search

pyca / cryptography

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers.
https://cryptography.io
Other
6.59k stars 1.51k forks source link

Bump uv from 0.4.7 to 0.4.8 in /.github/requirements #11578

Closed dependabot[bot] closed 3 weeks ago

dependabot[bot] commented 3 weeks ago

Bumps uv from 0.4.7 to 0.4.8.

Release notes

Sourced from uv's releases.

0.4.8

Release Notes

Enhancements

  • Add support for dynamic cache keys (#7136)
  • Allow .dist-info names with dashes for post releases (#7208)
  • Use type hints in code from uv init (#7225)
  • Treat .tgz the same as .tar.gz (#7201)
  • Direct users towards uv venv to create a virtual environment (#7188)
  • Improve error message for uv init already init-ed (#7198)

Performance

  • Avoid batch prefetching for un-optimized registries (#7226)
  • Avoid iteration for singleton selections (#7195)

Bug fixes

  • Avoid extra newlines in debug logging for source builds (#7174)
  • Prune unreachable packages from --universal output (#7209)
  • Respect exclusion when collecting workspace members (#7175)
  • Use path file instead of sitecustomize.py (#7161)
  • Replace incorrect --source and --binary flags with correct --sdist and --wheel flags in uv build (#7156)

Documentation

  • Document support for UV_INSTALL_DIR (#7107)
  • List all supported sdist formats (#7168)

Install uv 0.4.8

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.4.8/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy ByPass -c "irm https://github.com/astral-sh/uv/releases/download/0.4.8/uv-installer.ps1 | iex"

Download uv 0.4.8

File Platform Checksum
uv-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
uv-x86_64-apple-darwin.tar.gz Intel macOS checksum

... (truncated)

Changelog

Sourced from uv's changelog.

0.4.8

Enhancements

  • Add support for dynamic cache keys (#7136)
  • Allow .dist-info names with dashes for post releases (#7208)
  • Use type hints in code from uv init (#7225)
  • Treat .tgz the same as .tar.gz (#7201)
  • Direct users towards uv venv to create a virtual environment (#7188)
  • Improve error message for uv init already init-ed (#7198)

Performance

  • Avoid batch prefetching for un-optimized registries (#7226)
  • Avoid iteration for singleton selections (#7195)

Bug fixes

  • Avoid extra newlines in debug logging for source builds (#7174)
  • Prune unreachable packages from --universal output (#7209)
  • Respect exclusion when collecting workspace members (#7175)
  • Use path file instead of sitecustomize.py (#7161)
  • Replace incorrect --source and --binary flags with correct --sdist and --wheel flags in uv build (#7156)

Documentation

  • Document support for UV_INSTALL_DIR (#7107)
  • List all supported sdist formats (#7168)
Commits
  • 956cadd Bump version to v0.4.8 (#7233)
  • fe8880b Surface dedicated errors for .python-version conflict with `requires-python...
  • 5905f40 Use type hints in code from uv init (#7225)
  • 74c6e53 pep508: small fixes for debug marker graph output
  • 4f23491 Add support for dynamic cache keys (#7136)
  • 9a7262c Avoid batch prefetching for un-optimized registries (#7226)
  • 970bd1a Respect exclusion when collecting workspace members (#7175)
  • d9cd282 Fix typo in name normalization (#7217)
  • dcbaa1f Avoid iteration for singleton selections (#7195)
  • dafa359 Avoid distribution clones in requirements.txt graph (#7210)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)