chore(deps-dev): Update uv requirement from 0.9.5 to 0.9.7

[dependabot]

Updates the requirements on uv to permit the latest version.

Release notes

Sourced from uv's releases.

0.9.7

Release Notes

Released on 2025-10-30.

Enhancements

• Add Windows x86-32 emulation support to interpreter architecture checks (#13475)
• Improve readability of progress bars (#16509)

Bug fixes

• Drop terminal coloring from uv auth token output (#16504)
• Don't use UV_LOCKED to enable --check flag (#16521)

Install uv 0.9.7

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.9.7/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.9.7/uv-installer.ps1 | iex"

Download uv 0.9.7

File	Platform	Checksum
uv-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
uv-x86_64-apple-darwin.tar.gz	Intel macOS	checksum
uv-aarch64-pc-windows-msvc.zip	ARM64 Windows	checksum
uv-i686-pc-windows-msvc.zip	x86 Windows	checksum
uv-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
uv-aarch64-unknown-linux-gnu.tar.gz	ARM64 Linux	checksum
uv-i686-unknown-linux-gnu.tar.gz	x86 Linux	checksum
uv-powerpc64-unknown-linux-gnu.tar.gz	PPC64 Linux	checksum
uv-powerpc64le-unknown-linux-gnu.tar.gz	PPC64LE Linux	checksum
uv-riscv64gc-unknown-linux-gnu.tar.gz	RISCV Linux	checksum
uv-s390x-unknown-linux-gnu.tar.gz	S390x Linux	checksum
uv-x86_64-unknown-linux-gnu.tar.gz	x64 Linux	checksum
uv-armv7-unknown-linux-gnueabihf.tar.gz	ARMv7 Linux	checksum
uv-aarch64-unknown-linux-musl.tar.gz	ARM64 MUSL Linux	checksum
uv-i686-unknown-linux-musl.tar.gz	x86 MUSL Linux	checksum
uv-x86_64-unknown-linux-musl.tar.gz	x64 MUSL Linux	checksum
uv-arm-unknown-linux-musleabihf.tar.gz	ARMv6 MUSL Linux (Hardfloat)	checksum

... (truncated)

Changelog

Sourced from uv's changelog.

0.9.7

Released on 2025-10-30.

Enhancements

• Add Windows x86-32 emulation support to interpreter architecture checks (#13475)
• Improve readability of progress bars (#16509)
• Add GitHub attestations for uv release artifacts (#11357)

Bug fixes

• Drop terminal coloring from uv auth token output (#16504)
• Don't use UV_LOCKED to enable --check flag (#16521)

0.9.6

Released on 2025-10-29.

This release contains an upgrade to Astral's fork of async_zip, which addresses potential sources of ZIP parsing differentials between uv and other Python packaging tooling. See GHSA-pqhf-p39g-3x64 for additional details.

Security

• Address ZIP parsing differentials (GHSA-pqhf-p39g-3x64)

Python

• Upgrade GraalPy to 25.0.1 (#16401)

Enhancements

• Add --clear to uv build to remove old build artifacts (#16371)
• Add --no-create-gitignore to uv build (#16369)
• Do not error when a virtual environment directory cannot be removed due to a busy error (#16394)
• Improve hint on pip install --system when externally managed (#16392)
• Running uv lock --check with outdated lockfile will print that --check was passed, instead of --locked (#16322)
• Update uv init template for Maturin (#16449)
• Improve ordering of Python sources in logs (#16463)
• Restore DockerHub release images and annotations (#16441)

Bug fixes

• Check for matching Python implementation during uv python upgrade (#16420)
• Deterministically order --find-links distributions (#16446)
• Don't panic in uv export --frozen when the lockfile is outdated (#16407)
• Fix root of uv tree when --package is used with circular dependencies (#15908)
• Show package list with pip freeze --quiet (#16491)
• Limit uv auth login pyx.dev retries to 60s (#16498)
• Add an empty group with uv add --group ... -r ... (#16490)

... (truncated)

Commits

• 0adb444 Bump version to 0.9.7 (#16524)
• 97341c6 Drop terminal coloring from uv auth token output (#16504)
• c156b1d Don't use UV_LOCKED to enable --check flag (#16521)
• a1610c7 Add Windows x86-32 emulation support to interpreter architecture checks (#13475)
• c7aaa8b Improve readability of progress bars (#16509)
• f3d3203 Add uv release artifact attestations (#11357)
• 2652244 Bump version to 0.9.6 (#16500)
• 19372ff Update Rust crate etcetera to 0.11.0 (#16501)
• de96aa1 Use std home_dir instead of home crate (#16483)
• db1d34e Support GitHub Gist URLs via HTTP redirects in uv run (#16451)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)