Skip to content

Update uv requirement from <1,>=0.11.28 to >=0.11.29,<1 in /translate-messages#396

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/translate-messages/uv-gte-0.11.29-and-lt-1
Open

Update uv requirement from <1,>=0.11.28 to >=0.11.29,<1 in /translate-messages#396
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/translate-messages/uv-gte-0.11.29-and-lt-1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 16, 2026

Copy link
Copy Markdown
Contributor

Updates the requirements on uv to permit the latest version.

Release notes

Sourced from uv's releases.

0.11.29

Release Notes

Released on 2026-07-15.

Python

  • Use gzip-compressed artifacts for PyPy downloads (#20265)

Enhancements

  • Add JSON output to uv tree (#19978)
  • Add CUDA 13.2 as a supported PyTorch backend (#20267)
  • Prefer local artifacts over URLs when installing from pylock.toml (#20393)
  • Clarify diagnostics for unsatisfiable direct requirement ranges (#20227)
  • Include the selected project name in missing-extra errors (#20358)

Preview features

  • Preserve extras and dependency-group conflict context when selecting locked project tools (#20078)
  • Split OSV audit queries that exceed the service's 1,000-package limit (#20398)
  • Apply OSV fixed-version information only to the matching package and ecosystem (#20399)
  • Skip the virtualenv distutils monkeypatch on Python 3.10 and later (#20222)
  • Report invalid uv audit --service-url values instead of panicking (#20374)
  • Include preview settings in the published SchemaStore schema (#20304)

Performance

  • Reduce resolver work by widening selected versions across ranges without other known candidates (#20115)
  • Defer client and build setup for no-op uv sync operations (#20364)
  • Reuse workspace discovery during frozen syncs (#20363)
  • Reuse workspace discovery after resolving settings (#20356)
  • Reuse workspace discovery in uv tree, uv export, uv format, and uv audit (#20359)
  • Avoid cache and interpreter setup when reading a project version (#20360)

Bug fixes

  • Reject duplicate active package entries in pylock.toml (#20391)
  • Preserve direct-archive hashes in uv pip freeze output (#20395)
  • Explain conflicting root requirements instead of displaying an empty version range (#20228)
  • Prevent build-backend data paths from escaping the project or bypassing wheel exclusions (#20397)
  • Reject PEP 517 backend paths outside the source tree, including paths that escape through symlinks (#20387)
  • Redact credentials from failed Git fetch commands (#20401)
  • Fix exclusive post-release range ordering to match PEP 440 (#20268)
  • Canonicalize equivalent PEP 440 ranges during dependency resolution (#20182)
  • Honor Python version pins when initializing scripts (#20404)
  • Respect package-scoped source filtering for scripts (#20389)
  • Report existing environment incompatibilities when uv pip install --strict has nothing to install (#20388)
  • Continue scanning platlib when purelib is missing (#20405)
  • Handle versionless .egg-info files as legacy package metadata (#20403)

... (truncated)

Changelog

Sourced from uv's changelog.

0.11.29

Released on 2026-07-15.

Python

  • Use gzip-compressed artifacts for PyPy downloads (#20265)

Enhancements

  • Add JSON output to uv tree (#19978)
  • Add CUDA 13.2 as a supported PyTorch backend (#20267)
  • Prefer local artifacts over URLs when installing from pylock.toml (#20393)
  • Clarify diagnostics for unsatisfiable direct requirement ranges (#20227)
  • Include the selected project name in missing-extra errors (#20358)

Preview features

  • Preserve extras and dependency-group conflict context when selecting locked project tools (#20078)
  • Split OSV audit queries that exceed the service's 1,000-package limit (#20398)
  • Apply OSV fixed-version information only to the matching package and ecosystem (#20399)
  • Skip the virtualenv distutils monkeypatch on Python 3.10 and later (#20222)
  • Report invalid uv audit --service-url values instead of panicking (#20374)
  • Include preview settings in the published SchemaStore schema (#20304)

Performance

  • Reduce resolver work by widening selected versions across ranges without other known candidates (#20115)
  • Defer client and build setup for no-op uv sync operations (#20364)
  • Reuse workspace discovery during frozen syncs (#20363)
  • Reuse workspace discovery after resolving settings (#20356)
  • Reuse workspace discovery in uv tree, uv export, uv format, and uv audit (#20359)
  • Avoid cache and interpreter setup when reading a project version (#20360)

Bug fixes

  • Reject duplicate active package entries in pylock.toml (#20391)
  • Preserve direct-archive hashes in uv pip freeze output (#20395)
  • Explain conflicting root requirements instead of displaying an empty version range (#20228)
  • Prevent build-backend data paths from escaping the project or bypassing wheel exclusions (#20397)
  • Reject PEP 517 backend paths outside the source tree, including paths that escape through symlinks (#20387)
  • Redact credentials from failed Git fetch commands (#20401)
  • Fix exclusive post-release range ordering to match PEP 440 (#20268)
  • Canonicalize equivalent PEP 440 ranges during dependency resolution (#20182)
  • Honor Python version pins when initializing scripts (#20404)
  • Respect package-scoped source filtering for scripts (#20389)
  • Report existing environment incompatibilities when uv pip install --strict has nothing to install (#20388)
  • Continue scanning platlib when purelib is missing (#20405)
  • Handle versionless .egg-info files as legacy package metadata (#20403)
  • Make repeated locking idempotent for impossible cross-variable platform markers (#20369)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Updates the requirements on [uv](https://github.com/astral-sh/uv) to permit the latest version.
- [Release notes](https://github.com/astral-sh/uv/releases)
- [Changelog](https://github.com/astral-sh/uv/blob/main/CHANGELOG.md)
- [Commits](astral-sh/uv@0.11.28...0.11.29)

---
updated-dependencies:
- dependency-name: uv
  dependency-version: 0.11.29
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jul 16, 2026
@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants