Workflow

Uv

Latest version: v0.5.9

Safety actively analyzes 688931 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 5 of 22

0.4.16

Enhancements

- Add `uv publish` ([7475](https://github.com/astral-sh/uv/pull/7475))
- Add a `--project` argument to run a command from a project directory ([7603](https://github.com/astral-sh/uv/pull/7603))
- Display Python implementation when creating environments ([7652](https://github.com/astral-sh/uv/pull/7652))
- Implement trusted publishing for `uv publish` ([7548](https://github.com/astral-sh/uv/pull/7548))
- Respect lockfile preferences for `--with` requirements ([7627](https://github.com/astral-sh/uv/pull/7627))
- Unhide the `--directory` option ([7653](https://github.com/astral-sh/uv/pull/7653))
- Allow requesting free-threaded Python interpreters ([7431](https://github.com/astral-sh/uv/pull/7431))
- Show a dedicated PubGrub hint for `--unsafe-best-match` ([7645](https://github.com/astral-sh/uv/pull/7645))
- Add resolver error checking for conflicting distributions ([7595](https://github.com/astral-sh/uv/pull/7595))

Bug fixes

- Avoid adding double-newlines for CRLF ([7640](https://github.com/astral-sh/uv/pull/7640))
- Avoid retaining forks when `requires-python` range changes ([7624](https://github.com/astral-sh/uv/pull/7624))
- Determine if pre-release Python downloads should be allowed using the version specifiers ([7638](https://github.com/astral-sh/uv/pull/7638))
- Fix `link-mode=clone` for directories on Linux ([7620](https://github.com/astral-sh/uv/pull/7620))
- Improve Python executable name discovery when using alternative implementations ([7649](https://github.com/astral-sh/uv/pull/7649))
- Require opt-in to use alternative Python implementations ([7650](https://github.com/astral-sh/uv/pull/7650))
- Use the first pre-release discovered when only pre-release Python versions are available ([7666](https://github.com/astral-sh/uv/pull/7666))

Documentation

- Document environment variable that disables printing of virtual environment name in prompt ([7648](https://github.com/astral-sh/uv/pull/7648))
- Remove double whitespaces from the code ([7623](https://github.com/astral-sh/uv/pull/7623))
- Use anchorlinks rather than permalinks ([7626](https://github.com/astral-sh/uv/pull/7626))

Preview features

- Add build backend scaffolding ([7662](https://github.com/astral-sh/uv/pull/7662))

0.4.15

Bug fixes

- Revert "Treat invalid platform as more compatible than invalid Python (7556)" ([7608](https://github.com/astral-sh/uv/pull/7608))

Documentation

- Add the execution policy to powershell installs for single versions ([7602](https://github.com/astral-sh/uv/pull/7602))

0.4.14

Breaking

- Move uvx shell completion to `uvx --generate-shell-completion` ([7511](https://github.com/astral-sh/uv/pull/7511))

Enhancements

- Adjust messaging for frozen hint on resolution failure during `uv add` ([7597](https://github.com/astral-sh/uv/pull/7597))
- Provide resolution hints in case of possible local name conflicts ([7505](https://github.com/astral-sh/uv/pull/7505))
- Improve Docker image release tagging order and display on `ghcr.io` ([7568](https://github.com/astral-sh/uv/pull/7568))
- Improve deserialization error messages ([7598](https://github.com/astral-sh/uv/pull/7598))

Bug fixes

- Allow system environments during project environment validity check ([7585](https://github.com/astral-sh/uv/pull/7585))
- Avoid validating workspace members when `--no-sources` is provided ([7599](https://github.com/astral-sh/uv/pull/7599))
- Fix handling of `sys.base_prefix` collision in interpreter identity check during tool installs ([7596](https://github.com/astral-sh/uv/pull/7596))
- Make `uv cache prune` robust to unreadable rkyv entries ([7561](https://github.com/astral-sh/uv/pull/7561))
- Revert "Remove duplicate warning for settings discovery errors (7384)" ([7594](https://github.com/astral-sh/uv/pull/7594))

Documentation

- Fix `-` to `_` in packaged applications document ([7571](https://github.com/astral-sh/uv/pull/7571))

0.4.13

Enhancements

- Add `socks` support ([7503](https://github.com/astral-sh/uv/pull/7503))
- Avoid warning about bad Python interpreter links for empty project environment directories ([7527](https://github.com/astral-sh/uv/pull/7527))
- Improve invalid environment warning messages ([7544](https://github.com/astral-sh/uv/pull/7544))
- Use more verbose spelling of "virtualenv" during creation ([7523](https://github.com/astral-sh/uv/pull/7523))
- Do not use a user-facing warning for "Waiting to acquire lock..." message ([7502](https://github.com/astral-sh/uv/pull/7502))

Performance

- Use a single buffer for hints on resolver errors ([7497](https://github.com/astral-sh/uv/pull/7497))

Bug fixes

- Allow Python pre-releases to be used if they are first on the `PATH` ([7470](https://github.com/astral-sh/uv/pull/7470))
- Avoid deleting the project environment directory if it is not a virtual environment ([7522](https://github.com/astral-sh/uv/pull/7522))
- Do not error if the `CACHEDIR.TAG` file exists but cannot be written to ([7550](https://github.com/astral-sh/uv/pull/7550))
- Treat invalid platform as more compatible than invalid Python ([7556](https://github.com/astral-sh/uv/pull/7556))
- Use portable paths when serializing sources ([7504](https://github.com/astral-sh/uv/pull/7504))
- Compute resolver hints using the final reduced derivation tree ([7546](https://github.com/astral-sh/uv/pull/7546))
- Bump the wheel and sdist cache versions ([7560](https://github.com/astral-sh/uv/pull/7560))
- Heal cache entries with missing source distributions ([7559](https://github.com/astral-sh/uv/pull/7559))

Rust libraries

- Bump minimum supported Rust version from 1.80 -> 1.81

Documentation

- Add `UV_LINK_MODE` to Docker caching example ([7510](https://github.com/astral-sh/uv/pull/7510))
- Clarify behavior of of overrides in CLI reference ([7537](https://github.com/astral-sh/uv/pull/7537))

0.4.12

Enhancements

- Allow users to provide pre-defined metadata for resolution ([7442](https://github.com/astral-sh/uv/pull/7442))
- Invalidate existing tool environments on Python interpreter mismatch ([7451](https://github.com/astral-sh/uv/pull/7451))

Bug fixes

- Avoid fatal error when searching for egg-info with missing directory ([7498](https://github.com/astral-sh/uv/pull/7498))

Documentation

- Add note on cache growth for self-hosted GitHub runners ([5757](https://github.com/astral-sh/uv/pull/5757))

0.4.11

Enhancements

- Add `--no-editable` support to `uv sync` and `uv export` ([7371](https://github.com/astral-sh/uv/pull/7371))
- Add support for `--only-dev` to `uv sync` and `uv export` ([7367](https://github.com/astral-sh/uv/pull/7367))
- Add support for remaining pip-supported file extensions ([7387](https://github.com/astral-sh/uv/pull/7387))
- Generate shell completion for `uvx` ([7388](https://github.com/astral-sh/uv/pull/7388))
- Include `uv export` command in `requirements.txt` output ([7374](https://github.com/astral-sh/uv/pull/7374))
- Prune unzipped source distributions in `uv cache prune --ci` ([7446](https://github.com/astral-sh/uv/pull/7446))
- Warn when trying to `uv sync` a package without build configuration ([7420](https://github.com/astral-sh/uv/pull/7420))
- Support requests for pre-releases in the `--python` option ([7335](https://github.com/astral-sh/uv/pull/7335))

Bug fixes

- Avoid erroneous version warning for `.dist-info` directories ([7444](https://github.com/astral-sh/uv/pull/7444))
- Avoid removing seed packages for `uv venv --seed` environments ([7410](https://github.com/astral-sh/uv/pull/7410))
- Avoid unnecessary progress bar initializations ([7412](https://github.com/astral-sh/uv/pull/7412))
- Error when `tool.uv.sources` contains duplicate package names ([7383](https://github.com/astral-sh/uv/pull/7383))
- Include `--branch` et al when resolving unnamed URLs in `uv add` ([7447](https://github.com/astral-sh/uv/pull/7447))
- Include `dev-dependencies` in `--no-sources` invocations ([7408](https://github.com/astral-sh/uv/pull/7408))
- Include the parent interpreter in Python discovery when `--system` is used ([7440](https://github.com/astral-sh/uv/pull/7440))
- Respect `--no-sources` in PEP 723 scripts ([7409](https://github.com/astral-sh/uv/pull/7409))
- Respect `pyproject.toml` credentials from user-provided requirements ([7474](https://github.com/astral-sh/uv/pull/7474))
- Use consistent PyPI cache bucket ([7443](https://github.com/astral-sh/uv/pull/7443))
- Use unambiguous relative paths in `uv export` ([7378](https://github.com/astral-sh/uv/pull/7378))

Documentation

- Add documentation on platform-specific dependencies ([7411](https://github.com/astral-sh/uv/pull/7411))
- Add documentation for passing installer options on Linux ([6839](https://github.com/astral-sh/uv/pull/6839))
- Separate project data from configuration settings ([7053](https://github.com/astral-sh/uv/pull/7053))

Error messages

- Hint at missing `project.name` ([6803](https://github.com/astral-sh/uv/pull/6803))
- Surface dedicated `project.name` error for workspaces ([7399](https://github.com/astral-sh/uv/pull/7399))
- Remove duplicate warning for settings discovery errors ([7384](https://github.com/astral-sh/uv/pull/7384))

Page 5 of 22

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.