Skip to content

chore(deps): bump astral-sh/uv from 0.11.20 to 0.11.21#3029

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/docker/astral-sh/uv-0.11.21
Closed

chore(deps): bump astral-sh/uv from 0.11.20 to 0.11.21#3029
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/docker/astral-sh/uv-0.11.21

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 18, 2026

Copy link
Copy Markdown
Contributor

Bumps astral-sh/uv from 0.11.20 to 0.11.21.

Release notes

Sourced from astral-sh/uv's releases.

0.11.21

Release Notes

Released on 2026-06-11.

Python

  • Add CPython 3.13.14 and 3.14.6 (#19787)

Preview features

  • Add environment.root to uv workspace metadata --sync (#19760)
  • Allow uv upgrade to update a single dependency constraint (#19738)
  • Compute and pass uv workspace metadata payload in ty check (#19763)
  • Make packaged applications the default for uv init (#17841)

Performance

  • Add parallel discovery of Python versions for uv python list (#18684)
  • Avoid normalizing source distribution names twice (#19784)

Bug fixes

  • Improve cache robustness and pruning behavior
    • Allow CI cache pruning without an sdist bucket (#19802)
    • Avoid overflow when reading malformed cache entries (#19799)
    • Preserve cached Python downloads during cache pruning (#19795)
    • Reject running inside the cache (#19659)
  • Fix Python discovery and version request edge cases
    • Avoid panics for Unicode Python version requests (#19797)
    • Fix handling of non-critical errors in uv python list with path requests (#19774)
    • Fix stop-discovery-at regression (#19769)
  • Harden parsing and validation for package metadata, requirements, markers, URLs, and conflict sets
    • Allow trailing commas in version specifiers (#19806)
    • Avoid panics for invalid UTF-8 URL credentials (#19800)
    • Avoid panics for malformed source distribution filenames (#19776)
    • Avoid panics for trailing extra separators (#19779)
    • Avoid stack overflow for recursive requirements path aliases (#19777)
    • Ignore reversed string compatible-release markers (#19782)
    • Reject duplicate entries in conflict sets (#19801)
    • Reject malformed hash options in requirements files (#19783)
    • Reject source distribution filenames without a separator (#19803)
    • Use UTF-8 lengths for requirement errors (#19781)
    • Use UTF-8 lengths for trailing marker errors (#19796)
    • Use byte offsets when peeking over requirements (#19780)
    • Validate GraalPy ABI suffixes (#19805)
  • Improve wheel entry-point error handling and virtual environment activation quoting
    • Propagate errors when reading wheel entry points (#19794)
    • Quote virtual environment activation paths with shell metacharacters (#19798)

... (truncated)

Changelog

Sourced from astral-sh/uv's changelog.

0.11.21

Released on 2026-06-11.

Python

  • Add CPython 3.13.14 and 3.14.6 (#19787)

Preview features

  • Add environment.root to uv workspace metadata --sync (#19760)
  • Allow uv upgrade to update a single dependency constraint (#19738)
  • Compute and pass uv workspace metadata payload in ty check (#19763)
  • Make packaged applications the default for uv init (#17841)

Performance

  • Add parallel discovery of Python versions for uv python list (#18684)
  • Avoid normalizing source distribution names twice (#19784)

Bug fixes

  • Improve cache robustness and pruning behavior
    • Allow CI cache pruning without an sdist bucket (#19802)
    • Avoid overflow when reading malformed cache entries (#19799)
    • Preserve cached Python downloads during cache pruning (#19795)
    • Reject running inside the cache (#19659)
  • Fix Python discovery and version request edge cases
    • Avoid panics for Unicode Python version requests (#19797)
    • Fix handling of non-critical errors in uv python list with path requests (#19774)
    • Fix stop-discovery-at regression (#19769)
  • Harden parsing and validation for package metadata, requirements, markers, URLs, and conflict sets
    • Allow trailing commas in version specifiers (#19806)
    • Avoid panics for invalid UTF-8 URL credentials (#19800)
    • Avoid panics for malformed source distribution filenames (#19776)
    • Avoid panics for trailing extra separators (#19779)
    • Avoid stack overflow for recursive requirements path aliases (#19777)
    • Ignore reversed string compatible-release markers (#19782)
    • Reject duplicate entries in conflict sets (#19801)
    • Reject malformed hash options in requirements files (#19783)
    • Reject source distribution filenames without a separator (#19803)
    • Use UTF-8 lengths for requirement errors (#19781)
    • Use UTF-8 lengths for trailing marker errors (#19796)
    • Use byte offsets when peeking over requirements (#19780)
    • Validate GraalPy ABI suffixes (#19805)
  • Improve wheel entry-point error handling and virtual environment activation quoting
    • Propagate errors when reading wheel entry points (#19794)
    • Quote virtual environment activation paths with shell metacharacters (#19798)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump astral-sh/uv from 0.11.20 to 0.11.21
e968578 
Bumps [astral-sh/uv](https://github.com/astral-sh/uv) from 0.11.20 to 0.11.21.
- [Release notes](https://github.com/astral-sh/uv/releases)
- [Changelog](https://github.com/astral-sh/uv/blob/main/CHANGELOG.md)
- [Commits](astral-sh/uv@0.11.20...0.11.21)

---
updated-dependencies:
- dependency-name: astral-sh/uv
  dependency-version: 0.11.21
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file docker Pull requests that update docker code labels Jun 18, 2026
@dependabot dependabot Bot requested a review from JacobCoffee as a code owner June 18, 2026 08:07
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file docker Pull requests that update docker code labels Jun 18, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 25, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #3033.

@dependabot dependabot Bot closed this Jun 25, 2026
@dependabot dependabot Bot deleted the dependabot/docker/astral-sh/uv-0.11.21 branch June 25, 2026 08:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JacobCoffee JacobCoffee Awaiting requested review from JacobCoffee JacobCoffee is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file docker Pull requests that update docker code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants