{"id":218,"name":"uv","ecosystem":"pip","repository_url":"https://github.com/astral-sh/uv","issues_count":1671,"created_at":"2025-06-06T15:01:33.231Z","updated_at":"2025-06-06T15:01:33.231Z","purl":"pkg:pypi/uv","metadata":{"id":2961562,"name":"uv","ecosystem":"pypi","description":"An extremely fast Python package and project manager, written in Rust.","homepage":"https://pypi.org/project/uv/","licenses":"MIT OR Apache-2.0","normalized_licenses":["MIT","Apache-2.0"],"repository_url":"https://github.com/astral-sh/uv","keywords_array":["uv","requirements","packaging"],"namespace":null,"versions_count":194,"first_release_published_at":"2015-11-24T23:57:03.000Z","latest_release_published_at":"2025-06-04T20:06:05.000Z","latest_release_number":"0.7.11","last_synced_at":"2025-06-04T20:16:37.380Z","created_at":"2022-04-10T12:59:00.241Z","updated_at":"2025-06-04T20:16:37.744Z","registry_url":"https://pypi.org/project/uv/","install_command":"pip install uv --index-url https://pypi.org/simple","documentation_url":"https://docs.astral.sh/uv","metadata":{"funding":null,"documentation":"https://docs.astral.sh/uv","classifiers":["Development Status :: 5 - Production/Stable","Environment :: Console","Intended Audience :: Developers","License :: OSI Approved :: Apache Software License","License :: OSI Approved :: MIT License","Operating System :: OS Independent","Programming Language :: Python","Programming Language :: Python :: 3 :: Only","Programming Language :: Python :: 3.10","Programming Language :: Python :: 3.11","Programming Language :: Python :: 3.12","Programming Language :: Python :: 3.13","Programming Language :: Python :: 3.8","Programming Language :: Python :: 3.9","Topic :: Software Development :: Libraries","Topic :: Software Development :: Quality Assurance","Topic :: Software Development :: Testing"],"normalized_name":"uv"},"repo_metadata":{"id":222712683,"uuid":"699532645","full_name":"astral-sh/uv","owner":"astral-sh","description":"An extremely fast Python package installer and resolver, written in Rust.","archived":false,"fork":false,"pushed_at":"2024-05-22T13:06:19.000Z","size":30548,"stargazers_count":11946,"open_issues_count":322,"forks_count":326,"subscribers_count":27,"default_branch":"main","last_synced_at":"2024-05-22T13:17:02.782Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://astral.sh/","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/astral-sh.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE-APACHE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-10-02T20:24:11.000Z","updated_at":"2024-08-24T00:40:10.520Z","dependencies_parsed_at":null,"dependency_job_id":"26133ebb-f895-42a8-9891-c90ccabd2c40","html_url":"https://github.com/astral-sh/uv","commit_stats":null,"previous_names":["astral-sh/uv"],"tags_count":89,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/astral-sh","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":217070656,"owners_count":16120109,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"astral-sh","name":"Astral","uuid":"115962839","kind":"organization","description":"High-performance developer tools for the Python ecosystem.","email":"hey@astral.sh","website":"https://astral.sh","location":"United States of America","twitter":"astral_sh","company":null,"icon_url":"https://avatars.githubusercontent.com/u/115962839?v=4","repositories_count":1,"last_synced_at":"2023-04-25T14:44:49.525Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/astral-sh","funding_links":[],"total_stars":null,"followers":null,"following":null,"created_at":"2023-04-25T14:44:49.526Z","updated_at":"2023-04-25T14:44:49.526Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/astral-sh","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/astral-sh/repositories"},"tags":[{"name":"0.3.3","sha":"deea6025a1afd2ca28f8f56afbec0a808636285e","kind":"commit","published_at":"2024-08-23T23:35:55.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.3.3","html_url":"https://github.com/astral-sh/uv/releases/tag/0.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.3.3/manifests"},{"name":"0.3.2","sha":"c5440001ce2cff1657aaa51ce39779fca3e6c565","kind":"commit","published_at":"2024-08-23T03:11:23.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.3.2","html_url":"https://github.com/astral-sh/uv/releases/tag/0.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.3.2/manifests"},{"name":"0.3.1","sha":"be17d132add278e86278233a9d6c0520d1c7588c","kind":"commit","published_at":"2024-08-21T23:07:50.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.3.1","html_url":"https://github.com/astral-sh/uv/releases/tag/0.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.3.1/manifests"},{"name":"0.3.0","sha":"dd1934c9c36ee22cd3c467317503ecd7b040c43a","kind":"commit","published_at":"2024-08-20T17:29:58.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.3.0","html_url":"https://github.com/astral-sh/uv/releases/tag/0.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.3.0/manifests"},{"name":"0.2.37","sha":"15dfb660ab7f1ccca7e57c985968a18a85bb1d86","kind":"commit","published_at":"2024-08-16T02:13:03.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.37","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.37","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.37","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.37/manifests"},{"name":"0.2.36","sha":"8d66718077f40d1db9c1f94a14616fd73e012aa3","kind":"commit","published_at":"2024-08-13T17:05:11.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.36","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.36","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.36","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.36/manifests"},{"name":"0.2.35","sha":"e097f948c9eca7fb09948d73ac03248363c8ce7a","kind":"commit","published_at":"2024-08-10T00:21:06.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.35","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.35","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.35","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.35/manifests"},{"name":"0.2.34","sha":"c681c5a33c0cfbe5adc60011bfdab3fee3604331","kind":"commit","published_at":"2024-08-07T20:33:53.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.34","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.34","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.34","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.34/manifests"},{"name":"0.2.33","sha":"b14945a7b1aa6b3710d32754a2b7589b294badd2","kind":"commit","published_at":"2024-08-01T21:39:17.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.33","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.33","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.33","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.33/manifests"},{"name":"0.2.32","sha":"38c232e466ea3aa373019f632f5f7d53721187ee","kind":"commit","published_at":"2024-07-30T22:56:39.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.32","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.32","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.32","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.32/manifests"},{"name":"0.2.31","sha":"48162de974d2a87a1470b617f0ca3b8de197838c","kind":"commit","published_at":"2024-07-29T18:06:20.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.31","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.31","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.31","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.31/manifests"},{"name":"0.2.30","sha":"6901a14aa0dc73de266c6fd09c0b19bfa993f41e","kind":"commit","published_at":"2024-07-26T17:36:05.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.30","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.30","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.30","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.30/manifests"},{"name":"0.2.29","sha":"39be71f4035a7d383a4bca49ce31d7b859b110fb","kind":"commit","published_at":"2024-07-24T22:28:34.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.29","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.29","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.29","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.29/manifests"},{"name":"0.2.28","sha":"3a85353707ec2026aec93d02e6518e8b67cbe976","kind":"commit","published_at":"2024-07-23T19:04:55.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.28","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.28","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.28","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.28/manifests"},{"name":"0.2.27","sha":"833097b93f0c09a97dd091bf704378512e4a4d48","kind":"commit","published_at":"2024-07-19T22:06:49.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.27","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.27","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.27","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.27/manifests"},{"name":"0.2.26","sha":"fe403576c513a7b70fbfd24dca91e96824275337","kind":"commit","published_at":"2024-07-17T16:51:11.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.26","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.26","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.26","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.26/manifests"},{"name":"0.2.25","sha":"d1010228b3faba964cd6a4ef69f44a9b3a037a44","kind":"commit","published_at":"2024-07-15T22:38:59.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.25","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.25","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.25","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.25/manifests"},{"name":"0.2.24","sha":"527b711bc701dab1c7737b8aed199fbf7f3336c4","kind":"commit","published_at":"2024-07-10T18:50:12.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.24","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.24","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.24","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.24/manifests"},{"name":"0.2.23","sha":"4bc36c0cb85ac2b5efbc9c2bfecad6137666e908","kind":"commit","published_at":"2024-07-08T17:29:37.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.23","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.23","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.23","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.23/manifests"},{"name":"0.2.22","sha":"f5e84bbbab18650f983c463370f70d3f8cec5657","kind":"commit","published_at":"2024-07-07T19:23:38.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.22","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.22","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.22","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.22/manifests"},{"name":"0.2.21","sha":"ebfe6d8fccad21eae9412184d06d67b5e98addda","kind":"commit","published_at":"2024-07-03T04:27:00.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.21","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.21","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.21","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.21/manifests"},{"name":"0.2.20","sha":"e88e1373e672461066c1d9c0e56e33123b66ad84","kind":"commit","published_at":"2024-07-02T22:30:43.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.20","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.20","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.20","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.20/manifests"},{"name":"0.2.19","sha":"c5bf64abebe8066ddb50f83f5c0b00585441bcd9","kind":"commit","published_at":"2024-07-02T21:15:58.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.19","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.19","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.19","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.19/manifests"},{"name":"0.2.18","sha":"13b0beb56fdc607c1f38d820dbf8c95c8fd0ce84","kind":"commit","published_at":"2024-06-29T18:30:01.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.18","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.18","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.18","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.18/manifests"},{"name":"0.2.17","sha":"2eb1e6693c10e23a757232f9bd61055b93042271","kind":"commit","published_at":"2024-06-26T23:16:44.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.17","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.17","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.17/manifests"},{"name":"0.2.16","sha":"95b4aacc256cfc37703693fb283737399e931a0a","kind":"commit","published_at":"2024-06-26T21:00:09.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.16","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.16","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.16/manifests"},{"name":"0.2.15","sha":"bfc342da94cfdf33ec9be0979123aec96fc68f87","kind":"commit","published_at":"2024-06-24T15:04:09.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.15","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.15/manifests"},{"name":"0.2.14","sha":"f07308823e877690a00141441b07fd0f7dfe9805","kind":"commit","published_at":"2024-06-24T12:25:01.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.14","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.14/manifests"},{"name":"0.2.13","sha":"e486eb86b7b95c0d26ebcbdb14f66b18bcced81c","kind":"commit","published_at":"2024-06-18T16:47:06.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.13","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.13/manifests"},{"name":"0.2.12","sha":"b8c039166754e7906ca36ca356b7df8481c576b5","kind":"commit","published_at":"2024-06-17T21:46:28.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.12","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.12/manifests"},{"name":"0.2.11","sha":"44041bccd2e3d72c81390a231021fbd03c66dbc1","kind":"commit","published_at":"2024-06-12T00:47:25.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.11","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.11/manifests"},{"name":"0.2.10","sha":"fc4c2be3aae3e5cee1572b23bab84351941f6bc5","kind":"commit","published_at":"2024-06-10T16:40:47.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.10","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.10/manifests"},{"name":"0.2.9","sha":"e9fc99e6229a91dcebe668dab648b2b6b3ccf81a","kind":"commit","published_at":"2024-06-06T18:21:33.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.9","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.9/manifests"},{"name":"0.2.8","sha":"e48b9cd94bf030a78d4662db42065c5b759dab88","kind":"commit","published_at":"2024-06-05T21:09:05.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.8","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.8/manifests"},{"name":"0.2.7","sha":"8596525d97e3e0d9b6981f7e122334bfc9f712c8","kind":"commit","published_at":"2024-06-05T18:46:00.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.7","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.7/manifests"},{"name":"0.2.6","sha":"a589ad5066643d24a52857f4ce09279b669c4fed","kind":"commit","published_at":"2024-06-03T17:40:28.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.6","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.6/manifests"},{"name":"0.2.5","sha":"47db418ba26dd4b720ec968b2520f2483842419d","kind":"commit","published_at":"2024-05-28T18:05:32.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.5","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.5/manifests"},{"name":"0.2.4","sha":"98652e3954e045c2b24192ad5f1e62a66928c667","kind":"commit","published_at":"2024-05-26T17:11:15.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.4","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.4/manifests"},{"name":"0.2.3","sha":"ce4d862b0674e782aa936a1f25db627c1ada4177","kind":"commit","published_at":"2024-05-24T18:19:28.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.3","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.3/manifests"},{"name":"0.2.2","sha":"e52ae0e2bcb2e7d73efd61881fe166b854018825","kind":"commit","published_at":"2024-05-22T21:45:00.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.2","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.2/manifests"},{"name":"0.2.1","sha":"1fc71ea73624c8c1094567fc432c3b42979f62a8","kind":"commit","published_at":"2024-05-22T20:05:17.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.1","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.1/manifests"},{"name":"0.2.0","sha":"fe28b2c278543bd897fa2bba9f6e935641c49b64","kind":"commit","published_at":"2024-05-22T18:48:44.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.2.0","html_url":"https://github.com/astral-sh/uv/releases/tag/0.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.2.0/manifests"},{"name":"0.1.45","sha":"a33a05e2d92f80f226c56efea24aac83ef37a769","kind":"commit","published_at":"2024-05-20T20:34:05.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.45","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.45","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.45","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.45/manifests"},{"name":"0.1.44","sha":"d417daad7eabaed21e03cbc681023ccbc97c1cd3","kind":"commit","published_at":"2024-05-14T14:05:31.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.44","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.44","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.44","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.44/manifests"},{"name":"0.1.43","sha":"0010954ca7af5d4a005efc55af07e9a8f4bd4868","kind":"commit","published_at":"2024-05-14T00:55:21.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.43","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.43","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.43","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.43/manifests"},{"name":"0.1.42","sha":"367958e6b2565d136b587c5dd5544bb44c835ca7","kind":"commit","published_at":"2024-05-08T21:47:16.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.42","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.42","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.42","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.42/manifests"},{"name":"0.1.41","sha":"b0d7a264318fbaa09bd83a3edd1e882c7435d29e","kind":"commit","published_at":"2024-05-08T01:05:47.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.41","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.41","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.41","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.41/manifests"},{"name":"0.1.40","sha":"e8b423de77e8329f94fb337946aa72880e165417","kind":"commit","published_at":"2024-05-07T17:30:02.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.40","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.40","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.40","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.40/manifests"},{"name":"0.1.39","sha":"028b40741112a518990829bbcf1142173cefcb2f","kind":"commit","published_at":"2024-04-27T11:18:16.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.39","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.39","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.39","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.39/manifests"},{"name":"0.1.38","sha":"0b23caa18d7eb2f874d73e57b7b4bdf35e881a46","kind":"commit","published_at":"2024-04-24T18:28:50.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.38","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.38","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.38","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.38/manifests"},{"name":"0.1.37","sha":"4a49ff43728195e5e60a741b77cf2cdaa3bdd87f","kind":"commit","published_at":"2024-04-23T14:51:23.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.37","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.37","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.37","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.37/manifests"},{"name":"0.1.36","sha":"11c6a07bb5193dc2626fc0d1e6de78b03421d139","kind":"commit","published_at":"2024-04-22T19:15:14.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.36","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.36","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.36","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.36/manifests"},{"name":"0.1.35","sha":"b4ee7d73594183e677f8324f3e890ce53a3ba76d","kind":"commit","published_at":"2024-04-19T23:58:15.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.35","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.35","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.35","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.35/manifests"},{"name":"0.1.34","sha":"9259eceebc4a4691b712e3e89c4080daa444b0cc","kind":"commit","published_at":"2024-04-19T02:15:04.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.34","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.34","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.34","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.34/manifests"},{"name":"0.1.33","sha":"2cee7525c7973dcf93edd3dae940703ed5347d6c","kind":"commit","published_at":"2024-04-17T15:34:13.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.33","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.33","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.33","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.33/manifests"},{"name":"0.1.32","sha":"f6b1580d8bd5388d80592701a02d0e77a199ddd5","kind":"commit","published_at":"2024-04-15T20:29:53.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.32","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.32","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.32","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.32/manifests"},{"name":"0.1.31","sha":"7bcca28b12cd12a6fdf902ec8ae2c48630ba7356","kind":"commit","published_at":"2024-04-09T19:20:43.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.31","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.31","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.31","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.31/manifests"},{"name":"0.1.30","sha":"1512e07a2e7c05b7c9fcb457f35c7ef0f25d8d9b","kind":"commit","published_at":"2024-04-09T16:35:53.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.30","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.30","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.30","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.30/manifests"},{"name":"0.1.29","sha":"365cb16fd66029d871512f008a02014deb6c0fbf","kind":"commit","published_at":"2024-04-04T19:50:52.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.29","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.29","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.29","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.29/manifests"},{"name":"0.1.28","sha":"0046a0d5963fd88ae10f35f1e65b641ae75e173f","kind":"commit","published_at":"2024-04-02T21:39:35.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.28","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.28","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.28","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.28/manifests"},{"name":"0.1.27","sha":"f60e7495cad321e0e40ffe60ba4d44b13aedc0c9","kind":"commit","published_at":"2024-04-01T18:54:50.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.27","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.27","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.27","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.27/manifests"},{"name":"0.1.26","sha":"7b685a8158f0e444526732d25667aa6a7bc418cf","kind":"commit","published_at":"2024-03-28T18:24:47.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.26","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.26","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.26","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.26/manifests"},{"name":"0.1.25","sha":"4e59bfd16e8a0465fd25fab7d0553e2da05f5fda","kind":"commit","published_at":"2024-03-28T15:17:52.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.25","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.25","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.25","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.25/manifests"},{"name":"0.1.24","sha":"01b7a27be42b3673f25e0ab64dfe1a6cebcc3a2f","kind":"commit","published_at":"2024-03-22T20:07:31.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.24","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.24","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.24","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.24/manifests"},{"name":"0.1.23","sha":"0af6a3d41dfd54006475277b74a5d1f0db36dabf","kind":"commit","published_at":"2024-03-21T02:51:21.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.23","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.23","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.23","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.23/manifests"},{"name":"0.1.22","sha":"9afb360524bcf7242005c05508ac165fcd97c0e3","kind":"commit","published_at":"2024-03-18T17:51:06.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.22","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.22","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.22","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.22/manifests"},{"name":"0.1.21","sha":"e9c12c52fd8c233dacb573b9f0a9b62b66c31a89","kind":"commit","published_at":"2024-03-14T14:43:39.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.21","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.21","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.21","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.21/manifests"},{"name":"0.1.20","sha":"ea8fc8280a650715e3227cc9c4c3567568c374f6","kind":"commit","published_at":"2024-03-14T03:58:21.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.20","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.20","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.20","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.20/manifests"},{"name":"0.1.19","sha":"3825c954728fa86498e32a1c517d63a4303bda31","kind":"commit","published_at":"2024-03-13T23:43:53.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.19","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.19","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.19","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.19/manifests"},{"name":"0.1.18","sha":"43dc9c87a6d27b87af191a0aa5216074a209248b","kind":"commit","published_at":"2024-03-13T00:25:41.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.18","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.18","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.18","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.18/manifests"},{"name":"0.1.17","sha":"ec8315166696a8a256723c78c989e91d79678ae6","kind":"commit","published_at":"2024-03-10T19:21:55.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.17","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.17","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.17/manifests"},{"name":"0.1.16","sha":"9f1452cb72e1da912f0653e398ac4ecb81244a82","kind":"commit","published_at":"2024-03-07T23:12:18.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.16","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.16","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.16/manifests"},{"name":"0.1.15","sha":"a8ac7b1eb421d60b46d04805b86ea15bbfd8d1e1","kind":"commit","published_at":"2024-03-05T20:49:07.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.15","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.15/manifests"},{"name":"0.1.14","sha":"c525fdf2b5bd9b98a76e7e7025bcc098c4dc1456","kind":"commit","published_at":"2024-03-04T15:42:33.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.14","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.14/manifests"},{"name":"0.1.13","sha":"9ce5170e6429e3ea7990a40fb15daa67d57e82b3","kind":"commit","published_at":"2024-02-29T17:39:28.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.13","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.13/manifests"},{"name":"0.1.12","sha":"f68b2d1d5efc05acb9fe48c558d631081eff26d9","kind":"commit","published_at":"2024-02-28T20:36:22.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.12","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.12/manifests"},{"name":"0.1.11","sha":"32e5cacdd600e073ca6ab6ca11f76ec5e7e2c20e","kind":"commit","published_at":"2024-02-26T15:46:17.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.11","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.11/manifests"},{"name":"0.1.10","sha":"daa8565a75249305821fdc34ace085060c082ba3","kind":"commit","published_at":"2024-02-23T17:40:36.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.10","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.10/manifests"},{"name":"0.1.9","sha":"eef3ca53675ff285e3883192d805cb1834c3a88d","kind":"commit","published_at":"2024-02-23T02:25:21.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.9","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.9/manifests"},{"name":"0.1.8","sha":"f0b39a36b46786891042100ecdf4837c73b9d3cb","kind":"commit","published_at":"2024-02-22T19:11:58.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.8","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.8/manifests"},{"name":"0.1.7","sha":"12462e57303d7071ccb0cee9eebe9feffa94642d","kind":"commit","published_at":"2024-02-22T03:31:23.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.7","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.7/manifests"},{"name":"0.1.6","sha":"a269766c27ea6d31860b165ef5cb045be323cf16","kind":"commit","published_at":"2024-02-20T17:32:01.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.6","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.6/manifests"},{"name":"0.1.5","sha":"07349e39e84a10b531b4316a140c8b7ae8bf59e4","kind":"commit","published_at":"2024-02-19T02:18:07.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.5","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.5/manifests"},{"name":"0.1.4","sha":"fef1956c627483d2496b14a0a6a6ac2fc2826c2f","kind":"commit","published_at":"2024-02-17T22:10:44.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.4","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.4/manifests"},{"name":"0.1.3","sha":"1110489c29a30ecc5679455a75c326683dc274c1","kind":"commit","published_at":"2024-02-17T00:45:29.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.3","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.3/manifests"},{"name":"0.1.2","sha":"c4743700649bc5cf47492213eb8390ae57a4374a","kind":"commit","published_at":"2024-02-16T06:42:21.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.2","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.2/manifests"},{"name":"0.1.1","sha":"e0885b7c8ee4a9fd4fb65b9a9b3df1f595b5c8e1","kind":"commit","published_at":"2024-02-15T21:38:22.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.1","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.1/manifests"},{"name":"0.1.0","sha":"27177613d4e3682e417953fe831ccb7dc3e409f0","kind":"commit","published_at":"2024-02-15T19:12:23.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.1.0","html_url":"https://github.com/astral-sh/uv/releases/tag/0.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.1.0/manifests"},{"name":"0.0.5","sha":"0780afff95b72c66d9cc8cf955acae2e4857acd1","kind":"commit","published_at":"2024-02-15T18:49:27.000Z","download_url":"https://codeload.github.com/astral-sh/uv/tar.gz/0.0.5","html_url":"https://github.com/astral-sh/uv/releases/tag/0.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/astral-sh%2Fuv/tags/0.0.5/manifests"}]},"repo_metadata_updated_at":"2024-09-05T23:24:18.489Z","dependent_packages_count":37,"downloads":48904434,"downloads_period":"last-month","dependent_repos_count":2,"rankings":{"downloads":27.07973093567981,"dependent_repos_count":11.618622808852685,"dependent_packages_count":9.995259271770403,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":16.231204338767633},"purl":"pkg:pypi/uv","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/pypi/uv","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/pypi/uv","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/pypi/uv/dependencies","status":null,"funding_links":[],"critical":false,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/uv/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/uv/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/uv/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/uv/related_packages","maintainers":[{"uuid":"crmarsh","login":"crmarsh","name":null,"email":null,"url":null,"packages_count":13,"html_url":"https://pypi.org/user/crmarsh/","role":"Owner","created_at":"2024-08-21T02:57:54.544Z","updated_at":"2024-08-21T02:57:54.544Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/crmarsh/packages"},{"uuid":"zanie","login":"zanie","name":null,"email":null,"url":null,"packages_count":9,"html_url":"https://pypi.org/user/zanie/","role":"Owner","created_at":"2024-08-21T02:57:54.619Z","updated_at":"2024-08-21T02:57:54.619Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/zanie/packages"},{"uuid":"astral-bot","login":"astral-bot","name":null,"email":null,"url":null,"packages_count":10,"html_url":"https://pypi.org/user/astral-bot/","role":"Maintainer","created_at":"2024-08-21T02:57:54.701Z","updated_at":"2024-08-21T02:57:54.701Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/astral-bot/packages"}],"registry":{"name":"pypi.org","url":"https://pypi.org","ecosystem":"pypi","default":true,"packages_count":689823,"maintainers_count":292530,"namespaces_count":0,"keywords_count":228482,"github":"pypi","metadata":{"funded_packages_count":48953},"icon_url":"https://github.com/pypi.png","created_at":"2022-04-04T15:19:23.364Z","updated_at":"2025-06-05T05:19:27.498Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/namespaces"}},"unique_repositories_count":378,"unique_repositories_count_past_30_days":41,"recent_issues":[{"uuid":"4552871182","node_id":"PR_kwDOCWWwRs7g3pFn","number":1060,"state":"open","title":"chore(deps-dev): Update uv requirement from 0.11.8 to 0.11.16","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T02:16:01.000Z","updated_at":"2026-05-30T02:16:43.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev): Update","packages":[{"name":"uv","old_version":"0.11.8","new_version":"0.11.16","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.8...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/CycloneDX/cyclonedx-python/pull/1060","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/CycloneDX%2Fcyclonedx-python/issues/1060","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1060/packages"},{"uuid":"4551798960","node_id":"PR_kwDOCBd2_s7g0LTR","number":627,"state":"open","title":"Bump uv from 0.9.26 to 0.11.15","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:41:47.000Z","updated_at":"2026-05-29T21:45:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"uv","old_version":"0.9.26","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.9.26 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.9.26...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.9.26\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/project-koku/nise/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/project-koku/nise/pull/627","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/project-koku%2Fnise/issues/627","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/627/packages"},{"uuid":"4551793217","node_id":"PR_kwDOSGgXgc7g0KFO","number":229,"state":"open","title":"chore(deps): bump uv from 0.11.14 to 0.11.15 in the uv group across 1 directory","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:40:45.000Z","updated_at":"2026-05-29T21:40:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"uv","old_version":"0.11.14","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":"the uv group across 1 directory","ecosystem":"pip"},"body":"Bumps the uv group with 1 update in the / directory: [uv](https://github.com/astral-sh/uv).\n\nUpdates `uv` from 0.11.14 to 0.11.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.14...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.14\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/paudley/coding-ethos/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/paudley/coding-ethos/pull/229","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/paudley%2Fcoding-ethos/issues/229","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/229/packages"},{"uuid":"4551790396","node_id":"PR_kwDOB6MPY87g0Jfx","number":4397,"state":"open","title":"build(deps): bump uv from 0.11.11 to 0.11.15 in /.hermetic_builds","user":"dependabot[bot]","labels":["dependencies","python","ci-failing"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:40:14.000Z","updated_at":"2026-05-30T05:38:45.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"uv","old_version":"0.11.11","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":"/.hermetic_builds","ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nBumps [uv](https://github.com/astral-sh/uv) from 0.11.11 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.11...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/RedHatInsights/insights-host-inventory/pull/4397","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/RedHatInsights%2Finsights-host-inventory/issues/4397","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4397/packages"},{"uuid":"4551756415","node_id":"PR_kwDORETDts7g0CR1","number":114,"state":"open","title":"chore(deps): bump uv from 0.11.6 to 0.11.15 in /python","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:33:56.000Z","updated_at":"2026-05-29T21:34:17.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"uv","old_version":"0.11.6","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":"/python","ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.6 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.6...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.6\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/tallclub/matimo/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/tallclub/matimo/pull/114","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tallclub%2Fmatimo/issues/114","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/114/packages"},{"uuid":"4551744561","node_id":"PR_kwDOOMEdyc7gz_1c","number":662,"state":"closed","title":"chore(deps-dev): bump uv from 0.11.10 to 0.11.15","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-30T00:39:05.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-29T21:31:34.000Z","updated_at":"2026-05-30T00:39:07.000Z","time_to_close":11251,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev)","packages":[{"name":"uv","old_version":"0.11.10","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.10 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.10...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.10\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aignostics/python-sdk/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/aignostics/python-sdk/pull/662","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/aignostics%2Fpython-sdk/issues/662","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/662/packages"},{"uuid":"4551744215","node_id":"PR_kwDORaWtds7gz_wh","number":90,"state":"open","title":"Bump uv from 0.11.6 to 0.11.15","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:31:31.000Z","updated_at":"2026-05-29T23:49:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"uv","old_version":"0.11.6","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.6 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.6...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.6\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/NotLeonian/aalpy-compro-examples/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/NotLeonian/aalpy-compro-examples/pull/90","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/NotLeonian%2Faalpy-compro-examples/issues/90","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/90/packages"},{"uuid":"4551743162","node_id":"PR_kwDOCab4t87gz_jG","number":124,"state":"open","title":"chore(deps): bump uv from 0.11.13 to 0.11.15","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:31:16.000Z","updated_at":"2026-05-29T21:32:11.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"uv","old_version":"0.11.13","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.13 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.13...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.13\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SciQLop/SciQLop/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/SciQLop/SciQLop/pull/124","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SciQLop%2FSciQLop/issues/124","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/124/packages"},{"uuid":"4551742098","node_id":"PR_kwDORVSXHM7gz_Vl","number":3807,"state":"open","title":"chore(deps): bump uv from 0.11.11 to 0.11.15 in the uv group across 1 directory","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:31:04.000Z","updated_at":"2026-05-29T21:35:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"uv","old_version":"0.11.11","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":"the uv group across 1 directory","ecosystem":"pip"},"body":"Bumps the uv group with 1 update in the / directory: [uv](https://github.com/astral-sh/uv).\n\nUpdates `uv` from 0.11.11 to 0.11.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.11...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.11\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/daggerstuff/pixelated/network/alerts).\n\n\u003c/details\u003e\n\u003c!-- Rovo Dev code review status --\u003e\n---\nRovo Dev code review: \u003cstrong\u003eRovo Dev couldn't review this pull request\u003c/strong\u003e\nRovo Dev does not review pull requests created by bot accounts.\n\u003c!-- /Rovo Dev code review status --\u003e\n\n\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpdate `uv` to 0.11.15 to pick up security fixes and stricter package validation, and bump `idna` to 3.17 in bias-detection requirements. This hardens our Python tooling and refreshes the lockfile.\n\n- **Dependencies**\n  - `uv`: 0.11.11 → 0.11.15 (includes TAR parser and script entry security fixes, stricter wheel validation, minor perf improvements)\n  - `idna`: 3.15 → 3.17 in `src/lib/ai/bias-detection/requirements.txt` and `src/lib/ai/bias-detection/python-service/requirements.txt`\n\n\u003csup\u003eWritten for commit 180addf2eaa1f845fa9122c0bc9e052cb5589b42. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/daggerstuff/pixelated/pull/3807?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/daggerstuff/pixelated/pull/3807","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/daggerstuff%2Fpixelated/issues/3807","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3807/packages"},{"uuid":"4551733212","node_id":"PR_kwDOAqimgM7gz9nz","number":154,"state":"open","title":"Bump uv from 0.11.13 to 0.11.15","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:29:17.000Z","updated_at":"2026-05-29T21:30:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"uv","old_version":"0.11.13","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.13 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.13...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.13\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/peeringdb/django-peeringdb/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/peeringdb/django-peeringdb/pull/154","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/peeringdb%2Fdjango-peeringdb/issues/154","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/154/packages"},{"uuid":"4520575515","node_id":"PR_kwDOOLH-PM7fOT7_","number":66,"state":"open","title":"deps(deps-dev): update uv requirement from \u003e=0.1.0 to \u003e=0.11.16","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T01:27:49.000Z","updated_at":"2026-05-26T01:27:50.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps-dev): update","packages":[{"name":"uv","old_version":"\u003e=0.1.0","new_version":"\u003e=0.11.16","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.1.0...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/loonghao/dcc-mcp/pull/66","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/loonghao%2Fdcc-mcp/issues/66","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/66/packages"},{"uuid":"4518554431","node_id":"PR_kwDOG7OTWc7fHwy5","number":250,"state":"closed","title":"Update uv requirement from \u003c1.0,\u003e=0.11.6 to \u003e=0.11.16,\u003c1.0","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-26T00:24:28.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-25T17:28:07.000Z","updated_at":"2026-05-26T00:24:36.000Z","time_to_close":24981,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"uv","old_version":"\u003c1.0,\u003e=0.11.6","new_version":"\u003e=0.11.16,\u003c1.0","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.6...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/yu-iskw/dbt-artifacts-parser/pull/250","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/yu-iskw%2Fdbt-artifacts-parser/issues/250","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/250/packages"},{"uuid":"4514498126","node_id":"PR_kwDOSXm1Es7e6pCd","number":17,"state":"open","title":"build(deps): bump uv from 0.11.15 to 0.11.16 in /.devcontainer","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T05:28:06.000Z","updated_at":"2026-05-25T05:29:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"uv","old_version":"0.11.15","new_version":"0.11.16","repository_url":"https://github.com/astral-sh/uv"}],"path":"/.devcontainer","ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.15 to 0.11.16.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.15...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=pip\u0026previous-version=0.11.15\u0026new-version=0.11.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/ale-saglia/cup-check/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ale-saglia%2Fcup-check/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"},{"uuid":"4512532378","node_id":"PR_kwDOSXLGM87e0lKU","number":11,"state":"closed","title":"chore(deps): bump the uv-dependencies group across 1 directory with 6 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-31T04:32:17.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-24T18:25:58.000Z","updated_at":"2026-05-31T04:32:19.000Z","time_to_close":554779,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"uv-dependencies","update_count":6,"packages":[{"name":"click","old_version":"8.4.0","new_version":"8.4.1","repository_url":"https://github.com/pallets/click"},{"name":"cachetools","old_version":"7.1.3","new_version":"7.1.4","repository_url":"https://github.com/tkem/cachetools"},{"name":"fastapi","old_version":"0.136.1","new_version":"0.136.3","repository_url":"https://github.com/fastapi/fastapi"},{"name":"uvicorn","old_version":"0.47.0","new_version":"0.48.0","repository_url":"https://github.com/Kludex/uvicorn"},{"name":"uv","old_version":"0.11.15","new_version":"0.11.16","repository_url":"https://github.com/astral-sh/uv"},{"name":"pytest-codspeed","old_version":"5.0.2","new_version":"5.0.3","repository_url":"https://github.com/CodSpeedHQ/pytest-codspeed"}],"path":null,"ecosystem":"pip"},"body":"Bumps the uv-dependencies group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [click](https://github.com/pallets/click) | `8.4.0` | `8.4.1` |\n| [cachetools](https://github.com/tkem/cachetools) | `7.1.3` | `7.1.4` |\n| [fastapi](https://github.com/fastapi/fastapi) | `0.136.1` | `0.136.3` |\n| [uvicorn](https://github.com/Kludex/uvicorn) | `0.47.0` | `0.48.0` |\n| [uv](https://github.com/astral-sh/uv) | `0.11.15` | `0.11.16` |\n| [pytest-codspeed](https://github.com/CodSpeedHQ/pytest-codspeed) | `5.0.2` | `5.0.3` |\n\n\nUpdates `click` from 8.4.0 to 8.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/releases\"\u003eclick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.4.1\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.4.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.4.1/\"\u003ehttps://pypi.org/project/click/8.4.1/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-4-1\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-4-1\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/32?closed=1\"\u003ehttps://github.com/pallets/click/milestone/32?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eget_parameter_source()\u003c/code\u003e is available during eager callbacks and type conversion again. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3458\"\u003e#3458\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eZsh completion scripts parse correctly on Windows. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3277\"\u003e#3277\u003c/a\u003e # 3466\u003c/li\u003e\n\u003cli\u003eShell completion of \u003ccode\u003eChoice\u003c/code\u003e \u003ccode\u003eEnum\u003c/code\u003e values produces a valid completion result. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3015\"\u003e#3015\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix empty byte-string handling in echo. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix closed file error with \u003ccode\u003eecho_via_pager\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3449\"\u003e#3449\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/blob/main/CHANGES.rst\"\u003eclick's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 8.4.1\u003c/h2\u003e\n\u003cp\u003eReleased 2026-05-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eget_parameter_source()\u003c/code\u003e is available during eager callbacks and type\nconversion again. :issue:\u003ccode\u003e3458\u003c/code\u003e :issue:\u003ccode\u003e3484\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eZsh completion scripts parse correctly on Windows. :issue:\u003ccode\u003e3277\u003c/code\u003e :pr:\u003ccode\u003e3466\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eShell completion of \u003ccode\u003eChoice\u003c/code\u003e \u003ccode\u003eEnum\u003c/code\u003e values produces a valid completion\nresult. :issue:\u003ccode\u003e3015\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix empty byte-string handling in echo. :issue:\u003ccode\u003e3487\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix closed file error with \u003ccode\u003eecho_via_pager\u003c/code\u003e. :issue:\u003ccode\u003e3449\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/6eeb50e948ea136db145280f6f5dd52eca3fa7e5\"\u003e\u003ccode\u003e6eeb50e\u003c/code\u003e\u003c/a\u003e release version 8.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/67921d5b71584112eebcbf89596b5f0e6d14c49f\"\u003e\u003ccode\u003e67921d5\u003c/code\u003e\u003c/a\u003e change log and doc fixes (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3495\"\u003e#3495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/9c41f46a4015700489ad009266edf1f3893d01d1\"\u003e\u003ccode\u003e9c41f46\u003c/code\u003e\u003c/a\u003e Fix changelog and version admonitions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/6cb34774f20598aa288332f8da02c5aee85448a6\"\u003e\u003ccode\u003e6cb3477\u003c/code\u003e\u003c/a\u003e fix skip condition\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/5ee8e3123d8ddece6c47eff9a7a7d4ca478c4f37\"\u003e\u003ccode\u003e5ee8e31\u003c/code\u003e\u003c/a\u003e fix I/O operation on closed file error with CliRunner and echo_via_pager (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3482\"\u003e#3482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/becbde5cf416441627f779e8dd34e57738ee1c1f\"\u003e\u003ccode\u003ebecbde5\u003c/code\u003e\u003c/a\u003e pager doesn't close std streams\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/a5f5aa6d4012d256ccca24638f2642fc371e9f77\"\u003e\u003ccode\u003ea5f5aa6\u003c/code\u003e\u003c/a\u003e Handle empty bytes in echo (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3493\"\u003e#3493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/4d3db84b251518e97299a38a5ca4bab3d01873a2\"\u003e\u003ccode\u003e4d3db84\u003c/code\u003e\u003c/a\u003e handle empty bytes in echo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/d42f15b71757de791a5781fb179fd972da9169f5\"\u003e\u003ccode\u003ed42f15b\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eget_parameter_source()\u003c/code\u003e during type conversion and eager callbacks (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3484\"\u003e#3484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/0baa8db07736fc7ad3d3eed97d4c73b0059c63e1\"\u003e\u003ccode\u003e0baa8db\u003c/code\u003e\u003c/a\u003e Document ctx.params bypass with test and doc\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/click/compare/8.4.0...8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cachetools` from 7.1.3 to 7.1.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst\"\u003ecachetools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev7.1.4 (2026-05-22)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMinor unit test improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate build environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/48284d73d0a8834c9c50f8d41bb99e6f93b2dfed\"\u003e\u003ccode\u003e48284d7\u003c/code\u003e\u003c/a\u003e Release v7.1.4.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/55ea96b88a485fca9effae0f838186274f00897c\"\u003e\u003ccode\u003e55ea96b\u003c/code\u003e\u003c/a\u003e Update build environment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/c5439fe5dc883220b59469e450dbcbf9f4c2e52d\"\u003e\u003ccode\u003ec5439fe\u003c/code\u003e\u003c/a\u003e Add threading tests for lock-only decorators.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/91828fccd629d426157a165d38563614ba06a875\"\u003e\u003ccode\u003e91828fc\u003c/code\u003e\u003c/a\u003e Run threading tests unconditionally with timeout.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/tkem/cachetools/compare/v7.1.3...v7.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastapi` from 0.136.1 to 0.136.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastapi/fastapi/releases\"\u003efastapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.136.3\u003c/h2\u003e\n\u003ch3\u003eRefactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e♻️ Do not accept underscore headers when using \u003ccode\u003econvert_underscores=True\u003c/code\u003e (the default). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15589\"\u003e#15589\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.136.2\u003c/h2\u003e\n\u003ch3\u003eRefactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e♻️ Validate Server Sent Event fields to avoid applications from sending broken data. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15588\"\u003e#15588\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e📝 Document \u003ccode\u003e--entrypoint\u003c/code\u003e CLI option. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15464\"\u003e#15464\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Update and simplify docs about help and management. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15583\"\u003e#15583\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Add docs references to central contributing docs. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15580\"\u003e#15580\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Update security policy. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15577\"\u003e#15577\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🍱 Update sponsors: TalorData image. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15562\"\u003e#15562\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Update docs, simplify usage of admonitions, only default ones. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15553\"\u003e#15553\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Fix image URLs in \u003ccode\u003eindex.md\u003c/code\u003e. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15534\"\u003e#15534\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e✏️ Fix Azkaban spelling typo in \u003ccode\u003evirtual-environments.md‎\u003c/code\u003e. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15463\"\u003e#15463\u003c/a\u003e by \u003ca href=\"https://github.com/isaacbernat\"\u003e\u003ccode\u003e@​isaacbernat\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e💄 Improve layout and styling. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15462\"\u003e#15462\u003c/a\u003e by \u003ca href=\"https://github.com/alejsdev\"\u003e\u003ccode\u003e@​alejsdev\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e💄 Refactor opinions section with interactive tabs and new logos. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15458\"\u003e#15458\u003c/a\u003e by \u003ca href=\"https://github.com/alejsdev\"\u003e\u003ccode\u003e@​alejsdev\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Add FastAPI Conf '26 announcement to docs. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15457\"\u003e#15457\u003c/a\u003e by \u003ca href=\"https://github.com/alejsdev\"\u003e\u003ccode\u003e@​alejsdev\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTranslations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🌐 Improve translation consistency in \u003ccode\u003e‎docs/pt/docs/advanced/generate-clients.md‎\u003c/code\u003e. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15456\"\u003e#15456\u003c/a\u003e by \u003ca href=\"https://github.com/Will-thom\"\u003e\u003ccode\u003e@​Will-thom\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for ja (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15530\"\u003e#15530\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for uk (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15529\"\u003e#15529\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for pt (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15528\"\u003e#15528\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for de (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15527\"\u003e#15527\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for tr (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15526\"\u003e#15526\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for ko (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15525\"\u003e#15525\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for zh-hant (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15524\"\u003e#15524\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for fr (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15522\"\u003e#15522\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for es (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15523\"\u003e#15523\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for zh (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15520\"\u003e#15520\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for ru (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15521\"\u003e#15521\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Fix typos in Spanish LLM-prompt. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15472\"\u003e#15472\u003c/a\u003e by \u003ca href=\"https://github.com/crr004\"\u003e\u003ccode\u003e@​crr004\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e✅ Update tests, don't double dispose the engine. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15587\"\u003e#15587\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⚡️ Speed up test suite via caching and fixture scopes to make it ~24% faster. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/13583\"\u003e#13583\u003c/a\u003e by \u003ca href=\"https://github.com/dikos1337\"\u003e\u003ccode\u003e@​dikos1337\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔥 Remove config files now in central GitHub repo. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15585\"\u003e#15585\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump urllib3 from 2.6.3 to 2.7.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15502\"\u003e#15502\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump idna from 3.11 to 3.15. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15565\"\u003e#15565\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump cloudflare/wrangler-action from 3.15.0 to 4.0.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15571\"\u003e#15571\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔧 Migrate docs from MkDocs to Zensical. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15563\"\u003e#15563\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔒️ Only allow team members to modify dependencies. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15548\"\u003e#15548\u003c/a\u003e by \u003ca href=\"https://github.com/svlandeg\"\u003e\u003ccode\u003e@​svlandeg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/82064857539e6286522c347b4b11331b48dd2378\"\u003e\u003ccode\u003e8206485\u003c/code\u003e\u003c/a\u003e 🔖 Release version 0.136.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/c910e0139f983d0e04e2d1d235cd71803afeae34\"\u003e\u003ccode\u003ec910e01\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/063b5bf582d31fb155cc6bc6f88cf512329d0fd5\"\u003e\u003ccode\u003e063b5bf\u003c/code\u003e\u003c/a\u003e ♻️ Do not accept underscore headers when using \u003ccode\u003econvert_underscores=True\u003c/code\u003e (th...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/22b02e26f9e8c7e32bd8266e2b0ebe8bb3a0db2b\"\u003e\u003ccode\u003e22b02e2\u003c/code\u003e\u003c/a\u003e 🔖 Release version 0.136.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/3b252a2a22ba27a8ab83d6bde7d9cddbc5bf738e\"\u003e\u003ccode\u003e3b252a2\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/c7fb7851b3389f24c51701d705458989be53ccbb\"\u003e\u003ccode\u003ec7fb785\u003c/code\u003e\u003c/a\u003e ♻️ Validate Server Sent Event fields to avoid applications from sending broke...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/cb83b83dcf78eab4ea17d504db5abcda705fbdc4\"\u003e\u003ccode\u003ecb83b83\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/00f805cec94c0bf48c1f9a563535a3ab2e6f90ab\"\u003e\u003ccode\u003e00f805c\u003c/code\u003e\u003c/a\u003e ✅ Update tests, don't double dispose the engine (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15587\"\u003e#15587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/3675137523dc167981aa3a3c44599b4f3079ccd8\"\u003e\u003ccode\u003e3675137\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/7b57e42986bb4d40c9eb6580537d13fb8e76097e\"\u003e\u003ccode\u003e7b57e42\u003c/code\u003e\u003c/a\u003e 📝 Document \u003ccode\u003e--entrypoint\u003c/code\u003e CLI option (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15464\"\u003e#15464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastapi/fastapi/compare/0.136.1...0.136.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uvicorn` from 0.47.0 to 0.48.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Kludex/uvicorn/releases\"\u003euvicorn's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 0.48.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault \u003ccode\u003essl_ciphers\u003c/code\u003e to \u003ccode\u003eNone\u003c/code\u003e and use OpenSSL defaults by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Kludex/uvicorn/pull/2940\"\u003eKludex/uvicorn#2940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore duplicate forwarding headers in \u003ccode\u003eProxyHeadersMiddleware\u003c/code\u003e by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Kludex/uvicorn/pull/2944\"\u003eKludex/uvicorn#2944\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Kludex/uvicorn/compare/0.47.0...0.48.0\"\u003ehttps://github.com/Kludex/uvicorn/compare/0.47.0...0.48.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md\"\u003euvicorn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.48.0 (May 24, 2026)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefault \u003ccode\u003essl_ciphers\u003c/code\u003e to \u003ccode\u003eNone\u003c/code\u003e and use OpenSSL defaults (\u003ca href=\"https://redirect.github.com/Kludex/uvicorn/issues/2940\"\u003e#2940\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIgnore duplicate forwarding headers in \u003ccode\u003eProxyHeadersMiddleware\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/Kludex/uvicorn/issues/2944\"\u003e#2944\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/uvicorn/commit/73e84e58d7f6b8b3dfd8a9e3e42d716862250f33\"\u003e\u003ccode\u003e73e84e5\u003c/code\u003e\u003c/a\u003e Version 0.48.0 (\u003ca href=\"https://redirect.github.com/Kludex/uvicorn/issues/2951\"\u003e#2951\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/uvicorn/commit/45ea11690b4a62fa6df339d2b6ee3b8545a418e0\"\u003e\u003ccode\u003e45ea116\u003c/code\u003e\u003c/a\u003e Ignore duplicate forwarding headers in \u003ccode\u003eProxyHeadersMiddleware\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/Kludex/uvicorn/issues/2944\"\u003e#2944\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/uvicorn/commit/dd4394c3cbfd9f27a696a7b08047149690058158\"\u003e\u003ccode\u003edd4394c\u003c/code\u003e\u003c/a\u003e chore(deps): bump idna from 3.11 to 3.15 (\u003ca href=\"https://redirect.github.com/Kludex/uvicorn/issues/2941\"\u003e#2941\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/uvicorn/commit/abe07818a191cd036dc3824d802d052207e01c7e\"\u003e\u003ccode\u003eabe0781\u003c/code\u003e\u003c/a\u003e Default \u003ccode\u003essl_ciphers\u003c/code\u003e to \u003ccode\u003eNone\u003c/code\u003e and use OpenSSL defaults (\u003ca href=\"https://redirect.github.com/Kludex/uvicorn/issues/2940\"\u003e#2940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/Kludex/uvicorn/compare/0.47.0...0.48.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uv` from 0.11.15 to 0.11.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.15...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pytest-codspeed` from 5.0.2 to 5.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/CodSpeedHQ/pytest-codspeed/releases\"\u003epytest-codspeed's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: move callgrind skip obj API to instrument-hooks by \u003ca href=\"https://github.com/not-matthias\"\u003e\u003ccode\u003e@​not-matthias\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/123\"\u003eCodSpeedHQ/pytest-codspeed#123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/CodSpeedHQ/pytest-codspeed/compare/v5.0.2...v5.0.3\"\u003ehttps://github.com/CodSpeedHQ/pytest-codspeed/compare/v5.0.2...v5.0.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/CodSpeedHQ/pytest-codspeed/blob/master/CHANGELOG.md\"\u003epytest-codspeed's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[5.0.3] - 2026-05-22\u003c/h2\u003e\n\u003ch3\u003e\u003c!-- raw HTML omitted --\u003e🏗️ Refactor\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse instrument_hooks_callgrind_add_obj_skip from C API by \u003ca href=\"https://github.com/not-matthias\"\u003e\u003ccode\u003e@​not-matthias\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/123\"\u003e#123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/CodSpeedHQ/pytest-codspeed/commit/b2d12d8e96704c82b449d8668818a754ede45c66\"\u003e\u003ccode\u003eb2d12d8\u003c/code\u003e\u003c/a\u003e Release v5.0.3 🚀\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/CodSpeedHQ/pytest-codspeed/commit/31447b7b6fba4ff9a5bdf5c0d046b7d8936cab5c\"\u003e\u003ccode\u003e31447b7\u003c/code\u003e\u003c/a\u003e refactor: use instrument_hooks_callgrind_add_obj_skip from C API\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/CodSpeedHQ/pytest-codspeed/compare/v5.0.2...v5.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/Beaconchain-us/prefect/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Beaconchain-us%2Fprefect/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"},{"uuid":"4510233473","node_id":"PR_kwDOSGgXgc7et0Uq","number":175,"state":"open","title":"chore(deps): bump uv from 0.11.12 to 0.11.14","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-24T02:19:18.000Z","updated_at":"2026-05-24T02:19:19.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"uv","old_version":"0.11.12","new_version":"0.11.14","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.12 to 0.11.14.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore \u003ccode\u003etop_level.txt\u003c/code\u003e entries in uninstall that are not valid Python identifiers (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19340\"\u003e#19340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid applying \u003ccode\u003e.env\u003c/code\u003e files in parent process (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19343\"\u003e#19343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFilter ANSI codes in logging output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19311\"\u003e#19311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003euv tree\u003c/code\u003e showing extra-conditional deps for packages required without extras (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19332\"\u003e#19332\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRespect build options (e.g., \u003ccode\u003e--no-build\u003c/code\u003e) during lock validation (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19366\"\u003e#19366\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.14\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.14\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-x86_64-apple-darwin.tar.gz\"\u003euv-x86_64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eIntel macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-x86_64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-pc-windows-msvc.zip\"\u003euv-aarch64-pc-windows-msvc.zip\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eARM64 Windows\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-pc-windows-msvc.zip.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-i686-pc-windows-msvc.zip\"\u003euv-i686-pc-windows-msvc.zip\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ex86 Windows\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-i686-pc-windows-msvc.zip.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-x86_64-pc-windows-msvc.zip\"\u003euv-x86_64-pc-windows-msvc.zip\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ex64 Windows\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-x86_64-pc-windows-msvc.zip.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-unknown-linux-gnu.tar.gz\"\u003euv-aarch64-unknown-linux-gnu.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eARM64 Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-unknown-linux-gnu.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-i686-unknown-linux-gnu.tar.gz\"\u003euv-i686-unknown-linux-gnu.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ex86 Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-i686-unknown-linux-gnu.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-powerpc64le-unknown-linux-gnu.tar.gz\"\u003euv-powerpc64le-unknown-linux-gnu.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePPC64LE Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-powerpc64le-unknown-linux-gnu.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-riscv64gc-unknown-linux-gnu.tar.gz\"\u003euv-riscv64gc-unknown-linux-gnu.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRISCV Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-riscv64gc-unknown-linux-gnu.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-s390x-unknown-linux-gnu.tar.gz\"\u003euv-s390x-unknown-linux-gnu.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eS390x Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-s390x-unknown-linux-gnu.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-x86_64-unknown-linux-gnu.tar.gz\"\u003euv-x86_64-unknown-linux-gnu.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ex64 Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-x86_64-unknown-linux-gnu.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-armv7-unknown-linux-gnueabihf.tar.gz\"\u003euv-armv7-unknown-linux-gnueabihf.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eARMv7 Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-armv7-unknown-linux-gnueabihf.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-unknown-linux-musl.tar.gz\"\u003euv-aarch64-unknown-linux-musl.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eARM64 MUSL Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-unknown-linux-musl.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-i686-unknown-linux-musl.tar.gz\"\u003euv-i686-unknown-linux-musl.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ex86 MUSL Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-i686-unknown-linux-musl.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-riscv64gc-unknown-linux-musl.tar.gz\"\u003euv-riscv64gc-unknown-linux-musl.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRISCV MUSL Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-riscv64gc-unknown-linux-musl.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore \u003ccode\u003etop_level.txt\u003c/code\u003e entries in uninstall that are not valid Python identifiers (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19340\"\u003e#19340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid applying \u003ccode\u003e.env\u003c/code\u003e files in parent process (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19343\"\u003e#19343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFilter ANSI codes in logging output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19311\"\u003e#19311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003euv tree\u003c/code\u003e showing extra-conditional deps for packages required without extras (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19332\"\u003e#19332\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRespect build options (e.g., \u003ccode\u003e--no-build\u003c/code\u003e) during lock validation (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19366\"\u003e#19366\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.13\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-10.\u003c/p\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eInclude data files in editable builds (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19312\"\u003e#19312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRespect \u003ccode\u003e--require-hashes\u003c/code\u003e when installing from \u003ccode\u003epylock.toml\u003c/code\u003e files (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19334\"\u003e#19334\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePython\u003c/h3\u003e\n\u003ch3\u003ePython\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd CPython 3.14.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3fdfdc7d4a63c9f283eb751823b7628b13116684\"\u003e\u003ccode\u003e3fdfdc7\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.14 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19377\"\u003e#19377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/634b03f972330183295adae438ec90e76105593e\"\u003e\u003ccode\u003e634b03f\u003c/code\u003e\u003c/a\u003e Document \u003ccode\u003euv auth helper\u003c/code\u003e for Bazel credential helper use (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19358\"\u003e#19358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/601c2b80421544fc0f18bedd2d141308e8acbfd1\"\u003e\u003ccode\u003e601c2b8\u003c/code\u003e\u003c/a\u003e Respect build options (e.g., \u003ccode\u003e--no-build\u003c/code\u003e) during lock validation (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19366\"\u003e#19366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/7d6590313139e075eac190a3611238072e7c3cdf\"\u003e\u003ccode\u003e7d65903\u003c/code\u003e\u003c/a\u003e Add Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/685c32c51de5f21cdffe1311d6265b9dbebe2a03\"\u003e\u003ccode\u003e685c32c\u003c/code\u003e\u003c/a\u003e Ignore \u003ccode\u003etop_level.txt\u003c/code\u003e entries in uninstall that are not valid Python identif...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/374fcaa56aa46a2923eed31fe0df7a4a7a14c477\"\u003e\u003ccode\u003e374fcaa\u003c/code\u003e\u003c/a\u003e Fix JUnit upload on Windows runners (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19370\"\u003e#19370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/96b43afadc2add190895b20282e83023a08bd0e7\"\u003e\u003ccode\u003e96b43af\u003c/code\u003e\u003c/a\u003e Ensure publish to crates.io is idempotent (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19361\"\u003e#19361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/b2bd71a82c172926d6fb76ecbbad9c61c6e706b1\"\u003e\u003ccode\u003eb2bd71a\u003c/code\u003e\u003c/a\u003e Filter ANSI codes in logging output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19311\"\u003e#19311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/81e7f8ccbbd3ed407f32312743fe138d36411cff\"\u003e\u003ccode\u003e81e7f8c\u003c/code\u003e\u003c/a\u003e Update Rust crate junction to v2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19353\"\u003e#19353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9f21ff88867f59e84bc82f7422492b998aba6e30\"\u003e\u003ccode\u003e9f21ff8\u003c/code\u003e\u003c/a\u003e Avoid applying \u003ccode\u003e.env\u003c/code\u003e files in parent process (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19343\"\u003e#19343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.12...0.11.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.12\u0026new-version=0.11.14)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/paudley/coding-ethos/pull/175","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/paudley%2Fcoding-ethos/issues/175","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/175/packages"},{"uuid":"4506548171","node_id":"PR_kwDOGuafp87eipch","number":23,"state":"closed","title":"build(deps-dev): bump the python-deps group across 1 directory with 15 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-30T02:25:04.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T02:25:59.000Z","updated_at":"2026-05-30T02:25:06.000Z","time_to_close":604745,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps-dev): bump","group_name":"python-deps","update_count":15,"packages":[{"name":"tox","old_version":"4.53.1","new_version":"4.54.0","repository_url":"https://github.com/tox-dev/tox"},{"name":"cachetools","old_version":"7.1.1","new_version":"7.1.4","repository_url":"https://github.com/tkem/cachetools"},{"name":"certifi","old_version":"2026.4.22","new_version":"2026.5.20","repository_url":"https://github.com/certifi/python-certifi"},{"name":"click","old_version":"8.3.3","new_version":"8.4.1","repository_url":"https://github.com/pallets/click"},{"name":"coverage","old_version":"7.13.5","new_version":"7.14.0","repository_url":"https://github.com/coveragepy/coveragepy"},{"name":"django-stubs","old_version":"6.0.3","new_version":"6.0.4","repository_url":"https://github.com/typeddjango/django-stubs"},{"name":"django-stubs-ext","old_version":"6.0.3","new_version":"6.0.4","repository_url":"https://github.com/typeddjango/django-stubs"},{"name":"idna","old_version":"3.13","new_version":"3.16","repository_url":"https://github.com/kjd/idna"},{"name":"librt","old_version":"0.10.0","new_version":"0.11.0","repository_url":"https://github.com/mypyc/librt"},{"name":"mypy","old_version":"2.0.0","new_version":"2.1.0","repository_url":"https://github.com/python/mypy"},{"name":"pydantic-core","old_version":"2.46.4","new_version":"2.47.0","repository_url":"https://github.com/pydantic/pydantic"},{"name":"python-discovery","old_version":"1.3.0","new_version":"1.3.1","repository_url":"https://github.com/tox-dev/python-discovery"},{"name":"tomlkit","old_version":"0.14.0","new_version":"0.15.0","repository_url":"https://github.com/python-poetry/tomlkit"},{"name":"uv","old_version":"0.11.12","new_version":"0.11.16","repository_url":"https://github.com/astral-sh/uv"},{"name":"virtualenv","old_version":"21.3.1","new_version":"21.3.3","repository_url":"https://github.com/pypa/virtualenv"}],"path":null,"ecosystem":"pip"},"body":"Bumps the python-deps group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [tox](https://github.com/tox-dev/tox) | `4.53.1` | `4.54.0` |\n| [cachetools](https://github.com/tkem/cachetools) | `7.1.1` | `7.1.4` |\n| [certifi](https://github.com/certifi/python-certifi) | `2026.4.22` | `2026.5.20` |\n| [click](https://github.com/pallets/click) | `8.3.3` | `8.4.1` |\n| [coverage](https://github.com/coveragepy/coveragepy) | `7.13.5` | `7.14.0` |\n| [django-stubs](https://github.com/typeddjango/django-stubs) | `6.0.3` | `6.0.4` |\n| [django-stubs-ext](https://github.com/typeddjango/django-stubs) | `6.0.3` | `6.0.4` |\n| [idna](https://github.com/kjd/idna) | `3.13` | `3.16` |\n| [librt](https://github.com/mypyc/librt) | `0.10.0` | `0.11.0` |\n| [mypy](https://github.com/python/mypy) | `2.0.0` | `2.1.0` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.46.4` | `2.47.0` |\n| [python-discovery](https://github.com/tox-dev/python-discovery) | `1.3.0` | `1.3.1` |\n| [tomlkit](https://github.com/python-poetry/tomlkit) | `0.14.0` | `0.15.0` |\n| [uv](https://github.com/astral-sh/uv) | `0.11.12` | `0.11.16` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `21.3.1` | `21.3.3` |\n\n\nUpdates `tox` from 4.53.1 to 4.54.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tox-dev/tox/releases\"\u003etox's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.54.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e🧪 test(conftest): strip broken nspkg.pth files under py3.15 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tox-dev/tox/pull/3937\"\u003etox-dev/tox#3937\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨ feat(packaging): declare tox.pytest deps via a testing extra by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tox-dev/tox/pull/3940\"\u003etox-dev/tox#3940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🐛 fix(schema): cover every replace form in the TOML schema by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tox-dev/tox/pull/3941\"\u003etox-dev/tox#3941\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/tox-dev/tox/compare/4.53.1...4.54.0\"\u003ehttps://github.com/tox-dev/tox/compare/4.53.1...4.54.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tox-dev/tox/blob/main/docs/changelog.rst\"\u003etox's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eFeatures - 4.54.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeclare the runtime dependencies of the \u003ccode\u003etox.pytest\u003c/code\u003e plugin (\u003ccode\u003epytest\u003c/code\u003e, \u003ccode\u003edevpi-process\u003c/code\u003e and \u003ccode\u003epytest-mock\u003c/code\u003e)\nunder a new \u003ccode\u003etesting\u003c/code\u003e extra, so plugin authors can pull them in via \u003ccode\u003etox[testing]\u003c/code\u003e - by :user:\u003ccode\u003egaborbernat\u003c/code\u003e.\n(:issue:\u003ccode\u003e3938\u003c/code\u003e, :issue:\u003ccode\u003e3940\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes - 4.54.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eExtend the generated TOML schema to cover every \u003ccode\u003ereplace\u003c/code\u003e table form (\u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eref\u003c/code\u003e, \u003ccode\u003eposargs\u003c/code\u003e, \u003ccode\u003eglob\u003c/code\u003e,\n\u003ccode\u003eif\u003c/code\u003e), including conditional replacements used inside \u003ccode\u003ecommands\u003c/code\u003e. A guard test asserts the schema stays in sync\nwith the loader implementation so future replace types cannot be added without a corresponding schema entry.\n(:issue:\u003ccode\u003e3939\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003ev4.53.1 (2026-05-02)\u003c/p\u003e\n\u003chr /\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/tox/commit/1f1fcc7a53665a827d8a304190696c6926ebb2eb\"\u003e\u003ccode\u003e1f1fcc7\u003c/code\u003e\u003c/a\u003e release 4.54.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/tox/commit/b35c8eedaf94906ed0e7938c7526dced550e6fa0\"\u003e\u003ccode\u003eb35c8ee\u003c/code\u003e\u003c/a\u003e 🐛 fix(schema): cover every replace form in the TOML schema (\u003ca href=\"https://redirect.github.com/tox-dev/tox/issues/3941\"\u003e#3941\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/tox/commit/6eb5c4f5eec439b3924d6adb3d9d16ea7fc88a20\"\u003e\u003ccode\u003e6eb5c4f\u003c/code\u003e\u003c/a\u003e ✨ feat(packaging): declare tox.pytest deps via a testing extra (\u003ca href=\"https://redirect.github.com/tox-dev/tox/issues/3940\"\u003e#3940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/tox/commit/1ad47ddaab21c891f136a9627d1c6cdb6ea655d7\"\u003e\u003ccode\u003e1ad47dd\u003c/code\u003e\u003c/a\u003e 🧪 test(conftest): strip broken nspkg.pth files under py3.15 (\u003ca href=\"https://redirect.github.com/tox-dev/tox/issues/3937\"\u003e#3937\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/tox/commit/dfba9661b10aa5148daf7267b80fec50f4faa9d2\"\u003e\u003ccode\u003edfba966\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/tox-dev/tox/issues/3936\"\u003e#3936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/tox/commit/21069af5f5b93774f88c271d5deb1389cd2caf12\"\u003e\u003ccode\u003e21069af\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/tox-dev/tox/issues/3933\"\u003e#3933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/tox-dev/tox/compare/4.53.1...4.54.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cachetools` from 7.1.1 to 7.1.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst\"\u003ecachetools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev7.1.4 (2026-05-22)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMinor unit test improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate build environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.1.3 (2026-05-18)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMinor type stub improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate build environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.1.2 (2026-05-16)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMinor type stub improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMinor documentation improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eModernize build environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/48284d73d0a8834c9c50f8d41bb99e6f93b2dfed\"\u003e\u003ccode\u003e48284d7\u003c/code\u003e\u003c/a\u003e Release v7.1.4.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/55ea96b88a485fca9effae0f838186274f00897c\"\u003e\u003ccode\u003e55ea96b\u003c/code\u003e\u003c/a\u003e Update build environment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/c5439fe5dc883220b59469e450dbcbf9f4c2e52d\"\u003e\u003ccode\u003ec5439fe\u003c/code\u003e\u003c/a\u003e Add threading tests for lock-only decorators.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/91828fccd629d426157a165d38563614ba06a875\"\u003e\u003ccode\u003e91828fc\u003c/code\u003e\u003c/a\u003e Run threading tests unconditionally with timeout.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/16952edb1eb2d2ced7601e12db722008e5156912\"\u003e\u003ccode\u003e16952ed\u003c/code\u003e\u003c/a\u003e Release v7.1.3.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/92dd756b93813d1ddfe70893e9c219342a52e19a\"\u003e\u003ccode\u003e92dd756\u003c/code\u003e\u003c/a\u003e Prepare v7.1.3.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/ced08f52ef792a010b8171715c7842da4e11b9ac\"\u003e\u003ccode\u003eced08f5\u003c/code\u003e\u003c/a\u003e Improve cachetools.func type stubs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/d809d7be5a222effd3663c33baaaee3802972daa\"\u003e\u003ccode\u003ed809d7b\u003c/code\u003e\u003c/a\u003e Update build environment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/c84b5e5be3d33a32d33f0988b524fb86de1e44f2\"\u003e\u003ccode\u003ec84b5e5\u003c/code\u003e\u003c/a\u003e Release v7.1.2.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/39ad61c1db56600fe903f3c4216996c491e775bf\"\u003e\u003ccode\u003e39ad61c\u003c/code\u003e\u003c/a\u003e Prepare v7.1.2.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tkem/cachetools/compare/v7.1.1...v7.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2026.4.22 to 2026.5.20\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/d7ea151afc2ce6bef0555b9349902bd867e928dd\"\u003e\u003ccode\u003ed7ea151\u003c/code\u003e\u003c/a\u003e 2026.05.20 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/413\"\u003e#413\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2026.04.22...2026.05.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `click` from 8.3.3 to 8.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/releases\"\u003eclick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.4.1\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.4.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.4.1/\"\u003ehttps://pypi.org/project/click/8.4.1/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-4-1\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-4-1\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/32?closed=1\"\u003ehttps://github.com/pallets/click/milestone/32?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eget_parameter_source()\u003c/code\u003e is available during eager callbacks and type conversion again. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3458\"\u003e#3458\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eZsh completion scripts parse correctly on Windows. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3277\"\u003e#3277\u003c/a\u003e # 3466\u003c/li\u003e\n\u003cli\u003eShell completion of \u003ccode\u003eChoice\u003c/code\u003e \u003ccode\u003eEnum\u003c/code\u003e values produces a valid completion result. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3015\"\u003e#3015\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix empty byte-string handling in echo. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix closed file error with \u003ccode\u003eecho_via_pager\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3449\"\u003e#3449\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.4.0\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.4.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.\u003c/p\u003e\n\u003cp\u003eWe encourage everyone to upgrade. You can read more about our \u003ca href=\"https://palletsprojects.com/versions\"\u003eVersion Support Policy\u003c/a\u003e on our website.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.4.0/\"\u003ehttps://pypi.org/project/click/8.4.0/\u003c/a\u003e\nChanges:  \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-4-0\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-4-0\u003c/a\u003e\nMilestone \u003ca href=\"https://github.com/pallets/click/milestone/30\"\u003ehttps://github.com/pallets/click/milestone/30\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eParamType\u003c/code\u003e typing improvements. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3371\"\u003e#3371\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParamType\u003c/code\u003e is now a generic abstract base class,\nparameterized by its converted value type.\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.convert\u003c/code\u003e return types are narrowed on all\nconcrete types (\u003ccode\u003estr\u003c/code\u003e for :class:\u003ccode\u003eSTRING\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e for\n:class:\u003ccode\u003eINT\u003c/code\u003e, etc.).\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.to_info_dict\u003c/code\u003e returns specific\n:class:\u003ccode\u003e~typing.TypedDict\u003c/code\u003e subclasses instead of\n\u003ccode\u003edict[str, Any]\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003eCompositeParamType\u003c/code\u003e and the number-range base are now\ngeneric with abstract methods.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRefactor \u003ccode\u003econvert_type\u003c/code\u003e to extract type inference into a private\n\u003ccode\u003e_guess_type\u003c/code\u003e helper, and add :func:\u003ccode\u003etyping.overload\u003c/code\u003e signatures.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3372\"\u003e#3372\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eParameter\u003c/code\u003e typing improvements. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2805\"\u003e#2805\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParameter\u003c/code\u003e is now an abstract base class, making explicit\nthat it cannot be instantiated directly.\u003c/li\u003e\n\u003cli\u003e:attr:\u003ccode\u003eParameter.name\u003c/code\u003e is now \u003ccode\u003estr\u003c/code\u003e instead of \u003ccode\u003estr | None\u003c/code\u003e.\nWhen \u003ccode\u003eexpose_value=False\u003c/code\u003e, the name is set to \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e instead\nof \u003ccode\u003eNone\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ectx\u003c/code\u003e parameter of :meth:\u003ccode\u003eParameter.get_error_hint\u003c/code\u003e is now\ntyped as \u003ccode\u003eContext | None\u003c/code\u003e, matching the runtime behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSplit string values from \u003ccode\u003edefault_map\u003c/code\u003e for parameters with \u003ccode\u003enargs \u0026gt; 1\u003c/code\u003e\nor :class:\u003ccode\u003eTuple\u003c/code\u003e type, matching environment variable behavior.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/blob/main/CHANGES.rst\"\u003eclick's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 8.4.1\u003c/h2\u003e\n\u003cp\u003eReleased 2026-05-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eget_parameter_source()\u003c/code\u003e is available during eager callbacks and type\nconversion again. :issue:\u003ccode\u003e3458\u003c/code\u003e :issue:\u003ccode\u003e3484\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eZsh completion scripts parse correctly on Windows. :issue:\u003ccode\u003e3277\u003c/code\u003e :pr:\u003ccode\u003e3466\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eShell completion of \u003ccode\u003eChoice\u003c/code\u003e \u003ccode\u003eEnum\u003c/code\u003e values produces a valid completion\nresult. :issue:\u003ccode\u003e3015\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix empty byte-string handling in echo. :issue:\u003ccode\u003e3487\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix closed file error with \u003ccode\u003eecho_via_pager\u003c/code\u003e. :issue:\u003ccode\u003e3449\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 8.4.0\u003c/h2\u003e\n\u003cp\u003eReleased 2026-05-17\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e:class:\u003ccode\u003eParamType\u003c/code\u003e typing improvements. :pr:\u003ccode\u003e3371\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParamType\u003c/code\u003e is now a generic abstract base class,\nparameterized by its converted value type.\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.convert\u003c/code\u003e return types are narrowed on all\nconcrete types (\u003ccode\u003estr\u003c/code\u003e for :class:\u003ccode\u003eSTRING\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e for\n:class:\u003ccode\u003eINT\u003c/code\u003e, etc.).\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.to_info_dict\u003c/code\u003e returns specific\n:class:\u003ccode\u003e~typing.TypedDict\u003c/code\u003e subclasses instead of\n\u003ccode\u003edict[str, Any]\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003eCompositeParamType\u003c/code\u003e and the number-range base are now\ngeneric with abstract methods.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRefactor \u003ccode\u003econvert_type\u003c/code\u003e to extract type inference into a private\n\u003ccode\u003e_guess_type\u003c/code\u003e helper, and add :func:\u003ccode\u003etyping.overload\u003c/code\u003e signatures.\n:pr:\u003ccode\u003e3372\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e:class:\u003ccode\u003eParameter\u003c/code\u003e typing improvements. :pr:\u003ccode\u003e2805\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParameter\u003c/code\u003e is now an abstract base class, making explicit\nthat it cannot be instantiated directly.\u003c/li\u003e\n\u003cli\u003e:attr:\u003ccode\u003eParameter.name\u003c/code\u003e is now \u003ccode\u003estr\u003c/code\u003e instead of \u003ccode\u003estr | None\u003c/code\u003e.\nWhen \u003ccode\u003eexpose_value=False\u003c/code\u003e, the name is set to \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e instead\nof \u003ccode\u003eNone\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ectx\u003c/code\u003e parameter of :meth:\u003ccode\u003eParameter.get_error_hint\u003c/code\u003e is now\ntyped as \u003ccode\u003eContext | None\u003c/code\u003e, matching the runtime behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSplit string values from \u003ccode\u003edefault_map\u003c/code\u003e for parameters with \u003ccode\u003enargs \u0026gt; 1\u003c/code\u003e\nor :class:\u003ccode\u003eTuple\u003c/code\u003e type, matching environment variable behavior.\n:issue:\u003ccode\u003e2745\u003c/code\u003e :pr:\u003ccode\u003e3364\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAuto-detect \u003ccode\u003etype=UNPROCESSED\u003c/code\u003e for \u003ccode\u003eflag_value\u003c/code\u003e of non-basic types\n(not \u003ccode\u003estr\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e, \u003ccode\u003efloat\u003c/code\u003e, or \u003ccode\u003ebool\u003c/code\u003e), so programmer-provided\nPython objects like classes and enum members are passed through unchanged\ninstead of being stringified. Previously \u003ccode\u003etype=click.UNPROCESSED\u003c/code\u003e had\nto be set explicitly. :issue:\u003ccode\u003e2012\u003c/code\u003e :pr:\u003ccode\u003e3363\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/6eeb50e948ea136db145280f6f5dd52eca3fa7e5\"\u003e\u003ccode\u003e6eeb50e\u003c/code\u003e\u003c/a\u003e release version 8.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/67921d5b71584112eebcbf89596b5f0e6d14c49f\"\u003e\u003ccode\u003e67921d5\u003c/code\u003e\u003c/a\u003e change log and doc fixes (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3495\"\u003e#3495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/9c41f46a4015700489ad009266edf1f3893d01d1\"\u003e\u003ccode\u003e9c41f46\u003c/code\u003e\u003c/a\u003e Fix changelog and version admonitions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/6cb34774f20598aa288332f8da02c5aee85448a6\"\u003e\u003ccode\u003e6cb3477\u003c/code\u003e\u003c/a\u003e fix skip condition\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/5ee8e3123d8ddece6c47eff9a7a7d4ca478c4f37\"\u003e\u003ccode\u003e5ee8e31\u003c/code\u003e\u003c/a\u003e fix I/O operation on closed file error with CliRunner and echo_via_pager (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3482\"\u003e#3482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/becbde5cf416441627f779e8dd34e57738ee1c1f\"\u003e\u003ccode\u003ebecbde5\u003c/code\u003e\u003c/a\u003e pager doesn't close std streams\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/a5f5aa6d4012d256ccca24638f2642fc371e9f77\"\u003e\u003ccode\u003ea5f5aa6\u003c/code\u003e\u003c/a\u003e Handle empty bytes in echo (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3493\"\u003e#3493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/4d3db84b251518e97299a38a5ca4bab3d01873a2\"\u003e\u003ccode\u003e4d3db84\u003c/code\u003e\u003c/a\u003e handle empty bytes in echo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/d42f15b71757de791a5781fb179fd972da9169f5\"\u003e\u003ccode\u003ed42f15b\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eget_parameter_source()\u003c/code\u003e during type conversion and eager callbacks (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3484\"\u003e#3484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/0baa8db07736fc7ad3d3eed97d4c73b0059c63e1\"\u003e\u003ccode\u003e0baa8db\u003c/code\u003e\u003c/a\u003e Document ctx.params bypass with test and doc\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/click/compare/8.3.3...8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `coverage` from 7.13.5 to 7.14.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst\"\u003ecoverage's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 7.14.0 — 2026-05-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeature: now when running one of the reporting commands, if there are\nparallel data files that need combining, they will be implicitly combined\nbefore creating the report. There is no option to avoid the combination; let\nus know if you have a use case that requires it.  Thanks, \u003ccode\u003eTim Hatch \u0026lt;pull 2162_\u0026gt;\u003c/code\u003e\u003cem\u003e. Closes \u003ccode\u003eissue 1781\u003c/code\u003e\u003c/em\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: the output from \u003ccode\u003ecombine\u003c/code\u003e was too verbose, listing each file\nconsidered. Now it shows a single line with the counts of files combined,\nfiles skipped, and files with errors. The \u003ccode\u003e-q\u003c/code\u003e flag suppresses this line.\nThe old detailed lines are available with the new \u003ccode\u003e--debug=combine\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: running a Python file through a symlink now sets the sys.path correctly,\nmatching regular Python behavior. Fixes \u003ccode\u003eissue 2157\u003c/code\u003e_.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: \u003ccode\u003eCollector.flush_data\u003c/code\u003e could fail with \u0026quot;RuntimeError: Set changed\nsize during iteration\u0026quot; when a tracer in another thread added a line to the\nper-file set that \u003ccode\u003eadd_lines\u003c/code\u003e (or \u003ccode\u003eadd_arcs\u003c/code\u003e) was iterating. The values\npassed to \u003ccode\u003eCoverageData\u003c/code\u003e are now snapshotted via \u003ccode\u003edict.copy()\u003c/code\u003e and\n\u003ccode\u003eset.copy()\u003c/code\u003e, which are atomic under the GIL. Thanks, \u003ccode\u003eAlex Vandiver \u0026lt;pull 2165_\u0026gt;\u003c/code\u003e_.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: the soft keyword \u003ccode\u003elazy\u003c/code\u003e is now bolded in HTML reports.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eWe are no longer testing eventlet support. Eventlet started issuing stern\ndeprecation warnings that break our tests. Our support code is still there.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _issue 1781: \u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/issues/1781\"\u003ecoveragepy/coveragepy#1781\u003c/a\u003e\n.. _issue 2157: \u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/issues/2157\"\u003ecoveragepy/coveragepy#2157\u003c/a\u003e\n.. _pull 2162: \u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/pull/2162\"\u003ecoveragepy/coveragepy#2162\u003c/a\u003e\n.. _pull 2165: \u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/pull/2165\"\u003ecoveragepy/coveragepy#2165\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e.. _changes_7-13-5:\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/646351b60429f1b5760af6c1b97b28483244a955\"\u003e\u003ccode\u003e646351b\u003c/code\u003e\u003c/a\u003e docs: sample HTML for 7.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/39cd015505c8b04369c5b06e34fc22449a697370\"\u003e\u003ccode\u003e39cd015\u003c/code\u003e\u003c/a\u003e docs: prep for 7.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/649e8aa34af7d80c386ae82e8a3a6c9a3acb0dab\"\u003e\u003ccode\u003e649e8aa\u003c/code\u003e\u003c/a\u003e docs: thanks Alex Vandiver for \u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/issues/2165\"\u003e#2165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/8cd392e3b5c4bc15d534aaec0c21714f9f518469\"\u003e\u003ccode\u003e8cd392e\u003c/code\u003e\u003c/a\u003e fix: snapshot data in Collector.flush_data to avoid threading race (\u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/issues/2165\"\u003e#2165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/c48e0edc2ebe44621b0053176e90f77b0c79bec1\"\u003e\u003ccode\u003ec48e0ed\u003c/code\u003e\u003c/a\u003e fix: less output for combining\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/c2a3a284078556c911e0d9b6c6af1b7082a363ea\"\u003e\u003ccode\u003ec2a3a28\u003c/code\u003e\u003c/a\u003e docs: explain the change from \u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/issues/2162\"\u003e#2162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/1cd47aa6ac1da4e150da44055295d4e4f3a014e8\"\u003e\u003ccode\u003e1cd47aa\u003c/code\u003e\u003c/a\u003e fix: implicit combine-during-report now removes the combined data files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/2d99fd7696e0bccec8037479a4e45c1ecccb8058\"\u003e\u003ccode\u003e2d99fd7\u003c/code\u003e\u003c/a\u003e feat: automatically combine coverage in report, thanks Tim Hatch (\u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/issues/2162\"\u003e#2162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/9fbdcdfee1c122fac43f1bf9a5e2d1f4d835f21c\"\u003e\u003ccode\u003e9fbdcdf\u003c/code\u003e\u003c/a\u003e fix: lazy soft keywords are bolded\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/5de7d0267b9466d59995aaae1a7e707c8c6f66e7\"\u003e\u003ccode\u003e5de7d02\u003c/code\u003e\u003c/a\u003e build: oops, misplaced quote\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/coveragepy/coveragepy/compare/7.13.5...7.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `django-stubs` from 6.0.3 to 6.0.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/928eec423b8454590a46e50653698d85954f04de\"\u003e\u003ccode\u003e928eec4\u003c/code\u003e\u003c/a\u003e Version 6.0.4 release (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3375\"\u003e#3375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/a9942040a2ed28b8e1ae129578c1f5a4f2b449b8\"\u003e\u003ccode\u003ea994204\u003c/code\u003e\u003c/a\u003e Update dependency mypy to v2 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3374\"\u003e#3374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/ec8107b44d798a16b42ff049fe3904c9a4b5df08\"\u003e\u003ccode\u003eec8107b\u003c/code\u003e\u003c/a\u003e Update dependency pyrefly to v0.64.0 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3373\"\u003e#3373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/28d997bc1e6559579ce3f4663178a8294e402897\"\u003e\u003ccode\u003e28d997b\u003c/code\u003e\u003c/a\u003e Remove unused get_field_lookup_exact_type from helpers (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3372\"\u003e#3372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/d312d60b1d7e852f73babe2a76be1d2961b94393\"\u003e\u003ccode\u003ed312d60\u003c/code\u003e\u003c/a\u003e Update dependency django to v5.2.14 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3371\"\u003e#3371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/f20e49018f19e84a839ab5d11ac47654e671728a\"\u003e\u003ccode\u003ef20e490\u003c/code\u003e\u003c/a\u003e Update Django to 6.0.5 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3369\"\u003e#3369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/6d9d0e26fff5462782bfeede76ffd8b2cc36712d\"\u003e\u003ccode\u003e6d9d0e2\u003c/code\u003e\u003c/a\u003e Resolve default_alias for positional Aggregate in annotate() (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3362\"\u003e#3362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/6dd9231e36393d5ddaecb5d0ffca2a6b824bf0cc\"\u003e\u003ccode\u003e6dd9231\u003c/code\u003e\u003c/a\u003e Update int128/hide-comment-action action to v1.58.0 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3368\"\u003e#3368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/e270482574c273798d875f2191945f64dbb0c00a\"\u003e\u003ccode\u003ee270482\u003c/code\u003e\u003c/a\u003e Update dependency psycopg to v3.3.4 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3365\"\u003e#3365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/cfb0f9a098e24d47f1c3cc5c5de971b599c6e907\"\u003e\u003ccode\u003ecfb0f9a\u003c/code\u003e\u003c/a\u003e Update dependency pyrefly to v0.63.1 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3367\"\u003e#3367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/typeddjango/django-stubs/compare/6.0.3...6.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `django-stubs-ext` from 6.0.3 to 6.0.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/928eec423b8454590a46e50653698d85954f04de\"\u003e\u003ccode\u003e928eec4\u003c/code\u003e\u003c/a\u003e Version 6.0.4 release (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3375\"\u003e#3375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/a9942040a2ed28b8e1ae129578c1f5a4f2b449b8\"\u003e\u003ccode\u003ea994204\u003c/code\u003e\u003c/a\u003e Update dependency mypy to v2 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3374\"\u003e#3374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/ec8107b44d798a16b42ff049fe3904c9a4b5df08\"\u003e\u003ccode\u003eec8107b\u003c/code\u003e\u003c/a\u003e Update dependency pyrefly to v0.64.0 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3373\"\u003e#3373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/28d997bc1e6559579ce3f4663178a8294e402897\"\u003e\u003ccode\u003e28d997b\u003c/code\u003e\u003c/a\u003e Remove unused get_field_lookup_exact_type from helpers (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3372\"\u003e#3372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/d312d60b1d7e852f73babe2a76be1d2961b94393\"\u003e\u003ccode\u003ed312d60\u003c/code\u003e\u003c/a\u003e Update dependency django to v5.2.14 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3371\"\u003e#3371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/f20e49018f19e84a839ab5d11ac47654e671728a\"\u003e\u003ccode\u003ef20e490\u003c/code\u003e\u003c/a\u003e Update Django to 6.0.5 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3369\"\u003e#3369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/6d9d0e26fff5462782bfeede76ffd8b2cc36712d\"\u003e\u003ccode\u003e6d9d0e2\u003c/code\u003e\u003c/a\u003e Resolve default_alias for positional Aggregate in annotate() (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3362\"\u003e#3362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/6dd9231e36393d5ddaecb5d0ffca2a6b824bf0cc\"\u003e\u003ccode\u003e6dd9231\u003c/code\u003e\u003c/a\u003e Update int128/hide-comment-action action to v1.58.0 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3368\"\u003e#3368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/e270482574c273798d875f2191945f64dbb0c00a\"\u003e\u003ccode\u003ee270482\u003c/code\u003e\u003c/a\u003e Update dependency psycopg to v3.3.4 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3365\"\u003e#3365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/cfb0f9a098e24d47f1c3cc5c5de971b599c6e907\"\u003e\u003ccode\u003ecfb0f9a\u003c/code\u003e\u003c/a\u003e Update dependency pyrefly to v0.63.1 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3367\"\u003e#3367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/typeddjango/django-stubs/compare/6.0.3...6.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.13 to 3.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.16 (2026-05-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a command-line interface (\u003ccode\u003epython -m idna\u003c/code\u003e, also available as\nthe \u003ccode\u003eidna\u003c/code\u003e script). Encodes or decodes one or more domains supplied\nas arguments or on standard input, with options to select A-label\nor U-label output and control error handling.\u003c/li\u003e\n\u003cli\u003eRaise the minimum supported Python version to 3.9\u003c/li\u003e\n\u003cli\u003eVarious code quality improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.15 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce DNS-length cap on individual labels early in \u003ccode\u003echeck_label\u003c/code\u003e,\nshort-circuiting contextual-rule processing for oversized input\nwhile staying compatible with UTS 46 usage.\u003c/li\u003e\n\u003cli\u003eTidy core helpers: hoist bidi category sets to module-level\nfrozensets (avoiding per-codepoint list construction), simplify\nlength checks, and reuse the shared \u003ccode\u003e_unicode_dots_re\u003c/code\u003e from\n\u003ccode\u003eidna.core\u003c/code\u003e in the codec module.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eraise ... from err\u003c/code\u003e for proper exception chaining and\nswitch internal string formatting to f-strings.\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eflit_core\u003c/code\u003e 4.x in the build backend.\u003c/li\u003e\n\u003cli\u003eExpand the ruff lint set (flake8-bugbear, flake8-simplify,\npyupgrade, perflint) and apply the surfaced fixes; pin lint CI\nto Python 3.14.\u003c/li\u003e\n\u003cli\u003eAdd Dependabot configuration for GitHub Actions.\u003c/li\u003e\n\u003cli\u003eConvert README and HISTORY from reStructuredText to Markdown.\u003c/li\u003e\n\u003cli\u003eReference CVE-2026-45409 for the 3.14 advisory in place of the\ninitial GHSA identifier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Felix Yan, Stan Ulbrych, and metsw24-max for\ncontributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.14 (2026-05-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [CVE-2026-45409]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/6d1a0de52a8b4690f1b2a89829aa85ff1de3635a\"\u003e\u003ccode\u003e6d1a0de\u003c/code\u003e\u003c/a\u003e Release 3.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/4e6cbe225a3e0b6e7eed2082086a12cba526e787\"\u003e\u003ccode\u003e4e6cbe2\u003c/code\u003e\u003c/a\u003e Demote installation instruction to usage section\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/223533c34c9e23470e714ed9b1f1c41867177732\"\u003e\u003ccode\u003e223533c\u003c/code\u003e\u003c/a\u003e Merge branch 'readme-simplification' into release-3.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/b1640b228a50b3c94ffcf8a664eb6cb186550f3e\"\u003e\u003ccode\u003eb1640b2\u003c/code\u003e\u003c/a\u003e Bump version to 3.16rc0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/3a861132be61091454aae10c292d98bcfd3cd797\"\u003e\u003ccode\u003e3a86113\u003c/code\u003e\u003c/a\u003e Update history for 3.16 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d4bc9e742b753cff2ec6c53bd4be730863ca9c53\"\u003e\u003ccode\u003ed4bc9e7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/246\"\u003e#246\u003c/a\u003e from kjd/python-3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/a21d9fca6b04c47ddbd0303d62bbc0712b55f43d\"\u003e\u003ccode\u003ea21d9fc\u003c/code\u003e\u003c/a\u003e Update deprecation policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/b46492694aa21dc1c3608f59dd5b9620c08b2d0f\"\u003e\u003ccode\u003eb464926\u003c/code\u003e\u003c/a\u003e Raise minimum Python to 3.9 and modernize typing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/7f3b15e8839f0e404a00054c4072e69347e727f2\"\u003e\u003ccode\u003e7f3b15e\u003c/code\u003e\u003c/a\u003e Explicit example not needed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/7530c7020ae2bcf0acff1fafd71fb047a3b117ed\"\u003e\u003ccode\u003e7530c70\u003c/code\u003e\u003c/a\u003e Remove unnecessary print()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.13...v3.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `librt` from 0.10.0 to 0.11.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mypyc/librt/commit/862679a0492f4433a286b2d53965ec2603623be1\"\u003e\u003ccode\u003e862679a\u003c/code\u003e\u003c/a\u003e Sync mypy and bump version to 0.11.0 (\u003ca href=\"https://redirect.github.com/mypyc/librt/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mypyc/librt/compare/v0.10.0...v0.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mypy` from 2.0.0 to 2.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python/mypy/blob/master/CHANGELOG.md\"\u003emypy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eMypy Release Notes\u003c/h1\u003e\n\u003ch2\u003eNext Release\u003c/h2\u003e\n\u003ch2\u003eMypy 2.1\u003c/h2\u003e\n\u003cp\u003eWe’ve just uploaded mypy 2.1.0 to the Python Package Index (\u003ca href=\"https://pypi.org/project/mypy/\"\u003ePyPI\u003c/a\u003e).\nMypy is a static type checker for Python. This release includes new features, performance\nimprovements and bug fixes. You can install it as follows:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003epython3 -m pip install -U mypy\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eYou can read the full documentation for this release on \u003ca href=\"http://mypy.readthedocs.io\"\u003eRead the Docs\u003c/a\u003e.\u003c/p\u003e\n\u003ch3\u003elibrt.vecs: Fast Growable Array Type for Mypyc\u003c/h3\u003e\n\u003cp\u003eThe new \u003ccode\u003elibrt.vecs\u003c/code\u003e module provides an efficient growable array type \u003ccode\u003evec\u003c/code\u003e that is\noptimized for mypyc use. It provides fast, packed arrays with integer and floating point\nvalue types, which can be \u003cstrong\u003eseveral times faster\u003c/strong\u003e than \u003ccode\u003elist\u003c/code\u003e, and tens of times faster\nthan \u003ccode\u003earray.array\u003c/code\u003e in code compiled using mypyc. It also supports nested \u003ccode\u003evec\u003c/code\u003e objects and\nnon-value-type items, such as \u003ccode\u003evec[vec[str]]\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eRefer to the \u003ca href=\"https://mypyc.readthedocs.io/en/latest/librt_vecs.html\"\u003edocumentation\u003c/a\u003e for\nthe details.\u003c/p\u003e\n\u003cp\u003eContributed by Jukka Lehtosalo.\u003c/p\u003e\n\u003ch3\u003elibrt.random: Fast Pseudo-Random Number Generation\u003c/h3\u003e\n\u003cp\u003eThe new \u003ccode\u003elibrt.random\u003c/code\u003e module provides fast pseudo-random number generation that is\noptimized for code compiled using mypyc. It can be 3x to 10x faster than the stdlib\n\u003ccode\u003erandom\u003c/code\u003e module in compiled code.\u003c/p\u003e\n\u003cp\u003eRefer to the \u003ca href=\"https://mypyc.readthedocs.io/en/latest/librt_random.html\"\u003edocumentation\u003c/a\u003e for\nthe details.\u003c/p\u003e\n\u003cp\u003eContributed by Jukka Lehtosalo (PR \u003ca href=\"https://redirect.github.com/python/mypy/pull/21433\"\u003e21433\u003c/a\u003e).\u003c/p\u003e\n\u003ch3\u003eMypyc Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMake compilation order with multiple files consistent (Piotr Sawicki, PR \u003ca href=\"https://redirect.github.com/python/mypy/pull/21419\"\u003e21419\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix crash on accessing \u003ccode\u003eStopAsyncIteration\u003c/code\u003e (Piotr Sawicki, PR \u003ca href=\"https://redirect.github.com/python/mypy/pull/21406\"\u003e21406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incremental compilation with \u003ccode\u003eseparate\u003c/code\u003e flag (Vaggelis Danias, PR \u003ca href=\"https://redirect.github.com/python/mypy/pull/21299\"\u003e21299\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes to Crashes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix crash on partial type with \u003ccode\u003e--allow-redefinition\u003c/code\u003e and \u003ccode\u003eglobal\u003c/code\u003e declaration (Jukka Lehtosalo, PR \u003ca href=\"https://redirect.github.com/python/mypy/pull/21428\"\u003e21428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix broken awaitable generator patching (Ivan Levkivskyi, PR \u003ca href=\"https://redirect.github.com/python/mypy/pull/21435\"\u003e21435\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges to Messages\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/c1c336d7e34eb313080c79b156518c58d27c7234\"\u003e\u003ccode\u003ec1c336d\u003c/code\u003e\u003c/a\u003e Remove +dev from version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/74df14b7cbf08140236aa45bbb7f42219b0b1df7\"\u003e\u003ccode\u003e74df14b\u003c/code\u003e\u003c/a\u003e Add changelog for mypy 2.1 (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21464\"\u003e#21464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/022d9bc96f86c40f338a5cf150f1806cc8f300ff\"\u003e\u003ccode\u003e022d9bc\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;TypeForm: Enable by default (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21262\"\u003e#21262\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/8826288214f1cb31496e610667481221e025359c\"\u003e\u003ccode\u003e8826288\u003c/code\u003e\u003c/a\u003e [mypyc] Document librt.random (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21463\"\u003e#21463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/3f4067b699dbe52d08e42ef3b3ebfdebdc06bd96\"\u003e\u003ccode\u003e3f4067b\u003c/code\u003e\u003c/a\u003e Bump librt version to 0.11.0 (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21458\"\u003e#21458\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/2b1eb58a250c5f1eb4ef5fb1f312ff528c5a1d4e\"\u003e\u003ccode\u003e2b1eb58\u003c/code\u003e\u003c/a\u003e [mypyc] Enable incremental self-compilation (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21369\"\u003e#21369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/8152f4af3f6c03beaf2660026240f0fdce7feecc\"\u003e\u003ccode\u003e8152f4a\u003c/code\u003e\u003c/a\u003e Respect file config comments for stale modules (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21444\"\u003e#21444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/116d60bdd3fdfe8d97c6afe99370910db56f1b92\"\u003e\u003ccode\u003e116d60b\u003c/code\u003e\u003c/a\u003e Fix nondeterminism from nonassociativity of overload joins (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21455\"\u003e#21455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/6c4af8e42110cea3f84bc02add2ca7b89c268210\"\u003e\u003ccode\u003e6c4af8e\u003c/code\u003e\u003c/a\u003e Fix function call message change for small number of args (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21432\"\u003e#21432\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/4b8fdcaf24032592510e8f15421fb32d82a71800\"\u003e\u003ccode\u003e4b8fdca\u003c/code\u003e\u003c/a\u003e [mypyc] Add librt.random module (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21433\"\u003e#21433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python/mypy/compare/v2.0.0...v2.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic-core` from 2.46.4 to 2.47.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pydantic/pydantic/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `python-discovery` from 1.3.0 to 1.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tox-dev/python-discovery/releases\"\u003epython-discovery's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCanonicalize GraalPy implementation name. by \u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tox-dev/python-discovery/pull/73\"\u003etox-dev/python-discovery#73\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e👷 ci(release): wire up towncrier-driven release pipeline by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tox-dev/python-discovery/pull/74\"\u003etox-dev/python-discovery#74\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/tox-dev/python-discovery/pull/73\"\u003etox-dev/python-discovery#73\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/tox-dev/python-discovery/compare/1.3.0...1.3.1\"\u003ehttps://github.com/tox-dev/python-discovery/compare/1.3.0...1.3.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tox-dev/python-discovery/blob/main/docs/changelog.rst\"\u003epython-discovery's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eBug fixes - 1.3.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eexport normalize_isa and deprecate KNOWN_ARCHITECTURES - by :user:\u003ccode\u003erahuldevikar\u003c/code\u003e. (:issue:\u003ccode\u003e59\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003ediscover uv-managed Pythons on Windows. Previously the glob assumed Unix layout (\u003ccode\u003e\u0026lt;root\u0026gt;/\u0026lt;key\u0026gt;/bin/python\u003c/code\u003e) and\nsilently found nothing on Windows, where uv places \u003ccode\u003epython.exe\u003c/code\u003e directly under the install root - by\n:user:\u003ccode\u003egaborbernat\u003c/code\u003e. (:issue:\u003ccode\u003e65\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalize GraalVM to match GraalPy Python interpreter in PythonSpec and PythonInfo. - by :user:\u003ccode\u003etimfel\u003c/code\u003e. (:issue:\u003ccode\u003e73\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003ev1.3.0 (2026-05-05)\u003c/p\u003e\n\u003chr /\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/python-discovery/commit/0d344843eae2e74c13eb739f2c043e177aa015b0\"\u003e\u003ccode\u003e0d34484\u003c/code\u003e\u003c/a\u003e release 1.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/python-discovery/commit/6840c417a47eea7c7ae0347838a63f89c1d24749\"\u003e\u003ccode\u003e6840c41\u003c/code\u003e\u003c/a\u003e 👷 ci(release): wire up towncrier-driven release pipeline (\u003ca href=\"https://redirect.github.com/tox-dev/python-discovery/issues/74\"\u003e#74\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/python-discovery/commit/68f7dc15f51a4bdec413080077816b9e895b23cd\"\u003e\u003ccode\u003e68f7dc1\u003c/code\u003e\u003c/a\u003e Canonicalize GraalPy implementation name. (\u003ca href=\"https://redirect.github.com/tox-dev/python-discovery/issues/73\"\u003e#73\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/python-discovery/commit/e7cff49eb8610590395e495f875e5d1e8771e24d\"\u003e\u003ccode\u003ee7cff49\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/tox-dev/python-discovery/issues/72\"\u003e#72\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/tox-dev/python-discovery/compare/1.3.0...1.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tomlkit` from 0.14.0 to 0.15.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-poetry/tomlkit/releases\"\u003etomlkit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.15.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(spec): update to toml spec v1.1 by \u003ca href=\"https://github.com/frostming\"\u003e\u003ccode\u003e@​frostming\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/456\"\u003epython-poetry/tomlkit#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/455\"\u003epython-poetry/tomlkit#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump virtualenv from 20.26.6 to 20.36.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/454\"\u003epython-poetry/tomlkit#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/458\"\u003epython-poetry/tomlkit#458\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump pygments from 2.18.0 to 2.20.0 in /docs by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/464\"\u003epython-poetry/tomlkit#464\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pygments from 2.17.2 to 2.20.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/463\"\u003epython-poetry/tomlkit#463\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump requests from 2.32.4 to 2.33.0 in /docs by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/462\"\u003epython-poetry/tomlkit#462\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/461\"\u003epython-poetry/tomlkit#461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eType annotations by \u003ca href=\"https://github.com/dimbleby\"\u003e\u003ccode\u003e@​dimbleby\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/460\"\u003epython-poetry/tomlkit#460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHonor sort_keys for parsed TOML documents by \u003ca href=\"https://github.com/ShipItAndPray\"\u003e\u003ccode\u003e@​ShipItAndPray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/471\"\u003epython-poetry/tomlkit#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/469\"\u003epython-poetry/tomlkit#469\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: fix a parser hang by \u003ca href=\"https://github.com/dimbleby\"\u003e\u003ccode\u003e@​dimbleby\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/470\"\u003epython-poetry/tomlkit#470\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/472\"\u003epython-poetry/tomlkit#472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 0.15.0 and update changelog for release by \u003ca href=\"https://github.com/frostming\"\u003e\u003ccode\u003e@​frostming\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/473\"\u003epython-poetry/tomlkit#473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dimbleby\"\u003e\u003ccode\u003e@​dimbleby\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/460\"\u003epython-poetry/tomlkit#460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ShipItAndPray\"\u003e\u003ccode\u003e@​ShipItAndPray\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/471\"\u003epython-poetry/tomlkit#471\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/python-poetry/tomlkit/compare/0.14.0...0.15.0\"\u003ehttps://github.com/python-poetry/tomlkit/compare/0.14.0...0.15.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-poetry/tomlkit/blob/master/CHANGELOG.md\"\u003etomlkit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[0.15.0] - 2026-05-10\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate parser to support TOML spec v1.1.0. (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/456\"\u003e#456\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/8694e4d3323df68eb325bf3d5ab7caa66f8c206a\"\u003e\u003ccode\u003e8694e4d\u003c/code\u003e\u003c/a\u003e chore: bump version to 0.15.0 and update changelog for release (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/473\"\u003e#473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/e636a5121260e811dba9fd1c33656021f6855490\"\u003e\u003ccode\u003ee636a51\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/472\"\u003e#472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/96a4d22fdd07e25742009a6bcd8a2d23e9b5574a\"\u003e\u003ccode\u003e96a4d22\u003c/code\u003e\u003c/a\u003e fix: fix a parser hang (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/470\"\u003e#470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/843f79992139ec56266f52161b27a3eadd1f6a35\"\u003e\u003ccode\u003e843f799\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/469\"\u003e#469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/2c87eafe7c852d19c1b91a1c9bed4d47bd03816f\"\u003e\u003ccode\u003e2c87eaf\u003c/code\u003e\u003c/a\u003e Honor sort_keys for parsed TOML documents (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/471\"\u003e#471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/8e32f9cb7fcfbc45e893c34e0e9a590a26675fd6\"\u003e\u003ccode\u003e8e32f9c\u003c/code\u003e\u003c/a\u003e Type annotations (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/460\"\u003e#460\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/df98af48778f865d270d2f53e816d3b0948c8927\"\u003e\u003ccode\u003edf98af4\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/461\"\u003e#461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/4bd97db2c8fda5cbffc01acc586e3328168bac36\"\u003e\u003ccode\u003e4bd97db\u003c/code\u003e\u003c/a\u003e chore(deps): bump requests from 2.32.4 to 2.33.0 in /docs (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/462\"\u003e#462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/b2d703032bf2e44e680b67f2897c3a7c67be55eb\"\u003e\u003ccode\u003eb2d7030\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump pygments from 2.17.2 to 2.20.0 (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/463\"\u003e#463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/87d98b1d0100c5bd39736eda4cd9cc3d8e24bf48\"\u003e\u003ccode\u003e87d98b1\u003c/code\u003e\u003c/a\u003e chore(deps): bump pygments from 2.18.0 to 2.20.0 in /docs (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/464\"\u003e#464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-poetry/tomlkit/compare/0.14.0...0.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uv` from 0.11.12 to 0.11.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.12...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `virtualenv` from 21.3.1 to 21.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/releases\"\u003evirtualenv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e21.3.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAccept GraalPy implementation name. by \u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/3144\"\u003epypa/virtualenv#3144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/21.3.2...21.3.3\"\u003ehttps://github.com/pypa/virtualenv/compare/21.3.2...21.3.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e21.3.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eadd 3.16 to embedded wheel versions by \u003ca href=\"https://github.com/asottile\"\u003e\u003ccode\u003e@​asottile\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/3140\"\u003epypa/virtualenv#3140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🐛 fix(upgrade): regen embedded init with correct MAX and 3.16 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/3143\"\u003epypa/virtualenv#3143\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/21.3.1...21.3.2\"\u003ehttps://github.com/pypa/virtualenv/compare/21.3.1...21.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst\"\u003evirtualenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eBugfixes - 21.3.3\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erecognize GraalPy interpreters using the normalized \u003ccode\u003eGraalPy\u003c/code\u003e name - by :user:\u003ccode\u003etimfel\u003c/code\u003e. (:issue:\u003ccode\u003e3144\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003ev21.3.2 (2026-05-12)\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003ev21.3.1 (2026-05-05)\u003c/p\u003e\n\u003chr /\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/e6dba2a503560c1561258770ade4d15529c4db3d\"\u003e\u003ccode\u003ee6dba2a\u003c/code\u003e\u003c/a\u003e release 21.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/e7517c0e56c159946374c2fed8fb874fd3bde94f\"\u003e\u003ccode\u003ee7517c0\u003c/code\u003e\u003c/a\u003e Accept GraalPy implementation name. (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/3144\"\u003e#3144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/8531d47ff3e78492d0c1eb7d1159750e91176b67\"\u003e\u003ccode\u003e8531d47\u003c/code\u003e\u003c/a\u003e release 21.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/afefada9505d4fe67805244c31c5761e4c6c2622\"\u003e\u003ccode\u003eafefada\u003c/code\u003e\u003c/a\u003e 🐛 fix(upgrade): regen embedded init with correct MAX and 3.16 (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/3143\"\u003e#3143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/7e270411ebf5739dfc63998a9084dc2bfd2d467b\"\u003e\u003ccode\u003e7e27041\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/3141\"\u003e#3141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/214934c9606ef792e42580109cbdff940a62f034\"\u003e\u003ccode\u003e214934c\u003c/code\u003e\u003c/a\u003e add 3.16 to embedded wheel versions (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/3140\"\u003e#3140\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pypa/virtualenv/compare/21.3.1...21.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/karthicraghupathi/django_rapyd_wiretap/pull/23","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/karthicraghupathi%2Fdjango_rapyd_wiretap/issues/23","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/23/packages"},{"uuid":"4506210428","node_id":"PR_kwDOSlXIYc7ehmKs","number":12,"state":"closed","title":"deps(deps-dev): update uv requirement from \u003e=0.10.7 to \u003e=0.11.16","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-24T01:58:50.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T00:14:04.000Z","updated_at":"2026-05-24T01:58:59.000Z","time_to_close":92686,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps-dev): update","packages":[{"name":"uv","old_version":"\u003e=0.10.7","new_version":"\u003e=0.11.16","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.10.7...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/provide-io/provide-uterm/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/provide-io%2Fprovide-uterm/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"},{"uuid":"4503960018","node_id":"PR_kwDOKKY6o87eaV-E","number":151,"state":"closed","title":"Update uv requirement from \u003c1,\u003e=0.11.15 to \u003e=0.11.16,\u003c1 in /python in the dev-dependencies group","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-23T07:56:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-22T15:58:37.000Z","updated_at":"2026-05-23T07:56:54.000Z","time_to_close":57495,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"uv","old_version":"\u003c1,\u003e=0.11.15","new_version":"\u003e=0.11.16,\u003c1","repository_url":"https://github.com/astral-sh/uv"}],"path":"/python in the dev-dependencies group","ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\nUpdates `uv` to 0.11.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.15...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/KudoAI/ai-personas/pull/151","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/KudoAI%2Fai-personas/issues/151","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/151/packages"},{"uuid":"4502841079","node_id":"PR_kwDOJnW9387eWsmS","number":133,"state":"closed","title":"Update uv requirement from \u003c1,\u003e=0.11.15 to \u003e=0.11.16,\u003c1 in /translate-messages","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-23T07:57:02.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-22T13:08:18.000Z","updated_at":"2026-05-23T07:57:03.000Z","time_to_close":67724,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"uv","old_version":"\u003c1,\u003e=0.11.15","new_version":"\u003e=0.11.16,\u003c1","repository_url":"https://github.com/astral-sh/uv"}],"path":"/translate-messages","ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.15...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/adamlui/python-utils/pull/133","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/adamlui%2Fpython-utils/issues/133","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/133/packages"},{"uuid":"4502840299","node_id":"PR_kwDOJnW9387eWsb9","number":132,"state":"closed","title":"Update uv requirement from \u003c1,\u003e=0.11.15 to \u003e=0.11.16,\u003c1 in /sys-lang","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-23T07:57:04.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-22T13:08:10.000Z","updated_at":"2026-05-23T07:57:05.000Z","time_to_close":67734,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"uv","old_version":"\u003c1,\u003e=0.11.15","new_version":"\u003e=0.11.16,\u003c1","repository_url":"https://github.com/astral-sh/uv"}],"path":"/sys-lang","ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.15...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/adamlui/python-utils/pull/132","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/adamlui%2Fpython-utils/issues/132","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/132/packages"}],"issue_packages":[{"old_version":"0.11.8","new_version":"0.11.16","update_type":"patch","path":null,"pr_created_at":"2026-05-30T02:16:01.000Z","version_change":"0.11.8 → 0.11.16","issue":{"uuid":"4552871182","node_id":"PR_kwDOCWWwRs7g3pFn","number":1060,"state":"open","title":"chore(deps-dev): Update uv requirement from 0.11.8 to 0.11.16","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T02:16:01.000Z","updated_at":"2026-05-30T02:16:43.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev): Update","packages":[{"name":"uv","old_version":"0.11.8","new_version":"0.11.16","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.8...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/CycloneDX/cyclonedx-python/pull/1060","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/CycloneDX%2Fcyclonedx-python/issues/1060","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1060/packages"}},{"old_version":"0.9.26","new_version":"0.11.15","update_type":"minor","path":null,"pr_created_at":"2026-05-29T21:41:47.000Z","version_change":"0.9.26 → 0.11.15","issue":{"uuid":"4551798960","node_id":"PR_kwDOCBd2_s7g0LTR","number":627,"state":"open","title":"Bump uv from 0.9.26 to 0.11.15","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:41:47.000Z","updated_at":"2026-05-29T21:45:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"uv","old_version":"0.9.26","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.9.26 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.9.26...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.9.26\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/project-koku/nise/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/project-koku/nise/pull/627","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/project-koku%2Fnise/issues/627","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/627/packages"}},{"old_version":"0.11.14","new_version":"0.11.15","update_type":"patch","path":"the uv group across 1 directory","pr_created_at":"2026-05-29T21:40:45.000Z","version_change":"0.11.14 → 0.11.15","issue":{"uuid":"4551793217","node_id":"PR_kwDOSGgXgc7g0KFO","number":229,"state":"open","title":"chore(deps): bump uv from 0.11.14 to 0.11.15 in the uv group across 1 directory","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:40:45.000Z","updated_at":"2026-05-29T21:40:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"uv","old_version":"0.11.14","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":"the uv group across 1 directory","ecosystem":"pip"},"body":"Bumps the uv group with 1 update in the / directory: [uv](https://github.com/astral-sh/uv).\n\nUpdates `uv` from 0.11.14 to 0.11.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.14...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.14\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/paudley/coding-ethos/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/paudley/coding-ethos/pull/229","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/paudley%2Fcoding-ethos/issues/229","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/229/packages"}},{"old_version":"0.11.11","new_version":"0.11.15","update_type":"patch","path":"/.hermetic_builds","pr_created_at":"2026-05-29T21:40:14.000Z","version_change":"0.11.11 → 0.11.15","issue":{"uuid":"4551790396","node_id":"PR_kwDOB6MPY87g0Jfx","number":4397,"state":"open","title":"build(deps): bump uv from 0.11.11 to 0.11.15 in /.hermetic_builds","user":"dependabot[bot]","labels":["dependencies","python","ci-failing"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:40:14.000Z","updated_at":"2026-05-30T05:38:45.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"uv","old_version":"0.11.11","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":"/.hermetic_builds","ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nBumps [uv](https://github.com/astral-sh/uv) from 0.11.11 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.11...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/RedHatInsights/insights-host-inventory/pull/4397","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/RedHatInsights%2Finsights-host-inventory/issues/4397","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4397/packages"}},{"old_version":"0.11.6","new_version":"0.11.15","update_type":"patch","path":"/python","pr_created_at":"2026-05-29T21:33:56.000Z","version_change":"0.11.6 → 0.11.15","issue":{"uuid":"4551756415","node_id":"PR_kwDORETDts7g0CR1","number":114,"state":"open","title":"chore(deps): bump uv from 0.11.6 to 0.11.15 in /python","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:33:56.000Z","updated_at":"2026-05-29T21:34:17.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"uv","old_version":"0.11.6","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":"/python","ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.6 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.6...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.6\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/tallclub/matimo/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/tallclub/matimo/pull/114","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tallclub%2Fmatimo/issues/114","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/114/packages"}},{"old_version":"0.11.10","new_version":"0.11.15","update_type":"patch","path":null,"pr_created_at":"2026-05-29T21:31:34.000Z","version_change":"0.11.10 → 0.11.15","issue":{"uuid":"4551744561","node_id":"PR_kwDOOMEdyc7gz_1c","number":662,"state":"closed","title":"chore(deps-dev): bump uv from 0.11.10 to 0.11.15","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-30T00:39:05.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-29T21:31:34.000Z","updated_at":"2026-05-30T00:39:07.000Z","time_to_close":11251,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev)","packages":[{"name":"uv","old_version":"0.11.10","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.10 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.10...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.10\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aignostics/python-sdk/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/aignostics/python-sdk/pull/662","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/aignostics%2Fpython-sdk/issues/662","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/662/packages"}},{"old_version":"0.11.6","new_version":"0.11.15","update_type":"patch","path":null,"pr_created_at":"2026-05-29T21:31:31.000Z","version_change":"0.11.6 → 0.11.15","issue":{"uuid":"4551744215","node_id":"PR_kwDORaWtds7gz_wh","number":90,"state":"open","title":"Bump uv from 0.11.6 to 0.11.15","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:31:31.000Z","updated_at":"2026-05-29T23:49:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"uv","old_version":"0.11.6","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.6 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.6...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.6\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/NotLeonian/aalpy-compro-examples/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/NotLeonian/aalpy-compro-examples/pull/90","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/NotLeonian%2Faalpy-compro-examples/issues/90","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/90/packages"}},{"old_version":"0.11.13","new_version":"0.11.15","update_type":"patch","path":null,"pr_created_at":"2026-05-29T21:31:16.000Z","version_change":"0.11.13 → 0.11.15","issue":{"uuid":"4551743162","node_id":"PR_kwDOCab4t87gz_jG","number":124,"state":"open","title":"chore(deps): bump uv from 0.11.13 to 0.11.15","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:31:16.000Z","updated_at":"2026-05-29T21:32:11.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"uv","old_version":"0.11.13","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.13 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.13...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.13\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SciQLop/SciQLop/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/SciQLop/SciQLop/pull/124","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/SciQLop%2FSciQLop/issues/124","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/124/packages"}},{"old_version":"0.11.11","new_version":"0.11.15","update_type":"patch","path":"the uv group across 1 directory","pr_created_at":"2026-05-29T21:31:04.000Z","version_change":"0.11.11 → 0.11.15","issue":{"uuid":"4551742098","node_id":"PR_kwDORVSXHM7gz_Vl","number":3807,"state":"open","title":"chore(deps): bump uv from 0.11.11 to 0.11.15 in the uv group across 1 directory","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:31:04.000Z","updated_at":"2026-05-29T21:35:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"uv","old_version":"0.11.11","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":"the uv group across 1 directory","ecosystem":"pip"},"body":"Bumps the uv group with 1 update in the / directory: [uv](https://github.com/astral-sh/uv).\n\nUpdates `uv` from 0.11.11 to 0.11.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.11...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.11\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/daggerstuff/pixelated/network/alerts).\n\n\u003c/details\u003e\n\u003c!-- Rovo Dev code review status --\u003e\n---\nRovo Dev code review: \u003cstrong\u003eRovo Dev couldn't review this pull request\u003c/strong\u003e\nRovo Dev does not review pull requests created by bot accounts.\n\u003c!-- /Rovo Dev code review status --\u003e\n\n\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpdate `uv` to 0.11.15 to pick up security fixes and stricter package validation, and bump `idna` to 3.17 in bias-detection requirements. This hardens our Python tooling and refreshes the lockfile.\n\n- **Dependencies**\n  - `uv`: 0.11.11 → 0.11.15 (includes TAR parser and script entry security fixes, stricter wheel validation, minor perf improvements)\n  - `idna`: 3.15 → 3.17 in `src/lib/ai/bias-detection/requirements.txt` and `src/lib/ai/bias-detection/python-service/requirements.txt`\n\n\u003csup\u003eWritten for commit 180addf2eaa1f845fa9122c0bc9e052cb5589b42. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/daggerstuff/pixelated/pull/3807?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/daggerstuff/pixelated/pull/3807","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/daggerstuff%2Fpixelated/issues/3807","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3807/packages"}},{"old_version":"0.11.13","new_version":"0.11.15","update_type":"patch","path":null,"pr_created_at":"2026-05-29T21:29:17.000Z","version_change":"0.11.13 → 0.11.15","issue":{"uuid":"4551733212","node_id":"PR_kwDOAqimgM7gz9nz","number":154,"state":"open","title":"Bump uv from 0.11.13 to 0.11.15","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T21:29:17.000Z","updated_at":"2026-05-29T21:30:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"uv","old_version":"0.11.13","new_version":"0.11.15","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.13 to 0.11.15.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.15\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRespect \u003ccode\u003erequired-environments\u003c/code\u003e in \u003ccode\u003euv pip compile\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19378\"\u003e#19378\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid parsing JSON manifest when local Python is available (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19398\"\u003e#19398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid walking nested directories in linker conflict registration (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19382\"\u003e#19382\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eOptimize async wheel ZIP writing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19383\"\u003e#19383\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix dead \u0026quot;already trimmed\u0026quot; fast-path in \u003ccode\u003eVersion::only_release_trimmed\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19425\"\u003e#19425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eApply workspace-member \u003ccode\u003e[tool.uv.sources]\u003c/code\u003e credentials under \u003ccode\u003euv sync --frozen\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19423\"\u003e#19423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty directories in uv build outputs (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19437\"\u003e#19437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Git submodule handling when using relative paths (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/12156\"\u003e#12156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line number reporting in netrc parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19452\"\u003e#19452\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove Bazel auth helper setup into integration guide (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19392\"\u003e#19392\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3cffe97c2e48c9e49422c738da3af95919dd0bf5\"\u003e\u003ccode\u003e3cffe97\u003c/code\u003e\u003c/a\u003e Fix crates.io publish script lockfile (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19473\"\u003e#19473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/de16a7b1a30c54e3137db0d414ff250a1c0ae427\"\u003e\u003ccode\u003ede16a7b\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.15 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19472\"\u003e#19472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/cf826cc4e0feeafb23e4e52b85929848ab2d16a7\"\u003e\u003ccode\u003ecf826cc\u003c/code\u003e\u003c/a\u003e Disable \u003ccode\u003etest_simultaneous_create_set_then_move\u003c/code\u003e on Linux (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19469\"\u003e#19469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/2d566bced5152ba9da3aedbc02f1dd087bfeb8e9\"\u003e\u003ccode\u003e2d566bc\u003c/code\u003e\u003c/a\u003e Allow retry of \u003ccode\u003ecustom-publish-crates\u003c/code\u003e separately from \u003ccode\u003eannounce\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19470\"\u003e#19470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/0588b8fb3505235ed97fc511a874a3ce0cbd9b72\"\u003e\u003ccode\u003e0588b8f\u003c/code\u003e\u003c/a\u003e Run release builds on maturin version bumps in CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19466\"\u003e#19466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9a65753e9a8d0e99e7079114d78001311444c718\"\u003e\u003ccode\u003e9a65753\u003c/code\u003e\u003c/a\u003e Enforce that entry points cannot escape in the scripts directory (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/d77d849816de6278f61d3f385b70b2735ca2f0fd\"\u003e\u003ccode\u003ed77d849\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Update maturin to v1.13.2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19445\"\u003e#19445\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19465\"\u003e#19465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/5373e96b15609291995a630704ef08cea31b4b08\"\u003e\u003ccode\u003e5373e96\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls to v0.23.40 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19250\"\u003e#19250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/fb8d3d46ac08ab5fc88f7a96c89f55860f343012\"\u003e\u003ccode\u003efb8d3d4\u003c/code\u003e\u003c/a\u003e Update Rust crate rustls-pki-types to v1.14.1 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19251\"\u003e#19251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/078480dc40fdc6d2e56145730dacfb2744da5940\"\u003e\u003ccode\u003e078480d\u003c/code\u003e\u003c/a\u003e Configure maturin and uv so \u003ccode\u003euv run\u003c/code\u003e can be used to work on uv itself (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19461\"\u003e#19461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.13...0.11.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.13\u0026new-version=0.11.15)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/peeringdb/django-peeringdb/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/peeringdb/django-peeringdb/pull/154","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/peeringdb%2Fdjango-peeringdb/issues/154","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/154/packages"}},{"old_version":"\u003e=0.1.0","new_version":"\u003e=0.11.16","update_type":"minor","path":null,"pr_created_at":"2026-05-26T01:27:49.000Z","version_change":"\u003e=0.1.0 → \u003e=0.11.16","issue":{"uuid":"4520575515","node_id":"PR_kwDOOLH-PM7fOT7_","number":66,"state":"open","title":"deps(deps-dev): update uv requirement from \u003e=0.1.0 to \u003e=0.11.16","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T01:27:49.000Z","updated_at":"2026-05-26T01:27:50.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps-dev): update","packages":[{"name":"uv","old_version":"\u003e=0.1.0","new_version":"\u003e=0.11.16","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.1.0...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/loonghao/dcc-mcp/pull/66","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/loonghao%2Fdcc-mcp/issues/66","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/66/packages"}},{"old_version":"\u003c1.0,\u003e=0.11.6","new_version":"\u003e=0.11.16,\u003c1.0","update_type":"minor","path":null,"pr_created_at":"2026-05-25T17:28:07.000Z","version_change":"\u003c1.0,\u003e=0.11.6 → \u003e=0.11.16,\u003c1.0","issue":{"uuid":"4518554431","node_id":"PR_kwDOG7OTWc7fHwy5","number":250,"state":"closed","title":"Update uv requirement from \u003c1.0,\u003e=0.11.6 to \u003e=0.11.16,\u003c1.0","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-26T00:24:28.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-25T17:28:07.000Z","updated_at":"2026-05-26T00:24:36.000Z","time_to_close":24981,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"uv","old_version":"\u003c1.0,\u003e=0.11.6","new_version":"\u003e=0.11.16,\u003c1.0","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.6...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/yu-iskw/dbt-artifacts-parser/pull/250","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/yu-iskw%2Fdbt-artifacts-parser/issues/250","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/250/packages"}},{"old_version":"0.11.15","new_version":"0.11.16","update_type":"patch","path":"/.devcontainer","pr_created_at":"2026-05-25T05:28:06.000Z","version_change":"0.11.15 → 0.11.16","issue":{"uuid":"4514498126","node_id":"PR_kwDOSXm1Es7e6pCd","number":17,"state":"open","title":"build(deps): bump uv from 0.11.15 to 0.11.16 in /.devcontainer","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T05:28:06.000Z","updated_at":"2026-05-25T05:29:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"uv","old_version":"0.11.15","new_version":"0.11.16","repository_url":"https://github.com/astral-sh/uv"}],"path":"/.devcontainer","ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.15 to 0.11.16.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.15...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=pip\u0026previous-version=0.11.15\u0026new-version=0.11.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/ale-saglia/cup-check/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ale-saglia%2Fcup-check/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"}},{"old_version":"0.11.15","new_version":"0.11.16","update_type":"patch","path":null,"pr_created_at":"2026-05-24T18:25:58.000Z","version_change":"0.11.15 → 0.11.16","issue":{"uuid":"4512532378","node_id":"PR_kwDOSXLGM87e0lKU","number":11,"state":"closed","title":"chore(deps): bump the uv-dependencies group across 1 directory with 6 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-31T04:32:17.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-24T18:25:58.000Z","updated_at":"2026-05-31T04:32:19.000Z","time_to_close":554779,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"uv-dependencies","update_count":6,"packages":[{"name":"click","old_version":"8.4.0","new_version":"8.4.1","repository_url":"https://github.com/pallets/click"},{"name":"cachetools","old_version":"7.1.3","new_version":"7.1.4","repository_url":"https://github.com/tkem/cachetools"},{"name":"fastapi","old_version":"0.136.1","new_version":"0.136.3","repository_url":"https://github.com/fastapi/fastapi"},{"name":"uvicorn","old_version":"0.47.0","new_version":"0.48.0","repository_url":"https://github.com/Kludex/uvicorn"},{"name":"uv","old_version":"0.11.15","new_version":"0.11.16","repository_url":"https://github.com/astral-sh/uv"},{"name":"pytest-codspeed","old_version":"5.0.2","new_version":"5.0.3","repository_url":"https://github.com/CodSpeedHQ/pytest-codspeed"}],"path":null,"ecosystem":"pip"},"body":"Bumps the uv-dependencies group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [click](https://github.com/pallets/click) | `8.4.0` | `8.4.1` |\n| [cachetools](https://github.com/tkem/cachetools) | `7.1.3` | `7.1.4` |\n| [fastapi](https://github.com/fastapi/fastapi) | `0.136.1` | `0.136.3` |\n| [uvicorn](https://github.com/Kludex/uvicorn) | `0.47.0` | `0.48.0` |\n| [uv](https://github.com/astral-sh/uv) | `0.11.15` | `0.11.16` |\n| [pytest-codspeed](https://github.com/CodSpeedHQ/pytest-codspeed) | `5.0.2` | `5.0.3` |\n\n\nUpdates `click` from 8.4.0 to 8.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/releases\"\u003eclick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.4.1\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.4.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.4.1/\"\u003ehttps://pypi.org/project/click/8.4.1/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-4-1\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-4-1\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/32?closed=1\"\u003ehttps://github.com/pallets/click/milestone/32?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eget_parameter_source()\u003c/code\u003e is available during eager callbacks and type conversion again. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3458\"\u003e#3458\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eZsh completion scripts parse correctly on Windows. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3277\"\u003e#3277\u003c/a\u003e # 3466\u003c/li\u003e\n\u003cli\u003eShell completion of \u003ccode\u003eChoice\u003c/code\u003e \u003ccode\u003eEnum\u003c/code\u003e values produces a valid completion result. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3015\"\u003e#3015\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix empty byte-string handling in echo. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix closed file error with \u003ccode\u003eecho_via_pager\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3449\"\u003e#3449\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/blob/main/CHANGES.rst\"\u003eclick's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 8.4.1\u003c/h2\u003e\n\u003cp\u003eReleased 2026-05-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eget_parameter_source()\u003c/code\u003e is available during eager callbacks and type\nconversion again. :issue:\u003ccode\u003e3458\u003c/code\u003e :issue:\u003ccode\u003e3484\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eZsh completion scripts parse correctly on Windows. :issue:\u003ccode\u003e3277\u003c/code\u003e :pr:\u003ccode\u003e3466\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eShell completion of \u003ccode\u003eChoice\u003c/code\u003e \u003ccode\u003eEnum\u003c/code\u003e values produces a valid completion\nresult. :issue:\u003ccode\u003e3015\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix empty byte-string handling in echo. :issue:\u003ccode\u003e3487\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix closed file error with \u003ccode\u003eecho_via_pager\u003c/code\u003e. :issue:\u003ccode\u003e3449\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/6eeb50e948ea136db145280f6f5dd52eca3fa7e5\"\u003e\u003ccode\u003e6eeb50e\u003c/code\u003e\u003c/a\u003e release version 8.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/67921d5b71584112eebcbf89596b5f0e6d14c49f\"\u003e\u003ccode\u003e67921d5\u003c/code\u003e\u003c/a\u003e change log and doc fixes (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3495\"\u003e#3495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/9c41f46a4015700489ad009266edf1f3893d01d1\"\u003e\u003ccode\u003e9c41f46\u003c/code\u003e\u003c/a\u003e Fix changelog and version admonitions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/6cb34774f20598aa288332f8da02c5aee85448a6\"\u003e\u003ccode\u003e6cb3477\u003c/code\u003e\u003c/a\u003e fix skip condition\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/5ee8e3123d8ddece6c47eff9a7a7d4ca478c4f37\"\u003e\u003ccode\u003e5ee8e31\u003c/code\u003e\u003c/a\u003e fix I/O operation on closed file error with CliRunner and echo_via_pager (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3482\"\u003e#3482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/becbde5cf416441627f779e8dd34e57738ee1c1f\"\u003e\u003ccode\u003ebecbde5\u003c/code\u003e\u003c/a\u003e pager doesn't close std streams\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/a5f5aa6d4012d256ccca24638f2642fc371e9f77\"\u003e\u003ccode\u003ea5f5aa6\u003c/code\u003e\u003c/a\u003e Handle empty bytes in echo (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3493\"\u003e#3493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/4d3db84b251518e97299a38a5ca4bab3d01873a2\"\u003e\u003ccode\u003e4d3db84\u003c/code\u003e\u003c/a\u003e handle empty bytes in echo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/d42f15b71757de791a5781fb179fd972da9169f5\"\u003e\u003ccode\u003ed42f15b\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eget_parameter_source()\u003c/code\u003e during type conversion and eager callbacks (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3484\"\u003e#3484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/0baa8db07736fc7ad3d3eed97d4c73b0059c63e1\"\u003e\u003ccode\u003e0baa8db\u003c/code\u003e\u003c/a\u003e Document ctx.params bypass with test and doc\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/click/compare/8.4.0...8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cachetools` from 7.1.3 to 7.1.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst\"\u003ecachetools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev7.1.4 (2026-05-22)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMinor unit test improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate build environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/48284d73d0a8834c9c50f8d41bb99e6f93b2dfed\"\u003e\u003ccode\u003e48284d7\u003c/code\u003e\u003c/a\u003e Release v7.1.4.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/55ea96b88a485fca9effae0f838186274f00897c\"\u003e\u003ccode\u003e55ea96b\u003c/code\u003e\u003c/a\u003e Update build environment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/c5439fe5dc883220b59469e450dbcbf9f4c2e52d\"\u003e\u003ccode\u003ec5439fe\u003c/code\u003e\u003c/a\u003e Add threading tests for lock-only decorators.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/91828fccd629d426157a165d38563614ba06a875\"\u003e\u003ccode\u003e91828fc\u003c/code\u003e\u003c/a\u003e Run threading tests unconditionally with timeout.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/tkem/cachetools/compare/v7.1.3...v7.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fastapi` from 0.136.1 to 0.136.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fastapi/fastapi/releases\"\u003efastapi's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.136.3\u003c/h2\u003e\n\u003ch3\u003eRefactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e♻️ Do not accept underscore headers when using \u003ccode\u003econvert_underscores=True\u003c/code\u003e (the default). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15589\"\u003e#15589\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.136.2\u003c/h2\u003e\n\u003ch3\u003eRefactors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e♻️ Validate Server Sent Event fields to avoid applications from sending broken data. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15588\"\u003e#15588\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e📝 Document \u003ccode\u003e--entrypoint\u003c/code\u003e CLI option. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15464\"\u003e#15464\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Update and simplify docs about help and management. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15583\"\u003e#15583\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Add docs references to central contributing docs. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15580\"\u003e#15580\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Update security policy. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15577\"\u003e#15577\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🍱 Update sponsors: TalorData image. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15562\"\u003e#15562\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Update docs, simplify usage of admonitions, only default ones. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15553\"\u003e#15553\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Fix image URLs in \u003ccode\u003eindex.md\u003c/code\u003e. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15534\"\u003e#15534\u003c/a\u003e by \u003ca href=\"https://github.com/YuriiMotov\"\u003e\u003ccode\u003e@​YuriiMotov\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e✏️ Fix Azkaban spelling typo in \u003ccode\u003evirtual-environments.md‎\u003c/code\u003e. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15463\"\u003e#15463\u003c/a\u003e by \u003ca href=\"https://github.com/isaacbernat\"\u003e\u003ccode\u003e@​isaacbernat\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e💄 Improve layout and styling. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15462\"\u003e#15462\u003c/a\u003e by \u003ca href=\"https://github.com/alejsdev\"\u003e\u003ccode\u003e@​alejsdev\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e💄 Refactor opinions section with interactive tabs and new logos. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15458\"\u003e#15458\u003c/a\u003e by \u003ca href=\"https://github.com/alejsdev\"\u003e\u003ccode\u003e@​alejsdev\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e📝 Add FastAPI Conf '26 announcement to docs. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15457\"\u003e#15457\u003c/a\u003e by \u003ca href=\"https://github.com/alejsdev\"\u003e\u003ccode\u003e@​alejsdev\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTranslations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e🌐 Improve translation consistency in \u003ccode\u003e‎docs/pt/docs/advanced/generate-clients.md‎\u003c/code\u003e. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15456\"\u003e#15456\u003c/a\u003e by \u003ca href=\"https://github.com/Will-thom\"\u003e\u003ccode\u003e@​Will-thom\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for ja (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15530\"\u003e#15530\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for uk (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15529\"\u003e#15529\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for pt (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15528\"\u003e#15528\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for de (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15527\"\u003e#15527\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for tr (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15526\"\u003e#15526\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for ko (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15525\"\u003e#15525\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for zh-hant (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15524\"\u003e#15524\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for fr (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15522\"\u003e#15522\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for es (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15523\"\u003e#15523\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for zh (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15520\"\u003e#15520\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Update translations for ru (update-outdated). PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15521\"\u003e#15521\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🌐 Fix typos in Spanish LLM-prompt. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15472\"\u003e#15472\u003c/a\u003e by \u003ca href=\"https://github.com/crr004\"\u003e\u003ccode\u003e@​crr004\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eInternal\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e✅ Update tests, don't double dispose the engine. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15587\"\u003e#15587\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⚡️ Speed up test suite via caching and fixture scopes to make it ~24% faster. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/13583\"\u003e#13583\u003c/a\u003e by \u003ca href=\"https://github.com/dikos1337\"\u003e\u003ccode\u003e@​dikos1337\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔥 Remove config files now in central GitHub repo. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15585\"\u003e#15585\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump urllib3 from 2.6.3 to 2.7.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15502\"\u003e#15502\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump idna from 3.11 to 3.15. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15565\"\u003e#15565\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e⬆ Bump cloudflare/wrangler-action from 3.15.0 to 4.0.0. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15571\"\u003e#15571\u003c/a\u003e by \u003ca href=\"https://github.com/apps/dependabot\"\u003e\u003ccode\u003e@​dependabot[bot]\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔧 Migrate docs from MkDocs to Zensical. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15563\"\u003e#15563\u003c/a\u003e by \u003ca href=\"https://github.com/tiangolo\"\u003e\u003ccode\u003e@​tiangolo\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e🔒️ Only allow team members to modify dependencies. PR \u003ca href=\"https://redirect.github.com/fastapi/fastapi/pull/15548\"\u003e#15548\u003c/a\u003e by \u003ca href=\"https://github.com/svlandeg\"\u003e\u003ccode\u003e@​svlandeg\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/82064857539e6286522c347b4b11331b48dd2378\"\u003e\u003ccode\u003e8206485\u003c/code\u003e\u003c/a\u003e 🔖 Release version 0.136.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/c910e0139f983d0e04e2d1d235cd71803afeae34\"\u003e\u003ccode\u003ec910e01\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/063b5bf582d31fb155cc6bc6f88cf512329d0fd5\"\u003e\u003ccode\u003e063b5bf\u003c/code\u003e\u003c/a\u003e ♻️ Do not accept underscore headers when using \u003ccode\u003econvert_underscores=True\u003c/code\u003e (th...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/22b02e26f9e8c7e32bd8266e2b0ebe8bb3a0db2b\"\u003e\u003ccode\u003e22b02e2\u003c/code\u003e\u003c/a\u003e 🔖 Release version 0.136.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/3b252a2a22ba27a8ab83d6bde7d9cddbc5bf738e\"\u003e\u003ccode\u003e3b252a2\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/c7fb7851b3389f24c51701d705458989be53ccbb\"\u003e\u003ccode\u003ec7fb785\u003c/code\u003e\u003c/a\u003e ♻️ Validate Server Sent Event fields to avoid applications from sending broke...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/cb83b83dcf78eab4ea17d504db5abcda705fbdc4\"\u003e\u003ccode\u003ecb83b83\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/00f805cec94c0bf48c1f9a563535a3ab2e6f90ab\"\u003e\u003ccode\u003e00f805c\u003c/code\u003e\u003c/a\u003e ✅ Update tests, don't double dispose the engine (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15587\"\u003e#15587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/3675137523dc167981aa3a3c44599b4f3079ccd8\"\u003e\u003ccode\u003e3675137\u003c/code\u003e\u003c/a\u003e 📝 Update release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fastapi/fastapi/commit/7b57e42986bb4d40c9eb6580537d13fb8e76097e\"\u003e\u003ccode\u003e7b57e42\u003c/code\u003e\u003c/a\u003e 📝 Document \u003ccode\u003e--entrypoint\u003c/code\u003e CLI option (\u003ca href=\"https://redirect.github.com/fastapi/fastapi/issues/15464\"\u003e#15464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fastapi/fastapi/compare/0.136.1...0.136.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uvicorn` from 0.47.0 to 0.48.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Kludex/uvicorn/releases\"\u003euvicorn's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 0.48.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault \u003ccode\u003essl_ciphers\u003c/code\u003e to \u003ccode\u003eNone\u003c/code\u003e and use OpenSSL defaults by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Kludex/uvicorn/pull/2940\"\u003eKludex/uvicorn#2940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore duplicate forwarding headers in \u003ccode\u003eProxyHeadersMiddleware\u003c/code\u003e by \u003ca href=\"https://github.com/Kludex\"\u003e\u003ccode\u003e@​Kludex\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Kludex/uvicorn/pull/2944\"\u003eKludex/uvicorn#2944\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Kludex/uvicorn/compare/0.47.0...0.48.0\"\u003ehttps://github.com/Kludex/uvicorn/compare/0.47.0...0.48.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md\"\u003euvicorn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.48.0 (May 24, 2026)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefault \u003ccode\u003essl_ciphers\u003c/code\u003e to \u003ccode\u003eNone\u003c/code\u003e and use OpenSSL defaults (\u003ca href=\"https://redirect.github.com/Kludex/uvicorn/issues/2940\"\u003e#2940\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIgnore duplicate forwarding headers in \u003ccode\u003eProxyHeadersMiddleware\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/Kludex/uvicorn/issues/2944\"\u003e#2944\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/uvicorn/commit/73e84e58d7f6b8b3dfd8a9e3e42d716862250f33\"\u003e\u003ccode\u003e73e84e5\u003c/code\u003e\u003c/a\u003e Version 0.48.0 (\u003ca href=\"https://redirect.github.com/Kludex/uvicorn/issues/2951\"\u003e#2951\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/uvicorn/commit/45ea11690b4a62fa6df339d2b6ee3b8545a418e0\"\u003e\u003ccode\u003e45ea116\u003c/code\u003e\u003c/a\u003e Ignore duplicate forwarding headers in \u003ccode\u003eProxyHeadersMiddleware\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/Kludex/uvicorn/issues/2944\"\u003e#2944\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/uvicorn/commit/dd4394c3cbfd9f27a696a7b08047149690058158\"\u003e\u003ccode\u003edd4394c\u003c/code\u003e\u003c/a\u003e chore(deps): bump idna from 3.11 to 3.15 (\u003ca href=\"https://redirect.github.com/Kludex/uvicorn/issues/2941\"\u003e#2941\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Kludex/uvicorn/commit/abe07818a191cd036dc3824d802d052207e01c7e\"\u003e\u003ccode\u003eabe0781\u003c/code\u003e\u003c/a\u003e Default \u003ccode\u003essl_ciphers\u003c/code\u003e to \u003ccode\u003eNone\u003c/code\u003e and use OpenSSL defaults (\u003ca href=\"https://redirect.github.com/Kludex/uvicorn/issues/2940\"\u003e#2940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/Kludex/uvicorn/compare/0.47.0...0.48.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uv` from 0.11.15 to 0.11.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.15...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pytest-codspeed` from 5.0.2 to 5.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/CodSpeedHQ/pytest-codspeed/releases\"\u003epytest-codspeed's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: move callgrind skip obj API to instrument-hooks by \u003ca href=\"https://github.com/not-matthias\"\u003e\u003ccode\u003e@​not-matthias\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/123\"\u003eCodSpeedHQ/pytest-codspeed#123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/CodSpeedHQ/pytest-codspeed/compare/v5.0.2...v5.0.3\"\u003ehttps://github.com/CodSpeedHQ/pytest-codspeed/compare/v5.0.2...v5.0.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/CodSpeedHQ/pytest-codspeed/blob/master/CHANGELOG.md\"\u003epytest-codspeed's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[5.0.3] - 2026-05-22\u003c/h2\u003e\n\u003ch3\u003e\u003c!-- raw HTML omitted --\u003e🏗️ Refactor\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse instrument_hooks_callgrind_add_obj_skip from C API by \u003ca href=\"https://github.com/not-matthias\"\u003e\u003ccode\u003e@​not-matthias\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/CodSpeedHQ/pytest-codspeed/pull/123\"\u003e#123\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/CodSpeedHQ/pytest-codspeed/commit/b2d12d8e96704c82b449d8668818a754ede45c66\"\u003e\u003ccode\u003eb2d12d8\u003c/code\u003e\u003c/a\u003e Release v5.0.3 🚀\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/CodSpeedHQ/pytest-codspeed/commit/31447b7b6fba4ff9a5bdf5c0d046b7d8936cab5c\"\u003e\u003ccode\u003e31447b7\u003c/code\u003e\u003c/a\u003e refactor: use instrument_hooks_callgrind_add_obj_skip from C API\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/CodSpeedHQ/pytest-codspeed/compare/v5.0.2...v5.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/Beaconchain-us/prefect/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Beaconchain-us%2Fprefect/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"}},{"old_version":"0.11.12","new_version":"0.11.14","update_type":"patch","path":null,"pr_created_at":"2026-05-24T02:19:18.000Z","version_change":"0.11.12 → 0.11.14","issue":{"uuid":"4510233473","node_id":"PR_kwDOSGgXgc7et0Uq","number":175,"state":"open","title":"chore(deps): bump uv from 0.11.12 to 0.11.14","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-24T02:19:18.000Z","updated_at":"2026-05-24T02:19:19.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"uv","old_version":"0.11.12","new_version":"0.11.14","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Bumps [uv](https://github.com/astral-sh/uv) from 0.11.12 to 0.11.14.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore \u003ccode\u003etop_level.txt\u003c/code\u003e entries in uninstall that are not valid Python identifiers (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19340\"\u003e#19340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid applying \u003ccode\u003e.env\u003c/code\u003e files in parent process (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19343\"\u003e#19343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFilter ANSI codes in logging output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19311\"\u003e#19311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003euv tree\u003c/code\u003e showing extra-conditional deps for packages required without extras (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19332\"\u003e#19332\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRespect build options (e.g., \u003ccode\u003e--no-build\u003c/code\u003e) during lock validation (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19366\"\u003e#19366\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.14\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.14\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-x86_64-apple-darwin.tar.gz\"\u003euv-x86_64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eIntel macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-x86_64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-pc-windows-msvc.zip\"\u003euv-aarch64-pc-windows-msvc.zip\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eARM64 Windows\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-pc-windows-msvc.zip.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-i686-pc-windows-msvc.zip\"\u003euv-i686-pc-windows-msvc.zip\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ex86 Windows\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-i686-pc-windows-msvc.zip.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-x86_64-pc-windows-msvc.zip\"\u003euv-x86_64-pc-windows-msvc.zip\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ex64 Windows\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-x86_64-pc-windows-msvc.zip.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-unknown-linux-gnu.tar.gz\"\u003euv-aarch64-unknown-linux-gnu.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eARM64 Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-unknown-linux-gnu.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-i686-unknown-linux-gnu.tar.gz\"\u003euv-i686-unknown-linux-gnu.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ex86 Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-i686-unknown-linux-gnu.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-powerpc64le-unknown-linux-gnu.tar.gz\"\u003euv-powerpc64le-unknown-linux-gnu.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ePPC64LE Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-powerpc64le-unknown-linux-gnu.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-riscv64gc-unknown-linux-gnu.tar.gz\"\u003euv-riscv64gc-unknown-linux-gnu.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRISCV Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-riscv64gc-unknown-linux-gnu.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-s390x-unknown-linux-gnu.tar.gz\"\u003euv-s390x-unknown-linux-gnu.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eS390x Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-s390x-unknown-linux-gnu.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-x86_64-unknown-linux-gnu.tar.gz\"\u003euv-x86_64-unknown-linux-gnu.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ex64 Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-x86_64-unknown-linux-gnu.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-armv7-unknown-linux-gnueabihf.tar.gz\"\u003euv-armv7-unknown-linux-gnueabihf.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eARMv7 Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-armv7-unknown-linux-gnueabihf.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-unknown-linux-musl.tar.gz\"\u003euv-aarch64-unknown-linux-musl.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eARM64 MUSL Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-aarch64-unknown-linux-musl.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-i686-unknown-linux-musl.tar.gz\"\u003euv-i686-unknown-linux-musl.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003ex86 MUSL Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-i686-unknown-linux-musl.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-riscv64gc-unknown-linux-musl.tar.gz\"\u003euv-riscv64gc-unknown-linux-musl.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eRISCV MUSL Linux\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-riscv64gc-unknown-linux-musl.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.14\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-12.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIgnore \u003ccode\u003etop_level.txt\u003c/code\u003e entries in uninstall that are not valid Python identifiers (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19340\"\u003e#19340\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid applying \u003ccode\u003e.env\u003c/code\u003e files in parent process (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19343\"\u003e#19343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFilter ANSI codes in logging output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19311\"\u003e#19311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003euv tree\u003c/code\u003e showing extra-conditional deps for packages required without extras (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19332\"\u003e#19332\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRespect build options (e.g., \u003ccode\u003e--no-build\u003c/code\u003e) during lock validation (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19366\"\u003e#19366\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.13\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-10.\u003c/p\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eInclude data files in editable builds (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19312\"\u003e#19312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRespect \u003ccode\u003e--require-hashes\u003c/code\u003e when installing from \u003ccode\u003epylock.toml\u003c/code\u003e files (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19334\"\u003e#19334\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePython\u003c/h3\u003e\n\u003ch3\u003ePython\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd CPython 3.14.5\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3fdfdc7d4a63c9f283eb751823b7628b13116684\"\u003e\u003ccode\u003e3fdfdc7\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.14 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19377\"\u003e#19377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/634b03f972330183295adae438ec90e76105593e\"\u003e\u003ccode\u003e634b03f\u003c/code\u003e\u003c/a\u003e Document \u003ccode\u003euv auth helper\u003c/code\u003e for Bazel credential helper use (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19358\"\u003e#19358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/601c2b80421544fc0f18bedd2d141308e8acbfd1\"\u003e\u003ccode\u003e601c2b8\u003c/code\u003e\u003c/a\u003e Respect build options (e.g., \u003ccode\u003e--no-build\u003c/code\u003e) during lock validation (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19366\"\u003e#19366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/7d6590313139e075eac190a3611238072e7c3cdf\"\u003e\u003ccode\u003e7d65903\u003c/code\u003e\u003c/a\u003e Add Astral mirror URL override (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19206\"\u003e#19206\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/685c32c51de5f21cdffe1311d6265b9dbebe2a03\"\u003e\u003ccode\u003e685c32c\u003c/code\u003e\u003c/a\u003e Ignore \u003ccode\u003etop_level.txt\u003c/code\u003e entries in uninstall that are not valid Python identif...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/374fcaa56aa46a2923eed31fe0df7a4a7a14c477\"\u003e\u003ccode\u003e374fcaa\u003c/code\u003e\u003c/a\u003e Fix JUnit upload on Windows runners (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19370\"\u003e#19370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/96b43afadc2add190895b20282e83023a08bd0e7\"\u003e\u003ccode\u003e96b43af\u003c/code\u003e\u003c/a\u003e Ensure publish to crates.io is idempotent (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19361\"\u003e#19361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/b2bd71a82c172926d6fb76ecbbad9c61c6e706b1\"\u003e\u003ccode\u003eb2bd71a\u003c/code\u003e\u003c/a\u003e Filter ANSI codes in logging output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19311\"\u003e#19311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/81e7f8ccbbd3ed407f32312743fe138d36411cff\"\u003e\u003ccode\u003e81e7f8c\u003c/code\u003e\u003c/a\u003e Update Rust crate junction to v2 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19353\"\u003e#19353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/9f21ff88867f59e84bc82f7422492b998aba6e30\"\u003e\u003ccode\u003e9f21ff8\u003c/code\u003e\u003c/a\u003e Avoid applying \u003ccode\u003e.env\u003c/code\u003e files in parent process (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19343\"\u003e#19343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.12...0.11.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uv\u0026package-manager=uv\u0026previous-version=0.11.12\u0026new-version=0.11.14)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/paudley/coding-ethos/pull/175","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/paudley%2Fcoding-ethos/issues/175","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/175/packages"}},{"old_version":"0.11.12","new_version":"0.11.16","update_type":"patch","path":null,"pr_created_at":"2026-05-23T02:25:59.000Z","version_change":"0.11.12 → 0.11.16","issue":{"uuid":"4506548171","node_id":"PR_kwDOGuafp87eipch","number":23,"state":"closed","title":"build(deps-dev): bump the python-deps group across 1 directory with 15 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-30T02:25:04.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T02:25:59.000Z","updated_at":"2026-05-30T02:25:06.000Z","time_to_close":604745,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps-dev): bump","group_name":"python-deps","update_count":15,"packages":[{"name":"tox","old_version":"4.53.1","new_version":"4.54.0","repository_url":"https://github.com/tox-dev/tox"},{"name":"cachetools","old_version":"7.1.1","new_version":"7.1.4","repository_url":"https://github.com/tkem/cachetools"},{"name":"certifi","old_version":"2026.4.22","new_version":"2026.5.20","repository_url":"https://github.com/certifi/python-certifi"},{"name":"click","old_version":"8.3.3","new_version":"8.4.1","repository_url":"https://github.com/pallets/click"},{"name":"coverage","old_version":"7.13.5","new_version":"7.14.0","repository_url":"https://github.com/coveragepy/coveragepy"},{"name":"django-stubs","old_version":"6.0.3","new_version":"6.0.4","repository_url":"https://github.com/typeddjango/django-stubs"},{"name":"django-stubs-ext","old_version":"6.0.3","new_version":"6.0.4","repository_url":"https://github.com/typeddjango/django-stubs"},{"name":"idna","old_version":"3.13","new_version":"3.16","repository_url":"https://github.com/kjd/idna"},{"name":"librt","old_version":"0.10.0","new_version":"0.11.0","repository_url":"https://github.com/mypyc/librt"},{"name":"mypy","old_version":"2.0.0","new_version":"2.1.0","repository_url":"https://github.com/python/mypy"},{"name":"pydantic-core","old_version":"2.46.4","new_version":"2.47.0","repository_url":"https://github.com/pydantic/pydantic"},{"name":"python-discovery","old_version":"1.3.0","new_version":"1.3.1","repository_url":"https://github.com/tox-dev/python-discovery"},{"name":"tomlkit","old_version":"0.14.0","new_version":"0.15.0","repository_url":"https://github.com/python-poetry/tomlkit"},{"name":"uv","old_version":"0.11.12","new_version":"0.11.16","repository_url":"https://github.com/astral-sh/uv"},{"name":"virtualenv","old_version":"21.3.1","new_version":"21.3.3","repository_url":"https://github.com/pypa/virtualenv"}],"path":null,"ecosystem":"pip"},"body":"Bumps the python-deps group with 15 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [tox](https://github.com/tox-dev/tox) | `4.53.1` | `4.54.0` |\n| [cachetools](https://github.com/tkem/cachetools) | `7.1.1` | `7.1.4` |\n| [certifi](https://github.com/certifi/python-certifi) | `2026.4.22` | `2026.5.20` |\n| [click](https://github.com/pallets/click) | `8.3.3` | `8.4.1` |\n| [coverage](https://github.com/coveragepy/coveragepy) | `7.13.5` | `7.14.0` |\n| [django-stubs](https://github.com/typeddjango/django-stubs) | `6.0.3` | `6.0.4` |\n| [django-stubs-ext](https://github.com/typeddjango/django-stubs) | `6.0.3` | `6.0.4` |\n| [idna](https://github.com/kjd/idna) | `3.13` | `3.16` |\n| [librt](https://github.com/mypyc/librt) | `0.10.0` | `0.11.0` |\n| [mypy](https://github.com/python/mypy) | `2.0.0` | `2.1.0` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.46.4` | `2.47.0` |\n| [python-discovery](https://github.com/tox-dev/python-discovery) | `1.3.0` | `1.3.1` |\n| [tomlkit](https://github.com/python-poetry/tomlkit) | `0.14.0` | `0.15.0` |\n| [uv](https://github.com/astral-sh/uv) | `0.11.12` | `0.11.16` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `21.3.1` | `21.3.3` |\n\n\nUpdates `tox` from 4.53.1 to 4.54.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tox-dev/tox/releases\"\u003etox's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.54.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e🧪 test(conftest): strip broken nspkg.pth files under py3.15 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tox-dev/tox/pull/3937\"\u003etox-dev/tox#3937\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨ feat(packaging): declare tox.pytest deps via a testing extra by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tox-dev/tox/pull/3940\"\u003etox-dev/tox#3940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🐛 fix(schema): cover every replace form in the TOML schema by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tox-dev/tox/pull/3941\"\u003etox-dev/tox#3941\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/tox-dev/tox/compare/4.53.1...4.54.0\"\u003ehttps://github.com/tox-dev/tox/compare/4.53.1...4.54.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tox-dev/tox/blob/main/docs/changelog.rst\"\u003etox's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eFeatures - 4.54.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeclare the runtime dependencies of the \u003ccode\u003etox.pytest\u003c/code\u003e plugin (\u003ccode\u003epytest\u003c/code\u003e, \u003ccode\u003edevpi-process\u003c/code\u003e and \u003ccode\u003epytest-mock\u003c/code\u003e)\nunder a new \u003ccode\u003etesting\u003c/code\u003e extra, so plugin authors can pull them in via \u003ccode\u003etox[testing]\u003c/code\u003e - by :user:\u003ccode\u003egaborbernat\u003c/code\u003e.\n(:issue:\u003ccode\u003e3938\u003c/code\u003e, :issue:\u003ccode\u003e3940\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug fixes - 4.54.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eExtend the generated TOML schema to cover every \u003ccode\u003ereplace\u003c/code\u003e table form (\u003ccode\u003eenv\u003c/code\u003e, \u003ccode\u003eref\u003c/code\u003e, \u003ccode\u003eposargs\u003c/code\u003e, \u003ccode\u003eglob\u003c/code\u003e,\n\u003ccode\u003eif\u003c/code\u003e), including conditional replacements used inside \u003ccode\u003ecommands\u003c/code\u003e. A guard test asserts the schema stays in sync\nwith the loader implementation so future replace types cannot be added without a corresponding schema entry.\n(:issue:\u003ccode\u003e3939\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003ev4.53.1 (2026-05-02)\u003c/p\u003e\n\u003chr /\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/tox/commit/1f1fcc7a53665a827d8a304190696c6926ebb2eb\"\u003e\u003ccode\u003e1f1fcc7\u003c/code\u003e\u003c/a\u003e release 4.54.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/tox/commit/b35c8eedaf94906ed0e7938c7526dced550e6fa0\"\u003e\u003ccode\u003eb35c8ee\u003c/code\u003e\u003c/a\u003e 🐛 fix(schema): cover every replace form in the TOML schema (\u003ca href=\"https://redirect.github.com/tox-dev/tox/issues/3941\"\u003e#3941\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/tox/commit/6eb5c4f5eec439b3924d6adb3d9d16ea7fc88a20\"\u003e\u003ccode\u003e6eb5c4f\u003c/code\u003e\u003c/a\u003e ✨ feat(packaging): declare tox.pytest deps via a testing extra (\u003ca href=\"https://redirect.github.com/tox-dev/tox/issues/3940\"\u003e#3940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/tox/commit/1ad47ddaab21c891f136a9627d1c6cdb6ea655d7\"\u003e\u003ccode\u003e1ad47dd\u003c/code\u003e\u003c/a\u003e 🧪 test(conftest): strip broken nspkg.pth files under py3.15 (\u003ca href=\"https://redirect.github.com/tox-dev/tox/issues/3937\"\u003e#3937\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/tox/commit/dfba9661b10aa5148daf7267b80fec50f4faa9d2\"\u003e\u003ccode\u003edfba966\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/tox-dev/tox/issues/3936\"\u003e#3936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/tox/commit/21069af5f5b93774f88c271d5deb1389cd2caf12\"\u003e\u003ccode\u003e21069af\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/tox-dev/tox/issues/3933\"\u003e#3933\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/tox-dev/tox/compare/4.53.1...4.54.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cachetools` from 7.1.1 to 7.1.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst\"\u003ecachetools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev7.1.4 (2026-05-22)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMinor unit test improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate build environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.1.3 (2026-05-18)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMinor type stub improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate build environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.1.2 (2026-05-16)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMinor type stub improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eMinor documentation improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eModernize build environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/48284d73d0a8834c9c50f8d41bb99e6f93b2dfed\"\u003e\u003ccode\u003e48284d7\u003c/code\u003e\u003c/a\u003e Release v7.1.4.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/55ea96b88a485fca9effae0f838186274f00897c\"\u003e\u003ccode\u003e55ea96b\u003c/code\u003e\u003c/a\u003e Update build environment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/c5439fe5dc883220b59469e450dbcbf9f4c2e52d\"\u003e\u003ccode\u003ec5439fe\u003c/code\u003e\u003c/a\u003e Add threading tests for lock-only decorators.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/91828fccd629d426157a165d38563614ba06a875\"\u003e\u003ccode\u003e91828fc\u003c/code\u003e\u003c/a\u003e Run threading tests unconditionally with timeout.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/16952edb1eb2d2ced7601e12db722008e5156912\"\u003e\u003ccode\u003e16952ed\u003c/code\u003e\u003c/a\u003e Release v7.1.3.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/92dd756b93813d1ddfe70893e9c219342a52e19a\"\u003e\u003ccode\u003e92dd756\u003c/code\u003e\u003c/a\u003e Prepare v7.1.3.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/ced08f52ef792a010b8171715c7842da4e11b9ac\"\u003e\u003ccode\u003eced08f5\u003c/code\u003e\u003c/a\u003e Improve cachetools.func type stubs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/d809d7be5a222effd3663c33baaaee3802972daa\"\u003e\u003ccode\u003ed809d7b\u003c/code\u003e\u003c/a\u003e Update build environment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/c84b5e5be3d33a32d33f0988b524fb86de1e44f2\"\u003e\u003ccode\u003ec84b5e5\u003c/code\u003e\u003c/a\u003e Release v7.1.2.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/39ad61c1db56600fe903f3c4216996c491e775bf\"\u003e\u003ccode\u003e39ad61c\u003c/code\u003e\u003c/a\u003e Prepare v7.1.2.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tkem/cachetools/compare/v7.1.1...v7.1.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2026.4.22 to 2026.5.20\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/d7ea151afc2ce6bef0555b9349902bd867e928dd\"\u003e\u003ccode\u003ed7ea151\u003c/code\u003e\u003c/a\u003e 2026.05.20 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/413\"\u003e#413\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2026.04.22...2026.05.20\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `click` from 8.3.3 to 8.4.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/releases\"\u003eclick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.4.1\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.4.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.4.1/\"\u003ehttps://pypi.org/project/click/8.4.1/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-4-1\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-4-1\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/32?closed=1\"\u003ehttps://github.com/pallets/click/milestone/32?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eget_parameter_source()\u003c/code\u003e is available during eager callbacks and type conversion again. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3458\"\u003e#3458\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3484\"\u003e#3484\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eZsh completion scripts parse correctly on Windows. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3277\"\u003e#3277\u003c/a\u003e # 3466\u003c/li\u003e\n\u003cli\u003eShell completion of \u003ccode\u003eChoice\u003c/code\u003e \u003ccode\u003eEnum\u003c/code\u003e values produces a valid completion result. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3015\"\u003e#3015\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix empty byte-string handling in echo. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3487\"\u003e#3487\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix closed file error with \u003ccode\u003eecho_via_pager\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3449\"\u003e#3449\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.4.0\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.4.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.\u003c/p\u003e\n\u003cp\u003eWe encourage everyone to upgrade. You can read more about our \u003ca href=\"https://palletsprojects.com/versions\"\u003eVersion Support Policy\u003c/a\u003e on our website.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.4.0/\"\u003ehttps://pypi.org/project/click/8.4.0/\u003c/a\u003e\nChanges:  \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-4-0\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-4-0\u003c/a\u003e\nMilestone \u003ca href=\"https://github.com/pallets/click/milestone/30\"\u003ehttps://github.com/pallets/click/milestone/30\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eParamType\u003c/code\u003e typing improvements. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3371\"\u003e#3371\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParamType\u003c/code\u003e is now a generic abstract base class,\nparameterized by its converted value type.\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.convert\u003c/code\u003e return types are narrowed on all\nconcrete types (\u003ccode\u003estr\u003c/code\u003e for :class:\u003ccode\u003eSTRING\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e for\n:class:\u003ccode\u003eINT\u003c/code\u003e, etc.).\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.to_info_dict\u003c/code\u003e returns specific\n:class:\u003ccode\u003e~typing.TypedDict\u003c/code\u003e subclasses instead of\n\u003ccode\u003edict[str, Any]\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003eCompositeParamType\u003c/code\u003e and the number-range base are now\ngeneric with abstract methods.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRefactor \u003ccode\u003econvert_type\u003c/code\u003e to extract type inference into a private\n\u003ccode\u003e_guess_type\u003c/code\u003e helper, and add :func:\u003ccode\u003etyping.overload\u003c/code\u003e signatures.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3372\"\u003e#3372\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eParameter\u003c/code\u003e typing improvements. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2805\"\u003e#2805\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParameter\u003c/code\u003e is now an abstract base class, making explicit\nthat it cannot be instantiated directly.\u003c/li\u003e\n\u003cli\u003e:attr:\u003ccode\u003eParameter.name\u003c/code\u003e is now \u003ccode\u003estr\u003c/code\u003e instead of \u003ccode\u003estr | None\u003c/code\u003e.\nWhen \u003ccode\u003eexpose_value=False\u003c/code\u003e, the name is set to \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e instead\nof \u003ccode\u003eNone\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ectx\u003c/code\u003e parameter of :meth:\u003ccode\u003eParameter.get_error_hint\u003c/code\u003e is now\ntyped as \u003ccode\u003eContext | None\u003c/code\u003e, matching the runtime behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSplit string values from \u003ccode\u003edefault_map\u003c/code\u003e for parameters with \u003ccode\u003enargs \u0026gt; 1\u003c/code\u003e\nor :class:\u003ccode\u003eTuple\u003c/code\u003e type, matching environment variable behavior.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/blob/main/CHANGES.rst\"\u003eclick's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 8.4.1\u003c/h2\u003e\n\u003cp\u003eReleased 2026-05-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eget_parameter_source()\u003c/code\u003e is available during eager callbacks and type\nconversion again. :issue:\u003ccode\u003e3458\u003c/code\u003e :issue:\u003ccode\u003e3484\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eZsh completion scripts parse correctly on Windows. :issue:\u003ccode\u003e3277\u003c/code\u003e :pr:\u003ccode\u003e3466\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eShell completion of \u003ccode\u003eChoice\u003c/code\u003e \u003ccode\u003eEnum\u003c/code\u003e values produces a valid completion\nresult. :issue:\u003ccode\u003e3015\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix empty byte-string handling in echo. :issue:\u003ccode\u003e3487\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix closed file error with \u003ccode\u003eecho_via_pager\u003c/code\u003e. :issue:\u003ccode\u003e3449\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 8.4.0\u003c/h2\u003e\n\u003cp\u003eReleased 2026-05-17\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e:class:\u003ccode\u003eParamType\u003c/code\u003e typing improvements. :pr:\u003ccode\u003e3371\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParamType\u003c/code\u003e is now a generic abstract base class,\nparameterized by its converted value type.\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.convert\u003c/code\u003e return types are narrowed on all\nconcrete types (\u003ccode\u003estr\u003c/code\u003e for :class:\u003ccode\u003eSTRING\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e for\n:class:\u003ccode\u003eINT\u003c/code\u003e, etc.).\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.to_info_dict\u003c/code\u003e returns specific\n:class:\u003ccode\u003e~typing.TypedDict\u003c/code\u003e subclasses instead of\n\u003ccode\u003edict[str, Any]\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003eCompositeParamType\u003c/code\u003e and the number-range base are now\ngeneric with abstract methods.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRefactor \u003ccode\u003econvert_type\u003c/code\u003e to extract type inference into a private\n\u003ccode\u003e_guess_type\u003c/code\u003e helper, and add :func:\u003ccode\u003etyping.overload\u003c/code\u003e signatures.\n:pr:\u003ccode\u003e3372\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e:class:\u003ccode\u003eParameter\u003c/code\u003e typing improvements. :pr:\u003ccode\u003e2805\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParameter\u003c/code\u003e is now an abstract base class, making explicit\nthat it cannot be instantiated directly.\u003c/li\u003e\n\u003cli\u003e:attr:\u003ccode\u003eParameter.name\u003c/code\u003e is now \u003ccode\u003estr\u003c/code\u003e instead of \u003ccode\u003estr | None\u003c/code\u003e.\nWhen \u003ccode\u003eexpose_value=False\u003c/code\u003e, the name is set to \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e instead\nof \u003ccode\u003eNone\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ectx\u003c/code\u003e parameter of :meth:\u003ccode\u003eParameter.get_error_hint\u003c/code\u003e is now\ntyped as \u003ccode\u003eContext | None\u003c/code\u003e, matching the runtime behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSplit string values from \u003ccode\u003edefault_map\u003c/code\u003e for parameters with \u003ccode\u003enargs \u0026gt; 1\u003c/code\u003e\nor :class:\u003ccode\u003eTuple\u003c/code\u003e type, matching environment variable behavior.\n:issue:\u003ccode\u003e2745\u003c/code\u003e :pr:\u003ccode\u003e3364\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAuto-detect \u003ccode\u003etype=UNPROCESSED\u003c/code\u003e for \u003ccode\u003eflag_value\u003c/code\u003e of non-basic types\n(not \u003ccode\u003estr\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e, \u003ccode\u003efloat\u003c/code\u003e, or \u003ccode\u003ebool\u003c/code\u003e), so programmer-provided\nPython objects like classes and enum members are passed through unchanged\ninstead of being stringified. Previously \u003ccode\u003etype=click.UNPROCESSED\u003c/code\u003e had\nto be set explicitly. :issue:\u003ccode\u003e2012\u003c/code\u003e :pr:\u003ccode\u003e3363\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/6eeb50e948ea136db145280f6f5dd52eca3fa7e5\"\u003e\u003ccode\u003e6eeb50e\u003c/code\u003e\u003c/a\u003e release version 8.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/67921d5b71584112eebcbf89596b5f0e6d14c49f\"\u003e\u003ccode\u003e67921d5\u003c/code\u003e\u003c/a\u003e change log and doc fixes (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3495\"\u003e#3495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/9c41f46a4015700489ad009266edf1f3893d01d1\"\u003e\u003ccode\u003e9c41f46\u003c/code\u003e\u003c/a\u003e Fix changelog and version admonitions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/6cb34774f20598aa288332f8da02c5aee85448a6\"\u003e\u003ccode\u003e6cb3477\u003c/code\u003e\u003c/a\u003e fix skip condition\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/5ee8e3123d8ddece6c47eff9a7a7d4ca478c4f37\"\u003e\u003ccode\u003e5ee8e31\u003c/code\u003e\u003c/a\u003e fix I/O operation on closed file error with CliRunner and echo_via_pager (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3482\"\u003e#3482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/becbde5cf416441627f779e8dd34e57738ee1c1f\"\u003e\u003ccode\u003ebecbde5\u003c/code\u003e\u003c/a\u003e pager doesn't close std streams\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/a5f5aa6d4012d256ccca24638f2642fc371e9f77\"\u003e\u003ccode\u003ea5f5aa6\u003c/code\u003e\u003c/a\u003e Handle empty bytes in echo (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3493\"\u003e#3493\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/4d3db84b251518e97299a38a5ca4bab3d01873a2\"\u003e\u003ccode\u003e4d3db84\u003c/code\u003e\u003c/a\u003e handle empty bytes in echo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/d42f15b71757de791a5781fb179fd972da9169f5\"\u003e\u003ccode\u003ed42f15b\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eget_parameter_source()\u003c/code\u003e during type conversion and eager callbacks (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3484\"\u003e#3484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/0baa8db07736fc7ad3d3eed97d4c73b0059c63e1\"\u003e\u003ccode\u003e0baa8db\u003c/code\u003e\u003c/a\u003e Document ctx.params bypass with test and doc\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/click/compare/8.3.3...8.4.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `coverage` from 7.13.5 to 7.14.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst\"\u003ecoverage's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 7.14.0 — 2026-05-10\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eFeature: now when running one of the reporting commands, if there are\nparallel data files that need combining, they will be implicitly combined\nbefore creating the report. There is no option to avoid the combination; let\nus know if you have a use case that requires it.  Thanks, \u003ccode\u003eTim Hatch \u0026lt;pull 2162_\u0026gt;\u003c/code\u003e\u003cem\u003e. Closes \u003ccode\u003eissue 1781\u003c/code\u003e\u003c/em\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: the output from \u003ccode\u003ecombine\u003c/code\u003e was too verbose, listing each file\nconsidered. Now it shows a single line with the counts of files combined,\nfiles skipped, and files with errors. The \u003ccode\u003e-q\u003c/code\u003e flag suppresses this line.\nThe old detailed lines are available with the new \u003ccode\u003e--debug=combine\u003c/code\u003e option.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: running a Python file through a symlink now sets the sys.path correctly,\nmatching regular Python behavior. Fixes \u003ccode\u003eissue 2157\u003c/code\u003e_.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: \u003ccode\u003eCollector.flush_data\u003c/code\u003e could fail with \u0026quot;RuntimeError: Set changed\nsize during iteration\u0026quot; when a tracer in another thread added a line to the\nper-file set that \u003ccode\u003eadd_lines\u003c/code\u003e (or \u003ccode\u003eadd_arcs\u003c/code\u003e) was iterating. The values\npassed to \u003ccode\u003eCoverageData\u003c/code\u003e are now snapshotted via \u003ccode\u003edict.copy()\u003c/code\u003e and\n\u003ccode\u003eset.copy()\u003c/code\u003e, which are atomic under the GIL. Thanks, \u003ccode\u003eAlex Vandiver \u0026lt;pull 2165_\u0026gt;\u003c/code\u003e_.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: the soft keyword \u003ccode\u003elazy\u003c/code\u003e is now bolded in HTML reports.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eWe are no longer testing eventlet support. Eventlet started issuing stern\ndeprecation warnings that break our tests. Our support code is still there.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _issue 1781: \u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/issues/1781\"\u003ecoveragepy/coveragepy#1781\u003c/a\u003e\n.. _issue 2157: \u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/issues/2157\"\u003ecoveragepy/coveragepy#2157\u003c/a\u003e\n.. _pull 2162: \u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/pull/2162\"\u003ecoveragepy/coveragepy#2162\u003c/a\u003e\n.. _pull 2165: \u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/pull/2165\"\u003ecoveragepy/coveragepy#2165\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e.. _changes_7-13-5:\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/646351b60429f1b5760af6c1b97b28483244a955\"\u003e\u003ccode\u003e646351b\u003c/code\u003e\u003c/a\u003e docs: sample HTML for 7.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/39cd015505c8b04369c5b06e34fc22449a697370\"\u003e\u003ccode\u003e39cd015\u003c/code\u003e\u003c/a\u003e docs: prep for 7.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/649e8aa34af7d80c386ae82e8a3a6c9a3acb0dab\"\u003e\u003ccode\u003e649e8aa\u003c/code\u003e\u003c/a\u003e docs: thanks Alex Vandiver for \u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/issues/2165\"\u003e#2165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/8cd392e3b5c4bc15d534aaec0c21714f9f518469\"\u003e\u003ccode\u003e8cd392e\u003c/code\u003e\u003c/a\u003e fix: snapshot data in Collector.flush_data to avoid threading race (\u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/issues/2165\"\u003e#2165\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/c48e0edc2ebe44621b0053176e90f77b0c79bec1\"\u003e\u003ccode\u003ec48e0ed\u003c/code\u003e\u003c/a\u003e fix: less output for combining\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/c2a3a284078556c911e0d9b6c6af1b7082a363ea\"\u003e\u003ccode\u003ec2a3a28\u003c/code\u003e\u003c/a\u003e docs: explain the change from \u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/issues/2162\"\u003e#2162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/1cd47aa6ac1da4e150da44055295d4e4f3a014e8\"\u003e\u003ccode\u003e1cd47aa\u003c/code\u003e\u003c/a\u003e fix: implicit combine-during-report now removes the combined data files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/2d99fd7696e0bccec8037479a4e45c1ecccb8058\"\u003e\u003ccode\u003e2d99fd7\u003c/code\u003e\u003c/a\u003e feat: automatically combine coverage in report, thanks Tim Hatch (\u003ca href=\"https://redirect.github.com/coveragepy/coveragepy/issues/2162\"\u003e#2162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/9fbdcdfee1c122fac43f1bf9a5e2d1f4d835f21c\"\u003e\u003ccode\u003e9fbdcdf\u003c/code\u003e\u003c/a\u003e fix: lazy soft keywords are bolded\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coveragepy/coveragepy/commit/5de7d0267b9466d59995aaae1a7e707c8c6f66e7\"\u003e\u003ccode\u003e5de7d02\u003c/code\u003e\u003c/a\u003e build: oops, misplaced quote\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/coveragepy/coveragepy/compare/7.13.5...7.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `django-stubs` from 6.0.3 to 6.0.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/928eec423b8454590a46e50653698d85954f04de\"\u003e\u003ccode\u003e928eec4\u003c/code\u003e\u003c/a\u003e Version 6.0.4 release (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3375\"\u003e#3375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/a9942040a2ed28b8e1ae129578c1f5a4f2b449b8\"\u003e\u003ccode\u003ea994204\u003c/code\u003e\u003c/a\u003e Update dependency mypy to v2 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3374\"\u003e#3374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/ec8107b44d798a16b42ff049fe3904c9a4b5df08\"\u003e\u003ccode\u003eec8107b\u003c/code\u003e\u003c/a\u003e Update dependency pyrefly to v0.64.0 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3373\"\u003e#3373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/28d997bc1e6559579ce3f4663178a8294e402897\"\u003e\u003ccode\u003e28d997b\u003c/code\u003e\u003c/a\u003e Remove unused get_field_lookup_exact_type from helpers (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3372\"\u003e#3372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/d312d60b1d7e852f73babe2a76be1d2961b94393\"\u003e\u003ccode\u003ed312d60\u003c/code\u003e\u003c/a\u003e Update dependency django to v5.2.14 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3371\"\u003e#3371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/f20e49018f19e84a839ab5d11ac47654e671728a\"\u003e\u003ccode\u003ef20e490\u003c/code\u003e\u003c/a\u003e Update Django to 6.0.5 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3369\"\u003e#3369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/6d9d0e26fff5462782bfeede76ffd8b2cc36712d\"\u003e\u003ccode\u003e6d9d0e2\u003c/code\u003e\u003c/a\u003e Resolve default_alias for positional Aggregate in annotate() (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3362\"\u003e#3362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/6dd9231e36393d5ddaecb5d0ffca2a6b824bf0cc\"\u003e\u003ccode\u003e6dd9231\u003c/code\u003e\u003c/a\u003e Update int128/hide-comment-action action to v1.58.0 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3368\"\u003e#3368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/e270482574c273798d875f2191945f64dbb0c00a\"\u003e\u003ccode\u003ee270482\u003c/code\u003e\u003c/a\u003e Update dependency psycopg to v3.3.4 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3365\"\u003e#3365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/cfb0f9a098e24d47f1c3cc5c5de971b599c6e907\"\u003e\u003ccode\u003ecfb0f9a\u003c/code\u003e\u003c/a\u003e Update dependency pyrefly to v0.63.1 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3367\"\u003e#3367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/typeddjango/django-stubs/compare/6.0.3...6.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `django-stubs-ext` from 6.0.3 to 6.0.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/928eec423b8454590a46e50653698d85954f04de\"\u003e\u003ccode\u003e928eec4\u003c/code\u003e\u003c/a\u003e Version 6.0.4 release (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3375\"\u003e#3375\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/a9942040a2ed28b8e1ae129578c1f5a4f2b449b8\"\u003e\u003ccode\u003ea994204\u003c/code\u003e\u003c/a\u003e Update dependency mypy to v2 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3374\"\u003e#3374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/ec8107b44d798a16b42ff049fe3904c9a4b5df08\"\u003e\u003ccode\u003eec8107b\u003c/code\u003e\u003c/a\u003e Update dependency pyrefly to v0.64.0 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3373\"\u003e#3373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/28d997bc1e6559579ce3f4663178a8294e402897\"\u003e\u003ccode\u003e28d997b\u003c/code\u003e\u003c/a\u003e Remove unused get_field_lookup_exact_type from helpers (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3372\"\u003e#3372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/d312d60b1d7e852f73babe2a76be1d2961b94393\"\u003e\u003ccode\u003ed312d60\u003c/code\u003e\u003c/a\u003e Update dependency django to v5.2.14 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3371\"\u003e#3371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/f20e49018f19e84a839ab5d11ac47654e671728a\"\u003e\u003ccode\u003ef20e490\u003c/code\u003e\u003c/a\u003e Update Django to 6.0.5 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3369\"\u003e#3369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/6d9d0e26fff5462782bfeede76ffd8b2cc36712d\"\u003e\u003ccode\u003e6d9d0e2\u003c/code\u003e\u003c/a\u003e Resolve default_alias for positional Aggregate in annotate() (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3362\"\u003e#3362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/6dd9231e36393d5ddaecb5d0ffca2a6b824bf0cc\"\u003e\u003ccode\u003e6dd9231\u003c/code\u003e\u003c/a\u003e Update int128/hide-comment-action action to v1.58.0 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3368\"\u003e#3368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/e270482574c273798d875f2191945f64dbb0c00a\"\u003e\u003ccode\u003ee270482\u003c/code\u003e\u003c/a\u003e Update dependency psycopg to v3.3.4 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3365\"\u003e#3365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/typeddjango/django-stubs/commit/cfb0f9a098e24d47f1c3cc5c5de971b599c6e907\"\u003e\u003ccode\u003ecfb0f9a\u003c/code\u003e\u003c/a\u003e Update dependency pyrefly to v0.63.1 (\u003ca href=\"https://redirect.github.com/typeddjango/django-stubs/issues/3367\"\u003e#3367\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/typeddjango/django-stubs/compare/6.0.3...6.0.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.13 to 3.16\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.16 (2026-05-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a command-line interface (\u003ccode\u003epython -m idna\u003c/code\u003e, also available as\nthe \u003ccode\u003eidna\u003c/code\u003e script). Encodes or decodes one or more domains supplied\nas arguments or on standard input, with options to select A-label\nor U-label output and control error handling.\u003c/li\u003e\n\u003cli\u003eRaise the minimum supported Python version to 3.9\u003c/li\u003e\n\u003cli\u003eVarious code quality improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.15 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce DNS-length cap on individual labels early in \u003ccode\u003echeck_label\u003c/code\u003e,\nshort-circuiting contextual-rule processing for oversized input\nwhile staying compatible with UTS 46 usage.\u003c/li\u003e\n\u003cli\u003eTidy core helpers: hoist bidi category sets to module-level\nfrozensets (avoiding per-codepoint list construction), simplify\nlength checks, and reuse the shared \u003ccode\u003e_unicode_dots_re\u003c/code\u003e from\n\u003ccode\u003eidna.core\u003c/code\u003e in the codec module.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eraise ... from err\u003c/code\u003e for proper exception chaining and\nswitch internal string formatting to f-strings.\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eflit_core\u003c/code\u003e 4.x in the build backend.\u003c/li\u003e\n\u003cli\u003eExpand the ruff lint set (flake8-bugbear, flake8-simplify,\npyupgrade, perflint) and apply the surfaced fixes; pin lint CI\nto Python 3.14.\u003c/li\u003e\n\u003cli\u003eAdd Dependabot configuration for GitHub Actions.\u003c/li\u003e\n\u003cli\u003eConvert README and HISTORY from reStructuredText to Markdown.\u003c/li\u003e\n\u003cli\u003eReference CVE-2026-45409 for the 3.14 advisory in place of the\ninitial GHSA identifier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Felix Yan, Stan Ulbrych, and metsw24-max for\ncontributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.14 (2026-05-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [CVE-2026-45409]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/6d1a0de52a8b4690f1b2a89829aa85ff1de3635a\"\u003e\u003ccode\u003e6d1a0de\u003c/code\u003e\u003c/a\u003e Release 3.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/4e6cbe225a3e0b6e7eed2082086a12cba526e787\"\u003e\u003ccode\u003e4e6cbe2\u003c/code\u003e\u003c/a\u003e Demote installation instruction to usage section\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/223533c34c9e23470e714ed9b1f1c41867177732\"\u003e\u003ccode\u003e223533c\u003c/code\u003e\u003c/a\u003e Merge branch 'readme-simplification' into release-3.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/b1640b228a50b3c94ffcf8a664eb6cb186550f3e\"\u003e\u003ccode\u003eb1640b2\u003c/code\u003e\u003c/a\u003e Bump version to 3.16rc0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/3a861132be61091454aae10c292d98bcfd3cd797\"\u003e\u003ccode\u003e3a86113\u003c/code\u003e\u003c/a\u003e Update history for 3.16 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d4bc9e742b753cff2ec6c53bd4be730863ca9c53\"\u003e\u003ccode\u003ed4bc9e7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/246\"\u003e#246\u003c/a\u003e from kjd/python-3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/a21d9fca6b04c47ddbd0303d62bbc0712b55f43d\"\u003e\u003ccode\u003ea21d9fc\u003c/code\u003e\u003c/a\u003e Update deprecation policy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/b46492694aa21dc1c3608f59dd5b9620c08b2d0f\"\u003e\u003ccode\u003eb464926\u003c/code\u003e\u003c/a\u003e Raise minimum Python to 3.9 and modernize typing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/7f3b15e8839f0e404a00054c4072e69347e727f2\"\u003e\u003ccode\u003e7f3b15e\u003c/code\u003e\u003c/a\u003e Explicit example not needed\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/7530c7020ae2bcf0acff1fafd71fb047a3b117ed\"\u003e\u003ccode\u003e7530c70\u003c/code\u003e\u003c/a\u003e Remove unnecessary print()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.13...v3.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `librt` from 0.10.0 to 0.11.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mypyc/librt/commit/862679a0492f4433a286b2d53965ec2603623be1\"\u003e\u003ccode\u003e862679a\u003c/code\u003e\u003c/a\u003e Sync mypy and bump version to 0.11.0 (\u003ca href=\"https://redirect.github.com/mypyc/librt/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mypyc/librt/compare/v0.10.0...v0.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mypy` from 2.0.0 to 2.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python/mypy/blob/master/CHANGELOG.md\"\u003emypy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eMypy Release Notes\u003c/h1\u003e\n\u003ch2\u003eNext Release\u003c/h2\u003e\n\u003ch2\u003eMypy 2.1\u003c/h2\u003e\n\u003cp\u003eWe’ve just uploaded mypy 2.1.0 to the Python Package Index (\u003ca href=\"https://pypi.org/project/mypy/\"\u003ePyPI\u003c/a\u003e).\nMypy is a static type checker for Python. This release includes new features, performance\nimprovements and bug fixes. You can install it as follows:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003epython3 -m pip install -U mypy\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eYou can read the full documentation for this release on \u003ca href=\"http://mypy.readthedocs.io\"\u003eRead the Docs\u003c/a\u003e.\u003c/p\u003e\n\u003ch3\u003elibrt.vecs: Fast Growable Array Type for Mypyc\u003c/h3\u003e\n\u003cp\u003eThe new \u003ccode\u003elibrt.vecs\u003c/code\u003e module provides an efficient growable array type \u003ccode\u003evec\u003c/code\u003e that is\noptimized for mypyc use. It provides fast, packed arrays with integer and floating point\nvalue types, which can be \u003cstrong\u003eseveral times faster\u003c/strong\u003e than \u003ccode\u003elist\u003c/code\u003e, and tens of times faster\nthan \u003ccode\u003earray.array\u003c/code\u003e in code compiled using mypyc. It also supports nested \u003ccode\u003evec\u003c/code\u003e objects and\nnon-value-type items, such as \u003ccode\u003evec[vec[str]]\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eRefer to the \u003ca href=\"https://mypyc.readthedocs.io/en/latest/librt_vecs.html\"\u003edocumentation\u003c/a\u003e for\nthe details.\u003c/p\u003e\n\u003cp\u003eContributed by Jukka Lehtosalo.\u003c/p\u003e\n\u003ch3\u003elibrt.random: Fast Pseudo-Random Number Generation\u003c/h3\u003e\n\u003cp\u003eThe new \u003ccode\u003elibrt.random\u003c/code\u003e module provides fast pseudo-random number generation that is\noptimized for code compiled using mypyc. It can be 3x to 10x faster than the stdlib\n\u003ccode\u003erandom\u003c/code\u003e module in compiled code.\u003c/p\u003e\n\u003cp\u003eRefer to the \u003ca href=\"https://mypyc.readthedocs.io/en/latest/librt_random.html\"\u003edocumentation\u003c/a\u003e for\nthe details.\u003c/p\u003e\n\u003cp\u003eContributed by Jukka Lehtosalo (PR \u003ca href=\"https://redirect.github.com/python/mypy/pull/21433\"\u003e21433\u003c/a\u003e).\u003c/p\u003e\n\u003ch3\u003eMypyc Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMake compilation order with multiple files consistent (Piotr Sawicki, PR \u003ca href=\"https://redirect.github.com/python/mypy/pull/21419\"\u003e21419\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix crash on accessing \u003ccode\u003eStopAsyncIteration\u003c/code\u003e (Piotr Sawicki, PR \u003ca href=\"https://redirect.github.com/python/mypy/pull/21406\"\u003e21406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix incremental compilation with \u003ccode\u003eseparate\u003c/code\u003e flag (Vaggelis Danias, PR \u003ca href=\"https://redirect.github.com/python/mypy/pull/21299\"\u003e21299\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes to Crashes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix crash on partial type with \u003ccode\u003e--allow-redefinition\u003c/code\u003e and \u003ccode\u003eglobal\u003c/code\u003e declaration (Jukka Lehtosalo, PR \u003ca href=\"https://redirect.github.com/python/mypy/pull/21428\"\u003e21428\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix broken awaitable generator patching (Ivan Levkivskyi, PR \u003ca href=\"https://redirect.github.com/python/mypy/pull/21435\"\u003e21435\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges to Messages\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/c1c336d7e34eb313080c79b156518c58d27c7234\"\u003e\u003ccode\u003ec1c336d\u003c/code\u003e\u003c/a\u003e Remove +dev from version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/74df14b7cbf08140236aa45bbb7f42219b0b1df7\"\u003e\u003ccode\u003e74df14b\u003c/code\u003e\u003c/a\u003e Add changelog for mypy 2.1 (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21464\"\u003e#21464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/022d9bc96f86c40f338a5cf150f1806cc8f300ff\"\u003e\u003ccode\u003e022d9bc\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;TypeForm: Enable by default (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21262\"\u003e#21262\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/8826288214f1cb31496e610667481221e025359c\"\u003e\u003ccode\u003e8826288\u003c/code\u003e\u003c/a\u003e [mypyc] Document librt.random (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21463\"\u003e#21463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/3f4067b699dbe52d08e42ef3b3ebfdebdc06bd96\"\u003e\u003ccode\u003e3f4067b\u003c/code\u003e\u003c/a\u003e Bump librt version to 0.11.0 (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21458\"\u003e#21458\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/2b1eb58a250c5f1eb4ef5fb1f312ff528c5a1d4e\"\u003e\u003ccode\u003e2b1eb58\u003c/code\u003e\u003c/a\u003e [mypyc] Enable incremental self-compilation (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21369\"\u003e#21369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/8152f4af3f6c03beaf2660026240f0fdce7feecc\"\u003e\u003ccode\u003e8152f4a\u003c/code\u003e\u003c/a\u003e Respect file config comments for stale modules (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21444\"\u003e#21444\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/116d60bdd3fdfe8d97c6afe99370910db56f1b92\"\u003e\u003ccode\u003e116d60b\u003c/code\u003e\u003c/a\u003e Fix nondeterminism from nonassociativity of overload joins (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21455\"\u003e#21455\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/6c4af8e42110cea3f84bc02add2ca7b89c268210\"\u003e\u003ccode\u003e6c4af8e\u003c/code\u003e\u003c/a\u003e Fix function call message change for small number of args (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21432\"\u003e#21432\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python/mypy/commit/4b8fdcaf24032592510e8f15421fb32d82a71800\"\u003e\u003ccode\u003e4b8fdca\u003c/code\u003e\u003c/a\u003e [mypyc] Add librt.random module (\u003ca href=\"https://redirect.github.com/python/mypy/issues/21433\"\u003e#21433\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python/mypy/compare/v2.0.0...v2.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic-core` from 2.46.4 to 2.47.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pydantic/pydantic/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `python-discovery` from 1.3.0 to 1.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tox-dev/python-discovery/releases\"\u003epython-discovery's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCanonicalize GraalPy implementation name. by \u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tox-dev/python-discovery/pull/73\"\u003etox-dev/python-discovery#73\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e👷 ci(release): wire up towncrier-driven release pipeline by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/tox-dev/python-discovery/pull/74\"\u003etox-dev/python-discovery#74\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/tox-dev/python-discovery/pull/73\"\u003etox-dev/python-discovery#73\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/tox-dev/python-discovery/compare/1.3.0...1.3.1\"\u003ehttps://github.com/tox-dev/python-discovery/compare/1.3.0...1.3.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tox-dev/python-discovery/blob/main/docs/changelog.rst\"\u003epython-discovery's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eBug fixes - 1.3.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eexport normalize_isa and deprecate KNOWN_ARCHITECTURES - by :user:\u003ccode\u003erahuldevikar\u003c/code\u003e. (:issue:\u003ccode\u003e59\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003ediscover uv-managed Pythons on Windows. Previously the glob assumed Unix layout (\u003ccode\u003e\u0026lt;root\u0026gt;/\u0026lt;key\u0026gt;/bin/python\u003c/code\u003e) and\nsilently found nothing on Windows, where uv places \u003ccode\u003epython.exe\u003c/code\u003e directly under the install root - by\n:user:\u003ccode\u003egaborbernat\u003c/code\u003e. (:issue:\u003ccode\u003e65\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eCanonicalize GraalVM to match GraalPy Python interpreter in PythonSpec and PythonInfo. - by :user:\u003ccode\u003etimfel\u003c/code\u003e. (:issue:\u003ccode\u003e73\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003ev1.3.0 (2026-05-05)\u003c/p\u003e\n\u003chr /\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/python-discovery/commit/0d344843eae2e74c13eb739f2c043e177aa015b0\"\u003e\u003ccode\u003e0d34484\u003c/code\u003e\u003c/a\u003e release 1.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/python-discovery/commit/6840c417a47eea7c7ae0347838a63f89c1d24749\"\u003e\u003ccode\u003e6840c41\u003c/code\u003e\u003c/a\u003e 👷 ci(release): wire up towncrier-driven release pipeline (\u003ca href=\"https://redirect.github.com/tox-dev/python-discovery/issues/74\"\u003e#74\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/python-discovery/commit/68f7dc15f51a4bdec413080077816b9e895b23cd\"\u003e\u003ccode\u003e68f7dc1\u003c/code\u003e\u003c/a\u003e Canonicalize GraalPy implementation name. (\u003ca href=\"https://redirect.github.com/tox-dev/python-discovery/issues/73\"\u003e#73\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tox-dev/python-discovery/commit/e7cff49eb8610590395e495f875e5d1e8771e24d\"\u003e\u003ccode\u003ee7cff49\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/tox-dev/python-discovery/issues/72\"\u003e#72\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/tox-dev/python-discovery/compare/1.3.0...1.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tomlkit` from 0.14.0 to 0.15.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-poetry/tomlkit/releases\"\u003etomlkit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.15.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(spec): update to toml spec v1.1 by \u003ca href=\"https://github.com/frostming\"\u003e\u003ccode\u003e@​frostming\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/456\"\u003epython-poetry/tomlkit#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/455\"\u003epython-poetry/tomlkit#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump virtualenv from 20.26.6 to 20.36.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/454\"\u003epython-poetry/tomlkit#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/458\"\u003epython-poetry/tomlkit#458\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump pygments from 2.18.0 to 2.20.0 in /docs by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/464\"\u003epython-poetry/tomlkit#464\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps-dev): bump pygments from 2.17.2 to 2.20.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/463\"\u003epython-poetry/tomlkit#463\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump requests from 2.32.4 to 2.33.0 in /docs by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/462\"\u003epython-poetry/tomlkit#462\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/461\"\u003epython-poetry/tomlkit#461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eType annotations by \u003ca href=\"https://github.com/dimbleby\"\u003e\u003ccode\u003e@​dimbleby\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/460\"\u003epython-poetry/tomlkit#460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHonor sort_keys for parsed TOML documents by \u003ca href=\"https://github.com/ShipItAndPray\"\u003e\u003ccode\u003e@​ShipItAndPray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/471\"\u003epython-poetry/tomlkit#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/469\"\u003epython-poetry/tomlkit#469\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: fix a parser hang by \u003ca href=\"https://github.com/dimbleby\"\u003e\u003ccode\u003e@​dimbleby\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/470\"\u003epython-poetry/tomlkit#470\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/472\"\u003epython-poetry/tomlkit#472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: bump version to 0.15.0 and update changelog for release by \u003ca href=\"https://github.com/frostming\"\u003e\u003ccode\u003e@​frostming\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/473\"\u003epython-poetry/tomlkit#473\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dimbleby\"\u003e\u003ccode\u003e@​dimbleby\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/460\"\u003epython-poetry/tomlkit#460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ShipItAndPray\"\u003e\u003ccode\u003e@​ShipItAndPray\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/471\"\u003epython-poetry/tomlkit#471\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/python-poetry/tomlkit/compare/0.14.0...0.15.0\"\u003ehttps://github.com/python-poetry/tomlkit/compare/0.14.0...0.15.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-poetry/tomlkit/blob/master/CHANGELOG.md\"\u003etomlkit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[0.15.0] - 2026-05-10\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate parser to support TOML spec v1.1.0. (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/pull/456\"\u003e#456\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/8694e4d3323df68eb325bf3d5ab7caa66f8c206a\"\u003e\u003ccode\u003e8694e4d\u003c/code\u003e\u003c/a\u003e chore: bump version to 0.15.0 and update changelog for release (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/473\"\u003e#473\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/e636a5121260e811dba9fd1c33656021f6855490\"\u003e\u003ccode\u003ee636a51\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/472\"\u003e#472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/96a4d22fdd07e25742009a6bcd8a2d23e9b5574a\"\u003e\u003ccode\u003e96a4d22\u003c/code\u003e\u003c/a\u003e fix: fix a parser hang (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/470\"\u003e#470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/843f79992139ec56266f52161b27a3eadd1f6a35\"\u003e\u003ccode\u003e843f799\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/469\"\u003e#469\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/2c87eafe7c852d19c1b91a1c9bed4d47bd03816f\"\u003e\u003ccode\u003e2c87eaf\u003c/code\u003e\u003c/a\u003e Honor sort_keys for parsed TOML documents (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/471\"\u003e#471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/8e32f9cb7fcfbc45e893c34e0e9a590a26675fd6\"\u003e\u003ccode\u003e8e32f9c\u003c/code\u003e\u003c/a\u003e Type annotations (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/460\"\u003e#460\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/df98af48778f865d270d2f53e816d3b0948c8927\"\u003e\u003ccode\u003edf98af4\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/461\"\u003e#461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/4bd97db2c8fda5cbffc01acc586e3328168bac36\"\u003e\u003ccode\u003e4bd97db\u003c/code\u003e\u003c/a\u003e chore(deps): bump requests from 2.32.4 to 2.33.0 in /docs (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/462\"\u003e#462\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/b2d703032bf2e44e680b67f2897c3a7c67be55eb\"\u003e\u003ccode\u003eb2d7030\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump pygments from 2.17.2 to 2.20.0 (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/463\"\u003e#463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-poetry/tomlkit/commit/87d98b1d0100c5bd39736eda4cd9cc3d8e24bf48\"\u003e\u003ccode\u003e87d98b1\u003c/code\u003e\u003c/a\u003e chore(deps): bump pygments from 2.18.0 to 2.20.0 in /docs (\u003ca href=\"https://redirect.github.com/python-poetry/tomlkit/issues/464\"\u003e#464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-poetry/tomlkit/compare/0.14.0...0.15.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `uv` from 0.11.12 to 0.11.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.12...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `virtualenv` from 21.3.1 to 21.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/releases\"\u003evirtualenv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e21.3.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAccept GraalPy implementation name. by \u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/3144\"\u003epypa/virtualenv#3144\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/21.3.2...21.3.3\"\u003ehttps://github.com/pypa/virtualenv/compare/21.3.2...21.3.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e21.3.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eadd 3.16 to embedded wheel versions by \u003ca href=\"https://github.com/asottile\"\u003e\u003ccode\u003e@​asottile\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/3140\"\u003epypa/virtualenv#3140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🐛 fix(upgrade): regen embedded init with correct MAX and 3.16 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/3143\"\u003epypa/virtualenv#3143\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/21.3.1...21.3.2\"\u003ehttps://github.com/pypa/virtualenv/compare/21.3.1...21.3.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst\"\u003evirtualenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eBugfixes - 21.3.3\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003erecognize GraalPy interpreters using the normalized \u003ccode\u003eGraalPy\u003c/code\u003e name - by :user:\u003ccode\u003etimfel\u003c/code\u003e. (:issue:\u003ccode\u003e3144\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003ev21.3.2 (2026-05-12)\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003ev21.3.1 (2026-05-05)\u003c/p\u003e\n\u003chr /\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/e6dba2a503560c1561258770ade4d15529c4db3d\"\u003e\u003ccode\u003ee6dba2a\u003c/code\u003e\u003c/a\u003e release 21.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/e7517c0e56c159946374c2fed8fb874fd3bde94f\"\u003e\u003ccode\u003ee7517c0\u003c/code\u003e\u003c/a\u003e Accept GraalPy implementation name. (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/3144\"\u003e#3144\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/8531d47ff3e78492d0c1eb7d1159750e91176b67\"\u003e\u003ccode\u003e8531d47\u003c/code\u003e\u003c/a\u003e release 21.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/afefada9505d4fe67805244c31c5761e4c6c2622\"\u003e\u003ccode\u003eafefada\u003c/code\u003e\u003c/a\u003e 🐛 fix(upgrade): regen embedded init with correct MAX and 3.16 (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/3143\"\u003e#3143\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/7e270411ebf5739dfc63998a9084dc2bfd2d467b\"\u003e\u003ccode\u003e7e27041\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/3141\"\u003e#3141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/214934c9606ef792e42580109cbdff940a62f034\"\u003e\u003ccode\u003e214934c\u003c/code\u003e\u003c/a\u003e add 3.16 to embedded wheel versions (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/3140\"\u003e#3140\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pypa/virtualenv/compare/21.3.1...21.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/karthicraghupathi/django_rapyd_wiretap/pull/23","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/karthicraghupathi%2Fdjango_rapyd_wiretap/issues/23","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/23/packages"}},{"old_version":"\u003e=0.10.7","new_version":"\u003e=0.11.16","update_type":"minor","path":null,"pr_created_at":"2026-05-23T00:14:04.000Z","version_change":"\u003e=0.10.7 → \u003e=0.11.16","issue":{"uuid":"4506210428","node_id":"PR_kwDOSlXIYc7ehmKs","number":12,"state":"closed","title":"deps(deps-dev): update uv requirement from \u003e=0.10.7 to \u003e=0.11.16","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-24T01:58:50.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T00:14:04.000Z","updated_at":"2026-05-24T01:58:59.000Z","time_to_close":92686,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps-dev): update","packages":[{"name":"uv","old_version":"\u003e=0.10.7","new_version":"\u003e=0.11.16","repository_url":"https://github.com/astral-sh/uv"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.10.7...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/provide-io/provide-uterm/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/provide-io%2Fprovide-uterm/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"}},{"old_version":"\u003c1,\u003e=0.11.15","new_version":"\u003e=0.11.16,\u003c1","update_type":"patch","path":"/python in the dev-dependencies group","pr_created_at":"2026-05-22T15:58:37.000Z","version_change":"\u003c1,\u003e=0.11.15 → \u003e=0.11.16,\u003c1","issue":{"uuid":"4503960018","node_id":"PR_kwDOKKY6o87eaV-E","number":151,"state":"closed","title":"Update uv requirement from \u003c1,\u003e=0.11.15 to \u003e=0.11.16,\u003c1 in /python in the dev-dependencies group","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-23T07:56:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-22T15:58:37.000Z","updated_at":"2026-05-23T07:56:54.000Z","time_to_close":57495,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"uv","old_version":"\u003c1,\u003e=0.11.15","new_version":"\u003e=0.11.16,\u003c1","repository_url":"https://github.com/astral-sh/uv"}],"path":"/python in the dev-dependencies group","ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\nUpdates `uv` to 0.11.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.15...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/KudoAI/ai-personas/pull/151","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/KudoAI%2Fai-personas/issues/151","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/151/packages"}},{"old_version":"\u003c1,\u003e=0.11.15","new_version":"\u003e=0.11.16,\u003c1","update_type":"patch","path":"/translate-messages","pr_created_at":"2026-05-22T13:08:18.000Z","version_change":"\u003c1,\u003e=0.11.15 → \u003e=0.11.16,\u003c1","issue":{"uuid":"4502841079","node_id":"PR_kwDOJnW9387eWsmS","number":133,"state":"closed","title":"Update uv requirement from \u003c1,\u003e=0.11.15 to \u003e=0.11.16,\u003c1 in /translate-messages","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-23T07:57:02.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-22T13:08:18.000Z","updated_at":"2026-05-23T07:57:03.000Z","time_to_close":67724,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"uv","old_version":"\u003c1,\u003e=0.11.15","new_version":"\u003e=0.11.16,\u003c1","repository_url":"https://github.com/astral-sh/uv"}],"path":"/translate-messages","ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.15...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/adamlui/python-utils/pull/133","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/adamlui%2Fpython-utils/issues/133","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/133/packages"}},{"old_version":"\u003c1,\u003e=0.11.15","new_version":"\u003e=0.11.16,\u003c1","update_type":"patch","path":"/sys-lang","pr_created_at":"2026-05-22T13:08:10.000Z","version_change":"\u003c1,\u003e=0.11.15 → \u003e=0.11.16,\u003c1","issue":{"uuid":"4502840299","node_id":"PR_kwDOJnW9387eWsb9","number":132,"state":"closed","title":"Update uv requirement from \u003c1,\u003e=0.11.15 to \u003e=0.11.16,\u003c1 in /sys-lang","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-23T07:57:04.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-22T13:08:10.000Z","updated_at":"2026-05-23T07:57:05.000Z","time_to_close":67734,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"uv","old_version":"\u003c1,\u003e=0.11.15","new_version":"\u003e=0.11.16,\u003c1","repository_url":"https://github.com/astral-sh/uv"}],"path":"/sys-lang","ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/releases\"\u003euv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003ch2\u003eRelease Notes\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstall uv 0.11.16\u003c/h2\u003e\n\u003ch3\u003eInstall prebuilt binaries via shell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003ecurl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eInstall prebuilt binaries via powershell script\u003c/h3\u003e\n\u003cpre lang=\"sh\"\u003e\u003ccode\u003epowershell -ExecutionPolicy Bypass -c \u0026quot;irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex\u0026quot;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eDownload uv 0.11.16\u003c/h2\u003e\n\u003ctable\u003e\n\u003cthead\u003e\n\u003ctr\u003e\n\u003cth\u003eFile\u003c/th\u003e\n\u003cth\u003ePlatform\u003c/th\u003e\n\u003cth\u003eChecksum\u003c/th\u003e\n\u003c/tr\u003e\n\u003c/thead\u003e\n\u003ctbody\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz\"\u003euv-aarch64-apple-darwin.tar.gz\u003c/a\u003e\u003c/td\u003e\n\u003ctd\u003eApple Silicon macOS\u003c/td\u003e\n\u003ctd\u003e\u003ca href=\"https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-aarch64-apple-darwin.tar.gz.sha256\"\u003echecksum\u003c/a\u003e\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/tbody\u003e\n\u003c/table\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/astral-sh/uv/blob/main/CHANGELOG.md\"\u003euv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.11.16\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-21.\u003c/p\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdjust hint rendering (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18090\"\u003e#18090\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow disabling reading the system config with \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19476\"\u003e#19476\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure that incompatible wheel hints do not leak secrets (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19504\"\u003e#19504\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject unsafe entry points in \u003ccode\u003euv-build\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19495\"\u003e#19495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestrict delimiters in entry point parsing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19471\"\u003e#19471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003euv-netrc: fix multi-word no-space comment lines causing parse errors (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19494\"\u003e#19494\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocument and test relative exclude-newer support for uv pip (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19475\"\u003e#19475\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.11.15\u003c/h2\u003e\n\u003cp\u003eReleased on 2026-05-18.\u003c/p\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix a TAR parser differential, see \u003ca href=\"https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-3cv2-h65g-fgmm\"\u003eGHSA-3cv2-h65g-fgmm\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19463\"\u003e#19463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce that entry points cannot escape in the scripts directory, see \u003ca href=\"https://github.com/astral-sh/uv/security/advisories/GHSA-4gg8-gxpx-9rph\"\u003eGHSA-4gg8-gxpx-9rph\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19464\"\u003e#19464\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd TOML v1.1 -\u0026gt; v1.0 backwards compatibility for source distributions (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/18741\"\u003e#18741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Azure request signing (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19421\"\u003e#19421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eApply stricter validation to all wheel filename segments (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19364\"\u003e#19364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReject empty strings as an invalid package name (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19435\"\u003e#19435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse structured errors for signing authentication failures (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19422\"\u003e#19422\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003euv audit: Add JSON output (\u003ca href=\"https://redirect.github.com/astral-sh/uv/pull/19305\"\u003e#19305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/135a3636789bb6886e0a7876f58cb4dbb270ba6d\"\u003e\u003ccode\u003e135a363\u003c/code\u003e\u003c/a\u003e Bump version to 0.11.16 (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19522\"\u003e#19522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/3b5f99412c7050f1050c09d2b7a48f82c333adfa\"\u003e\u003ccode\u003e3b5f994\u003c/code\u003e\u003c/a\u003e Add a \u003ccode\u003euv lock\u003c/code\u003e check to CI (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19524\"\u003e#19524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4ffb506acf2b3d4dfd9a343a3cee53abe63a4de7\"\u003e\u003ccode\u003e4ffb506\u003c/code\u003e\u003c/a\u003e Improve crates.io new crate error message (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19523\"\u003e#19523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/51ba989e678ba1558ed48e1ea3e66d01a6dc30b3\"\u003e\u003ccode\u003e51ba989\u003c/code\u003e\u003c/a\u003e Add support for direct archive dependencies in Git (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/10072\"\u003e#10072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c07a6efb380b2ecd39161194aa7f3bb5d3f967ca\"\u003e\u003ccode\u003ec07a6ef\u003c/code\u003e\u003c/a\u003e Reject locked malware installations (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/18936\"\u003e#18936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/58a6734719d19da5335a5985843435745ff93320\"\u003e\u003ccode\u003e58a6734\u003c/code\u003e\u003c/a\u003e Allow environment variables that take a list to be empty (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19503\"\u003e#19503\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/c1477e2b0f9e0ef510554ebfdf76aa68d477dfe6\"\u003e\u003ccode\u003ec1477e2\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eUV_NO_SYSTEM_CONFIG\u003c/code\u003e in tests to avoid reading machine-global config (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/4648a0b9e67c2abfd5aa1404d2daeac800b987f5\"\u003e\u003ccode\u003e4648a0b\u003c/code\u003e\u003c/a\u003e uv audit: specialize malformed OSV error (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19515\"\u003e#19515\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/e2375abfe10d0e2326bf29c5f425b38f71ebf7db\"\u003e\u003ccode\u003ee2375ab\u003c/code\u003e\u003c/a\u003e Test \u003ccode\u003ecreate_junction\u003c/code\u003e changes from \u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19402\"\u003e#19402\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19487\"\u003e#19487\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/astral-sh/uv/commit/547bf2f9e7f4ff8b3e8a974e0cad3159ac04bb8c\"\u003e\u003ccode\u003e547bf2f\u003c/code\u003e\u003c/a\u003e Avoid unwrapping from \u003ccode\u003eOnceMap\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/astral-sh/uv/issues/19510\"\u003e#19510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/astral-sh/uv/compare/0.11.15...0.11.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/adamlui/python-utils/pull/132","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/adamlui%2Fpython-utils/issues/132","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/132/packages"}}]}