Skip to content

Bump uv from 0.11.28 to 0.11.29 in /python#7144

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python/uv-0.11.29
Open

Bump uv from 0.11.28 to 0.11.29 in /python#7144
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python/uv-0.11.29

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 16, 2026

Copy link
Copy Markdown
Contributor

Bumps uv from 0.11.28 to 0.11.29.

Release notes

Sourced from uv's releases.

0.11.29

Release Notes

Released on 2026-07-15.

Python

  • Use gzip-compressed artifacts for PyPy downloads (#20265)

Enhancements

  • Add JSON output to uv tree (#19978)
  • Add CUDA 13.2 as a supported PyTorch backend (#20267)
  • Prefer local artifacts over URLs when installing from pylock.toml (#20393)
  • Clarify diagnostics for unsatisfiable direct requirement ranges (#20227)
  • Include the selected project name in missing-extra errors (#20358)

Preview features

  • Preserve extras and dependency-group conflict context when selecting locked project tools (#20078)
  • Split OSV audit queries that exceed the service's 1,000-package limit (#20398)
  • Apply OSV fixed-version information only to the matching package and ecosystem (#20399)
  • Skip the virtualenv distutils monkeypatch on Python 3.10 and later (#20222)
  • Report invalid uv audit --service-url values instead of panicking (#20374)
  • Include preview settings in the published SchemaStore schema (#20304)

Performance

  • Reduce resolver work by widening selected versions across ranges without other known candidates (#20115)
  • Defer client and build setup for no-op uv sync operations (#20364)
  • Reuse workspace discovery during frozen syncs (#20363)
  • Reuse workspace discovery after resolving settings (#20356)
  • Reuse workspace discovery in uv tree, uv export, uv format, and uv audit (#20359)
  • Avoid cache and interpreter setup when reading a project version (#20360)

Bug fixes

  • Reject duplicate active package entries in pylock.toml (#20391)
  • Preserve direct-archive hashes in uv pip freeze output (#20395)
  • Explain conflicting root requirements instead of displaying an empty version range (#20228)
  • Prevent build-backend data paths from escaping the project or bypassing wheel exclusions (#20397)
  • Reject PEP 517 backend paths outside the source tree, including paths that escape through symlinks (#20387)
  • Redact credentials from failed Git fetch commands (#20401)
  • Fix exclusive post-release range ordering to match PEP 440 (#20268)
  • Canonicalize equivalent PEP 440 ranges during dependency resolution (#20182)
  • Honor Python version pins when initializing scripts (#20404)
  • Respect package-scoped source filtering for scripts (#20389)
  • Report existing environment incompatibilities when uv pip install --strict has nothing to install (#20388)
  • Continue scanning platlib when purelib is missing (#20405)
  • Handle versionless .egg-info files as legacy package metadata (#20403)

... (truncated)

Changelog

Sourced from uv's changelog.

0.11.29

Released on 2026-07-15.

Python

  • Use gzip-compressed artifacts for PyPy downloads (#20265)

Enhancements

  • Add JSON output to uv tree (#19978)
  • Add CUDA 13.2 as a supported PyTorch backend (#20267)
  • Prefer local artifacts over URLs when installing from pylock.toml (#20393)
  • Clarify diagnostics for unsatisfiable direct requirement ranges (#20227)
  • Include the selected project name in missing-extra errors (#20358)

Preview features

  • Preserve extras and dependency-group conflict context when selecting locked project tools (#20078)
  • Split OSV audit queries that exceed the service's 1,000-package limit (#20398)
  • Apply OSV fixed-version information only to the matching package and ecosystem (#20399)
  • Skip the virtualenv distutils monkeypatch on Python 3.10 and later (#20222)
  • Report invalid uv audit --service-url values instead of panicking (#20374)
  • Include preview settings in the published SchemaStore schema (#20304)

Performance

  • Reduce resolver work by widening selected versions across ranges without other known candidates (#20115)
  • Defer client and build setup for no-op uv sync operations (#20364)
  • Reuse workspace discovery during frozen syncs (#20363)
  • Reuse workspace discovery after resolving settings (#20356)
  • Reuse workspace discovery in uv tree, uv export, uv format, and uv audit (#20359)
  • Avoid cache and interpreter setup when reading a project version (#20360)

Bug fixes

  • Reject duplicate active package entries in pylock.toml (#20391)
  • Preserve direct-archive hashes in uv pip freeze output (#20395)
  • Explain conflicting root requirements instead of displaying an empty version range (#20228)
  • Prevent build-backend data paths from escaping the project or bypassing wheel exclusions (#20397)
  • Reject PEP 517 backend paths outside the source tree, including paths that escape through symlinks (#20387)
  • Redact credentials from failed Git fetch commands (#20401)
  • Fix exclusive post-release range ordering to match PEP 440 (#20268)
  • Canonicalize equivalent PEP 440 ranges during dependency resolution (#20182)
  • Honor Python version pins when initializing scripts (#20404)
  • Respect package-scoped source filtering for scripts (#20389)
  • Report existing environment incompatibilities when uv pip install --strict has nothing to install (#20388)
  • Continue scanning platlib when purelib is missing (#20405)
  • Handle versionless .egg-info files as legacy package metadata (#20403)
  • Make repeated locking idempotent for impossible cross-variable platform markers (#20369)

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Usage: [Issues, PRs], Target: dependencies in the project python Usage: [Issues, PRs], Target: Python labels Jul 16, 2026
Copilot AI review requested due to automatic review settings July 16, 2026 14:34

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot can't review bot-authored pull requests automatically. A user with Copilot access can request a review manually.

@github-actions github-actions Bot changed the title Bump uv from 0.11.28 to 0.11.29 in /python Python: Bump uv from 0.11.28 to 0.11.29 in /python Jul 16, 2026
Bumps [uv](https://github.com/astral-sh/uv) from 0.11.28 to 0.11.29.
- [Release notes](https://github.com/astral-sh/uv/releases)
- [Changelog](https://github.com/astral-sh/uv/blob/main/CHANGELOG.md)
- [Commits](astral-sh/uv@0.11.28...0.11.29)

---
updated-dependencies:
- dependency-name: uv
  dependency-version: 0.11.29
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Python: Bump uv from 0.11.28 to 0.11.29 in /python Bump uv from 0.11.28 to 0.11.29 in /python Jul 17, 2026
@dependabot
dependabot Bot force-pushed the dependabot/pip/python/uv-0.11.29 branch from 86e052a to fc76d53 Compare July 17, 2026 17:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Usage: [Issues, PRs], Target: dependencies in the project python Usage: [Issues, PRs], Target: Python

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant