5867 commits

Author	SHA1	Message	Date
konsti	44f5a14f40	Bump version to 0.9.10 (#16762) ... Motivated by https://github.com/astral-sh/uv/pull/16759 Doesn't contain https://github.com/astral-sh/uv/pull/16752, but that one doesn't seem critical	2025-11-17 16:29:14 +00:00
Zanie Blue	07e03ee776	Add uv workspace list to list workspace members (#16691) ... I'm a little wary here, in the sense that it might be silly to have a command that does something so simple that's covered by `uv workspace metadata`? but I think this could be stabilized much faster than `uv workspace metadata` and makes it easier to write scripts against workspace members. --------- Co-authored-by: liam <liam@scalzulli.com>	2025-11-17 09:35:50 -06:00
konsti	2d75aca8e3	Don't check file URLs for ambiguously parsed URLs (#16759) ... Fixes https://github.com/astral-sh/uv/issues/16756 Follow-up for https://github.com/astral-sh/uv/pull/16622 I noticed that rustfmt couldn't handle the check, so I moved the code around in the first two commits.	2025-11-17 14:16:13 +00:00
samypr100	bf99f0a195	Add support for SSL_CERT_DIR (#16473) ... ## Summary Closes https://github.com/astral-sh/uv/issues/16414 Adds support for the standard [SSL_CERT_DIR](https://docs.openssl.org/3.6/man3/SSL_CTX_load_verify_locations) which has gained recent proper support from [rustls-native-certs](https://github.com/rustls/rustls-native-certs/pull/187) in v0.8.2. In addition, this PR clarifies documentation around `SSL_CERT_FILE` and `SSL_CERT_DIR` when used in combination with `UV_NATIVE_TLS` as mentioned in https://github.com/astral-sh/uv/issues/16412#issuecomment-3434927201 ## Test Plan Manually tested with custom cert chains in multiple directories and loading them via SSL_CERT_DIR. We didn't have tests for `SSL_CERT_FILE` or `SSL_CERT_DIR` environment variables so I added a basic one using our own test-only certificate generation and dummy https server. I also moved some things around for better reuse.	2025-11-16 11:48:31 -06:00
Meitar Reihan	b9826778b9	Support http/https URLs in uv python --python-downloads-json-url (#16542) ... continuation PR based on #14687 --------- Co-authored-by: Geoffrey Thomas <geofft@ldpreload.com> Co-authored-by: Aria Desires <aria.desires@gmail.com>	2025-11-14 17:51:24 -05:00
Meitar Reihan	7f4d8c67a8	Account for python_downloads_json_url on Pre-release Python version warnings (#16737) ... Solves #16711	2025-11-14 15:12:35 -06:00
liam	1a14d595fd	Error when a project.license-files glob matches nothing (#16697) ... Resolves https://github.com/astral-sh/uv/issues/16693 [`PEP 639`](https://peps.python.org/pep-0639/#add-license-files-key) requires build tools to error if any user-specified `project.license-files` glob fails to match a file, but uv currently allows the build to succeed and produces empty `.dist-info/licenses/` directories. This PR enforces the spec by tracking matches for each glob during metadata generation, raising a clear validation error when one is unmatched.	2025-11-14 11:02:04 +01:00
Zanie Blue	f5ce5b47c8	Add support for --upgrade in uv python install (#16676) ... This allows us to suggest `uv python install --upgrade 3.14` as the canonical way to get the latest patch version of a given Python regardless of whether it is installed already. Currently, you can do `uv python upgrade 3.14` and it will install it, but I'd like to remove that behavior as I find it very surprising.	2025-11-13 09:55:48 -06:00
liam	e28dc62358	Enforce UTF‑8-encoded license files during uv build (#16699) ... I noticed this when working on https://github.com/astral-sh/uv/pull/16697. [PEP 639](https://peps.python.org/pep-0639/#add-license-files-key) expects tools to ship license texts as UTF‑8, but previously `uv build` would quietly include any binary blob listed under `project.license-files`. I have no clue what is going on with `rustfmt` for this file, but it seems that when I add the check, it wants to reformat a bunch of surrounding stuff. The relevant part to look at is: ```rust for license_file in &license_files { let file_path = root.join(license_file); let bytes = fs_err::read(&file_path)?; if str::from_utf8(&bytes).is_err() { return Err(ValidationError::LicenseFileNotUtf8(license_file.clone()).into()); } } ``` where we validate all collected license files before proceeding. --------- Co-authored-by: konstin <konstin@mailbox.org>	2025-11-13 12:49:59 +00:00
Mikayla Thompson	88811553e4	pip install --target (and sync) install python if necessary (#16694) ... ## Summary As described in https://github.com/astral-sh/uv/issues/12229, `pip install` with `--target` or `--prefix` seem like they should install the necessary python version if it doesn't exist, but they currently don't. Most minimal reproduction is something like: ``` > uv python uninstall 3.13 ... > uv pip install anyio --target target-dir --python 3.13 error: No interpreter found for Python 3.13 in virtual environments, managed installations, or search path ``` This also fails without `--target`, but a venv is expected in that case, so the with `--target`/`--prefix` is the only version that needs to be fixed. The same mechanism occurs for `uv pip sync` as well. ## Test Plan Added tests for install and sync that failed before fix and now pass. --------- Signed-off-by: Mikayla Thompson <mrt@mikayla.codes>	2025-11-12 15:42:52 -07:00
Oshadha Gunawardena	aec42540a1	Fix handling of python install --default for pre-release Python versions (#16706) ... ## Summary Fixes `--default` not creating default executable links for pre-release Python versions. When using `--default` with a pre-release version like `3.15.0a1`, the code was checking `matches_installation()` against the download request instead of the original user request. This caused the check to fail since the download request doesn't match pre-release versions the same way. Changed it to use `installation.satisfies(&first_request.request)` when `--default` is used, which checks against the original user request. Fixes #16696 ## Test Plan Added `python_install_default_prerelease` test that installs Python 3.15 with `--default` and verifies all three executable links (`python3.15`, `python3`, `python`) are created. The test skips gracefully if 3.15 isn't available. All existing tests pass.	2025-11-12 12:33:58 -06:00
Zanie Blue	4fac4cb7ed	Bump version to 0.9.9 (#16708)	2025-11-12 18:14:44 +00:00
Zsolt Dollenstein	e96354a6dd	Always attach linehaul data (#16705)	2025-11-12 17:10:15 +00:00
Charlie Marsh	2c0d166260	Add only-emit-workspace and similar variants to uv export (#16681) ... ## Summary This is useful for scenarios in which you want to emit the workspace dependencies, but nothing else.	2025-11-12 16:51:45 +00:00
William Woodruff	ae1edef9c0	Reject ambiguously parsed URLs (#16622) ... Co-authored-by: Zanie Blue <contact@zanie.dev>	2025-11-12 16:27:57 +00:00
bigmoonbit	82c612704a	chore: fix typo in crates/uv-virtualenv/README.md (#16700) ... <!-- Thank you for contributing to uv! To help us out with reviewing, please consider the following: - Does this pull request include a summary of the change? (See below.) - Does this pull request include a descriptive title? - Does this pull request include references to any relevant issues? --> ## Summary fix typo in crates/uv-virtualenv/README.md <!-- What's the purpose of the change? What does it do, and why? --> ## Test Plan <!-- How was it tested? --> No need. Signed-off-by: bigmoonbit <bigmoonbit@outlook.com>	2025-11-12 09:45:37 -06:00
Zsolt Dollenstein	c16a5fd630	Fix shell-specific test snapshots (#16688) ... ## Summary Two tests were failing when run with `SHELL=fish`: 1. `create_venv_current_working_directory` failed because the "activate" filter didn't apply properly when the venv was in the CWD. This PR fixes the filter. 2. `tool_install_warn_path` failed because the messages are different between fish and bash. This PR hardcodes `SHELL=fish`. ## Test Plan CI	2025-11-12 07:55:33 -06:00
liam	d32cc638d1	Deny stdout/stderr printing in uv crate via clippy (#16695) ... Follow-up from https://github.com/astral-sh/uv/pull/16690, in `uv` every command should be using `write!(...)/writeln!(...)` with the `Printer` abstraction instead of bypassing control with the standard printing functions. This lint ensures that.	2025-11-12 07:54:52 -06:00
Zsolt Dollenstein	2de987ed37	Skip python_install_emulated_macos except on ARM64 macos with rosetta (#16687) ... ## Summary This test isn't useful on non-arm64 macs, and it outright fails if rosetta isn't installed. ## Test Plan Run it on my rosetta-stripped macbook	2025-11-12 07:48:16 -06:00
liam	1b38b47a3f	Warn on managed prerelease interpreters when a stable build is available (#16619) ... Resolves https://github.com/astral-sh/uv/issues/16616 This PR detects managed prerelease interpreters during discovery and warns when a matching stable build is available, wiring the new helper into `PythonInstallation::find`, `find_best`, and `find_or_download`.	2025-11-12 07:45:31 -06:00
konsti	e36bf634ba	Add iOS support for Python discovery (#16686) ... iOS support exist nominally (https://github.com/astral-sh/uv/pull/15640), but Python discovery currently fails.	2025-11-12 11:03:27 +00:00
Zanie Blue	63df2cdfe9	Minor fixups to uv workspace metadata (#16692)	2025-11-11 20:41:26 +00:00
Mikayla Thompson	00e2a0e54d	Replace println with Printer for all dir commands & workspace dir followups (#16690) ... ## Summary 1. Discussed in review of #16678 that println should be replaced by using `printer`. The `println` pattern was pretty consistent across all the `dir` commands, so I've updated all of them in this PR (there are some usages of `println` outside of `uv/src/commands` that I didn't touch -- the use cases there seemed more complex and nuanced). 2. I missed two comments in the previous PR before merging, so updates from those are in here as well. ## Test Plan No behavior changes, existing tests for all commands pass. --------- Signed-off-by: Mikayla Thompson <mrt@mikayla.codes>	2025-11-11 14:36:31 -06:00
Mikayla Thompson	b81060674e	workspace dir command (#16678) ... Addresses https://github.com/astral-sh/uv/issues/13636 Prints the path to the workspace root by default, and any of the child packages if requested. I looped it into the same preview flag as `workspace metadata`, given how closely related they are. ## Summary ``` ─> uv workspace dir /Users/mikayla/code/uv/dev-envs ─> uv workspace dir --package foo-proj /Users/mikayla/code/uv/dev-envs/foo-proj ─> uv workspace dir --package bar-proj error: Package `bar-proj` not found in workspace. ``` ## Test Plan Unit tests added. --------- Signed-off-by: Mikayla Thompson <mrt@mikayla.codes> Co-authored-by: Zanie Blue <contact@zanie.dev>	2025-11-11 12:30:39 -07:00
konsti	92c2bfcca0	Remove unnecessary DisplaySafeUrl::from (#16689) ... For #16622	2025-11-11 19:12:20 +00:00
liam	63ab247765	Allow explicit values with uv version --bump (#16555) ... Resolves https://github.com/astral-sh/uv/issues/16427 This PR updates `uv version --bump` so you can pin the exact number you’re targeting, i.e. `--bump patch=10` or `--bump dev=42`. The command-line interface now parses those `component=value` flags, and the bump logic actually sets the version to the number you asked for.	2025-11-11 12:27:32 -05:00
Zanie Blue	3ccad58166	Add uv workspace metadata (#16516) ... This adds the scaffolding for a `uv workspace metadata` command, as an equivalent to `cargo metadata`, for integration with downstream tools. I didn't do much here beyond emit the workspace root path and the paths of the workspace members. I explored doing a bit more in #16638, but I think we're actually going to want to come up with a fairly comprehensive schema like `cargo metadata` has. I've started exploring that too, but I don't have a concrete proposal to share yet. I don't want this to be a top-level command because I think people would expect `uv metadata <PACKAGE>` to show metadata about arbitrary packages (this has been requested several times). I also think we can do other things in the workspace namespace to make trivial integrations simpler, like `uv workspace list` (enumerate members) and `uv workspace dir` (show the path to the workspace root). I don't expect this to be stable at all to start. I've both gated it with preview and hidden it from the help. The intent is to merge so we can iterate on it as we figure out what integrations need.	2025-11-11 15:46:01 +00:00
Charlie Marsh	5b517bb966	Remove Git-based dependency for tl (#16679) ... ## Summary I published our own fork, since our PR had been lingering for over a year: https://crates.io/crates/astral-tl	2025-11-11 08:41:13 -06:00
Mikayla Thompson	f22af0f88a	Deprecate --project arg for init (#16674) ... Addresses https://github.com/astral-sh/uv/issues/15790 ## Summary After discussion, the functionality of `--project` vs `--directory` was quite unclear in this case, so deprecating `--project` for `init` is probably the clearest behavior option. This is a breaking change, so it requires being under preview before being rolled out fully. Included in the PR now: - new feature flag (`init --project` is deprecated if `--preview` or `--preview-features deprecate-project-for-init` are provided) - tests (for `--directory` behavior, as well as the current warning and future error) - documentation updated in docs/concepts/projects/init.md --------- Signed-off-by: Mikayla Thompson <mrt@mikayla.codes>	2025-11-10 16:33:08 -07:00
Mathieu Kniewallner	9a21897f3d	feat(cli): expose UV_NO_DEFAULT_GROUPS environment variable (#16645) ... <!-- Thank you for contributing to uv! To help us out with reviewing, please consider the following: - Does this pull request include a summary of the change? (See below.) - Does this pull request include a descriptive title? - Does this pull request include references to any relevant issues? --> ## Summary Similarly to #16529 that adds `UV_NO_GROUP`, this adds `UV_NO_DEFAULT_GROUPS` that does the same as `--no-default-groups`. This can be useful on the CI, to disable default groups on a job without having to set the argument in all commands that could trigger a sync (for instance [here](8757b318e9/.github/workflows/main.yml (L105-L116))). ## Test Plan Snapshot tests. --------- Co-authored-by: samypr100 <3933065+samypr100@users.noreply.github.com>	2025-11-10 14:43:48 -06:00
Charlie Marsh	c1c1950dce	Add support for the Simple index API top-level route (#16656) ... ## Summary At present, we only have support for the detail routes (e.g., `https://pypi.org/simple/requests`), but not the top-level index route (e.g., `https://pypi.org/simple/`). I need this for some downstream work so pulling it into its own PR.	2025-11-10 14:50:19 -05:00
Charlie Marsh	ce4a47a2e0	Remove torch-model-archiver and torch-tb-profiler from PyTorch backend (#16655) ... ## Summary These are present on the PyTorch index, but only at very old versions. The PyPI versions are newer, and seemingly these don't need to be built against CUDA, etc. Closes https://github.com/astral-sh/uv/issues/16651.	2025-11-10 10:26:12 -05:00
Zanie Blue	60196bc3ce	Remove stale comment (#16667) ... This happens in `from_settings` instead	2025-11-10 14:55:04 +00:00
liam	c826f2b042	Fix pixi environment detection by recognizing Conda prefixes with conda-meta/pixi (#16585) ... Resolves https://github.com/astral-sh/uv/issues/16295 This PR updates the Conda base-environment heuristic to recognize Pixi-managed environments by checking for the `conda-meta/pixi` marker file. Pixi default environments now resolve as isolated child environments instead of system installations, restoring the expected uv pip behavior without the `--system` flag.	2025-11-09 22:16:17 -06:00
Zanie Blue	2d9fe7ca70	Pin lock futures (#16643) ... These futures are quite large (~16,000 bytes) and adding new fields to the `ResolverOptions` in another pull request caused a lint error from Clippy.	2025-11-09 10:37:16 -06:00
Pavel Logan Dikov	caf49f845f	Use .rcdata to store trampoline type + path to python binary (#15068) ... `.rsrc` is the idiomatic way of storing metadata and non-code resources in PE binaries. This should make the resulting binaries more robust as they are no longer dependent on the exact location of a certain magic number. Addresses: #15022 ## Test Plan Existing integration test for `uv-trampoline-builder` + addition to ensure robustness to code signing. --------- Co-authored-by: samypr100 <3933065+samypr100@users.noreply.github.com> Co-authored-by: Zanie Blue <contact@zanie.dev>	2025-11-09 08:12:40 -06:00
github-actions[bot]	1b7faafd7a	Sync latest Python releases (#16505) ... Automated update for Python releases. Co-authored-by: zanieb <2586601+zanieb@users.noreply.github.com>	2025-11-08 10:16:21 -06:00
Zanie Blue	5983a8876b	Refactor to remove some cruft from ExcludeNewer propagation (#16641) ... I think using a wire here is less convoluted.	2025-11-08 09:44:17 -06:00
Zanie Blue	85c5d32284	Bump version to 0.9.8 (#16636)	2025-11-07 11:45:22 -06:00
Zanie Blue	bfecc9902e	Fix inclusive constraints on available package versions in resolver errors (#16629) ... Closes https://github.com/astral-sh/uv/issues/16626	2025-11-07 09:23:37 -06:00
Zanie Blue	5e181d36ef	Show help on uv build -h (#16632)	2025-11-07 16:19:40 +01:00
Charlie Marsh	4740d267e9	Remove fast path from uv-git fetch (#16607) ... ## Summary Now that we perform this fast-path in `crates/uv-distribution/src/source/mod.rs`, I _think_ the fast-path here is no longer used? In my testing, we only actually took this path when the fast-path _already_ failed (and thus it would fail again, wasting time).	2025-11-06 22:18:05 -06:00
Haaris Rahman	e5c10cd45d	Fix typo in uv tool list doc (#16625) ... <!-- Thank you for contributing to uv! To help us out with reviewing, please consider the following: - Does this pull request include a summary of the change? (See below.) - Does this pull request include a descriptive title? - Does this pull request include references to any relevant issues? --> ## Summary Fixed a typo in the docs. Regenerated the docs, with the fix. <!-- What's the purpose of the change? What does it do, and why? -->	2025-11-06 22:06:17 -06:00
Charlie Marsh	5fe8af114b	Accept multiple packages in uv export (#16603) ... ## Summary Closes https://github.com/astral-sh/uv/issues/16503.	2025-11-05 22:52:22 +00:00
konsti	148b694b6b	Make augment_requirement a method (#16592) ... Fixing the pattern so we can be consistent in https://github.com/astral-sh/uv/pull/16143#discussion_r2479028440	2025-11-04 19:53:59 +01:00
Charlie Marsh	9a6eafc043	Accept multiple packages in uv sync (#16543) ... ## Summary Closes https://github.com/astral-sh/uv/issues/12130. --------- Co-authored-by: Zanie Blue <contact@zanie.dev> Co-authored-by: konsti <konstin@mailbox.org>	2025-11-04 14:17:58 +00:00
Zanie Blue	60a811e715	Allow Python requests to include +gil to require a GIL-enabled interpreter (#16537) ... Addresses https://github.com/astral-sh/uv/pull/16142#issuecomment-3390586957 Nobody seems to have a good idea about how to spell this. "not free-threaded" would be the most technically correct, but I think "gil" will be more intuitive.	2025-11-03 13:35:52 -06:00
Les Freire	86e7b2e97a	Fix missing value_type for default-groups in schema (#16575) ... ## Summary Fix incomplete value_type attribute for default-groups field in the ToolUv struct schema definition. The value_type was missing its value, which should be str | list[str] to reflect that default-groups can accept either the literal "all" or a list of group names. (#16574)	2025-11-03 08:55:20 -05:00
renovate[bot]	e5cb2ee01b	Update Rust crate tikv-jemallocator to v0.6.1 (#16567)	2025-11-02 21:07:49 -05:00
liam	77fecc5c27	Improve uv init error for invalid directory names (#16554) ... Resolves https://github.com/astral-sh/uv/issues/16433 When `uv init` infers a project name from the working directory, directories with characters outside the PEP 503 rules produced the generic “Not a valid package or extra name” message that didn’t explain the source of the problem. This change intercepts that failure, reports whether the current or explicit target directory caused it, and tells the user to supply an explicit `--name`.	2025-11-02 19:26:09 -05:00