Skip to content

Build(deps-dev): Bump uv from 0.11.15 to 0.11.17 in the patch group#273

Merged
frequenz-auto-dependabot[bot] merged 1 commit into
v1.x.xfrom
dependabot/pip/patch-1a97e91807
Jun 1, 2026
Merged

Build(deps-dev): Bump uv from 0.11.15 to 0.11.17 in the patch group#273
frequenz-auto-dependabot[bot] merged 1 commit into
v1.x.xfrom
dependabot/pip/patch-1a97e91807

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 1, 2026

Bumps the patch group with 1 update: uv.

Updates uv from 0.11.15 to 0.11.17

Release notes

Sourced from uv's releases.

0.11.17

Release Notes

Released on 2026-05-28.

Enhancements

  • Add a diagnostic for uv add with standard library modules (#19572)
  • Expose uv workspace and its list subcommand in help output (#19533)
  • Improve the "403 forbidden" hint to suggest ignore-error-codes when applicable (#19521)
  • Skip direct URL lock freshness checks while offline (#19596)
  • Add import-names and import-namespaces support to uv-build (PEP 794) (#19380)
  • Add a --no-editable-package flag to various commands (#19584)
  • Infer Python version requests from source trees in uv tool invocations (#19577)

Preview features

  • Add module owners to uv workspace metadata (#19122)
  • Do not allow uv venv --clear to remove non-virtual environments (#19595)

Bug fixes

  • Improve the performance of large entries in tool.uv.conflicts (#19538)
  • Avoid modifying the parent process' env with --env-file in uv run (#19567)
  • Fix script environment creation for scripts with long filenames (#19539)
  • Fix transitive Git archive dependencies in lockfiles (#19589)
  • Preserve Git repository URLs in direct URL metadata (#19590)
  • Support redirects in --check-url (#19594)
  • Accept case-insensitive HTML tags in --find-links parsing (#19537)
  • Reject duplicate script metadata blocks (#19544)
  • Ban names like "python3" as script entry points (#19535, #19536)
  • Validate Git LFS artifacts for Git archives (#19592)
  • Use a relative path when creating symlinks in cache to improve relocatability (#19033)

Documentation

  • Fix malformed positional anchors in the CLI reference (#19575)

Install uv 0.11.17

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.17/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.17/uv-installer.ps1 | iex"
</tr></table>

... (truncated)

Changelog

Sourced from uv's changelog.

0.11.17

Released on 2026-05-28.

Enhancements

  • Add a diagnostic for uv add with standard library modules (#19572)
  • Expose uv workspace and its list subcommand in help output (#19533)
  • Improve the "403 forbidden" hint to suggest ignore-error-codes when applicable (#19521)
  • Skip direct URL lock freshness checks while offline (#19596)
  • Add import-names and import-namespaces support to uv-build (PEP 794) (#19380)
  • Add a --no-editable-package flag to various commands (#19584)
  • Infer Python version requests from source trees in uv tool invocations (#19577)

Preview features

  • Add module owners to uv workspace metadata (#19122)
  • Do not allow uv venv --clear to remove non-virtual environments (#19595)

Bug fixes

  • Improve the performance of large entries in tool.uv.conflicts (#19538)
  • Avoid modifying the parent process' env with --env-file in uv run (#19567)
  • Fix script environment creation for scripts with long filenames (#19539)
  • Fix transitive Git archive dependencies in lockfiles (#19589)
  • Preserve Git repository URLs in direct URL metadata (#19590)
  • Support redirects in --check-url (#19594)
  • Accept case-insensitive HTML tags in --find-links parsing (#19537)
  • Reject duplicate script metadata blocks (#19544)
  • Ban names like "python3" as script entry points (#19535, #19536)
  • Validate Git LFS artifacts for Git archives (#19592)
  • Use a relative path when creating symlinks in cache to improve relocatability (#19033)

Documentation

  • Fix malformed positional anchors in the CLI reference (#19575)

0.11.16

Released on 2026-05-21.

Enhancements

  • Add support for direct archive dependencies in Git (#10072)
  • Adjust hint rendering (#18090)

Preview features

  • uv audit: specialize malformed OSV error (#19515)
  • Reject locked malware installations (#18936)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Build(deps-dev): Bump uv from 0.11.15 to 0.11.17 in the patch group
cf1cc83 
Bumps the patch group with 1 update: [uv](https://github.com/astral-sh/uv).


Updates `uv` from 0.11.15 to 0.11.17
- [Release notes](https://github.com/astral-sh/uv/releases)
- [Changelog](https://github.com/astral-sh/uv/blob/main/CHANGELOG.md)
- [Commits](astral-sh/uv@0.11.15...0.11.17)

---
updated-dependencies:
- dependency-name: uv
  dependency-version: 0.11.17
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) type:tech-debt Improves the project without visible changes for users labels Jun 1, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 1, 2026 11:41
@dependabot dependabot Bot added the part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) label Jun 1, 2026
@dependabot dependabot Bot requested review from stefan-brus-frequenz and removed request for a team June 1, 2026 11:41
@dependabot dependabot Bot added the type:tech-debt Improves the project without visible changes for users label Jun 1, 2026
@github-actions github-actions Bot added the part:dispatcher Affects the high-level dispatcher interface label Jun 1, 2026
@frequenz-auto-dependabot frequenz-auto-dependabot Bot added the tool:auto-merged PR was auto-merged by automation label Jun 1, 2026
@frequenz-auto-dependabot frequenz-auto-dependabot Bot added this pull request to the merge queue Jun 1, 2026
Merged via the queue into v1.x.x with commit 2390f39 Jun 1, 2026
24 checks passed
@frequenz-auto-dependabot frequenz-auto-dependabot Bot deleted the dependabot/pip/patch-1a97e91807 branch June 1, 2026 11:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@frequenz-auto-dependabot frequenz-auto-dependabot[bot] frequenz-auto-dependabot[bot] approved these changes

@stefan-brus-frequenz stefan-brus-frequenz Awaiting requested review from stefan-brus-frequenz stefan-brus-frequenz is a code owner automatically assigned from frequenz-floss/api-dispatch-team

Assignees

No one assigned

Labels

part:dispatcher Affects the high-level dispatcher interface part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) tool:auto-merged PR was auto-merged by automation type:tech-debt Improves the project without visible changes for users

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants