Uv

Enhancements

- Add support for requesting free-threaded builds via `+freethreaded` ([8645](https://github.com/astral-sh/uv/pull/8645))
- Improve trusted publishing error messages ([8633](https://github.com/astral-sh/uv/pull/8633))
- Remove unneeded `return` from Maturin project template ([8604](https://github.com/astral-sh/uv/pull/8604))
- Skip Python interpreter discovery for `uv export` ([8638](https://github.com/astral-sh/uv/pull/8638))
- Hint about missing trusted publishing permission ([8632](https://github.com/astral-sh/uv/pull/8632))

Configuration

- Add environment variable to disable progress output ([8600](https://github.com/astral-sh/uv/pull/8600))

Bug fixes

- Fork when minimum Python version increases ([8628](https://github.com/astral-sh/uv/pull/8628))
- Ignore empty groups when validating lock ([8598](https://github.com/astral-sh/uv/pull/8598))
- Remove duplicate word in error message ([8589](https://github.com/astral-sh/uv/pull/8589))
- Support cyclic dependencies in `uv tree` ([8564](https://github.com/astral-sh/uv/pull/8564))
- Update `uv init` to imply `--package` when using `--build-backend` ([8593](https://github.com/astral-sh/uv/pull/8593))
- Restore use of `dev-dependencies` and `requires-dev` for lockfile compatibility ([8599](https://github.com/astral-sh/uv/pull/8599))

Documentation

- Clarify `requires-python` requirement for dependencies ([8619](https://github.com/astral-sh/uv/pull/8619))
- Update CLI documentation for `--cache-dir` ([8627](https://github.com/astral-sh/uv/pull/8627))

This release includes support for the `[dependency-groups]` table as recently standardized in [PEP 735](https://peps.python.org/pep-0735/). The table allows for declaration of optional dependency groups that are not published as part of the package metadata, unlike `[project.optional-dependencies]`. There are new `--group`, `--only-group`, and `--no-group` options throughout the uv interface.

Previously, uv used a single `tool.uv.dev-dependencies` list for declaration of development dependencies. Now, uv supports declaring development dependencies in a standardized format and allows splitting development dependencies into multiple groups.

For compatibility, and to simplify usage for people that do not need multiple groups, uv special-cases the group named `dev`. The `dev` group is equivalent to `tool.uv.dev-dependencies`. The contents of `tool.uv.dev-dependencies` will merged into the `dev` group in uv's resolver. The `--dev`, `--only-dev`, and `--no-dev` flags remain as aliases for the corresponding `--group` options. Support for `tool.uv.dev-dependencies` remains in this release, but will display warnings in a future release.

uv syncs the `dev` group by default — this matches the existing behavior for `tool.uv.dev-dependencies`. The default groups can be changed with the `tool.uv.default-groups` setting.

Thank you to Stephen Rosen who authored PEP 735.

Enhancements

- Support for PEP 735 ([8272](https://github.com/astral-sh/uv/pull/8272))
- Add support for `--dry-run` mode in `uv lock` ([7783](https://github.com/astral-sh/uv/pull/7783))
- Don't allow non-string email in authors ([8520](https://github.com/astral-sh/uv/pull/8520))
- Enforce lockfile schema versions ([8509](https://github.com/astral-sh/uv/pull/8509))

Bug fixes

- Always attach URL to network errors ([8444](https://github.com/astral-sh/uv/pull/8444))
- Fix dangling non-platform dependencies in `uv tree` ([8532](https://github.com/astral-sh/uv/pull/8532))
- Prefer `lto` over `debug` free-threaded managed Python builds ([8515](https://github.com/astral-sh/uv/pull/8515))

Documentation

- Add `tool.uv.sources` to the "Settings" reference ([8543](https://github.com/astral-sh/uv/pull/8543))
- Add reference to `uv build` and `uv publish` in the landing pages ([8542](https://github.com/astral-sh/uv/pull/8542))
- Avoid duplicate `[tool.uv]` header in TOML examples ([8545](https://github.com/astral-sh/uv/pull/8545))
- Document `.netrc` environment variable and path ([8511](https://github.com/astral-sh/uv/pull/8511))
- Fix `.netrc` typo in authentication docs ([8521](https://github.com/astral-sh/uv/pull/8521))
- Fix heading level of "Script support" on docs landing page ([8544](https://github.com/astral-sh/uv/pull/8544))
- Move the installation configuration docs to a separate page ([8546](https://github.com/astral-sh/uv/pull/8546))
- Update docs for `--publish-url` to avoid duplication. ([8561](https://github.com/astral-sh/uv/pull/8561))
- Fix typo ([8554](https://github.com/astral-sh/uv/pull/8554))
- Fix typo in description of `--strict` flag ([8513](https://github.com/astral-sh/uv/pull/8513))

Enhancements

- Allow static dependency metadata entries for direct URL requirements ([7846](https://github.com/astral-sh/uv/pull/7846))
- Use reinstall report formatting for `uv python install --reinstall` ([8487](https://github.com/astral-sh/uv/pull/8487))
- Add support for system-level `uv.toml` configuration ([7851](https://github.com/astral-sh/uv/pull/7851))

Bug fixes

- Apply `requires-python` narrowing with upper bounds ([8403](https://github.com/astral-sh/uv/pull/8403))
- Avoid rewriting `[[tool.uv.index]]` entries when credentials are provided ([8502](https://github.com/astral-sh/uv/pull/8502))
- Fix `uv add` comment handling for empty arrays ([8504](https://github.com/astral-sh/uv/pull/8504))
- Replace dashes with underscores in index credential variables ([8452](https://github.com/astral-sh/uv/pull/8452))
- Respect `--allow-insecure-host` in `uv publish` ([8440](https://github.com/astral-sh/uv/pull/8440))
- Allow arbitrary `--package` includes in `uv tree` ([8507](https://github.com/astral-sh/uv/pull/8507))
- Remove existing Python install after successful download in `uv python install` ([8485](https://github.com/astral-sh/uv/pull/8485))

Documentation

- Add docs example for URLs with `[tool.uv.dependency-metadata]` ([8484](https://github.com/astral-sh/uv/pull/8484))
- Add help page for build failures ([8286](https://github.com/astral-sh/uv/pull/8286))
- Fix `cache-keys` typo in `tags = true` ([8422](https://github.com/astral-sh/uv/pull/8422))
- Add documentation examples for manual branch, rev, and tag Git dependencies ([8497](https://github.com/astral-sh/uv/pull/8497))

Error messages

- Improve error message for cache info serialization ([8500](https://github.com/astral-sh/uv/pull/8500))
- Suggest `--from` command when executable is available for `uvx` ([8473](https://github.com/astral-sh/uv/pull/8473))
- Support `--with-editable` in `uv tool install` ([8472](https://github.com/astral-sh/uv/pull/8472))

Enhancements

- Add support for `uv pip show --files` ([8369](https://github.com/astral-sh/uv/pull/8369))
- Don't prefetch unreachable packages ([8246](https://github.com/astral-sh/uv/pull/8246))
- Remove `tool.uv.sources` table if it is empty ([8365](https://github.com/astral-sh/uv/pull/8365))
- Modify cache versioning to support backwards compatibility ([8386](https://github.com/astral-sh/uv/pull/8386))

Configuration

- Add support for `UV_FROZEN` and `UV_LOCKED` ([8340](https://github.com/astral-sh/uv/pull/8340))

Bug fixes

- Allow dashes and underscores in custom index names ([8339](https://github.com/astral-sh/uv/pull/8339))
- Avoid panic when Git dependencies are included in fork markers ([8388](https://github.com/astral-sh/uv/pull/8388))
- Check existing source by normalized name before `uv add` and `uv remove` ([8359](https://github.com/astral-sh/uv/pull/8359))
- Fix bug where username from authentication cache could be ignored ([8345](https://github.com/astral-sh/uv/pull/8345))
- Fix to respect comments positioning in pyproject.toml on change ([8384](https://github.com/astral-sh/uv/pull/8384))
- Redact index sources in `uv.lock` ([8333](https://github.com/astral-sh/uv/pull/8333))
- Use correct indentation when project table contains open bracket comment ([8387](https://github.com/astral-sh/uv/pull/8387))
- Only remove a source from `[tool.uv.sources]` if it is no long being referenced ([8366](https://github.com/astral-sh/uv/pull/8366))
- Modify `uv pip list` and `uv tree` to print to stdout regardless of `--quiet` flag ([8392](https://github.com/astral-sh/uv/pull/8392))

Error messages

- Improve help message for missing `self update` invocations ([8337](https://github.com/astral-sh/uv/pull/8337))
- Log `.netrc` parsing errors ([8364](https://github.com/astral-sh/uv/pull/8364))
- Remove trailing newlines in error messages ([8322](https://github.com/astral-sh/uv/pull/8322))
- Use a dedicated message for incompatible Python versions in wheel ABI tags ([8363](https://github.com/astral-sh/uv/pull/8363))
- Remove commands available in the top-level from the suggested subcommand error ([8316](https://github.com/astral-sh/uv/pull/8316))

Release

- Run release builds for `macos-x86_64` on `macos-14` runners ([8327](https://github.com/astral-sh/uv/pull/8327))

Bug fixes

- Fix Python executable name in Windows free-threaded Python distributions ([8310](https://github.com/astral-sh/uv/pull/8310))
- Redact index credentials from lockfile sources ([8307](https://github.com/astral-sh/uv/pull/8307))
- Respect `UV_INDEX_` rather than `UV_HTTP_BASIC_` as documented ([8306](https://github.com/astral-sh/uv/pull/8306))
- Improve sources deserialization errors ([8308](https://github.com/astral-sh/uv/pull/8308))

Documentation

- Correct pytorch-to-torch reference in docs ([8291](https://github.com/astral-sh/uv/pull/8291))

This release introduces a revamped system for defining package indexes, as an alternative to the existing pip-style
`--index-url` and `--extra-index-url` configuration options.

You can now define named indexes in your `pyproject.toml` file using the `[[tool.uv.index]]` table:

toml
[[tool.uv.index]]
name = "pytorch"
url = "https://download.pytorch.org/whl/cpu"


Packages can be pinned to a specific index via `tool.uv.sources`, to ensure that a given package is installed from the
correct index. For example, to ensure that `torch` is *always* installed from the `pytorch` index:

toml
[tool.uv.sources]
torch = { index = "pytorch" }

[[tool.uv.index]]
name = "pytorch"
url = "https://download.pytorch.org/whl/cpu"


Indexes can also be marked as `explicit = true` to prevent packages from being installed from that index
unless explicitly pinned. For example, to ensure that `torch` is installed from the `pytorch` index, but all other
packages are installed from the default index:

toml
[tool.uv.sources]
torch = { index = "pytorch" }

[[tool.uv.index]]
name = "pytorch"
url = "https://download.pytorch.org/whl/cpu"
explicit = true


To define an additional index outside a `pyproject.toml` file, use the `--index` command-line argument
(or the `UV_INDEX` environment variable); to replace the default index (PyPI), use the `--default-index` command-line
argument (or `UV_DEFAULT_INDEX`).

These changes are entirely backwards-compatible with the deprecated `--index-url` and `--extra-index-url` options,
which continue to work as before.

See the [Index](https://docs.astral.sh/uv/configuration/indexes/) documentation for more.

Enhancements

- Add index URLs when provided via `uv add --index` or `--default-index` ([7746](https://github.com/astral-sh/uv/pull/7746))
- Add support for named and explicit indexes ([7481](https://github.com/astral-sh/uv/pull/7481))
- Add templates for popular build backends ([7857](https://github.com/astral-sh/uv/pull/7857))
- Allow multiple pinned indexes in `tool.uv.sources` ([7769](https://github.com/astral-sh/uv/pull/7769))
- Allow users to incorporate Git tags into dynamic cache keys ([8259](https://github.com/astral-sh/uv/pull/8259))
- Pin named indexes in `uv add` ([7747](https://github.com/astral-sh/uv/pull/7747))
- Respect named `--index` and `--default-index` values in `tool.uv.sources` ([7910](https://github.com/astral-sh/uv/pull/7910))
- Update to latest PubGrub version ([8245](https://github.com/astral-sh/uv/pull/8245))
- Enable environment variable authentication for named indexes ([7741](https://github.com/astral-sh/uv/pull/7741))
- Avoid showing lower-bound warning outside of explicit lock and sync ([8234](https://github.com/astral-sh/uv/pull/8234))
- Improve logging during lock errors ([8258](https://github.com/astral-sh/uv/pull/8258))
- Improve styling of `requires-python` warnings ([8240](https://github.com/astral-sh/uv/pull/8240))
- Show hint in resolution failure on `Forbidden` (`403`) or `Unauthorized` (`401`) ([8264](https://github.com/astral-sh/uv/pull/8264))
- Update to latest `cargo-dist` version (includes new installer features) ([8270](https://github.com/astral-sh/uv/pull/8270))
- Warn when patch version in `requires-python` is implicitly `0` ([7959](https://github.com/astral-sh/uv/pull/7959))
- Add more context on client errors during range requests ([8285](https://github.com/astral-sh/uv/pull/8285))

Bug fixes

- Avoid writing duplicate index URLs with `--emit-index-url` ([8226](https://github.com/astral-sh/uv/pull/8226))
- Fix error leading to out-of-bound panic in `uv-pep508` ([8282](https://github.com/astral-sh/uv/pull/8282))
- Fix managed distributions of free-threaded Python on Windows ([8268](https://github.com/astral-sh/uv/pull/8268))
- Fix selection of free-threaded interpreters during default Python discovery ([8239](https://github.com/astral-sh/uv/pull/8239))
- Ignore sources in build requirements for non-source trees ([8235](https://github.com/astral-sh/uv/pull/8235))
- Invalid cache when adding lower bound to lockfile ([8230](https://github.com/astral-sh/uv/pull/8230))
- Respect index priority when storing credentials ([8256](https://github.com/astral-sh/uv/pull/8256))
- Respect relative paths in `uv build` sources ([8237](https://github.com/astral-sh/uv/pull/8237))
- Narrow what the pip3.<minor> logic drops from entry points. ([8273](https://github.com/astral-sh/uv/pull/8273))

Documentation

- Add some additional notes to `--index-url` docs ([8267](https://github.com/astral-sh/uv/pull/8267))
- Add upgrade note to README ([7937](https://github.com/astral-sh/uv/pull/7937))
- Remove note that "only a single source may be defined for each dependency" ([8243](https://github.com/astral-sh/uv/pull/8243))