Skip to content

chore(deps): update all dependencies - autoclosed #105

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
renovate wants to merge 1 commit into from
Closed

chore(deps): update all dependencies - autoclosed #105

renovate wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Oct 8, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change
astral-sh/ruff-pre-commit repository minor v0.9.10 -> v0.12.0
ghcr.io/astral-sh/uv final minor 0.6.5 -> 0.7.13
pre-commit/mirrors-mypy repository minor v1.15.0 -> v1.16.1
pycqa/bandit repository patch 1.8.3 -> 1.8.5
python patch 3.13.2 -> 3.13.5
python stage patch 3.13.2-slim-bookworm -> 3.13.5-slim-bookworm

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

Release Notes

astral-sh/ruff-pre-commit (astral-sh/ruff-pre-commit)

v0.12.0

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.12.0

v0.11.13

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.13

v0.11.12

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.12

v0.11.11

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.11

v0.11.10

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.10

v0.11.9

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.9

v0.11.8

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.8

v0.11.7

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.7

v0.11.6

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.6

v0.11.5

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.5

v0.11.4

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.4

v0.11.3

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.3

v0.11.2

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.2

v0.11.1

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.1

v0.11.0

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.11.0

v0.10.0

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.10.0

astral-sh/uv (ghcr.io/astral-sh/uv)

v0.7.13

Compare Source

Python
  • Add Python 3.14.0b2
  • Add Python 3.13.5
  • Fix stability of uuid.getnode on 3.13

See the
python-build-standalone release notes
for more details.

Enhancements
  • Download versions in uv python pin if not found (#​13946)
  • Use TTY detection to determine if SIGINT forwarding is enabled (#​13925)
  • Avoid fetching an exact, cached Git commit, even if it isn't locked (#​13748)
  • Add zstd and deflate to Accept-Encoding (#​13982)
  • Build binaries for riscv64 (#​12688)
Bug fixes
  • Check if relative URL is valid directory before treating as index (#​13917)
  • Ignore Python discovery errors during uv python pin (#​13944)
  • Do not allow uv add --group ... --script (#​13997)
Preview changes
  • Build backend: Support namespace packages (#​13833)
Documentation
  • Add 3.14 to the supported platform reference (#​13990)
  • Add an llms.txt to uv (#​13929)
  • Add supported macOS version to the platform reference (#​13993)
  • Update platform support reference to include Python implementation list (#​13991)
  • Update pytorch.md (#​13899)
  • Update the CLI help and reference to include references to the Python bin directory (#​13978)

v0.7.12

Compare Source

Enhancements
  • Add uv python pin --rm to remove .python-version pins (#​13860)
  • Don't hint at versions removed by excluded-newer (#​13884)
  • Add hint to use tool.uv.environments on resolution error (#​13455)
  • Add hint to use tool.uv.required-environments on resolution error (#​13575)
  • Improve python pin error messages (#​13862)
Bug fixes
  • Lock environments during uv sync, uv add and uv remove to prevent race conditions (#​13869)
  • Add --no-editable to uv export for pylock.toml (#​13852)
Documentation
  • List .gitignore in project init files (#​13855)
  • Move the pip interface documentation into the concepts section (#​13841)
  • Remove the configuration section in favor of concepts / reference (#​13842)
  • Update Git and GitHub Actions docs to mention gh auth login (#​13850)
Preview
  • Fix directory glob traversal fallback preventing exclusion of all files (#​13882)

v0.7.11

Compare Source

Python
  • Add Python 3.14.0b1
  • Add Python 3.13.4
  • Add Python 3.12.11
  • Add Python 3.11.13
  • Add Python 3.10.18
  • Add Python 3.9.23
Enhancements
  • Add Pyodide support (#​12731)
  • Better error message for version specifier with missing operator (#​13803)
Bug fixes
  • Downgrade reqwest and hyper-util to resolve connection reset errors over IPv6 (#​13835)
  • Prefer uv's binary's version when checking if it's up to date (#​13840)
Documentation
  • Use "terminal driver" instead of "shell" in SIGINT docs (#​13787)

v0.7.10

Compare Source

Enhancements
  • Add --show-extras to uv tool list (#​13783)
  • Add dynamically generated sysconfig replacement mappings (#​13441)
  • Add data locations to install wheel logs (#​13797)
Bug fixes
  • Avoid redaction of placeholder git username when using SSH authentication (#​13799)
  • Propagate credentials to files on devpi indexes ending in /+simple (#​13743)
  • Restore retention of credentials for direct URLs in uv export (#​13809)

v0.7.9

Compare Source

Python

The changes reverted in 0.7.8 have been restored.

See the
python-build-standalone release notes
for more details.

Enhancements
  • Improve obfuscation of credentials in URLs (#​13560)
  • Allow running non-default Python implementations via uvx (#​13583)
  • Add uvw as alias for uv without console window on Windows (#​11786)
  • Allow discovery of x86-64 managed Python builds on macOS (#​13722)
  • Differentiate between implicit vs explicit architecture requests (#​13723)
  • Implement ordering for Python architectures to prefer native installations (#​13709)
  • Only show the first match per platform (and architecture) by default in uv python list (#​13721)
  • Write the path of the parent environment to an extends-environment key in the pyvenv.cfg file of an ephemeral environment (#​13598)
  • Improve the error message when libc cannot be found, e.g., when using the distroless containers (#​13549)
Performance
  • Avoid rendering info log level (#​13642)
  • Improve performance of uv-python crate's manylinux submodule (#​11131)
  • Optimize Version display (#​13643)
  • Reduce number of reference-checks for uv cache clean (#​13669)
Bug fixes
  • Avoid reinstalling dependency group members with --all-packages (#​13678)
  • Don't fail direct URL hash checking with dependency metadata (#​13736)
  • Exit early on self update if global --offline is set (#​13663)
  • Fix cases where the uv lock is incorrectly marked as out of date (#​13635)
  • Include pre-release versions in uv python install --reinstall (#​13645)
  • Set LC_ALL=C for git when checking git worktree (#​13637)
  • Avoid rejecting Windows paths for remote Python download JSON targets (#​13625)
Preview
  • Add uv add --bounds to configure version constraints (#​12946)
Documentation
  • Add documentation about Python versions to Tools concept page (#​7673)
  • Add example of enabling Dependabot (#​13692)
  • Fix exclude-newer date format for persistent configuration files (#​13706)
  • Quote versions variables in GitLab documentation (#​13679)
  • Update Dependabot support status (#​13690)
  • Explicitly specify to add a new repo entry to the repos list item in the .pre-commit-config.yaml (#​10243)
  • Add integration with marimo guide (#​13691)
  • Add pronunciation to README (#​5336)

v0.7.8

Compare Source

Python

We are reverting most of our Python changes from uv 0.7.6 and uv 0.7.7 due to
a miscompilation that makes the Python interpreter behave incorrectly, resulting
in spurious type-errors involving str. This issue seems to be isolated to
x86_64 Linux, and affected at least Python 3.12, 3.13, and 3.14.

The following changes that were introduced in those versions of uv are temporarily
being reverted while we test and deploy a proper fix for the miscompilation:

  • Add Python 3.14 on musl
  • free-threaded Python on musl
  • Add Python 3.14.0a7
  • Statically link libpython into the interpreter on Linux for a significant performance boost

See the issue for details.

Documentation
  • Remove misleading line in pin documentation (#​13611)

v0.7.7

Compare Source

Python
  • Work around third-party packages that (incorrectly) assume the interpreter is dynamically linking libpython
  • Allow the experimental JIT to be enabled at runtime on Python 3.13 and 3.14 on macOS on aarch64 aka Apple Silicon

See the
python-build-standalone release notes
for more details.

Bug fixes
  • Make uv version lock and sync (#​13317)
  • Fix references to ldd in diagnostics to correctly refer to ld.so (#​13552)
Documentation
  • Clarify adding SSH Git dependencies (#​13534)

v0.7.6

Compare Source

Python
  • Add Python 3.14 on musl
  • Add free-threaded Python on musl
  • Add Python 3.14.0a7
  • Statically link libpython into the interpreter on Linux for a significant performance boost

See the
python-build-standalone release notes
for more details.

Enhancements
  • Improve compatibility of VIRTUAL_ENV_PROMPT value (#​13501)
  • Bump MSRV to 1.85 and Edition 2024 (#​13516)
Bug fixes
  • Respect default extras in uv remove (#​13380)
Documentation

v0.7.5

Compare Source

Bug fixes
  • Support case-sensitive module discovery in the build backend (#​13468)
  • Bump Simple cache bucket to v16 (#​13498)
  • Don't error when the script is too short for the buffer (#​13488)
  • Add missing word in "script not supported" error (#​13483)

v0.7.4

Compare Source

Enhancements
  • Add more context to external errors (#​13351)
  • Align indentation of long arguments (#​13394)
  • Preserve order of dependencies which are sorted naively (#​13334)
  • Align progress bars by largest name length (#​13266)
  • Reinstall local packages in uv add (#​13462)
  • Rename --raw-sources to --raw (#​13348)
  • Show 'Downgraded' when self update is used to install an older version (#​13340)
  • Suggest uv self update if required uv version is newer (#​13305)
  • Add 3.14 beta images to uv Docker images (#​13390)
  • Add comma after "i.e." in Conda environment error (#​13423)
  • Be more precise in unpinned packages warning (#​13426)
  • Fix detection of sorted dependencies when include-group is used (#​13354)
  • Fix display of HTTP responses in trace logs for retry of errors (#​13339)
  • Log skip reasons during Python installation key interpreter match checks (#​13472)
  • Redact credentials when displaying URLs (#​13333)
Bug fixes
  • Avoid erroring on pylock.toml dependency entries (#​13384)
  • Avoid panics for cannot-be-a-base URLs (#​13406)
  • Ensure cached realm credentials are applied if no password is found for index URL (#​13463)
  • Fix .tgz parsing to respect true extension (#​13382)
  • Fix double self-dependency (#​13366)
  • Reject pylock.toml in uv add -r (#​13421)
  • Retain dot-separated wheel tags during cache prune (#​13379)
  • Retain trailing comments after PEP 723 metadata block (#​13460)
Documentation
  • Use "export" instead of "install" in uv export arguments (#​13430)
  • Remove extra newline (#​13461)
Preview features
  • Build backend: Normalize glob paths (#​13465)

v0.7.3

Compare Source

Enhancements
  • Add --dry-run support to uv self update (#​9829)
  • Add --show-with to uv tool list to list packages included by --with (#​13264)
  • De-duplicate fetched index URLs (#​13205)
  • Support more zip compression formats: bzip2, lzma, xz, zstd (#​13285)
  • Add support for downloading GraalPy (#​13172)
  • Improve error message when a virtual environment Python symlink is broken (#​12168)
  • Use fs_err for paths in symlinking errors (#​13303)
  • Minify and embed managed Python JSON at compile time (#​12967)
Preview features
  • Build backend: Make preview default and add configuration docs (#​12804)
  • Build backend: Allow escaping in globs (#​13313)
  • Build backend: Make builds reproducible across operating systems (#​13171)
Configuration
  • Add python-downloads-json-url option for uv.toml to configure custom Python installations via JSON URL (#​12974)
Bug fixes
  • Check nested IO errors for retries (#​13260)
  • Accept musllinux_1_0 as a valid platform tag (#​13289)
  • Fix discovery of pre-release managed Python versions in range requests (#​13330)
  • Respect locked script preferences in uv run --with (#​13283)
  • Retry streaming downloads on broken pipe errors (#​13281)
  • Treat already-installed base environment packages as preferences in uv run --with (#​13284)
  • Avoid enumerating sources in errors for path Python requests (#​13335)
  • Avoid re-creating virtual environment with --no-sync (#​13287)
Documentation
  • Remove outdated description of index strategy (#​13326)
  • Update "Viewing the version" docs (#​13241)

v0.7.2

Compare Source

Enhancements
  • Improve trace log for retryable errors (#​13228)
  • Use "error" instead of "warning" for self-update message (#​13229)
  • Error when uv version is used with project-specific flags but no project is found (#​13203)
Bug fixes
  • Fix incorrect virtual environment invalidation for pre-release Python versions (#​13234)
  • Fix patching of clang in managed Python sysconfig (#​13237)
  • Respect --project in uv version (#​13230)

v0.7.1

Compare Source

Python
  • Add Python 3.14.0b2
  • Add Python 3.13.5
  • Fix stability of uuid.getnode on 3.13

See the
python-build-standalone release notes
for more details.

Enhancements
  • Download versions in uv python pin if not found (#​13946)
  • Use TTY detection to determine if SIGINT forwarding is enabled (#​13925)
  • Avoid fetching an exact, cached Git commit, even if it isn't locked (#​13748)
  • Add zstd and deflate to Accept-Encoding (#​13982)
  • Build binaries for riscv64 (#​12688)
Bug fixes
  • Check if relative URL is valid directory before treating as index (#​13917)
  • Ignore Python discovery errors during uv python pin (#​13944)
  • Do not allow uv add --group ... --script (#​13997)
Preview changes
  • Build backend: Support namespace packages (#​13833)
Documentation
  • Add 3.14 to the supported platform reference (#​13990)
  • Add an llms.txt to uv (#​13929)
  • Add supported macOS version to the platform reference (#​13993)
  • Update platform support reference to include Python implementation list (#​13991)
  • Update pytorch.md (#​13899)
  • Update the CLI help and reference to include references to the Python bin directory (#​13978)

v0.7.0

Compare Source

This release contains various changes that improve correctness and user experience, but could break some workflows; many changes have been marked as breaking out of an abundance of caution. We expect most users to be able to upgrade without making changes.

Breaking changes

  • Update uv version to display and update project versions (#​12349)

    Previously, uv version displayed uv's version. Now, uv version will display or update the project's version. This interface was heavily requested and, after much consideration, we decided that transitioning the top-level command was the best option.

    Here's a brief example:

    $ uv init example
Initialized project `example` at `./example`
$ cd example
$ uv version
example 0.1.0
$ uv version --bump major
example 0.1.0 => 1.0.0
$ uv version --short
1.0.0

    If used outside of a project, uv will fallback to showing its own version still:

    $ uv version
warning: failed to read project: No `pyproject.toml` found in current directory or any parent directory
  running `uv self version` for compatibility with old `uv version` command.
  this fallback will be removed soon, pass `--preview` to make this an error.

uv 0.7.0 (4433f41c9 2025-04-29)

    As described in the warning, --preview can be used to error instead:

    $ uv version --preview
error: No `pyproject.toml` found in current directory or any parent directory

    The previous functionality of uv version was moved to uv self version.

  • Avoid fallback to subsequent indexes on authentication failure (#​12805)

    When using the first-index strategy (the default), uv will stop searching indexes for a package once it is found on a single index. Previously, uv considered a package as "missing" from an index during authentication failures, such as an HTTP 401 or HTTP 403 (normally, missing packages are represented by an HTTP 404). This behavior was motivated by unusual responses from some package indexes, but reduces the safety of uv's index strategy when authentication fails. Now, uv will consider an authentication failure as a stop-point when searching for a package across indexes. The index.ignore-error-codes option can be used to recover the existing behavior, e.g.:

    [[tool.uv.index]]
name = "pytorch"
url = "https://download.pytorch.org/whl/cpu"
ignore-error-codes = [401, 403]

    Since PyTorch's indexes always return a HTTP 403 for missing packages, uv special-cases indexes on the pytorch.org domain to ignore that error code by default.

  • Require the command in uvx <name> to be available in the Python environment (#​11603)

    Previously, uvx would attempt to execute a command even if it was not provided by a Python package. For example, if we presume foo is an empty Python package which provides no command, uvx foo would invoke the foo command on the PATH (if present). Now, uv will error early if the foo executable is not provided by the requested Python package. This check is not enforced when --from is used, so patterns like uvx --from foo bash -c "..." are still valid. uv also still allows uvx foo where the foo executable is provided by a dependency of foo instead of foo itself, as this is fairly common for packages which depend on a dedicated package for their command-line interface.

  • Use index URL instead of package URL for keyring credential lookups (#​12651)

    When determining credentials for querying a package URL, uv previously sent the full URL to the keyring command. However, some keyring plugins expect to receive the index URL (which is usually a parent of the package URL). Now, uv requests credentials for the index URL instead. This behavior matches pip.

  • Remove --version from subcommands (#​13108)

    Previously, uv allowed the --version flag on arbitrary subcommands, e.g., uv run --version. However, the --version flag is useful for other operations since uv is a package manager. Consequently, we've removed the --version flag from subcommands — it is only available as uv --version.

  • Omit Python 3.7 downloads from managed versions (#​13022)

    Python 3.7 is EOL and not formally supported by uv; however, Python 3.7 was previously available for download on a subset of platforms.

  • Reject non-PEP 751 TOML files in install, compile, and export commands (#​13120, #​13119)

    Previously, uv treated arbitrary .toml files passed to commands (e.g., uv pip install -r foo.toml or uv pip compile -o foo.toml) as requirements.txt-formatted files. Now, uv will error instead. If using PEP 751 lockfiles, use the standardized format for custom names instead, e.g., pylock.foo.toml.

  • Ignore arbitrary Python requests in version files (#​12909)

    uv allows arbitrary strings to be used for Python version requests, in which they are treated as an executable name to search for in the PATH. However, using this form of request in .python-version files is non-standard and conflicts with pyenv-virtualenv which writes environment names to .python-version files. In this release, uv will now ignore requests that are arbitrary strings when found in .python-version files.

  • Error on unknown dependency object specifiers (12811)

    The [dependency-groups] entries can include "object specifiers", e.g. set-phasers-to = ... in:

    [dependency-groups]
foo = ["pyparsing"]
bar = [{set-phasers-to = "stun"}]

    However, the only current spec-compliant object specifier is include-group. Previously, uv would ignore unknown object specifiers. Now, uv will error.

  • Make --frozen and --no-sources conflicting options (#​12671)

    Using --no-sources always requires a new resolution and --frozen will always fail when used with it. Now, this conflict is encoded in the CLI options for clarity.

  • Treat empty UV_PYTHON_INSTALL_DIR and UV_TOOL_DIR as unset (#​12907, #​12905)

    Previously, these variables were treated as set to the current working directory when set to an empty string. Now, uv will ignore these variables when empty. This matches uv's behavior for other environment variables which configure directories.

Enhancements
  • Disallow mixing requirements across PyTorch indexes (#​13179)
  • Add optional managed Python archive download cache (#​12175)
  • Add poetry-core as a uv init build backend option (#​12781)
  • Show tag hints when failing to find a compatible wheel in pylock.toml (#​13136)
  • Report Python versions in pyvenv.cfg version mismatch (#​13027)
Bug fixes
  • Avoid erroring on omitted wheel-only packages in pylock.toml (#​13132)
  • Fix display name for uvx --version (#​13109)
  • Restore handling of authentication when encountering redirects (#​13050)
  • Respect build options (--no-binary et al) in pylock.toml (#​13134)
  • Use upload-time rather than upload_time in uv.lock (#​13176)
Documentation
  • Changed fish completions append >> to overwrite > (#​13130)
  • Add pylock.toml mentions where relevant (#​13115)
  • Add ROCm example to the PyTorch guide (#​13200)
  • Upgrade PyTorch guide to CUDA 12.8 and PyTorch 2.7 (#​13199)

v0.6.17

Compare Source

Release Notes
Preview features
  • Add PyTorch v2.7.0 to GPU backend (#​13072)
Bug fixes
  • Avoid panic for invalid Python versions (#​13077)
  • Block scripts from overwriting python (#​13051)
  • Check distribution names to handle invalid redirects (#​12917)
  • Check for mismatched package and distribution names on resolver thread (#​13088)
  • Fix panic with invalid last character in PEP 508 name (#​13105)
  • Reject requires-python even if not listed on the index page (#​13086)
Install uv 0.6.17
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.6.17/uv-installer.sh | sh
Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.6.17/uv-installer.ps1 | iex"
Download uv 0.6.17
File Platform Checksum
uv-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
uv-x86_64-apple-darwin.tar.gz Intel macOS checksum
uv-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
uv-i686-pc-windows-msvc.zip x86 Windows checksum
uv-x86_64-pc-windows-msvc.zip x64 Windows checksum
uv-aarch64-unknown-linux-gnu.tar.gz ARM64 Linux checksum
uv-i686-unknown-linux-gnu.tar.gz x86 Linux checksum
uv-powerpc64-unknown-linux-gnu.tar.gz PPC64 Linux checksum
uv-powerpc64le-unknown-linux-gnu.tar.gz PPC64LE Linux checksum
uv-s390x-unknown-linux-gnu.tar.gz S390x Linux checksum
uv-x86_64-unknown-linux-gnu.tar.gz x64 Linux checksum
uv-armv7-unknown-linux-gnueabihf.tar.gz ARMv7 Linux checksum
uv-aarch64-unknown-linux-musl.tar.gz ARM64 MUSL Linux checksum
uv-i686-unknown-linux-musl.tar.gz x86 MUSL Linux checksum
uv-x86_64-unknown-linux-musl.tar.gz x64 MUSL Linux checksum
uv-arm-unknown-linux-musleabihf.tar.gz ARMv6 MUSL Linux (Hardfloat) checksum
uv-armv7-unknown-linux-musleabihf.tar.gz ARMv7 MUSL Linux checksum

v0.6.16

Compare Source

Release Notes

Bug fixes
  • Revert "Properly handle authentication for 302 redirect URLs" (#​13041)

Install uv 0.6.16

Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.6.16/uv-installer.sh | sh
Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.6.16/uv-installer.ps1 | iex"

Download uv 0.6.16

File Platform Checksum
uv-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
uv-x86_64-apple-darwin.tar.gz Intel macOS checksum
uv-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
uv-i686-pc-windows-msvc.zip x86 Windows checksum
uv-x86_64-pc-windows-msvc.zip x64 Windows checksum
uv-aarch64-unknown-linux-gnu.tar.gz ARM64 Linux checksum
uv-i686-unknown-linux-gnu.tar.gz x86 Linux checksum
uv-powerpc64-unknown-linux-gnu.tar.gz PPC64 Linux checksum
uv-powerpc64le-unknown-linux-gnu.tar.gz PPC64LE Linux checksum
uv-s390x-unknown-linux-gnu.tar.gz S390x Linux checksum
uv-x86_64-unknown-linux-gnu.tar.gz x64 Linux checksum
uv-armv7-unknown-linux-gnueabihf.tar.gz ARMv7 Linux checksum
uv-aarch64-unknown-linux-musl.tar.gz ARM64 MUSL Linux checksum
uv-i686-unknown-linux-musl.tar.gz x86 MUSL Linux checksum
uv-x86_64-unknown-linux-musl.tar.gz x64 MUSL Linux checksum
uv-arm-unknown-linux-musleabihf.tar.gz ARMv6 MUSL Linux (Hardfloat) checksum
uv-armv7-unknown-linux-musleabihf.tar.gz ARMv7 MUSL Linux checksum

v0.6.15

Compare Source

Release Notes

This release includes preliminary support for the pylock.toml file format, as standardized in PEP 751. pylock.toml is an alternative resolution output format intended to replace requirements.txt (e.g., in the context of uv pip compile, whereby a "locked" requirements.txt file is generated from a set of input requirements). pylock.toml is standardized and tool-agnostic, such that in the future, pylock.toml files generated by uv could be installed by other tools, and vice versa.

As of this release, pylock.toml is supported in the following commands:

  • To export a uv.lock to the pylock.toml format, run: uv export -o pylock.toml
  • To generate a pylock.toml file from a set of requirements, run: uv pip compile -o pylock.toml requirements.in
  • To install from a pylock.toml file, run: uv pip sync pylock.toml or uv pip install -r pylock.toml
Enhancements
  • Add PEP 751 support to uv pip compile (#​13019)
  • Add uv export support for PEP 751 (#​12955)
  • Accept requirements.txt (verbatim) as a format on the CLI (#​12957)
  • Add UV_NO_EDITABLE environment variable to set --no-editable on all invocations (#​12773)
  • Add pylock.toml to uv pip install and uv pip sync (#​12992)
  • Add a brief sleep before sending SIGINT to child processes (#​13018)
  • Add upload time to uv.lock (#​12968)
  • Allow updating Git sources by name (#​12897)
  • Cache which git in uv init (#​12893)
  • Enable --dry-run with --locked / --frozen for uv sync (#​12778)
  • Infer output type in uv export (#​12958)
  • Make uv init resilient against broken git (#​12895)
  • Respect build constraints for uv run --with dependencies (#​12882)
  • Split UV_INDEX on all whitespace (#​12820)
  • Support build constraints in uv tool and PEP723 scripts. (#​12842)
  • Use suffix from uvx binary when searching for uv binary (#​12923)
  • Update version formatting to use cyan color (#​12943)
  • Add debug logs for version file search (#​12951)
  • Fix SourceNotAllowed error message during Python discovery (#​13012)
  • Obfuscate password in credentials debug messages (#​12944)
  • Obfuscate possible tokens in URL logs (#​12969)
  • Validate that PEP 751 entries don't include multiple sources (#​12993)
Preview features
  • Build backend: Add reference docs and schema (#​12803)
Bug fixes
  • Align supported config-settings with example in docs (#​12947)
  • Ensure virtual environment is compatible with interpreter on sync (#​12884)
  • Fix PythonDownloadRequest parsing for partial keys (#​12925)
  • Fix pre-release exclusive comparison operator in uv-pep440 (#​12836)
  • Forward additional signals to the child process in uv run (#​13017)
  • Omit PEP 751 version for source trees (#​13030)
  • Patch CC and CCX entries in sysconfig for cross-compiled aarch64 Python distributions (#​12239)
  • Properly handle authentication for HTTP 302 redirect URLs (#​12920)
  • Set 4MB stack size for all threads, introduce UV_STACK_SIZE (#​12839)
  • Show PyPy downloads during uv python list (#​12915)
  • Add subdirectory to Direct URL for local directories (#​12971)
  • Prefer stable releases over pre-releases in uv python install (#​12194)
  • Write requested Python variant to pin file in uv init (#​12870)
Documentation
  • Fix CLI reference with code block (#​12807)
  • Fix lockfile note (#​12793)
  • Fix typo in a reference (#​12858)
  • Improve docs for uv python list --only-downloads and --only-installed (#​12916)
  • Update note on lack of musl distributions to ARM-only (#​12825)
  • Add section on shebangs for scripts (#​11553)
  • Display aliases for long and short args in the CLI reference (#​12824)
  • Fix highlight line in explicit index documentation (#​12887)
  • Add explicit source (matching PyTorch guide) (#​12844)
  • Fix link to issue (#​12823)
  • Fix grammatical error in FastAPI guide (#​12908)
  • Add --locked to uv sync in GitHub Actions guide (#​12819)
  • Improve formatting for "all" default-groups setting documentation (#​12963)
  • Replace --frozen with --locked in Docker integration guide (#​12818)

Install uv 0.6.15

Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.6.15/uv-installer.sh | sh
Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.6.15/uv-installer.ps1 | iex"

Download uv 0.6.15

File Platform Checksum
uv-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
uv-x86_64-apple-darwin.tar.gz Intel macOS checksum
uv-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
uv-i686-pc-windows-msvc.zip x86 Windows checksum
[uv-x86_64-pc-windows-msvc.zip](https://re

@renovate renovate bot added the dependencies label Oct 8, 2024
@renovate renovate bot changed the title chore(deps): update python docker tag to v3.13.0 chore(deps): update all dependencies Oct 8, 2024
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 30eadc6 to 779e47e Compare October 15, 2024 11:30
@renovate renovate bot force-pushed the renovate/all branch 6 times, most recently from 2b62858 to e9824e1 Compare October 21, 2024 01:19
@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from b77a5d2 to 8af0757 Compare October 25, 2024 21:24
@renovate renovate bot changed the title chore(deps): update all dependencies chore(deps): update all dependencies - autoclosed Oct 26, 2024
@renovate renovate bot closed this Oct 26, 2024
@renovate renovate bot deleted the renovate/all branch October 26, 2024 14:19
@renovate renovate bot changed the title chore(deps): update all dependencies - autoclosed chore(deps): update all dependencies Oct 29, 2024
@renovate renovate bot reopened this Oct 29, 2024
@renovate renovate bot restored the renovate/all branch October 29, 2024 02:16
@renovate renovate bot changed the title chore(deps): update all dependencies chore(deps): update ghcr.io/astral-sh/uv docker tag to v0.4.28 Oct 29, 2024
@renovate renovate bot changed the title chore(deps): update ghcr.io/astral-sh/uv docker tag to v0.4.28 chore(deps): update ghcr.io/astral-sh/uv docker tag to v0.4.29 Oct 31, 2024
@renovate renovate bot changed the title chore(deps): update ghcr.io/astral-sh/uv docker tag to v0.4.29 chore(deps): update all dependencies Nov 1, 2024
@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from f78062c to 46a8d17 Compare November 8, 2024 14:22
@renovate renovate bot force-pushed the renovate/all branch 6 times, most recently from abf271f to 3540488 Compare May 1, 2025 18:05
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 995746f to eb0e9bb Compare May 9, 2025 18:31
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from c65f321 to dd74f3d Compare May 20, 2025 02:27
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from f611473 to 7dbee0b Compare May 29, 2025 19:32
@renovate renovate bot force-pushed the renovate/all branch 5 times, most recently from 5f02eea to 7571132 Compare June 4, 2025 20:33
@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from 7f40bde to bc004e3 Compare June 13, 2025 01:39
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from eda6253 to b9739fd Compare June 17, 2025 14:09
@renovate renovate bot changed the title chore(deps): update all dependencies chore(deps): update all dependencies - autoclosed Jun 17, 2025
@renovate renovate bot closed this Jun 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant