Workflow

Python-uv

Latest version: v0.0.38

Safety actively analyzes 706267 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 17 of 26

0.1.24

Breaking changes

- `uv pip uninstall` no longer supports specifying targets with the `-e` / `--editable`
flag ([2577](https://github.com/astral-sh/uv/pull/2577))

Enhancements

- Add a garbage collection mechanism to the CLI ([1217](https://github.com/astral-sh/uv/pull/1217))
- Add progress reporting for named requirement resolution ([2605](https://github.com/astral-sh/uv/pull/2605))
- Add support for parsing unnamed URL requirements ([2567](https://github.com/astral-sh/uv/pull/2567))
- Add support for unnamed local directory requirements ([2571](https://github.com/astral-sh/uv/pull/2571))
- Enable PEP 517 builds for unnamed requirements ([2600](https://github.com/astral-sh/uv/pull/2600))
- Enable install audits without resolving named requirements ([2575](https://github.com/astral-sh/uv/pull/2575))
- Enable unnamed requirements for direct URLs ([2569](https://github.com/astral-sh/uv/pull/2569))
- Respect HTTP client options when reading remote requirements
files ([2434](https://github.com/astral-sh/uv/pull/2434))
- Use PEP 517 build hooks to resolve unnamed requirements ([2604](https://github.com/astral-sh/uv/pull/2604))
- Use c-string literals and update trampolines ([2590](https://github.com/astral-sh/uv/pull/2590))
- Support unnamed requirements directly in `uv pip uninstall` ([2577](https://github.com/astral-sh/uv/pull/2577))
- Add support for unnamed Git and HTTP requirements ([2578](https://github.com/astral-sh/uv/pull/2578))
- Make self-update an opt-in Cargo feature ([2606](https://github.com/astral-sh/uv/pull/2606))
- Update minimum rust version (cargo) to 1.76 ([2618](https://github.com/astral-sh/uv/pull/2618))

Bug fixes

- Fix self-updates on Windows ([2598](https://github.com/astral-sh/uv/pull/2598))
- Fix authentication with usernames that contain `` characters ([2592](https://github.com/astral-sh/uv/pull/2592))
- Do not error when there are warnings on Python interpreter stderr ([2599](https://github.com/astral-sh/uv/pull/2599))
- Prevent discovery of cache gitignore when building distributions ([2615](https://github.com/astral-sh/uv/pull/2615))

Rust API

- Make `InstallDist.direct_url` public ([2584](https://github.com/astral-sh/uv/pull/2584))
- Make `AllowedYanks` public ([2608](https://github.com/astral-sh/uv/pull/2608))

Documentation

- Fix badge to current CI status ([2612](https://github.com/astral-sh/uv/pull/2612))

0.1.23

Enhancements

- Implement `--no-strip-extras` to preserve extras in compilation ([2555](https://github.com/astral-sh/uv/pull/2555))
- Preserve hashes for pinned packages when compiling
without `--upgrade` ([2532](https://github.com/astral-sh/uv/pull/2532))
- Add a `uv self update` command ([2228](https://github.com/astral-sh/uv/pull/2228))
- Use relative paths for user-facing messages ([2559](https://github.com/astral-sh/uv/pull/2559))
- Add `CUSTOM_COMPILE_COMMAND` support to `uv pip compile` ([2554](https://github.com/astral-sh/uv/pull/2554))
- Add SHA384 and SHA512 hash algorithms ([2534](https://github.com/astral-sh/uv/pull/2534))
- Treat uninstallable packages as warnings, rather than errors ([2557](https://github.com/astral-sh/uv/pull/2557))

Bug fixes

- Allow `VIRTUAL_ENV` to take precedence over `CONDA_PREFIX` ([2574](https://github.com/astral-sh/uv/pull/2574))
- Ensure mtime of site packages is updated during wheel
installation ([2545](https://github.com/astral-sh/uv/pull/2545))
- Re-test validity after every lenient parsing change ([2550](https://github.com/astral-sh/uv/pull/2550))
- Run interpreter discovery under `-I` mode ([2552](https://github.com/astral-sh/uv/pull/2552))
- Search in both `purelib` and `platlib` for site-packages
population ([2537](https://github.com/astral-sh/uv/pull/2537))
- Fix wheel builds and uploads for musl ARM ([2518](https://github.com/astral-sh/uv/pull/2518))

Documentation

- Add `--link-mode` defaults to CLI ([2549](https://github.com/astral-sh/uv/pull/2549))
- Add an example workflow for compiling the current environment's
packages ([1968](https://github.com/astral-sh/uv/pull/1968))
- Add `uv pip check diagnostics` to `PIP_COMPATIBILITY.md` ([2544](https://github.com/astral-sh/uv/pull/2544))

0.1.22

Enhancements

- Add support for PyTorch-style local version semantics ([2430](https://github.com/astral-sh/uv/pull/2430))
- Add support for Hatch's `{root:uri}` paths in editable installs ([2492](https://github.com/astral-sh/uv/pull/2492))
- Implement `uv pip check` ([2397](https://github.com/astral-sh/uv/pull/2397))
- Add pip-like linehaul information to user agent ([2493](https://github.com/astral-sh/uv/pull/2493))
- Add additional ARM targets to release ([2417](https://github.com/astral-sh/uv/pull/2417))

Bug fixes

- Allow direct file path requirements to include fragments ([2502](https://github.com/astral-sh/uv/pull/2502))
- Avoid panicking on cannot-be-a-base URLs ([2461](https://github.com/astral-sh/uv/pull/2461))
- Drop `macosx_10_0` from compatible wheel tags on `aarch64` ([2496](https://github.com/astral-sh/uv/pull/2496))
- Fix operating system detection on \*BSD ([2505](https://github.com/astral-sh/uv/pull/2505))
- Fix priority of ABI tags ([2489](https://github.com/astral-sh/uv/pull/2489))
- Fix priority of platform tags for manylinux ([2483](https://github.com/astral-sh/uv/pull/2483))
- Make > operator exclude post and local releases ([2471](https://github.com/astral-sh/uv/pull/2471))
- Re-add support for pyenv shims ([2503](https://github.com/astral-sh/uv/pull/2503))
- Validate required package names against wheel package names ([2516](https://github.com/astral-sh/uv/pull/2516))

0.1.21

Enhancements

- Loosen `.dist-info` validation to accept arbitrary versions ([2441](https://github.com/astral-sh/uv/pull/2441))

Bug fixes

- Fix macOS architecture detection on i386 machines ([2454](https://github.com/astral-sh/uv/pull/2454))

0.1.20

Bug fixes

- Add in-URL credentials to store prior to creating requests ([2446](https://github.com/astral-sh/uv/pull/2446))
- Error when direct URL requirements don't match `Requires-Python` ([2196](https://github.com/astral-sh/uv/pull/2196))

0.1.19

Configuration

- Add `UV_NATIVE_TLS` environment variable ([2412](https://github.com/astral-sh/uv/pull/2412))
- Allow `SSL_CERT_FILE` without requiring `--native-tls` ([2401](https://github.com/astral-sh/uv/pull/2401))
- Add support for retrieving credentials from `keyring` ([2254](https://github.com/astral-sh/uv/pull/2254))

Bug fixes

- Add backoff for transient Windows failures ([2419](https://github.com/astral-sh/uv/pull/2419))
- Move architecture and operating system probing to Python ([2381](https://github.com/astral-sh/uv/pull/2381))
- Respect `--native-tls` in `venv` ([2433](https://github.com/astral-sh/uv/pull/2433))
- Treat non-existent site-packages as empty ([2413](https://github.com/astral-sh/uv/pull/2413))

Documentation

- Document HTTP authentication ([2425](https://github.com/astral-sh/uv/pull/2425))

Performance

- Improve performance of version range operations ([2421](https://github.com/astral-sh/uv/pull/2421))

Page 17 of 26

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.