github-actions[bot]
commented
1 month ago π¦ MegaLinter status: β οΈ WARNING
| Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
|---|---|---|---|---|---|
| β API | spectral | 1 | 0 | 1.47s | |
| β οΈ BASH | bash-exec | 6 | 1 | 0.02s | |
| β BASH | shellcheck | 6 | 0 | 0.16s | |
| β BASH | shfmt | 6 | 0 | 0 | 0.86s |
| β COPYPASTE | jscpd | yes | no | 4.5s | |
| β DOCKERFILE | hadolint | 128 | 0 | 20.93s | |
| β JSON | jsonlint | 20 | 0 | 0.2s | |
| β JSON | v8r | 22 | 0 | 30.9s | |
| β οΈ MARKDOWN | markdownlint | 266 | 0 | 297 | 32.36s |
| β MARKDOWN | markdown-table-formatter | 266 | 0 | 0 | 158.86s |
| β οΈ PYTHON | bandit | 212 | 66 | 4.0s | |
| β PYTHON | black | 212 | 0 | 0 | 6.18s |
| β PYTHON | flake8 | 212 | 0 | 3.16s | |
| β PYTHON | isort | 212 | 0 | 0 | 1.53s |
| β PYTHON | mypy | 212 | 0 | 21.76s | |
| β PYTHON | pylint | 212 | 0 | 33.88s | |
| β PYTHON | ruff | 212 | 0 | 0 | 0.93s |
| β REPOSITORY | checkov | yes | no | 48.78s | |
| β REPOSITORY | git_diff | yes | no | 0.75s | |
| β οΈ REPOSITORY | grype | yes | 24 | 14.4s | |
| β REPOSITORY | secretlint | yes | no | 16.01s | |
| β REPOSITORY | trivy | yes | no | 58.43s | |
| β REPOSITORY | trivy-sbom | yes | no | 0.39s | |
| β οΈ REPOSITORY | trufflehog | yes | 1 | 10.93s | |
| β SPELL | cspell | 713 | 0 | 12.13s | |
| β οΈ SPELL | lychee | 348 | 9 | 5.56s | |
| β XML | xmllint | 3 | 0 | 0 | 0.84s |
| β YAML | prettier | 160 | 0 | 0 | 5.57s |
| β YAML | v8r | 102 | 0 | 200.55s | |
| β YAML | yamllint | 161 | 0 | 2.12s |
See detailed report in MegaLinter reports
_MegaLinter is graciously provided by 
_
This PR contains the following updates:
0.4.23->0.4.27Release Notes
astral-sh/uv (ghcr.io/astral-sh/uv)
### [`v0.4.27`](https://redirect.github.com/astral-sh/uv/blob/HEAD/CHANGELOG.md#0427) [Compare Source](https://redirect.github.com/astral-sh/uv/compare/0.4.26...0.4.27) This release includes support for the `[dependency-groups]` table as recently standardized in [PEP 735](https://peps.python.org/pep-0735/). The table allows for declaration of optional dependency groups that are not published as part of the package metadata, unlike `[project.optional-dependencies]`. There are new `--group`, `--only-group`, and `--no-group` options throughout the uv interface. Previously, uv used a single `tool.uv.dev-dependencies` list for declaration of development dependencies. Now, uv supports declaring development dependencies in a standardized format and allows splitting development dependencies into multiple groups. For compatibility, and to simplify usage for people that do not need multiple groups, uv special-cases the group named `dev`. The `dev` group is equivalent to `tool.uv.dev-dependencies`. The contents of `tool.uv.dev-dependencies` will merged into the `dev` group in uv's resolver. The `--dev`, `--only-dev`, and `--no-dev` flags remain as aliases for the corresponding `--group` options. Support for `tool.uv.dev-dependencies` remains in this release, but will display warnings in a future release. uv syncs the `dev` group by default β this matches the exististing behavior for `tool.uv.dev-dependencies`. The default groups can be changed with the `tool.uv.default-groups` setting. Thank you to Stephen Rosen who authored PEP 735. ##### Enhancements - Support for PEP 735 ([#8272](https://redirect.github.com/astral-sh/uv/pull/8272)) - Add support for `--dry-run` mode in `uv lock` ([#7783](https://redirect.github.com/astral-sh/uv/pull/7783)) - Don't allow non-string email in authors ([#8520](https://redirect.github.com/astral-sh/uv/pull/8520)) - Enforce lockfile schema versions ([#8509](https://redirect.github.com/astral-sh/uv/pull/8509)) ##### Bug fixes - Always attach URL to network errors ([#8444](https://redirect.github.com/astral-sh/uv/pull/8444)) - Fix dangling non-platform dependencies in `uv tree` ([#8532](https://redirect.github.com/astral-sh/uv/pull/8532)) - Prefer `lto` over `debug` free-threaded managed Python builds ([#8515](https://redirect.github.com/astral-sh/uv/pull/8515)) ##### Documentation - Add `tool.uv.sources` to the "Settings" reference ([#8543](https://redirect.github.com/astral-sh/uv/pull/8543)) - Add reference to `uv build` and `uv publish` in the landing pages ([#8542](https://redirect.github.com/astral-sh/uv/pull/8542)) - Avoid duplicate `[tool.uv]` header in TOML examples ([#8545](https://redirect.github.com/astral-sh/uv/pull/8545)) - Document `.netrc` environment variable and path ([#8511](https://redirect.github.com/astral-sh/uv/pull/8511)) - Fix `.netrc` typo in authentication docs ([#8521](https://redirect.github.com/astral-sh/uv/pull/8521)) - Fix heading level of "Script support" on docs landing page ([#8544](https://redirect.github.com/astral-sh/uv/pull/8544)) - Move the installation configuration docs to a separate page ([#8546](https://redirect.github.com/astral-sh/uv/pull/8546)) - Update docs for `--publish-url` to avoid duplication. ([#8561](https://redirect.github.com/astral-sh/uv/pull/8561)) - Fix typo ([#8554](https://redirect.github.com/astral-sh/uv/pull/8554)) - Fix typo in description of `--strict` flag ([#8513](https://redirect.github.com/astral-sh/uv/pull/8513)) ### [`v0.4.26`](https://redirect.github.com/astral-sh/uv/blob/HEAD/CHANGELOG.md#0426) [Compare Source](https://redirect.github.com/astral-sh/uv/compare/0.4.25...0.4.26) ##### Enhancements - Allow static dependency metadata entries for direct URL requirements ([#7846](https://redirect.github.com/astral-sh/uv/pull/7846)) - Use reinstall report formatting for `uv python install --reinstall` ([#8487](https://redirect.github.com/astral-sh/uv/pull/8487)) - Add support for system-level `uv.toml` configuration ([#7851](https://redirect.github.com/astral-sh/uv/pull/7851)) ##### Bug fixes - Apply `requires-python` narrowing with upper bounds ([#8403](https://redirect.github.com/astral-sh/uv/pull/8403)) - Avoid rewriting `[[tool.uv.index]]` entries when credentials are provided ([#8502](https://redirect.github.com/astral-sh/uv/pull/8502)) - Fix `uv add` comment handling for empty arrays ([#8504](https://redirect.github.com/astral-sh/uv/pull/8504)) - Replace dashes with underscores in index credential variables ([#8452](https://redirect.github.com/astral-sh/uv/pull/8452)) - Respect `--allow-insecure-host` in `uv publish` ([#8440](https://redirect.github.com/astral-sh/uv/pull/8440)) - Allow arbitrary `--package` includes in `uv tree` ([#8507](https://redirect.github.com/astral-sh/uv/pull/8507)) - Remove existing Python install after successful download in `uv python install` ([#8485](https://redirect.github.com/astral-sh/uv/pull/8485)) ##### Documentation - Add docs example for URLs with `[tool.uv.dependency-metadata]` ([#8484](https://redirect.github.com/astral-sh/uv/pull/8484)) - Add help page for build failures ([#8286](https://redirect.github.com/astral-sh/uv/pull/8286)) - Fix `cache-keys` typo in `tags = true` ([#8422](https://redirect.github.com/astral-sh/uv/pull/8422)) - Add documentation examples for manual branch, rev, and tag Git dependencies ([#8497](https://redirect.github.com/astral-sh/uv/pull/8497)) ##### Error messages - Improve error message for cache info serialization ([#8500](https://redirect.github.com/astral-sh/uv/pull/8500)) - Suggest `--from` command when executable is available for `uvx` ([#8473](https://redirect.github.com/astral-sh/uv/pull/8473)) - Support `--with-editable` in `uv tool install` ([#8472](https://redirect.github.com/astral-sh/uv/pull/8472)) ### [`v0.4.25`](https://redirect.github.com/astral-sh/uv/blob/HEAD/CHANGELOG.md#0425) [Compare Source](https://redirect.github.com/astral-sh/uv/compare/0.4.24...0.4.25) ##### Enhancements - Add support for `uv pip show --files` ([#8369](https://redirect.github.com/astral-sh/uv/pull/8369)) - Don't prefetch unreachable packages ([#8246](https://redirect.github.com/astral-sh/uv/pull/8246)) - Remove `tool.uv.sources` table if it is empty ([#8365](https://redirect.github.com/astral-sh/uv/pull/8365)) - Modify cache versioning to support backwards compatibility ([#8386](https://redirect.github.com/astral-sh/uv/pull/8386)) ##### Configuration - Add support for `UV_FROZEN` and `UV_LOCKED` ([#8340](https://redirect.github.com/astral-sh/uv/pull/8340)) ##### Bug fixes - Allow dashes and underscores in custom index names ([#8339](https://redirect.github.com/astral-sh/uv/pull/8339)) - Avoid panic when Git dependencies are included in fork markers ([#8388](https://redirect.github.com/astral-sh/uv/pull/8388)) - Check existing source by normalized name before `uv add` and `uv remove` ([#8359](https://redirect.github.com/astral-sh/uv/pull/8359)) - Fix bug where username from authentication cache could be ignored ([#8345](https://redirect.github.com/astral-sh/uv/pull/8345)) - Fix to respect comments positioning in pyproject.toml on change ([#8384](https://redirect.github.com/astral-sh/uv/pull/8384)) - Redact index sources in `uv.lock` ([#8333](https://redirect.github.com/astral-sh/uv/pull/8333)) - Use correct indentation when project table contains open bracket comment ([#8387](https://redirect.github.com/astral-sh/uv/pull/8387)) - Only remove a source from `[tool.uv.sources]` if it is no long being referenced ([#8366](https://redirect.github.com/astral-sh/uv/pull/8366)) - Modify `uv pip list` and `uv tree` to print to stdout regardless of `--quiet` flag ([#8392](https://redirect.github.com/astral-sh/uv/pull/8392)) ##### Error messages - Improve help message for missing `self update` invocations ([#8337](https://redirect.github.com/astral-sh/uv/pull/8337)) - Log `.netrc` parsing errors ([#8364](https://redirect.github.com/astral-sh/uv/pull/8364)) - Remove trailing newlines in error messages ([#8322](https://redirect.github.com/astral-sh/uv/pull/8322)) - Use a dedicated message for incompatible Python versions in wheel ABI tags ([#8363](https://redirect.github.com/astral-sh/uv/pull/8363)) - Remove commands available in the top-level from the suggested subcommand error ([#8316](https://redirect.github.com/astral-sh/uv/pull/8316)) ##### Release - Run release builds for `macos-x86_64` on `macos-14` runners ([#8327](https://redirect.github.com/astral-sh/uv/pull/8327)) ### [`v0.4.24`](https://redirect.github.com/astral-sh/uv/blob/HEAD/CHANGELOG.md#0424) [Compare Source](https://redirect.github.com/astral-sh/uv/compare/0.4.23...0.4.24) ##### Bug fixes - Fix Python executable name in Windows free-threaded Python distributions ([#8310](https://redirect.github.com/astral-sh/uv/pull/8310)) - Redact index credentials from lockfile sources ([#8307](https://redirect.github.com/astral-sh/uv/pull/8307)) - Respect `UV_INDEX_` rather than `UV_HTTP_BASIC_` as documented ([#8306](https://redirect.github.com/astral-sh/uv/pull/8306)) - Improve sources deserialization errors ([#8308](https://redirect.github.com/astral-sh/uv/pull/8308)) ##### Documentation - Correct pytorch-to-torch reference in docs ([#8291](https://redirect.github.com/astral-sh/uv/pull/8291))Configuration
π Schedule: Branch creation - "before 4am on Wednesday" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.