search

kdeldycke / workflows

⚙️ CLI helpers for GitHub Action + reuseable workflows
GNU General Public License v2.0
22 stars 5 forks source link

Bump uv from 0.4.26 to 0.4.27 #1394

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps uv from 0.4.26 to 0.4.27.

Release notes

Sourced from uv's releases.

0.4.27

Release Notes

This release includes support for the [dependency-groups] table as recently standardized in PEP 735. The table allows for declaration of optional dependency groups that are not published as part of the package metadata, unlike [project.optional-dependencies]. There are new --group, --only-group, and --no-group options throughout the uv interface.

Previously, uv used a single tool.uv.dev-dependencies list for declaration of development dependencies. Now, uv supports declaring development dependencies in a standardized format and allows splitting development dependencies into multiple groups.

For compatibility, and to simplify usage for people that do not need multiple groups, uv special-cases the group named dev. The dev group is equivalent to tool.uv.dev-dependencies. The contents of tool.uv.dev-dependencies will merged into the dev group in uv's resolver. The --dev, --only-dev, and --no-dev flags remain as aliases for the corresponding --group options. Support for tool.uv.dev-dependencies remains in this release, but will display warnings in a future release.

uv syncs the dev group by default — this matches the exististing behavior for tool.uv.dev-dependencies. The default groups can be changed with the tool.uv.default-groups setting.

Thank you to Stephen Rosen who authored PEP 735.

Enhancements

  • Support for PEP 735 (#8272)
  • Add support for --dry-run mode in uv lock (#7783)
  • Don't allow non-string email in authors (#8520)
  • Enforce lockfile schema versions (#8509)

Bug fixes

  • Always attach URL to network errors (#8444)
  • Fix dangling non-platform dependencies in uv tree (#8532)
  • Prefer lto over debug free-threaded managed Python builds (#8515)

Documentation

  • Add tool.uv.sources to the "Settings" reference (#8543)
  • Add reference to uv build and uv publish in the landing pages (#8542)
  • Avoid duplicate [tool.uv] header in TOML examples (#8545)
  • Document .netrc environment variable and path (#8511)
  • Fix .netrc typo in authentication docs (#8521)
  • Fix heading level of "Script support" on docs landing page (#8544)
  • Move the installation configuration docs to a separate page (#8546)
  • Update docs for --publish-url to avoid duplication. (#8561)
  • Fix typo (#8554)
  • Fix typo in description of --strict flag (#8513)

Install uv 0.4.27

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.4.27/uv-installer.sh | sh

Install prebuilt binaries via powershell script

</tr></table>

... (truncated)

Changelog

Sourced from uv's changelog.

0.4.27

This release includes support for the [dependency-groups] table as recently standardized in PEP 735. The table allows for declaration of optional dependency groups that are not published as part of the package metadata, unlike [project.optional-dependencies]. There are new --group, --only-group, and --no-group options throughout the uv interface.

Previously, uv used a single tool.uv.dev-dependencies list for declaration of development dependencies. Now, uv supports declaring development dependencies in a standardized format and allows splitting development dependencies into multiple groups.

For compatibility, and to simplify usage for people that do not need multiple groups, uv special-cases the group named dev. The dev group is equivalent to tool.uv.dev-dependencies. The contents of tool.uv.dev-dependencies will merged into the dev group in uv's resolver. The --dev, --only-dev, and --no-dev flags remain as aliases for the corresponding --group options. Support for tool.uv.dev-dependencies remains in this release, but will display warnings in a future release.

uv syncs the dev group by default — this matches the exististing behavior for tool.uv.dev-dependencies. The default groups can be changed with the tool.uv.default-groups setting.

Thank you to Stephen Rosen who authored PEP 735.

Enhancements

  • Support for PEP 735 (#8272)
  • Add support for --dry-run mode in uv lock (#7783)
  • Don't allow non-string email in authors (#8520)
  • Enforce lockfile schema versions (#8509)

Bug fixes

  • Always attach URL to network errors (#8444)
  • Fix dangling non-platform dependencies in uv tree (#8532)
  • Prefer lto over debug free-threaded managed Python builds (#8515)

Documentation

  • Add tool.uv.sources to the "Settings" reference (#8543)
  • Add reference to uv build and uv publish in the landing pages (#8542)
  • Avoid duplicate [tool.uv] header in TOML examples (#8545)
  • Document .netrc environment variable and path (#8511)
  • Fix .netrc typo in authentication docs (#8521)
  • Fix heading level of "Script support" on docs landing page (#8544)
  • Move the installation configuration docs to a separate page (#8546)
  • Update docs for --publish-url to avoid duplication. (#8561)
  • Fix typo (#8554)
  • Fix typo in description of --strict flag (#8513)
Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)