decimal:
+    def __new__(cls, value: _DecimalNew = ..., context: Context | None = ...) -> Self: ...
+    @classmethod
+    def from_float(cls, f: float, /) -> Self: ...
+    def __bool__(self) -> bool: ...
+    def compare(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def __hash__(self) -> int: ...
+    def as_tuple(self) -> DecimalTuple: ...
+    def as_integer_ratio(self) -> tuple[int, int]: ...
+    def to_eng_string(self, context: Context | None = None) -> str: ...
+    def __abs__(self) -> Decimal: ...
+    def __add__(self, value: _Decimal, /) -> Decimal: ...
+    def __divmod__(self, value: _Decimal, /) -> tuple[Decimal, Decimal]: ...
+    def __eq__(self, value: object, /) -> bool: ...
+    def __floordiv__(self, value: _Decimal, /) -> Decimal: ...
+    def __ge__(self, value: _ComparableNum, /) -> bool: ...
+    def __gt__(self, value: _ComparableNum, /) -> bool: ...
+    def __le__(self, value: _ComparableNum, /) -> bool: ...
+    def __lt__(self, value: _ComparableNum, /) -> bool: ...
+    def __mod__(self, value: _Decimal, /) -> Decimal: ...
+    def __mul__(self, value: _Decimal, /) -> Decimal: ...
+    def __neg__(self) -> Decimal: ...
+    def __pos__(self) -> Decimal: ...
+    def __pow__(self, value: _Decimal, mod: _Decimal | None = None, /) -> Decimal: ...
+    def __radd__(self, value: _Decimal, /) -> Decimal: ...
+    def __rdivmod__(self, value: _Decimal, /) -> tuple[Decimal, Decimal]: ...
+    def __rfloordiv__(self, value: _Decimal, /) -> Decimal: ...
+    def __rmod__(self, value: _Decimal, /) -> Decimal: ...
+    def __rmul__(self, value: _Decimal, /) -> Decimal: ...
+    def __rsub__(self, value: _Decimal, /) -> Decimal: ...
+    def __rtruediv__(self, value: _Decimal, /) -> Decimal: ...
+    def __sub__(self, value: _Decimal, /) -> Decimal: ...
+    def __truediv__(self, value: _Decimal, /) -> Decimal: ...
+    def remainder_near(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def __float__(self) -> float: ...
+    def __int__(self) -> int: ...
+    def __trunc__(self) -> int: ...
+    @property
+    def real(self) -> Decimal: ...
+    @property
+    def imag(self) -> Decimal: ...
+    def conjugate(self) -> Decimal: ...
+    def __complex__(self) -> complex: ...
+    @overload
+    def __round__(self) -> int: ...
+    @overload
+    def __round__(self, ndigits: int, /) -> Decimal: ...
+    def __floor__(self) -> int: ...
+    def __ceil__(self) -> int: ...
+    def fma(self, other: _Decimal, third: _Decimal, context: Context | None = None) -> Decimal: ...
+    def __rpow__(self, value: _Decimal, mod: Context | None = None, /) -> Decimal: ...
+    def normalize(self, context: Context | None = None) -> Decimal: ...
+    def quantize(self, exp: _Decimal, rounding: str | None = None, context: Context | None = None) -> Decimal: ...
+    def same_quantum(self, other: _Decimal, context: Context | None = None) -> bool: ...
+    def to_integral_exact(self, rounding: str | None = None, context: Context | None = None) -> Decimal: ...
+    def to_integral_value(self, rounding: str | None = None, context: Context | None = None) -> Decimal: ...
+    def to_integral(self, rounding: str | None = None, context: Context | None = None) -> Decimal: ...
+    def sqrt(self, context: Context | None = None) -> Decimal: ...
+    def max(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def min(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def adjusted(self) -> int: ...
+    def canonical(self) -> Decimal: ...
+    def compare_signal(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def compare_total(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def compare_total_mag(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def copy_abs(self) -> Decimal: ...
+    def copy_negate(self) -> Decimal: ...
+    def copy_sign(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def exp(self, context: Context | None = None) -> Decimal: ...
+    def is_canonical(self) -> bool: ...
+    def is_finite(self) -> bool: ...
+    def is_infinite(self) -> bool: ...
+    def is_nan(self) -> bool: ...
+    def is_normal(self, context: Context | None = None) -> bool: ...
+    def is_qnan(self) -> bool: ...
+    def is_signed(self) -> bool: ...
+    def is_snan(self) -> bool: ...
+    def is_subnormal(self, context: Context | None = None) -> bool: ...
+    def is_zero(self) -> bool: ...
+    def ln(self, context: Context | None = None) -> Decimal: ...
+    def log10(self, context: Context | None = None) -> Decimal: ...
+    def logb(self, context: Context | None = None) -> Decimal: ...
+    def logical_and(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def logical_invert(self, context: Context | None = None) -> Decimal: ...
+    def logical_or(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def logical_xor(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def max_mag(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def min_mag(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def next_minus(self, context: Context | None = None) -> Decimal: ...
+    def next_plus(self, context: Context | None = None) -> Decimal: ...
+    def next_toward(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def number_class(self, context: Context | None = None) -> str: ...
+    def radix(self) -> Decimal: ...
+    def rotate(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def scaleb(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def shift(self, other: _Decimal, context: Context | None = None) -> Decimal: ...
+    def __reduce__(self) -> tuple[type[Self], tuple[str]]: ...
+    def __copy__(self) -> Self: ...
+    def __deepcopy__(self, memo: Any, /) -> Self: ...
+    def __format__(self, specifier: str, context: Context | None = ..., /) -> str: ...
+
+class _ContextManager:
+    new_context: Context
+    saved_context: Context
+    def __init__(self, new_context: Context) -> None: ...
+    def __enter__(self) -> Context: ...
+    def __exit__(self, t: type[BaseException] | None, v: BaseException | None, tb: TracebackType | None) -> None: ...
+
+_TrapType: TypeAlias = type[DecimalException]
+
+class Context:
+    # TODO: Context doesn't allow you to delete *any* attributes from instances of the class at runtime,
+    # even settable attributes like `prec` and `rounding`,
+    # but that's inexpressable in the stub.
+    # Type checkers either ignore it or misinterpret it
+    # if you add a `def __delattr__(self, name: str, /) -> NoReturn` method to the stub
+    prec: int
+    rounding: str
+    Emin: int
+    Emax: int
+    capitals: int
+    clamp: int
+    traps: dict[_TrapType, bool]
+    flags: dict[_TrapType, bool]
+    def __init__(
+        self,
+        prec: int | None = ...,
+        rounding: str | None = ...,
+        Emin: int | None = ...,
+        Emax: int | None = ...,
+        capitals: int | None = ...,
+        clamp: int | None = ...,
+        flags: None | dict[_TrapType, bool] | Container[_TrapType] = ...,
+        traps: None | dict[_TrapType, bool] | Container[_TrapType] = ...,
+        _ignored_flags: list[_TrapType] | None = ...,
+    ) -> None: ...
+    def __reduce__(self) -> tuple[type[Self], tuple[Any, ...]]: ...
+    def clear_flags(self) -> None: ...
+    def clear_traps(self) -> None: ...
+    def copy(self) -> Context: ...
+    def __copy__(self) -> Context: ...
+    # see https://github.com/python/cpython/issues/94107
+    __hash__: ClassVar[None]  # type: ignore[assignment]
+    def Etiny(self) -> int: ...
+    def Etop(self) -> int: ...
+    def create_decimal(self, num: _DecimalNew = "0", /) -> Decimal: ...
+    def create_decimal_from_float(self, f: float, /) -> Decimal: ...
+    def abs(self, x: _Decimal, /) -> Decimal: ...
+    def add(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def canonical(self, x: Decimal, /) -> Decimal: ...
+    def compare(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def compare_signal(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def compare_total(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def compare_total_mag(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def copy_abs(self, x: _Decimal, /) -> Decimal: ...
+    def copy_decimal(self, x: _Decimal, /) -> Decimal: ...
+    def copy_negate(self, x: _Decimal, /) -> Decimal: ...
+    def copy_sign(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def divide(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def divide_int(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def divmod(self, x: _Decimal, y: _Decimal, /) -> tuple[Decimal, Decimal]: ...
+    def exp(self, x: _Decimal, /) -> Decimal: ...
+    def fma(self, x: _Decimal, y: _Decimal, z: _Decimal, /) -> Decimal: ...
+    def is_canonical(self, x: _Decimal, /) -> bool: ...
+    def is_finite(self, x: _Decimal, /) -> bool: ...
+    def is_infinite(self, x: _Decimal, /) -> bool: ...
+    def is_nan(self, x: _Decimal, /) -> bool: ...
+    def is_normal(self, x: _Decimal, /) -> bool: ...
+    def is_qnan(self, x: _Decimal, /) -> bool: ...
+    def is_signed(self, x: _Decimal, /) -> bool: ...
+    def is_snan(self, x: _Decimal, /) -> bool: ...
+    def is_subnormal(self, x: _Decimal, /) -> bool: ...
+    def is_zero(self, x: _Decimal, /) -> bool: ...
+    def ln(self, x: _Decimal, /) -> Decimal: ...
+    def log10(self, x: _Decimal, /) -> Decimal: ...
+    def logb(self, x: _Decimal, /) -> Decimal: ...
+    def logical_and(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def logical_invert(self, x: _Decimal, /) -> Decimal: ...
+    def logical_or(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def logical_xor(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def max(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def max_mag(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def min(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def min_mag(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def minus(self, x: _Decimal, /) -> Decimal: ...
+    def multiply(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def next_minus(self, x: _Decimal, /) -> Decimal: ...
+    def next_plus(self, x: _Decimal, /) -> Decimal: ...
+    def next_toward(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def normalize(self, x: _Decimal, /) -> Decimal: ...
+    def number_class(self, x: _Decimal, /) -> str: ...
+    def plus(self, x: _Decimal, /) -> Decimal: ...
+    def power(self, a: _Decimal, b: _Decimal, modulo: _Decimal | None = None) -> Decimal: ...
+    def quantize(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def radix(self) -> Decimal: ...
+    def remainder(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def remainder_near(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def rotate(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def same_quantum(self, x: _Decimal, y: _Decimal, /) -> bool: ...
+    def scaleb(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def shift(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def sqrt(self, x: _Decimal, /) -> Decimal: ...
+    def subtract(self, x: _Decimal, y: _Decimal, /) -> Decimal: ...
+    def to_eng_string(self, x: _Decimal, /) -> str: ...
+    def to_sci_string(self, x: _Decimal, /) -> str: ...
+    def to_integral_exact(self, x: _Decimal, /) -> Decimal: ...
+    def to_integral_value(self, x: _Decimal, /) -> Decimal: ...
+    def to_integral(self, x: _Decimal, /) -> Decimal: ...
+
+DefaultContext: Context
+BasicContext: Context
+ExtendedContext: Context
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_dummy_thread.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_dummy_thread.pyi
@@ -0,0 +1,33 @@
+from collections.abc import Callable
+from types import TracebackType
+from typing import Any, NoReturn, overload
+from typing_extensions import TypeVarTuple, Unpack
+
+__all__ = ["error", "start_new_thread", "exit", "get_ident", "allocate_lock", "interrupt_main", "LockType", "RLock"]
+
+_Ts = TypeVarTuple("_Ts")
+
+TIMEOUT_MAX: int
+error = RuntimeError
+
+@overload
+def start_new_thread(function: Callable[[Unpack[_Ts]], object], args: tuple[Unpack[_Ts]]) -> None: ...
+@overload
+def start_new_thread(function: Callable[..., object], args: tuple[Any, ...], kwargs: dict[str, Any]) -> None: ...
+def exit() -> NoReturn: ...
+def get_ident() -> int: ...
+def allocate_lock() -> LockType: ...
+def stack_size(size: int | None = None) -> int: ...
+
+class LockType:
+    locked_status: bool
+    def acquire(self, waitflag: bool | None = None, timeout: int = -1) -> bool: ...
+    def __enter__(self, waitflag: bool | None = None, timeout: int = -1) -> bool: ...
+    def __exit__(self, typ: type[BaseException] | None, val: BaseException | None, tb: TracebackType | None) -> None: ...
+    def release(self) -> bool: ...
+    def locked(self) -> bool: ...
+
+class RLock(LockType):
+    def release(self) -> None: ...  # type: ignore[override]
+
+def interrupt_main() -> None: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_dummy_threading.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_dummy_threading.pyi
@@ -0,0 +1,164 @@
+import sys
+from _thread import _excepthook, _ExceptHookArgs
+from _typeshed import ProfileFunction, TraceFunction
+from collections.abc import Callable, Iterable, Mapping
+from types import TracebackType
+from typing import Any, TypeVar
+
+_T = TypeVar("_T")
+
+__all__ = [
+    "get_ident",
+    "active_count",
+    "Condition",
+    "current_thread",
+    "enumerate",
+    "main_thread",
+    "TIMEOUT_MAX",
+    "Event",
+    "Lock",
+    "RLock",
+    "Semaphore",
+    "BoundedSemaphore",
+    "Thread",
+    "Barrier",
+    "BrokenBarrierError",
+    "Timer",
+    "ThreadError",
+    "setprofile",
+    "settrace",
+    "local",
+    "stack_size",
+    "ExceptHookArgs",
+    "excepthook",
+]
+
+def active_count() -> int: ...
+def current_thread() -> Thread: ...
+def currentThread() -> Thread: ...
+def get_ident() -> int: ...
+def enumerate() -> list[Thread]: ...
+def main_thread() -> Thread: ...
+def settrace(func: TraceFunction) -> None: ...
+def setprofile(func: ProfileFunction | None) -> None: ...
+def stack_size(size: int | None = None) -> int: ...
+
+TIMEOUT_MAX: float
+
+class ThreadError(Exception): ...
+
+class local:
+    def __getattribute__(self, name: str) -> Any: ...
+    def __setattr__(self, name: str, value: Any) -> None: ...
+    def __delattr__(self, name: str) -> None: ...
+
+class Thread:
+    name: str
+    daemon: bool
+    @property
+    def ident(self) -> int | None: ...
+    def __init__(
+        self,
+        group: None = None,
+        target: Callable[..., object] | None = None,
+        name: str | None = None,
+        args: Iterable[Any] = (),
+        kwargs: Mapping[str, Any] | None = None,
+        *,
+        daemon: bool | None = None,
+    ) -> None: ...
+    def start(self) -> None: ...
+    def run(self) -> None: ...
+    def join(self, timeout: float | None = None) -> None: ...
+    def getName(self) -> str: ...
+    def setName(self, name: str) -> None: ...
+    @property
+    def native_id(self) -> int | None: ...  # only available on some platforms
+    def is_alive(self) -> bool: ...
+    if sys.version_info < (3, 9):
+        def isAlive(self) -> bool: ...
+
+    def isDaemon(self) -> bool: ...
+    def setDaemon(self, daemonic: bool) -> None: ...
+
+class _DummyThread(Thread): ...
+
+class Lock:
+    def __enter__(self) -> bool: ...
+    def __exit__(
+        self, exc_type: type[BaseException] | None, exc_val: BaseException | None, exc_tb: TracebackType | None
+    ) -> bool | None: ...
+    def acquire(self, blocking: bool = ..., timeout: float = ...) -> bool: ...
+    def release(self) -> None: ...
+    def locked(self) -> bool: ...
+
+class _RLock:
+    def __enter__(self) -> bool: ...
+    def __exit__(
+        self, exc_type: type[BaseException] | None, exc_val: BaseException | None, exc_tb: TracebackType | None
+    ) -> bool | None: ...
+    def acquire(self, blocking: bool = True, timeout: float = -1) -> bool: ...
+    def release(self) -> None: ...
+
+RLock = _RLock
+
+class Condition:
+    def __init__(self, lock: Lock | _RLock | None = None) -> None: ...
+    def __enter__(self) -> bool: ...
+    def __exit__(
+        self, exc_type: type[BaseException] | None, exc_val: BaseException | None, exc_tb: TracebackType | None
+    ) -> bool | None: ...
+    def acquire(self, blocking: bool = ..., timeout: float = ...) -> bool: ...
+    def release(self) -> None: ...
+    def wait(self, timeout: float | None = None) -> bool: ...
+    def wait_for(self, predicate: Callable[[], _T], timeout: float | None = None) -> _T: ...
+    def notify(self, n: int = 1) -> None: ...
+    def notify_all(self) -> None: ...
+    def notifyAll(self) -> None: ...
+
+class Semaphore:
+    def __init__(self, value: int = 1) -> None: ...
+    def __exit__(
+        self, exc_type: type[BaseException] | None, exc_val: BaseException | None, exc_tb: TracebackType | None
+    ) -> bool | None: ...
+    def acquire(self, blocking: bool = True, timeout: float | None = None) -> bool: ...
+    def __enter__(self, blocking: bool = True, timeout: float | None = None) -> bool: ...
+    if sys.version_info >= (3, 9):
+        def release(self, n: int = ...) -> None: ...
+    else:
+        def release(self) -> None: ...
+
+class BoundedSemaphore(Semaphore): ...
+
+class Event:
+    def is_set(self) -> bool: ...
+    def set(self) -> None: ...
+    def clear(self) -> None: ...
+    def wait(self, timeout: float | None = None) -> bool: ...
+
+excepthook = _excepthook
+ExceptHookArgs = _ExceptHookArgs
+
+class Timer(Thread):
+    def __init__(
+        self,
+        interval: float,
+        function: Callable[..., object],
+        args: Iterable[Any] | None = None,
+        kwargs: Mapping[str, Any] | None = None,
+    ) -> None: ...
+    def cancel(self) -> None: ...
+
+class Barrier:
+    @property
+    def parties(self) -> int: ...
+    @property
+    def n_waiting(self) -> int: ...
+    @property
+    def broken(self) -> bool: ...
+    def __init__(self, parties: int, action: Callable[[], None] | None = None, timeout: float | None = None) -> None: ...
+    def wait(self, timeout: float | None = None) -> int: ...
+    def reset(self) -> None: ...
+    def abort(self) -> None: ...
+
+class BrokenBarrierError(RuntimeError): ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_heapq.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_heapq.pyi
@@ -0,0 +1,11 @@
+from typing import Any, Final, TypeVar
+
+_T = TypeVar("_T")
+
+__about__: Final[str]
+
+def heapify(heap: list[Any], /) -> None: ...
+def heappop(heap: list[_T], /) -> _T: ...
+def heappush(heap: list[_T], item: _T, /) -> None: ...
+def heappushpop(heap: list[_T], item: _T, /) -> _T: ...
+def heapreplace(heap: list[_T], item: _T, /) -> _T: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_imp.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_imp.pyi
@@ -0,0 +1,28 @@
+import sys
+import types
+from _typeshed import ReadableBuffer
+from importlib.machinery import ModuleSpec
+from typing import Any
+
+check_hash_based_pycs: str
+
+def source_hash(key: int, source: ReadableBuffer) -> bytes: ...
+def create_builtin(spec: ModuleSpec, /) -> types.ModuleType: ...
+def create_dynamic(spec: ModuleSpec, file: Any = None, /) -> types.ModuleType: ...
+def acquire_lock() -> None: ...
+def exec_builtin(mod: types.ModuleType, /) -> int: ...
+def exec_dynamic(mod: types.ModuleType, /) -> int: ...
+def extension_suffixes() -> list[str]: ...
+def init_frozen(name: str, /) -> types.ModuleType: ...
+def is_builtin(name: str, /) -> int: ...
+def is_frozen(name: str, /) -> bool: ...
+def is_frozen_package(name: str, /) -> bool: ...
+def lock_held() -> bool: ...
+def release_lock() -> None: ...
+
+if sys.version_info >= (3, 11):
+    def find_frozen(name: str, /, *, withdata: bool = False) -> tuple[memoryview | None, bool, str | None] | None: ...
+    def get_frozen_object(name: str, data: ReadableBuffer | None = None, /) -> types.CodeType: ...
+
+else:
+    def get_frozen_object(name: str, /) -> types.CodeType: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_interpchannels.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_interpchannels.pyi
@@ -0,0 +1,86 @@
+from _typeshed import structseq
+from typing import Any, Final, Literal, SupportsIndex, final
+from typing_extensions import Buffer, Self
+
+class ChannelError(RuntimeError): ...
+class ChannelClosedError(ChannelError): ...
+class ChannelEmptyError(ChannelError): ...
+class ChannelNotEmptyError(ChannelError): ...
+class ChannelNotFoundError(ChannelError): ...
+
+# Mark as final, since instantiating ChannelID is not supported.
+@final
+class ChannelID:
+    @property
+    def end(self) -> Literal["send", "recv", "both"]: ...
+    @property
+    def send(self) -> Self: ...
+    @property
+    def recv(self) -> Self: ...
+    def __eq__(self, other: object) -> bool: ...
+    def __ge__(self, other: ChannelID) -> bool: ...
+    def __gt__(self, other: ChannelID) -> bool: ...
+    def __hash__(self) -> int: ...
+    def __index__(self) -> int: ...
+    def __int__(self) -> int: ...
+    def __le__(self, other: ChannelID) -> bool: ...
+    def __lt__(self, other: ChannelID) -> bool: ...
+    def __ne__(self, other: object) -> bool: ...
+
+@final
+class ChannelInfo(structseq[int], tuple[bool, bool, bool, int, int, int, int, int]):
+    __match_args__: Final = (
+        "open",
+        "closing",
+        "closed",
+        "count",
+        "num_interp_send",
+        "num_interp_send_released",
+        "num_interp_recv",
+        "num_interp_recv_released",
+    )
+    @property
+    def open(self) -> bool: ...
+    @property
+    def closing(self) -> bool: ...
+    @property
+    def closed(self) -> bool: ...
+    @property
+    def count(self) -> int: ...  # type: ignore[override]
+    @property
+    def num_interp_send(self) -> int: ...
+    @property
+    def num_interp_send_released(self) -> int: ...
+    @property
+    def num_interp_recv(self) -> int: ...
+    @property
+    def num_interp_recv_released(self) -> int: ...
+    @property
+    def num_interp_both(self) -> int: ...
+    @property
+    def num_interp_both_recv_released(self) -> int: ...
+    @property
+    def num_interp_both_send_released(self) -> int: ...
+    @property
+    def num_interp_both_released(self) -> int: ...
+    @property
+    def recv_associated(self) -> bool: ...
+    @property
+    def recv_released(self) -> bool: ...
+    @property
+    def send_associated(self) -> bool: ...
+    @property
+    def send_released(self) -> bool: ...
+
+def create(unboundop: Literal[1, 2, 3]) -> ChannelID: ...
+def destroy(cid: SupportsIndex) -> None: ...
+def list_all() -> list[ChannelID]: ...
+def list_interpreters(cid: SupportsIndex, *, send: bool) -> list[int]: ...
+def send(cid: SupportsIndex, obj: object, *, blocking: bool = True, timeout: float | None = None) -> None: ...
+def send_buffer(cid: SupportsIndex, obj: Buffer, *, blocking: bool = True, timeout: float | None = None) -> None: ...
+def recv(cid: SupportsIndex, default: object = ...) -> tuple[Any, Literal[1, 2, 3]]: ...
+def close(cid: SupportsIndex, *, send: bool = False, recv: bool = False) -> None: ...
+def get_count(cid: SupportsIndex) -> int: ...
+def get_info(cid: SupportsIndex) -> ChannelInfo: ...
+def get_channel_defaults(cid: SupportsIndex) -> Literal[1, 2, 3]: ...
+def release(cid: SupportsIndex, *, send: bool = False, recv: bool = False, force: bool = False) -> None: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_interpqueues.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_interpqueues.pyi
@@ -0,0 +1,16 @@
+from typing import Any, SupportsIndex
+
+class QueueError(RuntimeError): ...
+class QueueNotFoundError(QueueError): ...
+
+def bind(qid: SupportsIndex) -> None: ...
+def create(maxsize: SupportsIndex, fmt: SupportsIndex) -> int: ...
+def destroy(qid: SupportsIndex) -> None: ...
+def get(qid: SupportsIndex) -> tuple[Any, int]: ...
+def get_count(qid: SupportsIndex) -> int: ...
+def get_maxsize(qid: SupportsIndex) -> int: ...
+def get_queue_defaults(qid: SupportsIndex) -> tuple[int]: ...
+def is_full(qid: SupportsIndex) -> bool: ...
+def list_all() -> list[tuple[int, int]]: ...
+def put(qid: SupportsIndex, obj: Any, fmt: SupportsIndex) -> None: ...
+def release(qid: SupportsIndex) -> None: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_interpreters.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_interpreters.pyi
@@ -0,0 +1,50 @@
+import types
+from collections.abc import Callable, Mapping
+from typing import Final, Literal, SupportsIndex
+from typing_extensions import TypeAlias
+
+_Configs: TypeAlias = Literal["default", "isolated", "legacy", "empty", ""]
+
+class InterpreterError(Exception): ...
+class InterpreterNotFoundError(InterpreterError): ...
+class NotShareableError(Exception): ...
+
+class CrossInterpreterBufferView:
+    def __buffer__(self, flags: int, /) -> memoryview: ...
+
+def new_config(name: _Configs = "isolated", /, **overides: object) -> types.SimpleNamespace: ...
+def create(config: types.SimpleNamespace | _Configs | None = "isolated", *, reqrefs: bool = False) -> int: ...
+def destroy(id: SupportsIndex, *, restrict: bool = False) -> None: ...
+def list_all(*, require_ready: bool) -> list[tuple[int, int]]: ...
+def get_current() -> tuple[int, int]: ...
+def get_main() -> tuple[int, int]: ...
+def is_running(id: SupportsIndex, *, restrict: bool = False) -> bool: ...
+def get_config(id: SupportsIndex, *, restrict: bool = False) -> types.SimpleNamespace: ...
+def whence(id: SupportsIndex) -> int: ...
+def exec(id: SupportsIndex, code: str, shared: bool | None = None, *, restrict: bool = False) -> None: ...
+def call(
+    id: SupportsIndex,
+    callable: Callable[..., object],
+    args: tuple[object, ...] | None = None,
+    kwargs: dict[str, object] | None = None,
+    *,
+    restrict: bool = False,
+) -> object: ...
+def run_string(
+    id: SupportsIndex, script: str | types.CodeType | Callable[[], object], shared: bool | None = None, *, restrict: bool = False
+) -> None: ...
+def run_func(
+    id: SupportsIndex, func: types.CodeType | Callable[[], object], shared: bool | None = None, *, restrict: bool = False
+) -> None: ...
+def set___main___attrs(id: SupportsIndex, updates: Mapping[str, object], *, restrict: bool = False) -> None: ...
+def incref(id: SupportsIndex, *, implieslink: bool = False, restrict: bool = False) -> None: ...
+def decref(id: SupportsIndex, *, restrict: bool = False) -> None: ...
+def is_shareable(obj: object) -> bool: ...
+def capture_exception(exc: BaseException | None = None) -> types.SimpleNamespace: ...
+
+WHENCE_UNKNOWN: Final = 0
+WHENCE_RUNTIME: Final = 1
+WHENCE_LEGACY_CAPI: Final = 2
+WHENCE_CAPI: Final = 3
+WHENCE_XI: Final = 4
+WHENCE_STDLIB: Final = 5
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_json.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_json.pyi
@@ -0,0 +1,49 @@
+from collections.abc import Callable
+from typing import Any, final
+
+@final
+class make_encoder:
+    @property
+    def sort_keys(self) -> bool: ...
+    @property
+    def skipkeys(self) -> bool: ...
+    @property
+    def key_separator(self) -> str: ...
+    @property
+    def indent(self) -> int | None: ...
+    @property
+    def markers(self) -> dict[int, Any] | None: ...
+    @property
+    def default(self) -> Callable[[Any], Any]: ...
+    @property
+    def encoder(self) -> Callable[[str], str]: ...
+    @property
+    def item_separator(self) -> str: ...
+    def __init__(
+        self,
+        markers: dict[int, Any] | None,
+        default: Callable[[Any], Any],
+        encoder: Callable[[str], str],
+        indent: int | None,
+        key_separator: str,
+        item_separator: str,
+        sort_keys: bool,
+        skipkeys: bool,
+        allow_nan: bool,
+    ) -> None: ...
+    def __call__(self, obj: object, _current_indent_level: int) -> Any: ...
+
+@final
+class make_scanner:
+    object_hook: Any
+    object_pairs_hook: Any
+    parse_int: Any
+    parse_constant: Any
+    parse_float: Any
+    strict: bool
+    # TODO: 'context' needs the attrs above (ducktype), but not __call__.
+    def __init__(self, context: make_scanner) -> None: ...
+    def __call__(self, string: str, index: int) -> tuple[Any, int]: ...
+
+def encode_basestring_ascii(s: str, /) -> str: ...
+def scanstring(string: str, end: int, strict: bool = ...) -> tuple[str, int]: ...
--- a/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_locale.pyi
+++ b/crates/red_knot_python_semantic/vendor/typeshed/stdlib/_locale.pyi
@@ -0,0 +1,100 @@
+import sys
+from _typeshed import StrPath
+from collections.abc import Mapping
+
+LC_CTYPE: int
+LC_COLLATE: int
+LC_TIME: int
+LC_MONETARY: int
+LC_NUMERIC: int
+LC_ALL: int
+CHAR_MAX: int
+
+def setlocale(category: int, locale: str | None = None, /) -> str: ...
+def localeconv() -> Mapping[str, int | str | list[int]]: ...
+
+if sys.version_info >= (3, 11):
+    def getencoding() -> str: ...
+
+def strcoll(os1: str, os2: str, /) -> int: ...
+def strxfrm(string: str, /) -> str: ...
+
+# native gettext functions
+# https://docs.python.org/3/library/locale.html#access-to-message-catalogs
+# https://github.com/python/cpython/blob/f4c03484da59049eb62a9bf7777b963e2267d187/Modules/_localemodule.c#L626
+if sys.platform != "win32":
+    LC_MESSAGES: int
+
+    ABDAY_1: int
+    ABDAY_2: int
+    ABDAY_3: int
+    ABDAY_4: int
+    ABDAY_5: int
+    ABDAY_6: int
+    ABDAY_7: int
+
+    ABMON_1: int
+    ABMON_2: int
+    ABMON_3: int
+    ABMON_4: int
+    ABMON_5: int
+    ABMON_6: int
+    ABMON_7: int
+    ABMON_8: int
+    ABMON_9: int
+    ABMON_10: int
+    ABMON_11: int
+    ABMON_12: int
+
+    DAY_1: int
+    DAY_2: int
+    DAY_3: int
+    DAY_4: int
+    DAY_5: int
+    DAY_6: int
+    DAY_7: int
+
+    ERA: int
+    ERA_D_T_FMT: int
+    ERA_D_FMT: int
+    ERA_T_FMT: int
+
+    MON_1: int
+    MON_2: int
+    MON_3: int
+    MON_4: int
+    MON_5: int
+    MON_6: int
+    MON_7: int
+    MON_8: int
+    MON_9: int
+    MON_10: int
+    MON_11: int
+    MON_12: int
+
+    CODESET: int
+    D_T_FMT: int
+    D_FMT: int
+    T_FMT: int
+    T_FMT_AMPM: int
+    AM_STR: int
+    PM_STR: int
+
+    RADIXCHAR: int
+    THOUSEP: int
+    YESEXPR: int
+    NOEXPR: int
+    CRNCYSTR: int
+    ALT_DIGITS: int
+
+    def nl_langinfo(key: int, /) -> str: ...
+
+    # This is dependent on `libintl.h` which is a part of `gettext`
+    # system dependency. These functions might be missing.
+    # But, we always say that they are present.
+    def gettext(msg: str, /) -> str: ...
+    def dgettext(domain: str | None, msg: str, /) -> str: ...
+    def dcgettext(domain: str | None, msg: str, category: int, /) -> str: ...
+    def textdomain(domain: str | None, /) -> str: ...
+    def bindtextdomain(domain: str, dir: StrPath | None, /) -> str: ...
+    def bind_textdomain_codeset(domain: str, codeset: str | None, /) -> str | None: ...
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				`def getpreferredencoding(do_setlocale: bool = True) -> str: ...`