search

mozmeao / basket

Mozilla's email newsletter subscription management API service
https://basket.mozilla.org
Mozilla Public License 2.0
16 stars 17 forks source link

Bump uv from 0.2.23 to 0.2.27 #1456

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps uv from 0.2.23 to 0.2.27.

Release notes

Sourced from uv's releases.

0.2.27

Release Notes

Enhancements

  • Add GraalPy support (#5141)
  • Add a --verify-hashes hash-checking mode (#4007)
  • Discover all python3.x executables in the PATH (#5148)
  • Support --link-mode=symlink (#5208)
  • Warn about unconstrained direct deps in lowest resolution (#5142)
  • Log origin of version selection (#5186)
  • Key hash policy on version, rather than package (#5169)

CLI

  • Make missing project table a tracing warning (#5194)
  • Remove trailing period from user-facing messages (#5218)

Bug fixes

  • Make entrypoint writes atomic to avoid overwriting symlinks (#5165)
  • Use which-retrieved path directly when spawning pager (#5198)
  • Don't apply irrelevant constraints when validating site-packages (#5321)
  • Respect local versions for all user requirements (#5232)

Install uv 0.2.27

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.2.27/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -c "irm https://github.com/astral-sh/uv/releases/download/0.2.27/uv-installer.ps1 | iex"

Download uv 0.2.27

File Platform Checksum
uv-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
uv-x86_64-apple-darwin.tar.gz Intel macOS checksum
uv-i686-pc-windows-msvc.zip x86 Windows checksum
uv-x86_64-pc-windows-msvc.zip x64 Windows checksum
uv-aarch64-unknown-linux-gnu.tar.gz ARM64 Linux checksum
uv-i686-unknown-linux-gnu.tar.gz x86 Linux checksum
uv-powerpc64-unknown-linux-gnu.tar.gz PPC64 Linux checksum

... (truncated)

Changelog

Sourced from uv's changelog.

0.2.27

Enhancements

  • Add GraalPy support (#5141)
  • Add a --verify-hashes hash-checking mode (#4007)
  • Discover all python3.x executables in the PATH (#5148)
  • Support --link-mode=symlink (#5208)
  • Warn about unconstrained direct deps in lowest resolution (#5142)
  • Log origin of version selection (#5186)
  • Key hash policy on version, rather than package (#5169)

CLI

  • Make missing project table a tracing warning (#5194)
  • Remove trailing period from user-facing messages (#5218)

Bug fixes

  • Make entrypoint writes atomic to avoid overwriting symlinks (#5165)
  • Use which-retrieved path directly when spawning pager (#5198)
  • Don't apply irrelevant constraints when validating site-packages (#5231)
  • Respect local versions for all user requirements (#5232)

0.2.26

CLI

  • Add --no-progress global option to hide all progress animations (#5098)

Performance

  • Cache downloaded wheel when range requests aren't supported (#5089)

Bug fixes

  • Download wheel to disk when streaming unzip failed with HTTP streaming error (#5094)
  • Filter out invalid wheels based on requires-python (#5084)
  • Filter out none ABI wheels with mismatched Python versions (#5087)
  • Lock Git cache on resolve (#5051)
  • Change order of pip compile command checks to handle exact argument first (#5111)

Documentation

  • Document that --universal implies --no-strip-markers (#5121)

0.2.25

Enhancements

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 month ago

Superseded by #1461.