2025-08-04 02:48:17 +00:00
453 changed files with 11801 additions and 50715 deletions
--- a/.config/nextest.toml
+++ b/.config/nextest.toml
@ -1,4 +1,4 @@
 [profile.default]
 # Mark tests that take longer than 10s as slow.
-# Terminate after 120s as a stop-gap measure to terminate on deadlock.
-slow-timeout =  { period = "10s", terminate-after = 12 }
+# Terminate after 90s as a stop-gap measure to terminate on deadlock.
+slow-timeout =  { period = "10s", terminate-after = 9 }
--- a/.github/workflows/build-binaries.yml
+++ b/.github/workflows/build-binaries.yml
@ -54,7 +54,7 @@ jobs:
      - name: "Prep README.md"
        run: python scripts/transform_readme.py --target pypi
      - name: "Build sdist"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          command: sdist
          args: --out dist
@ -74,7 +74,7 @@ jobs:

      # uv-build
      - name: "Build sdist uv-build"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          command: sdist
          args: --out crates/uv-build/dist -m crates/uv-build/Cargo.toml
@ -103,7 +103,7 @@ jobs:

      # uv
      - name: "Build wheels - x86_64"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: x86_64
          args: --release --locked --out dist --features self-update
@ -133,7 +133,7 @@ jobs:

      # uv-build
      - name: "Build wheels uv-build - x86_64"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: x86_64
          args: --profile minimal-size --locked --out crates/uv-build/dist -m crates/uv-build/Cargo.toml
@ -157,7 +157,7 @@ jobs:

      # uv
      - name: "Build wheels - aarch64"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: aarch64
          args: --release --locked --out dist --features self-update
@ -193,7 +193,7 @@ jobs:

      # uv-build
      - name: "Build wheels uv-build - aarch64"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: aarch64
          args: --profile minimal-size --locked --out crates/uv-build/dist -m crates/uv-build/Cargo.toml
@ -231,7 +231,7 @@ jobs:

      # uv
      - name: "Build wheels"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.platform.target }}
          args: --release --locked --out dist --features self-update,windows-gui-bin
@ -267,7 +267,7 @@ jobs:

      # uv-build
      - name: "Build wheels uv-build"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.platform.target }}
          args: --profile minimal-size --locked --out crates/uv-build/dist -m crates/uv-build/Cargo.toml
@ -303,7 +303,7 @@ jobs:

      # uv
      - name: "Build wheels"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.target }}
          # Generally, we try to build in a target docker container. In this case however, a
@ -368,7 +368,7 @@ jobs:

      # uv-build
      - name: "Build wheels uv-build"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.target }}
          manylinux: auto
@ -412,7 +412,7 @@ jobs:

      # uv
      - name: "Build wheels"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.platform.target }}
          # On `aarch64`, use `manylinux: 2_28`; otherwise, use `manylinux: auto`.
@ -461,7 +461,7 @@ jobs:

      # uv-build
      - name: "Build wheels uv-build"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.platform.target }}
          # On `aarch64`, use `manylinux: 2_28`; otherwise, use `manylinux: auto`.
@ -509,7 +509,7 @@ jobs:

      # uv
      - name: "Build wheels"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.platform.target }}
          manylinux: auto
@ -561,7 +561,7 @@ jobs:

      # uv-build
      - name: "Build wheels uv-build"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.platform.target }}
          manylinux: auto
@ -614,7 +614,7 @@ jobs:

      # uv
      - name: "Build wheels"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.platform.target }}
          manylinux: auto
@ -671,7 +671,7 @@ jobs:

      # uv-build
      - name: "Build wheels uv-build"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.platform.target }}
          manylinux: auto
@ -691,103 +691,6 @@ jobs:
          name: wheels_uv_build-${{ matrix.platform.target }}
          path: crates/uv-build/dist

-  # Like `linux-arm`.
-  linux-riscv64:
-    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-build') }}
-    timeout-minutes: 30
-    runs-on: depot-ubuntu-latest-4
-    strategy:
-      matrix:
-        platform:
-          - target: riscv64gc-unknown-linux-gnu
-            arch: riscv64
-
-    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
-        with:
-          python-version: ${{ env.PYTHON_VERSION }}
-      - name: "Prep README.md"
-        run: python scripts/transform_readme.py --target pypi
-
-      # uv
-      - name: "Build wheels"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
-        with:
-          target: ${{ matrix.platform.target }}
-          manylinux: auto
-          docker-options: ${{ matrix.platform.maturin_docker_options }}
-          args: --release --locked --out dist --features self-update
-      - uses: uraimo/run-on-arch-action@d94c13912ea685de38fccc1109385b83fd79427d # v3.0.1
-        name: "Test wheel"
-        with:
-          arch: ${{ matrix.platform.arch }}
-          distro: ubuntu20.04
-          githubToken: ${{ github.token }}
-          install: |
-            apt-get update
-            apt-get install -y --no-install-recommends python3 python3-pip python-is-python3
-            pip3 install -U pip
-          run: |
-            pip install ${{ env.PACKAGE_NAME }} --no-index --find-links dist/ --force-reinstall
-            ${{ env.MODULE_NAME }} --help
-            # TODO(konsti): Enable this test on all platforms, currently `find_uv_bin` is failing to discover uv here.
-            # python -m ${{ env.MODULE_NAME }} --help
-            uvx --help
-      - name: "Upload wheels"
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
-        with:
-          name: wheels_uv-${{ matrix.platform.target }}
-          path: dist
-      - name: "Archive binary"
-        shell: bash
-        run: |
-          TARGET=${{ matrix.platform.target }}
-          ARCHIVE_NAME=uv-$TARGET
-          ARCHIVE_FILE=$ARCHIVE_NAME.tar.gz
-
-          mkdir -p $ARCHIVE_NAME
-          cp target/$TARGET/release/uv $ARCHIVE_NAME/uv
-          cp target/$TARGET/release/uvx $ARCHIVE_NAME/uvx
-          tar czvf $ARCHIVE_FILE $ARCHIVE_NAME
-          shasum -a 256 $ARCHIVE_FILE > $ARCHIVE_FILE.sha256
-      - name: "Upload binary"
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
-        with:
-          name: artifacts-${{ matrix.platform.target }}
-          path: |
-            *.tar.gz
-            *.sha256
-
-      # uv-build
-      - name: "Build wheels uv-build"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
-        with:
-          target: ${{ matrix.platform.target }}
-          manylinux: auto
-          docker-options: ${{ matrix.platform.maturin_docker_options }}
-          args: --profile minimal-size --locked --out crates/uv-build/dist -m crates/uv-build/Cargo.toml
-      - uses: uraimo/run-on-arch-action@d94c13912ea685de38fccc1109385b83fd79427d # v3.0.1
-        name: "Test wheel uv-build"
-        with:
-          arch: ${{ matrix.platform.arch }}
-          distro: ubuntu20.04
-          githubToken: ${{ github.token }}
-          install: |
-            apt-get update
-            apt-get install -y --no-install-recommends python3 python3-pip python-is-python3
-            pip3 install -U pip
-          run: |
-            pip install ${{ env.PACKAGE_NAME }}-build --no-index --find-links crates/uv-build/dist --force-reinstall
-            ${{ env.MODULE_NAME }}-build --help
-            # TODO(konsti): Enable this test on all platforms, currently `find_uv_bin` is failing to discover uv here.
-            # python -m ${{ env.MODULE_NAME }}-build --help
-      - name: "Upload wheels uv-build"
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
-        with:
-          name: wheels_uv_build-${{ matrix.platform.target }}
-          path: crates/uv-build/dist
-
  musllinux:
    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-build') }}
    runs-on: ubuntu-latest
@ -807,14 +710,14 @@ jobs:

      # uv
      - name: "Build wheels"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.target }}
          manylinux: musllinux_1_1
          args: --release --locked --out dist --features self-update
      - name: "Test wheel"
        if: matrix.target == 'x86_64-unknown-linux-musl'
-        uses: addnab/docker-run-action@4f65fabd2431ebc8d299f8e5a018d79a769ae185 # v3
+        uses: addnab/docker-run-action@v3
        with:
          image: alpine:3.12
          options: -v ${{ github.workspace }}:/io -w /io
@ -854,14 +757,14 @@ jobs:

      # uv-build
      - name: "Build wheels uv-build"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.target }}
          manylinux: musllinux_1_1
          args: --profile minimal-size --locked --out crates/uv-build/dist -m crates/uv-build/Cargo.toml
      - name: "Test wheel uv-build"
        if: matrix.target == 'x86_64-unknown-linux-musl'
-        uses: addnab/docker-run-action@4f65fabd2431ebc8d299f8e5a018d79a769ae185 # v3
+        uses: addnab/docker-run-action@v3
        with:
          image: alpine:3.12
          options: -v ${{ github.workspace }}:/io -w /io
@ -901,7 +804,7 @@ jobs:

      # uv
      - name: "Build wheels"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.platform.target }}
          manylinux: musllinux_1_1
@ -966,7 +869,7 @@ jobs:

      # uv-build
      - name: "Build wheels"
-        uses: PyO3/maturin-action@e10f6c464b90acceb5f640d31beda6d586ba7b4a # v1.49.3
+        uses: PyO3/maturin-action@44479ae1b6b1a57f561e03add8832e62c185eb17 # v1.48.1
        with:
          target: ${{ matrix.platform.target }}
          manylinux: musllinux_1_1
--- a/.github/workflows/build-docker.yml
+++ b/.github/workflows/build-docker.yml
@ -1,19 +1,11 @@
-# Build and publish Docker images.
+# Build and publish a Docker image.
 #
-# Uses Depot for multi-platform builds. Includes both a `uv` base image, which
-# is just the binary in a scratch image, and a set of extra, common images with
-# the uv binary installed.
+# Assumed to run as a subworkflow of .github/workflows/release.yml; specifically, as a local
+# artifacts job within `cargo-dist`.
 #
-# Images are built on all runs.
-#
-# On release, assumed to run as a subworkflow of .github/workflows/release.yml;
-# specifically, as a local artifacts job within `cargo-dist`. In this case,
-# images are published based on the `plan`.
-#
-# TODO(charlie): Ideally, the publish step would happen as a publish job within
-# `cargo-dist`, but sharing the built image as an artifact between jobs is
-# challenging.
-name: "Docker images"
+# TODO(charlie): Ideally, the publish step would happen as a publish job within `cargo-dist`, but
+# sharing the built image as an artifact between jobs is challenging.
+name: "Build Docker image"

 on:
  workflow_call:
@ -37,67 +29,35 @@ on:
      - .github/workflows/build-docker.yml

 env:
-  UV_GHCR_IMAGE: ghcr.io/${{ github.repository_owner }}/uv
-  UV_DOCKERHUB_IMAGE: docker.io/astral/uv
+  UV_BASE_IMG: ghcr.io/${{ github.repository_owner }}/uv

 jobs:
-  docker-plan:
-    name: plan
-    runs-on: ubuntu-latest
-    outputs:
-      login: ${{ steps.plan.outputs.login }}
-      push: ${{ steps.plan.outputs.push }}
-      tag: ${{ steps.plan.outputs.tag }}
-      action: ${{ steps.plan.outputs.action }}
-    steps:
-      - name: Set push variable
-        env:
-          DRY_RUN: ${{ inputs.plan == '' || fromJson(inputs.plan).announcement_tag_is_implicit }}
-          TAG: ${{ inputs.plan != '' && fromJson(inputs.plan).announcement_tag }}
-          IS_LOCAL_PR: ${{ github.event.pull_request.head.repo.full_name == 'astral-sh/uv' }}
-        id: plan
-        run: |
-          if [ "${{ env.DRY_RUN }}" == "false" ]; then
-            echo "login=true" >> "$GITHUB_OUTPUT"
-            echo "push=true" >> "$GITHUB_OUTPUT"
-            echo "tag=${{ env.TAG }}" >> "$GITHUB_OUTPUT"
-            echo "action=build and publish" >> "$GITHUB_OUTPUT"
-          else
-            echo "login=${{ env.IS_LOCAL_PR }}" >> "$GITHUB_OUTPUT"
-            echo "push=false" >> "$GITHUB_OUTPUT"
-            echo "tag=dry-run" >> "$GITHUB_OUTPUT"
-            echo "action=build" >> "$GITHUB_OUTPUT"
-          fi
-
-  docker-publish-base:
+  docker-build:
    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-build') }}
-    name: ${{ needs.docker-plan.outputs.action }} uv
-    needs:
-      - docker-plan
+    name: Build Docker image (ghcr.io/astral-sh/uv) for ${{ matrix.platform }}
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      id-token: write # for Depot OIDC and GHCR signing
-      packages: write # for GHCR image pushes
-      attestations: write # for GHCR attestations
    environment:
-      name: ${{ needs.docker-plan.outputs.push == 'true' && 'release' || '' }}
-    outputs:
-      image-tags: ${{ steps.meta.outputs.tags }}
-      image-annotations: ${{ steps.meta.outputs.annotations }}
-      image-digest: ${{ steps.build.outputs.digest }}
-      image-version: ${{ steps.meta.outputs.version }}
+      name: release
+    strategy:
+      fail-fast: false
+      matrix:
+        platform:
+          - linux/amd64
+          - linux/arm64
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          submodules: recursive

-      # Login to DockerHub (when not pushing, it's to avoid rate-limiting)
+      # Login to DockerHub first, to avoid rate-limiting
      - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
-        if: ${{ needs.docker-plan.outputs.login == 'true' }}
+        # PRs from forks don't have access to secrets, disable this step in that case.
+        if: ${{ github.event.pull_request.head.repo.full_name == 'astral-sh/uv' }}
        with:
-          username: ${{ needs.docker-plan.outputs.push == 'true' && 'astral' || 'astralshbot' }}
-          password: ${{ needs.docker-plan.outputs.push == 'true' && secrets.DOCKERHUB_TOKEN_RW || secrets.DOCKERHUB_TOKEN_RO }}
+          username: astralshbot
+          password: ${{ secrets.DOCKERHUB_TOKEN_RO }}
+
+      - uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0

      - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
        with:
@ -105,15 +65,13 @@ jobs:
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}

-      - uses: depot/setup-action@b0b1ea4f69e92ebf5dea3f8713a1b0c37b2126a5
-
      - name: Check tag consistency
-        if: ${{ needs.docker-plan.outputs.push == 'true' }}
+        if: ${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }}
        run: |
          version=$(grep "version = " pyproject.toml | sed -e 's/version = "\(.*\)"/\1/g')
-          if [ "${{ needs.docker-plan.outputs.tag }}" != "${version}" ]; then
+          if [ "${{ fromJson(inputs.plan).announcement_tag }}" != "${version}" ]; then
            echo "The input tag does not match the version from pyproject.toml:" >&2
-            echo "${{ needs.docker-plan.outputs.tag }}" >&2
+            echo "${{ fromJson(inputs.plan).announcement_tag }}" >&2
            echo "${version}" >&2
            exit 1
          else
@ -123,50 +81,107 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker
        id: meta
        uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0
-        env:
-          DOCKER_METADATA_ANNOTATIONS_LEVELS: index
        with:
-          images: |
-            ${{ env.UV_GHCR_IMAGE }}
-            ${{ env.UV_DOCKERHUB_IMAGE }}
+          images: ${{ env.UV_BASE_IMG }}
          # Defining this makes sure the org.opencontainers.image.version OCI label becomes the actual release version and not the branch name
          tags: |
-            type=raw,value=dry-run,enable=${{ needs.docker-plan.outputs.push == 'false' }}
-            type=pep440,pattern={{ version }},value=${{ needs.docker-plan.outputs.tag }},enable=${{ needs.docker-plan.outputs.push }}
-            type=pep440,pattern={{ major }}.{{ minor }},value=${{ needs.docker-plan.outputs.tag }},enable=${{ needs.docker-plan.outputs.push }}
+            type=raw,value=dry-run,enable=${{ inputs.plan == '' || fromJson(inputs.plan).announcement_tag_is_implicit }}
+            type=pep440,pattern={{ version }},value=${{ inputs.plan != '' && fromJson(inputs.plan).announcement_tag || 'dry-run' }},enable=${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }}

+      - name: Normalize Platform Pair (replace / with -)
+        run: |
+          platform=${{ matrix.platform }}
+          echo "PLATFORM_TUPLE=${platform//\//-}" >> $GITHUB_ENV
+
+      # Adapted from https://docs.docker.com/build/ci/github-actions/multi-platform/
      - name: Build and push by digest
        id: build
-        uses: depot/build-push-action@2583627a84956d07561420dcc1d0eb1f2af3fac0 # v1.15.0
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
        with:
-          project: 7hd4vdzmw5 # astral-sh/uv
          context: .
-          platforms: linux/amd64,linux/arm64
-          push: ${{ needs.docker-plan.outputs.push }}
-          tags: ${{ steps.meta.outputs.tags }}
+          platforms: ${{ matrix.platform }}
+          cache-from: type=gha,scope=uv-${{ env.PLATFORM_TUPLE }}
+          cache-to: type=gha,mode=min,scope=uv-${{ env.PLATFORM_TUPLE }}
          labels: ${{ steps.meta.outputs.labels }}
-          # TODO(zanieb): Annotations are not supported by Depot yet and are ignored
-          annotations: ${{ steps.meta.outputs.annotations }}
+          outputs: type=image,name=${{ env.UV_BASE_IMG }},push-by-digest=true,name-canonical=true,push=${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }}

-      - name: Generate artifact attestation for base image
-        if: ${{ needs.docker-plan.outputs.push == 'true' }}
-        uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # v2.4.0
+      - name: Export digests
+        run: |
+          mkdir -p /tmp/digests
+          digest="${{ steps.build.outputs.digest }}"
+          touch "/tmp/digests/${digest#sha256:}"
+
+      - name: Upload digests
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
        with:
-          subject-name: ${{ env.UV_GHCR_IMAGE }}
-          subject-digest: ${{ steps.build.outputs.digest }}
+          name: digests-${{ env.PLATFORM_TUPLE }}
+          path: /tmp/digests/*
+          if-no-files-found: error
+          retention-days: 1

-  docker-publish-extra:
-    name: ${{ needs.docker-plan.outputs.action }} ${{ matrix.image-mapping }}
+  docker-publish:
+    name: Publish Docker image (ghcr.io/astral-sh/uv)
    runs-on: ubuntu-latest
    environment:
-      name: ${{ needs.docker-plan.outputs.push == 'true' && 'release' || '' }}
+      name: release
    needs:
-      - docker-plan
-      - docker-publish-base
+      - docker-build
+    if: ${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }}
+    steps:
+      # Login to DockerHub first, to avoid rate-limiting
+      - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+        with:
+          username: astralshbot
+          password: ${{ secrets.DOCKERHUB_TOKEN_RO }}
+
+      - name: Download digests
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
+        with:
+          path: /tmp/digests
+          pattern: digests-*
+          merge-multiple: true
+
+      - uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0
+        with:
+          images: ${{ env.UV_BASE_IMG }}
+          # Order is on purpose such that the label org.opencontainers.image.version has the first pattern with the full version
+          tags: |
+            type=pep440,pattern={{ version }},value=${{ fromJson(inputs.plan).announcement_tag }}
+            type=pep440,pattern={{ major }}.{{ minor }},value=${{ fromJson(inputs.plan).announcement_tag }}
+
+      - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # Adapted from https://docs.docker.com/build/ci/github-actions/multi-platform/
+      - name: Create manifest list and push
+        working-directory: /tmp/digests
+        # The jq command expands the docker/metadata json "tags" array entry to `-t tag1 -t tag2 ...` for each tag in the array
+        # The printf will expand the base image with the `<UV_BASE_IMG>@sha256:<sha256> ...` for each sha256 in the directory
+        # The final command becomes `docker buildx imagetools create -t tag1 -t tag2 ... <UV_BASE_IMG>@sha256:<sha256_1> <UV_BASE_IMG>@sha256:<sha256_2> ...`
+        run: |
+          docker buildx imagetools create \
+            $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf '${{ env.UV_BASE_IMG }}@sha256:%s ' *)
+
+  docker-publish-extra:
+    name: Publish additional Docker image based on ${{ matrix.image-mapping }}
+    runs-on: ubuntu-latest
+    environment:
+      name: release
+    needs:
+      - docker-publish
+    if: ${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }}
    permissions:
-      id-token: write # for Depot OIDC and GHCR signing
-      packages: write # for GHCR image pushes
-      attestations: write # for GHCR attestations
+      packages: write
+      attestations: write # needed to push image attestations to the Github attestation store
+      id-token: write # needed for signing the images with GitHub OIDC Token
    strategy:
      fail-fast: false
      matrix:
@ -198,12 +213,13 @@ jobs:
          - python:3.9-slim-bookworm,python3.9-bookworm-slim
          - python:3.8-slim-bookworm,python3.8-bookworm-slim
    steps:
-      # Login to DockerHub (when not pushing, it's to avoid rate-limiting)
+      # Login to DockerHub first, to avoid rate-limiting
      - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
-        if: ${{ needs.docker-plan.outputs.login == 'true' }}
        with:
-          username: ${{ needs.docker-plan.outputs.push == 'true' && 'astral' || 'astralshbot' }}
-          password: ${{ needs.docker-plan.outputs.push == 'true' && secrets.DOCKERHUB_TOKEN_RW || secrets.DOCKERHUB_TOKEN_RO }}
+          username: astralshbot
+          password: ${{ secrets.DOCKERHUB_TOKEN_RO }}
+
+      - uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0

      - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
        with:
@ -211,8 +227,6 @@ jobs:
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}

-      - uses: depot/setup-action@b0b1ea4f69e92ebf5dea3f8713a1b0c37b2126a5
-
      - name: Generate Dynamic Dockerfile Tags
        shell: bash
        run: |
@ -224,8 +238,7 @@ jobs:
          # Generate Dockerfile content
          cat <<EOF > Dockerfile
          FROM ${BASE_IMAGE}
-          COPY --from=${{ env.UV_GHCR_IMAGE }}:latest /uv /uvx /usr/local/bin/
-          ENV UV_TOOL_BIN_DIR="/usr/local/bin"
+          COPY --from=${{ env.UV_BASE_IMG }}:latest /uv /uvx /usr/local/bin/
          ENTRYPOINT []
          CMD ["/usr/local/bin/uv"]
          EOF
@ -236,14 +249,17 @@ jobs:
          # Loop through all base tags and append its docker metadata pattern to the list
          # Order is on purpose such that the label org.opencontainers.image.version has the first pattern with the full version
          IFS=','; for TAG in ${BASE_TAGS}; do
-            TAG_PATTERNS="${TAG_PATTERNS}type=pep440,pattern={{ version }},suffix=-${TAG},value=${{ needs.docker-plan.outputs.tag }}\n"
-            TAG_PATTERNS="${TAG_PATTERNS}type=pep440,pattern={{ major }}.{{ minor }},suffix=-${TAG},value=${{ needs.docker-plan.outputs.tag }}\n"
+            TAG_PATTERNS="${TAG_PATTERNS}type=pep440,pattern={{ version }},suffix=-${TAG},value=${{ fromJson(inputs.plan).announcement_tag }}\n"
+            TAG_PATTERNS="${TAG_PATTERNS}type=pep440,pattern={{ major }}.{{ minor }},suffix=-${TAG},value=${{ fromJson(inputs.plan).announcement_tag }}\n"
            TAG_PATTERNS="${TAG_PATTERNS}type=raw,value=${TAG}\n"
          done

          # Remove the trailing newline from the pattern list
          TAG_PATTERNS="${TAG_PATTERNS%\\n}"

+          # Export image cache name
+          echo "IMAGE_REF=${BASE_IMAGE//:/-}" >> $GITHUB_ENV
+
          # Export tag patterns using the multiline env var syntax
          {
            echo "TAG_PATTERNS<<EOF"
@ -258,9 +274,7 @@ jobs:
        env:
          DOCKER_METADATA_ANNOTATIONS_LEVELS: index
        with:
-          images: |
-            ${{ env.UV_GHCR_IMAGE }}
-            ${{ env.UV_DOCKERHUB_IMAGE }}
+          images: ${{ env.UV_BASE_IMG }}
          flavor: |
            latest=false
          tags: |
@ -268,84 +282,67 @@ jobs:

      - name: Build and push
        id: build-and-push
-        uses: depot/build-push-action@2583627a84956d07561420dcc1d0eb1f2af3fac0 # v1.15.0
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
        with:
          context: .
-          project: 7hd4vdzmw5 # astral-sh/uv
          platforms: linux/amd64,linux/arm64
-          push: ${{ needs.docker-plan.outputs.push }}
+          # We do not really need to cache here as the Dockerfile is tiny
+          #cache-from: type=gha,scope=uv-${{ env.IMAGE_REF }}
+          #cache-to: type=gha,mode=min,scope=uv-${{ env.IMAGE_REF }}
+          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
-          # TODO(zanieb): Annotations are not supported by Depot yet and are ignored
          annotations: ${{ steps.meta.outputs.annotations }}

      - name: Generate artifact attestation
-        if: ${{ needs.docker-plan.outputs.push == 'true' }}
-        uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # v2.4.0
+        uses: actions/attest-build-provenance@db473fddc028af60658334401dc6fa3ffd8669fd # v2.3.0
        with:
-          subject-name: ${{ env.UV_GHCR_IMAGE }}
+          subject-name: ${{ env.UV_BASE_IMG }}
          subject-digest: ${{ steps.build-and-push.outputs.digest }}
+          # push-to-registry is explicitly not enabled to maintain full control over the top image

-      # Push annotations manually.
-      # See `docker-annotate-base` for details.
-      - name: Add annotations to images
-        if: ${{ needs.docker-plan.outputs.push == 'true' }}
-        env:
-          IMAGES: "${{ env.UV_GHCR_IMAGE }} ${{ env.UV_DOCKERHUB_IMAGE }}"
-          DIGEST: ${{ steps.build-and-push.outputs.digest }}
-          TAGS: ${{ steps.meta.outputs.tags }}
-          ANNOTATIONS: ${{ steps.meta.outputs.annotations }}
-        run: |
-          set -x
-          readarray -t lines <<< "$ANNOTATIONS"; annotations=(); for line in "${lines[@]}"; do annotations+=(--annotation "$line"); done
-          for image in $IMAGES; do
-            readarray -t lines < <(grep "^${image}:" <<< "$TAGS"); tags=(); for line in "${lines[@]}"; do tags+=(-t "$line"); done
-            docker buildx imagetools create \
-              "${annotations[@]}" \
-              "${tags[@]}" \
-              "${image}@${DIGEST}"
-          done
-
-      # See `docker-annotate-base` for details.
-      - name: Export manifest digest
-        id: manifest-digest
-        if: ${{ needs.docker-plan.outputs.push == 'true' }}
-        env:
-          IMAGE: ${{ env.UV_GHCR_IMAGE }}
-          VERSION: ${{ steps.meta.outputs.version }}
-        run: |
-          digest="$(
-            docker buildx imagetools inspect \
-              "${IMAGE}:${VERSION}" \
-              --format '{{json .Manifest}}' \
-            | jq -r '.digest'
-          )"
-          echo "digest=${digest}" >> "$GITHUB_OUTPUT"
-
-      # See `docker-annotate-base` for details.
-      - name: Generate artifact attestation
-        if: ${{ needs.docker-plan.outputs.push == 'true' }}
-        uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # v2.4.0
-        with:
-          subject-name: ${{ env.UV_GHCR_IMAGE }}
-          subject-digest: ${{ steps.manifest-digest.outputs.digest }}
-
-  # Annotate the base image
-  docker-annotate-base:
-    name: annotate uv
+  # This is effectively a duplicate of `docker-publish` to make https://github.com/astral-sh/uv/pkgs/container/uv
+  # show the uv base image first since GitHub always shows the last updated image digests
+  # This works by annotating the original digests (previously non-annotated) which triggers an update to ghcr.io
+  docker-republish:
+    name: Annotate Docker image (ghcr.io/astral-sh/uv)
    runs-on: ubuntu-latest
    environment:
-      name: ${{ needs.docker-plan.outputs.push == 'true' && 'release' || '' }}
+      name: release
    needs:
-      - docker-plan
-      - docker-publish-base
      - docker-publish-extra
-    if: ${{ needs.docker-plan.outputs.push == 'true' }}
+    if: ${{ inputs.plan != '' && !fromJson(inputs.plan).announcement_tag_is_implicit }}
+    permissions:
+      packages: write
+      attestations: write # needed to push image attestations to the Github attestation store
+      id-token: write # needed for signing the images with GitHub OIDC Token
    steps:
+      # Login to DockerHub first, to avoid rate-limiting
      - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
        with:
-          username: astral
-          password: ${{ secrets.DOCKERHUB_TOKEN_RW }}
+          username: astralshbot
+          password: ${{ secrets.DOCKERHUB_TOKEN_RO }}
+
+      - name: Download digests
+        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
+        with:
+          path: /tmp/digests
+          pattern: digests-*
+          merge-multiple: true
+
+      - uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0
+        env:
+          DOCKER_METADATA_ANNOTATIONS_LEVELS: index
+        with:
+          images: ${{ env.UV_BASE_IMG }}
+          # Order is on purpose such that the label org.opencontainers.image.version has the first pattern with the full version
+          tags: |
+            type=pep440,pattern={{ version }},value=${{ fromJson(inputs.plan).announcement_tag }}
+            type=pep440,pattern={{ major }}.{{ minor }},value=${{ fromJson(inputs.plan).announcement_tag }}

      - uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
        with:
@ -353,37 +350,22 @@ jobs:
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}

-      # Depot doesn't support annotating images, so we need to do so manually
-      # afterwards. Mutating the manifest is desirable regardless, because we
-      # want to bump the base image to appear at the top of the list on GHCR.
-      # However, once annotation support is added to Depot, this step can be
-      # minimized to just touch the GHCR manifest.
-      - name: Add annotations to images
-        env:
-          IMAGES: "${{ env.UV_GHCR_IMAGE }} ${{ env.UV_DOCKERHUB_IMAGE }}"
-          DIGEST: ${{ needs.docker-publish-base.outputs.image-digest }}
-          TAGS: ${{ needs.docker-publish-base.outputs.image-tags }}
-          ANNOTATIONS: ${{ needs.docker-publish-base.outputs.image-annotations }}
+      # Adapted from https://docs.docker.com/build/ci/github-actions/multi-platform/
+      - name: Create manifest list and push
+        working-directory: /tmp/digests
        # The readarray part is used to make sure the quoting and special characters are preserved on expansion (e.g. spaces)
-        # The final command becomes `docker buildx imagetools create --annotation 'index:foo=1' --annotation 'index:bar=2' ... -t tag1 -t tag2 ... <IMG>@sha256:<sha256>`
+        # The jq command expands the docker/metadata json "tags" array entry to `-t tag1 -t tag2 ...` for each tag in the array
+        # The printf will expand the base image with the `<UV_BASE_IMG>@sha256:<sha256> ...` for each sha256 in the directory
+        # The final command becomes `docker buildx imagetools create -t tag1 -t tag2 ... <UV_BASE_IMG>@sha256:<sha256_1> <UV_BASE_IMG>@sha256:<sha256_2> ...`
        run: |
-          set -x
-          readarray -t lines <<< "$ANNOTATIONS"; annotations=(); for line in "${lines[@]}"; do annotations+=(--annotation "$line"); done
-          for image in $IMAGES; do
-            readarray -t lines < <(grep "^${image}:" <<< "$TAGS"); tags=(); for line in "${lines[@]}"; do tags+=(-t "$line"); done
+          readarray -t lines <<< "$DOCKER_METADATA_OUTPUT_ANNOTATIONS"; annotations=(); for line in "${lines[@]}"; do annotations+=(--annotation "$line"); done
          docker buildx imagetools create \
            "${annotations[@]}" \
-              "${tags[@]}" \
-              "${image}@${DIGEST}"
-          done
+            $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf '${{ env.UV_BASE_IMG }}@sha256:%s ' *)

-      # Now that we've modified the manifest, we need to attest it again.
-      # Note we only generate an attestation for GHCR.
-      - name: Export manifest digest
+      - name: Share manifest digest
        id: manifest-digest
-        env:
-          IMAGE: ${{ env.UV_GHCR_IMAGE }}
-          VERSION: ${{ needs.docker-publish-base.outputs.image-version }}
        # To sign the manifest, we need it's digest. Unfortunately "docker
        # buildx imagetools create" does not (yet) have a clean way of sharing
        # the digest of the manifest it creates (see docker/buildx#2407), so
@ -395,14 +377,15 @@ jobs:
        run: |
          digest="$(
            docker buildx imagetools inspect \
-              "${IMAGE}:${VERSION}" \
+              "${UV_BASE_IMG}:${DOCKER_METADATA_OUTPUT_VERSION}" \
              --format '{{json .Manifest}}' \
            | jq -r '.digest'
          )"
          echo "digest=${digest}" >> "$GITHUB_OUTPUT"

      - name: Generate artifact attestation
-        uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # v2.4.0
+        uses: actions/attest-build-provenance@db473fddc028af60658334401dc6fa3ffd8669fd # v2.3.0
        with:
-          subject-name: ${{ env.UV_GHCR_IMAGE }}
+          subject-name: ${{ env.UV_BASE_IMG }}
          subject-digest: ${{ steps.manifest-digest.outputs.digest }}
+          # push-to-registry is explicitly not enabled to maintain full control over the top image
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -14,9 +14,8 @@ env:
  CARGO_INCREMENTAL: 0
  CARGO_NET_RETRY: 10
  CARGO_TERM_COLOR: always
-  PYTHON_VERSION: "3.12"
  RUSTUP_MAX_RETRIES: 10
-  RUST_BACKTRACE: 1
+  PYTHON_VERSION: "3.12"

 jobs:
  determine_changes:
@ -40,7 +39,7 @@ jobs:

          while IFS= read -r file; do
            # Generated markdown and JSON files are checked during test runs.
-            if [[ "${file}" =~ ^docs/ && ! "${file}" =~ ^docs/reference/(cli|settings).md && ! "${file}" =~ ^docs/reference/environment.md ]]; then
+            if [[ "${file}" =~ ^docs/ && ! "${file}" =~ ^docs/reference/(cli|settings).md && ! "${file}" =~ ^docs/configuration/environment.md ]]; then
              echo "Skipping ${file} (matches docs/ pattern)"
              continue
            fi
@ -82,7 +81,7 @@ jobs:
        run: rustup component add rustfmt

      - name: "Install uv"
-        uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
+        uses: astral-sh/setup-uv@f0ec1fc3b38f5e7cd731bb6ce540c5af426746bb # v6.1.0

      - name: "rustfmt"
        run: cargo fmt --all --check
@ -126,11 +125,11 @@ jobs:
    name: "cargo clippy | ubuntu"
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
        with:
          save-if: ${{ github.ref == 'refs/heads/main' }}
      - name: "Check uv_build dependencies"
-        uses: EmbarkStudios/cargo-deny-action@30f817c6f72275c6d54dc744fbca09ebc958599f # v2.0.12
+        uses: EmbarkStudios/cargo-deny-action@34899fc7ba81ca6268d5947a7a16b4649013fea1 # v2.0.11
        with:
          command: check bans
          manifest-path: crates/uv-build/Cargo.toml
@ -156,7 +155,7 @@ jobs:
        run: |
          Copy-Item -Path "${{ github.workspace }}" -Destination "${{ env.UV_WORKSPACE }}" -Recurse

-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
        with:
          workspaces: ${{ env.UV_WORKSPACE }}

@ -175,7 +174,7 @@ jobs:
    name: "cargo dev generate-all"
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
        with:
          save-if: ${{ github.ref == 'refs/heads/main' }}
      - name: "Generate all"
@ -188,7 +187,7 @@ jobs:
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: "Install cargo shear"
-        uses: taiki-e/install-action@a416ddeedbd372e614cc1386e8b642692f66865e # v2.57.1
+        uses: taiki-e/install-action@735e5933943122c5ac182670a935f54a949265c1 # v2.52.4
        with:
          tool: cargo-shear
      - run: cargo shear
@ -206,26 +205,23 @@ jobs:
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

-      - uses: rui314/setup-mold@702b1908b5edf30d71a8d1666b724e0f0c6fa035 # v1
+      - uses: rui314/setup-mold@v1

-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8

      - name: "Install Rust toolchain"
        run: rustup show

-      - uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
+      - uses: astral-sh/setup-uv@f0ec1fc3b38f5e7cd731bb6ce540c5af426746bb # v6.1.0
      - name: "Install required Python versions"
        run: uv python install

      - name: "Install cargo nextest"
-        uses: taiki-e/install-action@a416ddeedbd372e614cc1386e8b642692f66865e # v2.57.1
+        uses: taiki-e/install-action@735e5933943122c5ac182670a935f54a949265c1 # v2.52.4
        with:
          tool: cargo-nextest

      - name: "Cargo test"
-        env:
-          # Retry more than default to reduce flakes in CI
-          UV_HTTP_RETRIES: 5
        run: |
          cargo nextest run \
            --features python-patch \
@ -233,35 +229,31 @@ jobs:
            --status-level skip --failure-output immediate-final --no-fail-fast -j 20 --final-status-level slow

  cargo-test-macos:
-    timeout-minutes: 15
+    timeout-minutes: 10
    needs: determine_changes
-    # Only run macOS tests on main without opt-in
-    if: ${{ contains(github.event.pull_request.labels.*.name, 'test:macos') || github.ref == 'refs/heads/main' }}
+    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-test') && (needs.determine_changes.outputs.code == 'true' || github.ref == 'refs/heads/main') }}
    runs-on: macos-latest-xlarge # github-macos-14-aarch64-6
    name: "cargo test | macos"
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

-      - uses: rui314/setup-mold@702b1908b5edf30d71a8d1666b724e0f0c6fa035 # v1
+      - uses: rui314/setup-mold@v1

-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8

      - name: "Install Rust toolchain"
        run: rustup show

-      - uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
+      - uses: astral-sh/setup-uv@f0ec1fc3b38f5e7cd731bb6ce540c5af426746bb # v6.1.0
      - name: "Install required Python versions"
        run: uv python install

      - name: "Install cargo nextest"
-        uses: taiki-e/install-action@a416ddeedbd372e614cc1386e8b642692f66865e # v2.57.1
+        uses: taiki-e/install-action@735e5933943122c5ac182670a935f54a949265c1 # v2.52.4
        with:
          tool: cargo-nextest

      - name: "Cargo test"
-        env:
-          # Retry more than default to reduce flakes in CI
-          UV_HTTP_RETRIES: 5
        run: |
          cargo nextest run \
            --no-default-features \
@ -273,7 +265,7 @@ jobs:
    timeout-minutes: 15
    needs: determine_changes
    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-test') && (needs.determine_changes.outputs.code == 'true' || github.ref == 'refs/heads/main') }}
-    runs-on: depot-windows-2022-16
+    runs-on: github-windows-2025-x86_64-16
    name: "cargo test | windows"
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@ -286,11 +278,11 @@ jobs:
        run: |
          Copy-Item -Path "${{ github.workspace }}" -Destination "${{ env.UV_WORKSPACE }}" -Recurse

-      - uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
+      - uses: astral-sh/setup-uv@f0ec1fc3b38f5e7cd731bb6ce540c5af426746bb # v6.1.0
      - name: "Install required Python versions"
        run: uv python install

-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
        with:
          workspaces: ${{ env.UV_WORKSPACE }}

@ -299,15 +291,29 @@ jobs:
        run: rustup show

      - name: "Install cargo nextest"
-        uses: taiki-e/install-action@a416ddeedbd372e614cc1386e8b642692f66865e # v2.57.1
+        uses: taiki-e/install-action@735e5933943122c5ac182670a935f54a949265c1 # v2.52.4
        with:
          tool: cargo-nextest

+      # Get crash dumps to debug the `exit_code: -1073741819` failures
+      - name: Configure crash dumps
+        if: runner.os == 'Windows'
+        shell: powershell
+        run: |
+          $dumps = "$env:GITHUB_WORKSPACE\dumps"
+          New-Item -Path $dumps -ItemType Directory -Force
+
+          # https://github.com/microsoft/terminal/wiki/Troubleshooting-Tips#capture-automatically
+          $reg = "HKLM:\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps"
+          New-Item -Path $reg -Force | Out-Null
+          Set-ItemProperty -Path $reg -Name "DumpFolder" -Value $dumps
+          Set-ItemProperty -Path $reg -Name "DumpType" -Value 2
+
      - name: "Cargo test"
+        id: test
+        continue-on-error: true
        working-directory: ${{ env.UV_WORKSPACE }}
        env:
-          # Retry more than default to reduce flakes in CI
-          UV_HTTP_RETRIES: 5
          # Avoid permission errors during concurrent tests
          # See https://github.com/astral-sh/uv/issues/6940
          UV_LINK_MODE: copy
@ -319,6 +325,42 @@ jobs:
            --workspace \
            --status-level skip --failure-output immediate-final --no-fail-fast -j 20 --final-status-level slow

+      # Get crash dumps to debug the `exit_code: -1073741819` failures (contd.)
+      - name: Analyze crashes
+        if: steps.test.outcome == 'failure'
+        shell: powershell
+        run: |
+          $dumps = Get-ChildItem "$env:GITHUB_WORKSPACE\dumps\*.dmp" -ErrorAction SilentlyContinue
+          if (!$dumps) { exit 0 }
+
+          Write-Host "Found $($dumps.Count) crash dump(s)"
+
+          # Download cdb if needed
+          $cdb = "C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\cdb.exe"
+          if (!(Test-Path $cdb)) {
+            # https://github.com/microsoft/react-native-windows/blob/f1570a5ef1c4fc1e78d0a0ad5af848ab91a4061c/vnext/Scripts/Analyze-Crash.ps1#L44-L56
+            Invoke-WebRequest "https://go.microsoft.com/fwlink/?linkid=2173743" -OutFile "$env:TEMP\sdk.exe"
+            Start-Process "$env:TEMP\sdk.exe" -ArgumentList "/features OptionId.WindowsDesktopDebuggers /quiet" -Wait
+          }
+
+          # Analyze each dump
+          foreach ($dump in $dumps) {
+            Write-Host "`n=== $($dump.Name) ==="
+            & $cdb -z $dump -c "!analyze -v; .ecxr; k; q" 2>&1 | Select-String -Pattern "(ExceptionCode:|SYMBOL_NAME:|IMAGE_NAME:|STACK_TEXT:)" -Context 0,2
+          }
+
+      - name: Upload crash dumps
+        if: steps.test.outcome == 'failure'
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        with:
+          name: crash-dumps-${{ github.run_number }}
+          path: dumps/*.dmp
+          if-no-files-found: ignore
+
+      - name: Fail if tests failed
+        if: steps.test.outcome == 'failure'
+        run: exit 1
+
  # Separate jobs for the nightly crate
  windows-trampoline-check:
    timeout-minutes: 15
@ -341,7 +383,7 @@ jobs:
        run: |
          Copy-Item -Path "${{ github.workspace }}" -Destination "${{ env.UV_WORKSPACE }}" -Recurse

-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
        with:
          workspaces: ${{ env.UV_WORKSPACE }}/crates/uv-trampoline

@ -352,7 +394,7 @@ jobs:
          rustup component add rust-src --target ${{ matrix.target-arch }}-pc-windows-msvc

      - name: "Install cargo-bloat"
-        uses: taiki-e/install-action@a416ddeedbd372e614cc1386e8b642692f66865e # v2.57.1
+        uses: taiki-e/install-action@735e5933943122c5ac182670a935f54a949265c1 # v2.52.4
        with:
          tool: cargo-bloat

@ -397,7 +439,7 @@ jobs:
      - name: Copy Git Repo to Dev Drive
        run: |
          Copy-Item -Path "${{ github.workspace }}" -Destination "${{ env.UV_WORKSPACE }}" -Recurse
-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
        with:
          workspaces: ${{ env.UV_WORKSPACE }}/crates/uv-trampoline
      - name: "Install Rust toolchain"
@ -427,7 +469,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: crate-ci/typos@392b78fe18a52790c53f42456e46124f77346842 # v1.34.0
+      - uses: crate-ci/typos@master

  docs:
    timeout-minutes: 10
@ -439,7 +481,7 @@ jobs:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          fetch-depth: 0
-      - uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
+      - uses: astral-sh/setup-uv@f0ec1fc3b38f5e7cd731bb6ce540c5af426746bb # v6.1.0
      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
      - name: "Add SSH key"
        if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS == 'true' }}
@ -452,7 +494,7 @@ jobs:

      - name: "Build docs (insiders)"
        if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS == 'true' }}
-        run: uvx --with-requirements docs/requirements-insiders.txt mkdocs build --strict -f mkdocs.insiders.yml
+        run: uvx --with-requirements docs/requirements.txt mkdocs build --strict -f mkdocs.insiders.yml

  build-binary-linux-libc:
    timeout-minutes: 10
@ -463,9 +505,9 @@ jobs:
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

-      - uses: rui314/setup-mold@702b1908b5edf30d71a8d1666b724e0f0c6fa035 # v1
+      - uses: rui314/setup-mold@v1

-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8

      - name: "Build"
        run: cargo build
@ -479,31 +521,6 @@ jobs:
            ./target/debug/uvx
          retention-days: 1

-  build-binary-linux-aarch64:
-    timeout-minutes: 10
-    needs: determine_changes
-    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-test') && (needs.determine_changes.outputs.code == 'true' || github.ref == 'refs/heads/main') }}
-    runs-on: github-ubuntu-24.04-aarch64-4
-    name: "build binary | linux aarch64"
-    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - uses: rui314/setup-mold@702b1908b5edf30d71a8d1666b724e0f0c6fa035 # v1
-
-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
-
-      - name: "Build"
-        run: cargo build
-
-      - name: "Upload binary"
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
-        with:
-          name: uv-linux-aarch64-${{ github.sha }}
-          path: |
-            ./target/debug/uv
-            ./target/debug/uvx
-          retention-days: 1
-
  build-binary-linux-musl:
    timeout-minutes: 10
    needs: determine_changes
@ -513,14 +530,14 @@ jobs:
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

-      - uses: rui314/setup-mold@702b1908b5edf30d71a8d1666b724e0f0c6fa035 # v1
+      - uses: rui314/setup-mold@v1

      - name: "Setup musl"
        run: |
          sudo apt-get install musl-tools
          rustup target add x86_64-unknown-linux-musl

-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8

      - name: "Build"
        run: cargo build --target x86_64-unknown-linux-musl --bin uv --bin uvx
@ -543,9 +560,9 @@ jobs:
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

-      - uses: rui314/setup-mold@702b1908b5edf30d71a8d1666b724e0f0c6fa035 # v1
+      - uses: rui314/setup-mold@v1

-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
      - name: "Build"
        run: cargo build --bin uv --bin uvx

@ -567,9 +584,9 @@ jobs:
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

-      - uses: rui314/setup-mold@702b1908b5edf30d71a8d1666b724e0f0c6fa035 # v1
+      - uses: rui314/setup-mold@v1

-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
      - name: "Build"
        run: cargo build --bin uv --bin uvx

@ -599,7 +616,7 @@ jobs:
        run: |
          Copy-Item -Path "${{ github.workspace }}" -Destination "${{ env.UV_WORKSPACE }}" -Recurse

-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
        with:
          workspaces: ${{ env.UV_WORKSPACE }}

@ -634,7 +651,7 @@ jobs:
        run: |
          Copy-Item -Path "${{ github.workspace }}" -Destination "${{ env.UV_WORKSPACE }}" -Recurse

-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
        with:
          workspaces: ${{ env.UV_WORKSPACE }}

@ -654,8 +671,8 @@ jobs:
            ${{ env.UV_WORKSPACE }}/target/aarch64-pc-windows-msvc/debug/uvx.exe
          retention-days: 1

-  build-binary-msrv:
-    name: "build binary | msrv"
+  cargo-build-msrv:
+    name: "cargo build (msrv)"
    needs: determine_changes
    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-test') && (needs.determine_changes.outputs.code == 'true' || github.ref == 'refs/heads/main') }}
    runs-on: github-ubuntu-24.04-x86_64-8
@ -670,8 +687,8 @@ jobs:
      - name: "Install Rust toolchain"
        run: rustup default ${{ steps.msrv.outputs.value }}
      - name: "Install mold"
-        uses: rui314/setup-mold@702b1908b5edf30d71a8d1666b724e0f0c6fa035 # v1
-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+        uses: rui314/setup-mold@v1
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
      - run: cargo +${{ steps.msrv.outputs.value }} build
      - run: ./target/debug/uv --version

@ -684,7 +701,7 @@ jobs:

    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
      - name: "Cross build"
        run: |
          # Install cross from `freebsd-firecracker`
@ -695,7 +712,7 @@ jobs:
          cross build --target x86_64-unknown-freebsd

      - name: Test in Firecracker VM
-        uses: acj/freebsd-firecracker-action@136ca0bce2adade21e526ceb07db643ad23dd2dd # v0.5.1
+        uses: acj/freebsd-firecracker-action@5b4c9938e8b5ff1041c58e21515909a0e1500d59 # v0.4.1
        with:
          verbose: false
          checkout: false
@ -804,33 +821,6 @@ jobs:
          eval "$(./uv generate-shell-completion bash)"
          eval "$(./uvx --generate-shell-completion bash)"

-  smoke-test-linux-aarch64:
-    timeout-minutes: 10
-    needs: build-binary-linux-aarch64
-    name: "smoke test | linux aarch64"
-    runs-on: github-ubuntu-24.04-aarch64-2
-    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - name: "Download binary"
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
-        with:
-          name: uv-linux-aarch64-${{ github.sha }}
-
-      - name: "Prepare binary"
-        run: |
-          chmod +x ./uv
-          chmod +x ./uvx
-
-      - name: "Smoke test"
-        run: |
-          ./uv run scripts/smoke-test
-
-      - name: "Test shell completions"
-        run: |
-          eval "$(./uv generate-shell-completion bash)"
-          eval "$(./uvx --generate-shell-completion bash)"
-
  smoke-test-linux-musl:
    timeout-minutes: 10
    needs: build-binary-linux-musl
@ -913,7 +903,7 @@ jobs:
    timeout-minutes: 10
    needs: build-binary-windows-aarch64
    name: "smoke test | windows aarch64"
-    runs-on: windows-11-arm
+    runs-on: github-windows-11-aarch64-4
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

@ -944,7 +934,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: conda-incubator/setup-miniconda@835234971496cad1653abb28a638a281cf32541f # v3.2.0
+      - uses: conda-incubator/setup-miniconda@505e6394dae86d6a5c7fbb6e3fb8938e3e863830 # v3.1.1
        with:
          miniconda-version: latest
          activate-environment: uv
@ -1042,7 +1032,7 @@ jobs:

      - name: "Create a virtual environment (uv)"
        run: |
-          ./uv venv -c -p 3.13t --managed-python
+          ./uv venv -p 3.13t --managed-python

      - name: "Check version (uv)"
        run: |
@ -1061,96 +1051,6 @@ jobs:
          ./uv run python -c ""
          ./uv run -p 3.13t python -c ""

-  integration-test-windows-aarch64-implicit:
-    timeout-minutes: 10
-    needs: build-binary-windows-aarch64
-    name: "integration test | aarch64 windows implicit"
-    runs-on: windows-11-arm
-
-    steps:
-      - name: "Download binary"
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
-        with:
-          name: uv-windows-aarch64-${{ github.sha }}
-
-      - name: "Install Python via uv (implicitly select x64)"
-        run: |
-          ./uv python install -v 3.13
-
-      - name: "Create a virtual environment (stdlib)"
-        run: |
-          & (./uv python find 3.13) -m venv .venv
-
-      - name: "Check version (stdlib)"
-        run: |
-          .venv/Scripts/python --version
-
-      - name: "Create a virtual environment (uv)"
-        run: |
-          ./uv venv -c -p 3.13 --managed-python
-
-      - name: "Check version (uv)"
-        run: |
-          .venv/Scripts/python --version
-
-      - name: "Check is x64"
-        run: |
-          .venv/Scripts/python -c "import sys; exit(1) if 'AMD64' not in sys.version else exit(0)"
-
-      - name: "Check install"
-        run: |
-          ./uv pip install -v anyio
-
-      - name: "Check uv run"
-        run: |
-          ./uv run python -c ""
-          ./uv run -p 3.13 python -c ""
-
-  integration-test-windows-aarch64-explicit:
-    timeout-minutes: 10
-    needs: build-binary-windows-aarch64
-    name: "integration test | aarch64 windows explicit"
-    runs-on: windows-11-arm
-
-    steps:
-      - name: "Download binary"
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
-        with:
-          name: uv-windows-aarch64-${{ github.sha }}
-
-      - name: "Install Python via uv (explicitly select aarch64)"
-        run: |
-          ./uv python install -v cpython-3.13-windows-aarch64-none
-
-      - name: "Create a virtual environment (stdlib)"
-        run: |
-          & (./uv python find 3.13) -m venv .venv
-
-      - name: "Check version (stdlib)"
-        run: |
-          .venv/Scripts/python --version
-
-      - name: "Create a virtual environment (uv)"
-        run: |
-          ./uv venv -c -p 3.13 --managed-python
-
-      - name: "Check version (uv)"
-        run: |
-          .venv/Scripts/python --version
-
-      - name: "Check is NOT x64"
-        run: |
-          .venv/Scripts/python -c "import sys; exit(1) if 'AMD64' in sys.version else exit(0)"
-
-      - name: "Check install"
-        run: |
-          ./uv pip install -v anyio
-
-      - name: "Check uv run"
-        run: |
-          ./uv run python -c ""
-          ./uv run -p 3.13 python -c ""
-
  integration-test-pypy-linux:
    timeout-minutes: 10
    needs: build-binary-linux-libc
@ -1394,45 +1294,6 @@ jobs:
        run: |
          .\uv.exe pip install anyio

-  integration-test-pyodide-linux:
-    timeout-minutes: 10
-    needs: build-binary-linux-libc
-    name: "integration test | pyodide on ubuntu"
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - name: "Download binary"
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
-        with:
-          name: uv-linux-libc-${{ github.sha }}
-
-      - name: "Prepare binary"
-        run: chmod +x ./uv
-
-      - name: "Create a native virtual environment"
-        run: |
-          ./uv venv venv-native -p 3.12
-          # We use features added in 0.30.3 but there is no known breakage in
-          # newer versions.
-          ./uv pip install -p venv-native/bin/python pyodide-build==0.30.3 pip
-
-      - name: "Install pyodide interpreter"
-        run: |
-          source ./venv-native/bin/activate
-          pyodide xbuildenv install 0.27.5
-          PYODIDE_PYTHON=$(pyodide config get interpreter)
-          PYODIDE_INDEX=$(pyodide config get package_index)
-          echo "PYODIDE_PYTHON=$PYODIDE_PYTHON" >> $GITHUB_ENV
-          echo "PYODIDE_INDEX=$PYODIDE_INDEX" >> $GITHUB_ENV
-
-      - name: "Create pyodide virtual environment"
-        run: |
-          ./uv venv -p $PYODIDE_PYTHON venv-pyodide
-          source ./venv-pyodide/bin/activate
-          ./uv pip install --extra-index-url=$PYODIDE_INDEX --no-build numpy
-          python -c 'import numpy'
-
  integration-test-github-actions:
    timeout-minutes: 10
    needs: build-binary-linux-libc
@ -1567,90 +1428,6 @@ jobs:
          done <<< "${CHANGED_FILES}"
          echo "code_any_changed=${CODE_CHANGED}" >> "${GITHUB_OUTPUT}"

-  integration-test-registries:
-    timeout-minutes: 10
-    needs: build-binary-linux-libc
-    name: "integration test | registries"
-    runs-on: ubuntu-latest
-    if: ${{ !contains(github.event.pull_request.labels.*.name, 'no-test') && github.event.pull_request.head.repo.fork != true }}
-    environment: uv-test-registries
-    env:
-      PYTHON_VERSION: 3.12
-    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-        with:
-          fetch-depth: 0
-
-      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
-        with:
-          python-version: "${{ env.PYTHON_VERSION }}"
-
-      - name: "Download binary"
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
-        with:
-          name: uv-linux-libc-${{ github.sha }}
-
-      - name: "Prepare binary"
-        run: chmod +x ./uv
-
-      - name: "Configure AWS credentials"
-        uses: aws-actions/configure-aws-credentials@a159d7bb5354cf786f855f2f5d1d8d768d9a08d1
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: us-east-1
-
-      - name: "Get AWS CodeArtifact token"
-        run: |
-          UV_TEST_AWS_TOKEN=$(aws codeartifact get-authorization-token \
-            --domain tests \
-            --domain-owner ${{ secrets.AWS_ACCOUNT_ID }} \
-            --region us-east-1 \
-            --query authorizationToken \
-            --output text)
-          echo "::add-mask::$UV_TEST_AWS_TOKEN"
-          echo "UV_TEST_AWS_TOKEN=$UV_TEST_AWS_TOKEN" >> $GITHUB_ENV
-
-      - name: "Authenticate with GCP"
-        id: "auth"
-        uses: "google-github-actions/auth@140bb5113ffb6b65a7e9b937a81fa96cf5064462"
-        with:
-          credentials_json: "${{ secrets.GCP_SERVICE_ACCOUNT_KEY }}"
-
-      - name: "Set up GCP SDK"
-        uses: "google-github-actions/setup-gcloud@6a7c903a70c8625ed6700fa299f5ddb4ca6022e9"
-
-      - name: "Get GCP Artifact Registry token"
-        id: get_token
-        run: |
-          UV_TEST_GCP_TOKEN=$(gcloud auth print-access-token)
-          echo "::add-mask::$UV_TEST_GCP_TOKEN"
-          echo "UV_TEST_GCP_TOKEN=$UV_TEST_GCP_TOKEN" >> $GITHUB_ENV
-
-      - name: "Run registry tests"
-        run: ./uv run -p ${{ env.PYTHON_VERSION }} scripts/registries-test.py --uv ./uv --color always --all
-        env:
-          RUST_LOG: uv=debug
-          UV_TEST_ARTIFACTORY_TOKEN: ${{ secrets.UV_TEST_ARTIFACTORY_TOKEN }}
-          UV_TEST_ARTIFACTORY_URL: ${{ secrets.UV_TEST_ARTIFACTORY_URL }}
-          UV_TEST_ARTIFACTORY_USERNAME: ${{ secrets.UV_TEST_ARTIFACTORY_USERNAME }}
-          UV_TEST_AWS_URL: ${{ secrets.UV_TEST_AWS_URL }}
-          UV_TEST_AWS_USERNAME: aws
-          UV_TEST_AZURE_TOKEN: ${{ secrets.UV_TEST_AZURE_TOKEN }}
-          UV_TEST_AZURE_URL: ${{ secrets.UV_TEST_AZURE_URL }}
-          UV_TEST_AZURE_USERNAME: dummy
-          UV_TEST_CLOUDSMITH_TOKEN: ${{ secrets.UV_TEST_CLOUDSMITH_TOKEN }}
-          UV_TEST_CLOUDSMITH_URL: ${{ secrets.UV_TEST_CLOUDSMITH_URL }}
-          UV_TEST_CLOUDSMITH_USERNAME: ${{ secrets.UV_TEST_CLOUDSMITH_USERNAME }}
-          UV_TEST_GCP_URL: ${{ secrets.UV_TEST_GCP_URL }}
-          UV_TEST_GCP_USERNAME: oauth2accesstoken
-          UV_TEST_GEMFURY_TOKEN: ${{ secrets.UV_TEST_GEMFURY_TOKEN }}
-          UV_TEST_GEMFURY_URL: ${{ secrets.UV_TEST_GEMFURY_URL }}
-          UV_TEST_GEMFURY_USERNAME: ${{ secrets.UV_TEST_GEMFURY_USERNAME }}
-          UV_TEST_GITLAB_TOKEN: ${{ secrets.UV_TEST_GITLAB_TOKEN }}
-          UV_TEST_GITLAB_URL: ${{ secrets.UV_TEST_GITLAB_URL }}
-          UV_TEST_GITLAB_USERNAME: token
-
  integration-test-publish:
    timeout-minutes: 20
    needs: integration-test-publish-changed
@ -1758,14 +1535,14 @@ jobs:
          ./uv run --no-project python -c "from built_by_uv import greet; print(greet())"

          # Test both `build_wheel` and `build_sdist` through uv
-          ./uv venv -c -v
+          ./uv venv -v
          ./uv build -v --force-pep517 scripts/packages/built-by-uv --find-links crates/uv-build/dist --offline
          ./uv pip install -v scripts/packages/built-by-uv/dist/*.tar.gz --find-links crates/uv-build/dist --offline --no-deps
          ./uv run --no-project python -c "from built_by_uv import greet; print(greet())"

          # Test both `build_wheel` and `build_sdist` through the official `build`
          rm -rf scripts/packages/built-by-uv/dist/
-          ./uv venv -c -v
+          ./uv venv -v
          ./uv pip install build
          # Add the uv binary to PATH for `build` to find
          PATH="$(pwd):$PATH" UV_OFFLINE=1 UV_FIND_LINKS=crates/uv-build/dist ./uv run --no-project python -m build -v --installer uv scripts/packages/built-by-uv
@ -1969,10 +1746,6 @@ jobs:
      - name: "Print Python path"
        run: echo $(which python3)

-      # Needed for building Pydantic
-      - name: "Install build tools"
-        run: dnf install -y gcc
-
      - name: "Validate global Python install"
        run: python3 scripts/check_system_python.py --uv ./uv

@ -2227,7 +2000,7 @@ jobs:
    timeout-minutes: 10
    needs: build-binary-windows-aarch64
    name: "check system | x86-64 python3.13 on windows aarch64"
-    runs-on: windows-11-arm
+    runs-on: github-windows-11-aarch64-4
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

@ -2245,28 +2018,6 @@ jobs:
      - name: "Validate global Python install"
        run: py -3.13 ./scripts/check_system_python.py --uv ./uv.exe

-  system-test-windows-aarch64-aarch64-python-313:
-    timeout-minutes: 10
-    needs: build-binary-windows-aarch64
-    name: "check system | aarch64 python3.13 on windows aarch64"
-    runs-on: windows-11-arm
-    steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
-      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
-        with:
-          python-version: "3.13"
-          architecture: "arm64"
-          allow-prereleases: true
-
-      - name: "Download binary"
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
-        with:
-          name: uv-windows-aarch64-${{ github.sha }}
-
-      - name: "Validate global Python install"
-        run: py -3.13-arm64 ./scripts/check_system_python.py --uv ./uv.exe
-
  # Test our PEP 514 integration that installs Python into the Windows registry.
  system-test-windows-registry:
    timeout-minutes: 10
@ -2412,7 +2163,7 @@ jobs:
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

-      - uses: conda-incubator/setup-miniconda@835234971496cad1653abb28a638a281cf32541f # v3.2.0
+      - uses: conda-incubator/setup-miniconda@505e6394dae86d6a5c7fbb6e3fb8938e3e863830 # v3.1.1
        with:
          miniconda-version: "latest"
          activate-environment: uv
@ -2469,9 +2220,6 @@ jobs:
      - name: "Print Python path"
        run: echo $(which python3)

-      - name: Install build tools
-        run: yum install -y gcc
-
      - name: "Validate global Python install"
        run: python3 scripts/check_system_python.py --uv ./uv

@ -2517,13 +2265,13 @@ jobs:
      - name: "Checkout Branch"
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8

      - name: "Install Rust toolchain"
        run: rustup show

      - name: "Install codspeed"
-        uses: taiki-e/install-action@a416ddeedbd372e614cc1386e8b642692f66865e # v2.57.1
+        uses: taiki-e/install-action@735e5933943122c5ac182670a935f54a949265c1 # v2.52.4
        with:
          tool: cargo-codspeed

@ -2539,7 +2287,7 @@ jobs:
        run: cargo codspeed build --profile profiling --features codspeed -p uv-bench

      - name: "Run benchmarks"
-        uses: CodSpeedHQ/action@0b6e7a3d96c9d2a6057e7bcea6b45aaf2f7ce60b # v3.8.0
+        uses: CodSpeedHQ/action@0010eb0ca6e89b80c88e8edaaa07cfe5f3e6664d # v3.5.0
        with:
          run: cargo codspeed run
          token: ${{ secrets.CODSPEED_TOKEN }}
@ -2554,13 +2302,13 @@ jobs:
      - name: "Checkout Branch"
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

-      - uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8

      - name: "Install Rust toolchain"
        run: rustup show

      - name: "Install codspeed"
-        uses: taiki-e/install-action@a416ddeedbd372e614cc1386e8b642692f66865e # v2.57.1
+        uses: taiki-e/install-action@735e5933943122c5ac182670a935f54a949265c1 # v2.52.4
        with:
          tool: cargo-codspeed

@ -2576,7 +2324,7 @@ jobs:
        run: cargo codspeed build --profile profiling --features codspeed -p uv-bench

      - name: "Run benchmarks"
-        uses: CodSpeedHQ/action@0b6e7a3d96c9d2a6057e7bcea6b45aaf2f7ce60b # v3.8.0
+        uses: CodSpeedHQ/action@0010eb0ca6e89b80c88e8edaaa07cfe5f3e6664d # v3.5.0
        with:
          run: cargo codspeed run
          token: ${{ secrets.CODSPEED_TOKEN }}
--- a/.github/workflows/publish-docs.yml
+++ b/.github/workflows/publish-docs.yml
@ -17,28 +17,24 @@ on:
        required: true
        type: string

-permissions: {}
-
 jobs:
  mkdocs:
    runs-on: ubuntu-latest
    env:
-      VERSION: ${{ (inputs.plan != '' && fromJson(inputs.plan).announcement_tag) || inputs.ref }}
      MKDOCS_INSIDERS_SSH_KEY_EXISTS: ${{ secrets.MKDOCS_INSIDERS_SSH_KEY != '' }}
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ inputs.ref }}
          fetch-depth: 0
-          persist-credentials: false

      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
        with:
          python-version: 3.12

-      - name: "Set docs display name"
+      - name: "Set docs version"
        run: |
-          version="${VERSION}"
+          version="${{ (inputs.plan != '' && fromJson(inputs.plan).announcement_tag) || inputs.ref }}"
          # if version is missing, use 'latest'
          if [ -z "$version" ]; then
            echo "Using 'latest' as version"
@ -48,20 +44,21 @@ jobs:
          # Use version as display name for now
          display_name="$version"

-          echo "DISPLAY_NAME=$display_name" >> $GITHUB_ENV
+          echo "version=$version" >> $GITHUB_ENV
+          echo "display_name=$display_name" >> $GITHUB_ENV

      - name: "Set branch name"
        run: |
-          version="${VERSION}"
-          display_name="${DISPLAY_NAME}"
+          version="${{ env.version }}"
+          display_name="${{ env.display_name }}"
          timestamp="$(date +%s)"

          # create branch_display_name from display_name by replacing all
          # characters disallowed in git branch names with hyphens
          branch_display_name="$(echo "$display_name" | tr -c '[:alnum:]._' '-' | tr -s '-')"

-          echo "BRANCH_NAME=update-docs-$branch_display_name-$timestamp" >> $GITHUB_ENV
-          echo "TIMESTAMP=$timestamp" >> $GITHUB_ENV
+          echo "branch_name=update-docs-$branch_display_name-$timestamp" >> $GITHUB_ENV
+          echo "timestamp=$timestamp" >> $GITHUB_ENV

      - name: "Add SSH key"
        if: ${{ env.MKDOCS_INSIDERS_SSH_KEY_EXISTS == 'true' }}
@ -87,10 +84,8 @@ jobs:

      - name: "Clone docs repo"
        run: |
-          version="${VERSION}"
-          git clone https://${ASTRAL_DOCS_PAT}@github.com/astral-sh/docs.git astral-docs
-        env:
-          ASTRAL_DOCS_PAT: ${{ secrets.ASTRAL_DOCS_PAT }}
+          version="${{ env.version }}"
+          git clone https://${{ secrets.ASTRAL_DOCS_PAT }}@github.com/astral-sh/docs.git astral-docs

      - name: "Copy docs"
        run: rm -rf astral-docs/site/uv && mkdir -p astral-docs/site && cp -r site/uv astral-docs/site/
@ -98,7 +93,7 @@ jobs:
      - name: "Commit docs"
        working-directory: astral-docs
        run: |
-          branch_name="${BRANCH_NAME}"
+          branch_name="${{ env.branch_name }}"

          git config user.name "astral-docs-bot"
          git config user.email "176161322+astral-docs-bot@users.noreply.github.com"
@ -112,9 +107,9 @@ jobs:
        env:
          GITHUB_TOKEN: ${{ secrets.ASTRAL_DOCS_PAT }}
        run: |
-          version="${VERSION}"
-          display_name="${DISPLAY_NAME}"
-          branch_name="${BRANCH_NAME}"
+          version="${{ env.version }}"
+          display_name="${{ env.display_name }}"
+          branch_name="${{ env.branch_name }}"

          # set the PR title
          pull_request_title="Update uv documentation for $display_name"
@ -140,7 +135,7 @@ jobs:
        env:
          GITHUB_TOKEN: ${{ secrets.ASTRAL_DOCS_PAT }}
        run: |
-          branch_name="${BRANCH_NAME}"
+          branch_name="${{ env.branch_name }}"

          # auto-merge the PR if the build was triggered by a release. Manual builds should be reviewed by a human.
          # give the PR a few seconds to be created before trying to auto-merge it
--- a/.github/workflows/publish-pypi.yml
+++ b/.github/workflows/publish-pypi.yml
@ -22,7 +22,7 @@ jobs:
      id-token: write
    steps:
      - name: "Install uv"
-        uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
+        uses: astral-sh/setup-uv@f0ec1fc3b38f5e7cd731bb6ce540c5af426746bb # v6.1.0
      - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: wheels_uv-*
@ -41,7 +41,7 @@ jobs:
      id-token: write
    steps:
      - name: "Install uv"
-        uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
+        uses: astral-sh/setup-uv@f0ec1fc3b38f5e7cd731bb6ce540c5af426746bb # v6.1.0
      - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
        with:
          pattern: wheels_uv_build-*
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -69,7 +69,7 @@ jobs:
        # we specify bash to get pipefail; it guards against the `curl` command
        # failing. otherwise `sh` won't catch that `curl` returned non-0
        shell: bash
-        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/cargo-dist/releases/download/v0.28.7-prerelease.2/cargo-dist-installer.sh | sh"
+        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/cargo-dist/releases/download/v0.28.4/cargo-dist-installer.sh | sh"
      - name: Cache dist
        uses: actions/upload-artifact@6027e3dd177782cd8ab9af838c04fd81a07f1d47
        with:
--- a/.github/workflows/setup-dev-drive.ps1
+++ b/.github/workflows/setup-dev-drive.ps1
@ -1,43 +1,13 @@
 # Configures a drive for testing in CI.
-#
-# When using standard GitHub Actions runners, a `D:` drive is present and has
-# similar or better performance characteristics than a ReFS dev drive. Sometimes
-# using a larger runner is still more performant (e.g., when running the test
-# suite) and we need to create a dev drive. This script automatically configures
-# the appropriate drive.
-#
-# When using GitHub Actions' "larger runners", the `D:` drive is not present and
-# we create a DevDrive mount on `C:`. This is purported to be more performant
-# than an ReFS drive, though we did not see a change when we switched over.
-#
-# When using Depot runners, the underling infrastructure is EC2, which does not
-# support Hyper-V. The `New-VHD` commandlet only works with Hyper-V, but we can
-# create a ReFS drive using `diskpart` and `format` directory. We cannot use a
-# DevDrive, as that also requires Hyper-V. The Depot runners use `D:` already,
-# so we must check if it's a Depot runner first, and we use `V:` as the target
-# instead.

+# When not using a GitHub Actions "larger runner", the `D:` drive is present and
+# has similar or better performance characteristics than a ReFS dev drive.
+# Sometimes using a larger runner is still more performant (e.g., when running
+# the test suite) and we need to create a dev drive. This script automatically
+# configures the appropriate drive.

-if ($env:DEPOT_RUNNER -eq "1") {
-    Write-Output "DEPOT_RUNNER detected, setting up custom dev drive..."
-
-    # Create VHD and configure drive using diskpart
-    $vhdPath = "C:\uv_dev_drive.vhdx"
-    @"
-create vdisk file="$vhdPath" maximum=20480 type=expandable
-attach vdisk
-create partition primary
-active
-assign letter=V
-"@ | diskpart
-
-    # Format the drive as ReFS
-    format V: /fs:ReFS /q /y
-    $Drive = "V:"
-
-    Write-Output "Custom dev drive created at $Drive"
-} elseif (Test-Path "D:\") {
-	# Note `Get-PSDrive` is not sufficient because the drive letter is assigned.
+# Note we use `Get-PSDrive` is not sufficient because the drive letter is assigned.
+if (Test-Path "D:\") {
    Write-Output "Using existing drive at D:"
    $Drive = "D:"
 } else {
@ -85,8 +55,10 @@ Write-Output `
 	"DEV_DRIVE=$($Drive)" `
 	"TMP=$($Tmp)" `
 	"TEMP=$($Tmp)" `
+	"UV_INTERNAL__TEST_DIR=$($Tmp)" `
 	"RUSTUP_HOME=$($Drive)/.rustup" `
 	"CARGO_HOME=$($Drive)/.cargo" `
 	"UV_WORKSPACE=$($Drive)/uv" `
 	"PATH=$($Drive)/.cargo/bin;$env:PATH" `
 	>> $env:GITHUB_ENV
+
--- a/.github/workflows/sync-python-releases.yml
+++ b/.github/workflows/sync-python-releases.yml
@ -17,7 +17,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: astral-sh/setup-uv@e92bafb6253dcd438e0484186d7669ea7a8ca1cc # v6.4.3
+      - uses: astral-sh/setup-uv@f0ec1fc3b38f5e7cd731bb6ce540c5af426746bb # v6.1.0
        with:
          version: "latest"
          enable-cache: true
--- a/.gitignore
+++ b/.gitignore
@ -3,10 +3,9 @@

 # Generated by Cargo
 # will have compiled files and executables
-/vendor/
 debug/
-target-alpine/
 target/
+target-alpine/

 # Bootstrapped Python versions
 /bin/
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -12,7 +12,7 @@ repos:
      - id: validate-pyproject

  - repo: https://github.com/crate-ci/typos
-    rev: v1.34.0
+    rev: v1.32.0
    hooks:
      - id: typos

@ -42,7 +42,7 @@ repos:
        types_or: [yaml, json5]

  - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.12.5
+    rev: v0.11.12
    hooks:
      - id: ruff-format
      - id: ruff
--- a/.prettierignore
+++ b/.prettierignore
@ -3,6 +3,6 @@ CHANGELOG.md
 PREVIEW-CHANGELOG.md
 docs/reference/cli.md
 docs/reference/settings.md
-docs/reference/environment.md
+docs/configuration/environment.md
 ecosystem/home-assistant-core/LICENSE.md
 docs/guides/integration/gitlab.md
--- a/.python-versions
+++ b/.python-versions
@ -6,6 +6,7 @@
 3.8.20
 # The following are required for packse scenarios
 3.9.20
+3.9.18
 3.9.12
 # The following is needed for `==3.13` request tests
 3.13.0
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -3,262 +3,368 @@
 <!-- prettier-ignore-start -->


-## 0.8.4
+## 0.7.10

 ### Enhancements

- Improve styling of warning cause chains  ([#14934](https://github.com/astral-sh/uv/pull/14934))
- Extend wheel filtering to Android tags ([#14977](https://github.com/astral-sh/uv/pull/14977))
- Perform wheel lockfile filtering based on platform and OS intersection ([#14976](https://github.com/astral-sh/uv/pull/14976))
- Clarify messaging when a new resolution needs to be performed ([#14938](https://github.com/astral-sh/uv/pull/14938))
-
-### Preview features
-
- Add support for extending package's build dependencies with `extra-build-dependencies` ([#14735](https://github.com/astral-sh/uv/pull/14735))
- Split preview mode into separate feature flags ([#14823](https://github.com/astral-sh/uv/pull/14823))
-
-### Configuration
-
- Add support for package specific `exclude-newer` dates via `exclude-newer-package` ([#14489](https://github.com/astral-sh/uv/pull/14489))
+- Add `--show-extras` to `uv tool list` ([#13783](https://github.com/astral-sh/uv/pull/13783))
+- Add dynamically generated sysconfig replacement mappings ([#13441](https://github.com/astral-sh/uv/pull/13441))
+- Add data locations to install wheel logs ([#13797](https://github.com/astral-sh/uv/pull/13797))

 ### Bug fixes

- Avoid invalidating lockfile when path or workspace dependencies define explicit indexes ([#14876](https://github.com/astral-sh/uv/pull/14876))
- Copy entrypoints that have a shebang that differs in `python` vs `python3` ([#14970](https://github.com/astral-sh/uv/pull/14970))
- Fix incorrect file permissions in wheel packages ([#14930](https://github.com/astral-sh/uv/pull/14930))
- Update validation for `environments` and `required-environments` in `uv.toml` ([#14905](https://github.com/astral-sh/uv/pull/14905))
+- Avoid redaction of placeholder `git` username when using SSH authentication ([#13799](https://github.com/astral-sh/uv/pull/13799))
+- Propagate credentials to files on devpi indexes ending in `/+simple` ([#13743](https://github.com/astral-sh/uv/pull/13743))
+- Restore retention of credentials for direct URLs in `uv export` ([#13809](https://github.com/astral-sh/uv/pull/13809)) 

-### Documentation
-
- Show `uv_build` in projects documentation ([#14968](https://github.com/astral-sh/uv/pull/14968))
- Add `UV_` prefix to installer environment variables ([#14964](https://github.com/astral-sh/uv/pull/14964))
- Un-hide `uv` from `--build-backend` options ([#14939](https://github.com/astral-sh/uv/pull/14939))
- Update documentation for preview flags ([#14902](https://github.com/astral-sh/uv/pull/14902))
-
-## 0.8.3
+## 0.7.9

 ### Python

- Add CPython 3.14.0rc1
+The changes reverted in [0.7.8](#078) have been restored.

-See the [`python-build-standalone` release notes](https://github.com/astral-sh/python-build-standalone/releases/tag/20250723) for more details.
+See the
+[`python-build-standalone` release notes](https://github.com/astral-sh/python-build-standalone/releases/tag/20250529)
+for more details.

 ### Enhancements

- Allow non-standard entrypoint names in `uv_build` ([#14867](https://github.com/astral-sh/uv/pull/14867))
- Publish riscv64 wheels to PyPI ([#14852](https://github.com/astral-sh/uv/pull/14852))
+- Improve obfuscation of credentials in URLs ([#13560](https://github.com/astral-sh/uv/pull/13560))
+- Allow running non-default Python implementations via `uvx` ([#13583](https://github.com/astral-sh/uv/pull/13583))
+- Add `uvw` as alias for `uv` without console window on Windows ([#11786](https://github.com/astral-sh/uv/pull/11786))
+- Allow discovery of x86-64 managed Python builds on macOS ([#13722](https://github.com/astral-sh/uv/pull/13722))
+- Differentiate between implicit vs explicit architecture requests ([#13723](https://github.com/astral-sh/uv/pull/13723))
+- Implement ordering for Python architectures to prefer native installations ([#13709](https://github.com/astral-sh/uv/pull/13709))
+- Only show the first match per platform (and architecture) by default in `uv python list`  ([#13721](https://github.com/astral-sh/uv/pull/13721))
+- Write the path of the parent environment to an `extends-environment` key in the `pyvenv.cfg` file of an ephemeral environment ([#13598](https://github.com/astral-sh/uv/pull/13598))
+- Improve the error message when libc cannot be found, e.g., when using the distroless containers ([#13549](https://github.com/astral-sh/uv/pull/13549))
+
+### Performance
+
+- Avoid rendering info log level ([#13642](https://github.com/astral-sh/uv/pull/13642))
+- Improve performance of `uv-python` crate's manylinux submodule ([#11131](https://github.com/astral-sh/uv/pull/11131))
+- Optimize `Version` display ([#13643](https://github.com/astral-sh/uv/pull/13643))
+- Reduce number of reference-checks for `uv cache clean` ([#13669](https://github.com/astral-sh/uv/pull/13669))

 ### Bug fixes

- Avoid writing redacted credentials to tool receipt ([#14855](https://github.com/astral-sh/uv/pull/14855))
- Respect `--with` versions over base environment versions ([#14863](https://github.com/astral-sh/uv/pull/14863))
- Respect credentials from all defined indexes ([#14858](https://github.com/astral-sh/uv/pull/14858))
- Fix missed stabilization of removal of registry entry during Python uninstall ([#14859](https://github.com/astral-sh/uv/pull/14859))
- Improve concurrency safety of Python downloads into cache ([#14846](https://github.com/astral-sh/uv/pull/14846))
+- Avoid reinstalling dependency group members with `--all-packages` ([#13678](https://github.com/astral-sh/uv/pull/13678))
+- Don't fail direct URL hash checking with dependency metadata ([#13736](https://github.com/astral-sh/uv/pull/13736))
+- Exit early on `self update` if global `--offline` is set ([#13663](https://github.com/astral-sh/uv/pull/13663))
+- Fix cases where the uv lock is incorrectly marked as out of date ([#13635](https://github.com/astral-sh/uv/pull/13635))
+- Include pre-release versions in `uv python install --reinstall` ([#13645](https://github.com/astral-sh/uv/pull/13645))
+- Set `LC_ALL=C` for git when checking git worktree ([#13637](https://github.com/astral-sh/uv/pull/13637))
+- Avoid rejecting Windows paths for remote Python download JSON targets ([#13625](https://github.com/astral-sh/uv/pull/13625))
+
+### Preview
+
+- Add `uv add --bounds` to configure version constraints ([#12946](https://github.com/astral-sh/uv/pull/12946))

 ### Documentation

- Fix typos in `uv_build` reference documentation ([#14853](https://github.com/astral-sh/uv/pull/14853))
- Move the "Cargo" install method further down in docs ([#14842](https://github.com/astral-sh/uv/pull/14842))
+- Add documentation about Python versions to Tools concept page ([#7673](https://github.com/astral-sh/uv/pull/7673))
+- Add example of enabling Dependabot ([#13692](https://github.com/astral-sh/uv/pull/13692))
+- Fix `exclude-newer` date format for persistent configuration files ([#13706](https://github.com/astral-sh/uv/pull/13706))
+- Quote versions variables in GitLab documentation ([#13679](https://github.com/astral-sh/uv/pull/13679))
+- Update Dependabot support status ([#13690](https://github.com/astral-sh/uv/pull/13690))
+- Explicitly specify to add a new repo entry to the repos list item in the `.pre-commit-config.yaml` ([#10243](https://github.com/astral-sh/uv/pull/10243))
+- Add integration with marimo guide ([#13691](https://github.com/astral-sh/uv/pull/13691))
+- Add pronunciation to README ([#5336](https://github.com/astral-sh/uv/pull/5336))

-## 0.8.2
+## 0.7.8

-### Enhancements
+### Python

- Add derivation chains for dependency errors ([#14824](https://github.com/astral-sh/uv/pull/14824))
+We are reverting most of our Python changes from `uv 0.7.6` and `uv 0.7.7` due to
+a miscompilation that makes the Python interpreter behave incorrectly, resulting
+in spurious type-errors involving str. This issue seems to be isolated to
+x86_64 Linux, and affected at least Python 3.12, 3.13, and 3.14.

-### Configuration
+The following changes that were introduced in those versions of uv are temporarily
+being reverted while we test and deploy a proper fix for the miscompilation:

- Add `UV_INIT_BUILD_BACKEND` ([#14821](https://github.com/astral-sh/uv/pull/14821))
+- Add Python 3.14 on musl
+- free-threaded Python on musl
+- Add Python 3.14.0a7
+- Statically link `libpython` into the interpreter on Linux for a significant performance boost
+
+See [the issue for details](https://github.com/astral-sh/uv/issues/13610).
+
+### Documentation
+
+- Remove misleading line in pin documentation ([#13611](https://github.com/astral-sh/uv/pull/13611))
+
+## 0.7.7
+
+### Python
+
+- Work around third-party packages that (incorrectly) assume the interpreter is dynamically linking libpython
+- Allow the experimental JIT to be enabled at runtime on Python 3.13 and 3.14 on macOS on aarch64 aka Apple Silicon
+
+See the
+[`python-build-standalone` release notes](https://github.com/astral-sh/python-build-standalone/releases/tag/20250521)
+for more details.

 ### Bug fixes

- Avoid reading files in the environment bin that are not entrypoints ([#14830](https://github.com/astral-sh/uv/pull/14830))
- Avoid removing empty directories when constructing virtual environments ([#14822](https://github.com/astral-sh/uv/pull/14822))
- Preserve index URL priority order when writing to pyproject.toml ([#14831](https://github.com/astral-sh/uv/pull/14831))
-
-### Rust API
-
- Expose `tls_built_in_root_certs` for client ([#14816](https://github.com/astral-sh/uv/pull/14816))
+- Make `uv version` lock and sync ([#13317](https://github.com/astral-sh/uv/pull/13317))
+- Fix references to `ldd` in diagnostics to correctly refer to `ld.so` ([#13552](https://github.com/astral-sh/uv/pull/13552))

 ### Documentation

- Archive the 0.7.x changelog ([#14819](https://github.com/astral-sh/uv/pull/14819))
+- Clarify adding SSH Git dependencies ([#13534](https://github.com/astral-sh/uv/pull/13534))

-## 0.8.1
+## 0.7.6
+
+### Python
+
+- Add Python 3.14 on musl
+- Add free-threaded Python on musl
+- Add Python 3.14.0a7
+- Statically link `libpython` into the interpreter on Linux for a significant performance boost
+
+See the
+[`python-build-standalone` release notes](https://github.com/astral-sh/python-build-standalone/releases/tag/20250517)
+for more details.

 ### Enhancements

- Add support for `HF_TOKEN` ([#14797](https://github.com/astral-sh/uv/pull/14797))
- Allow `--config-settings-package` to apply configuration settings at the package level ([#14573](https://github.com/astral-sh/uv/pull/14573))
- Create (e.g.) `python3.13t` executables in `uv venv` ([#14764](https://github.com/astral-sh/uv/pull/14764))
- Disallow writing symlinks outside the source distribution target directory ([#12259](https://github.com/astral-sh/uv/pull/12259))
- Elide traceback when `python -m uv` in interrupted with Ctrl-C on Windows ([#14715](https://github.com/astral-sh/uv/pull/14715))
- Match `--bounds` formatting for `uv_build` bounds in `uv init` ([#14731](https://github.com/astral-sh/uv/pull/14731))
- Support `extras` and `dependency_groups` markers in PEP 508 grammar ([#14753](https://github.com/astral-sh/uv/pull/14753))
- Support `extras` and `dependency_groups` markers on `uv pip install` and `uv pip sync` ([#14755](https://github.com/astral-sh/uv/pull/14755))
- Add hint to use `uv self version` when `uv version` cannot find a project ([#14738](https://github.com/astral-sh/uv/pull/14738))
- Improve error reporting when removing Python versions from the Windows registry ([#14722](https://github.com/astral-sh/uv/pull/14722))
- Make warnings about masked `[tool.uv]` fields more precise ([#14325](https://github.com/astral-sh/uv/pull/14325))
+- Improve compatibility of `VIRTUAL_ENV_PROMPT` value ([#13501](https://github.com/astral-sh/uv/pull/13501))
+- Bump MSRV to 1.85 and Edition 2024 ([#13516](https://github.com/astral-sh/uv/pull/13516))
+
+### Bug fixes
+
+- Respect default extras in uv remove ([#13380](https://github.com/astral-sh/uv/pull/13380))
+
+### Documentation
+
+- Fix PowerShell code blocks ([#13511](https://github.com/astral-sh/uv/pull/13511))
+
+## 0.7.5
+
+### Bug fixes
+
+- Support case-sensitive module discovery in the build backend ([#13468](https://github.com/astral-sh/uv/pull/13468))
+- Bump Simple cache bucket to v16 ([#13498](https://github.com/astral-sh/uv/pull/13498))
+- Don't error when the script is too short for the buffer ([#13488](https://github.com/astral-sh/uv/pull/13488))
+- Add missing word in "script not supported" error ([#13483](https://github.com/astral-sh/uv/pull/13483))
+
+## 0.7.4
+
+### Enhancements
+
+- Add more context to external errors ([#13351](https://github.com/astral-sh/uv/pull/13351))
+- Align indentation of long arguments ([#13394](https://github.com/astral-sh/uv/pull/13394))
+- Preserve order of dependencies which are sorted naively ([#13334](https://github.com/astral-sh/uv/pull/13334))
+- Align progress bars by largest name length ([#13266](https://github.com/astral-sh/uv/pull/13266))
+- Reinstall local packages in `uv add` ([#13462](https://github.com/astral-sh/uv/pull/13462))
+- Rename `--raw-sources` to `--raw` ([#13348](https://github.com/astral-sh/uv/pull/13348))
+- Show 'Downgraded' when `self update` is used to install an older version ([#13340](https://github.com/astral-sh/uv/pull/13340))
+- Suggest `uv self update` if required uv version is newer ([#13305](https://github.com/astral-sh/uv/pull/13305))
+- Add 3.14 beta images to uv Docker images ([#13390](https://github.com/astral-sh/uv/pull/13390))
+- Add comma after "i.e." in Conda environment error ([#13423](https://github.com/astral-sh/uv/pull/13423))
+- Be more precise in unpinned packages warning ([#13426](https://github.com/astral-sh/uv/pull/13426))
+- Fix detection of sorted dependencies when include-group is used ([#13354](https://github.com/astral-sh/uv/pull/13354))
+- Fix display of HTTP responses in trace logs for retry of errors ([#13339](https://github.com/astral-sh/uv/pull/13339))
+- Log skip reasons during Python installation key interpreter match checks ([#13472](https://github.com/astral-sh/uv/pull/13472))
+- Redact credentials when displaying URLs ([#13333](https://github.com/astral-sh/uv/pull/13333))
+
+### Bug fixes
+
+- Avoid erroring on `pylock.toml` dependency entries ([#13384](https://github.com/astral-sh/uv/pull/13384))
+- Avoid panics for cannot-be-a-base URLs ([#13406](https://github.com/astral-sh/uv/pull/13406))
+- Ensure cached realm credentials are applied if no password is found for index URL ([#13463](https://github.com/astral-sh/uv/pull/13463))
+- Fix `.tgz` parsing to respect true extension ([#13382](https://github.com/astral-sh/uv/pull/13382))
+- Fix double self-dependency ([#13366](https://github.com/astral-sh/uv/pull/13366))
+- Reject `pylock.toml` in `uv add -r` ([#13421](https://github.com/astral-sh/uv/pull/13421))
+- Retain dot-separated wheel tags during cache prune ([#13379](https://github.com/astral-sh/uv/pull/13379))
+- Retain trailing comments after PEP 723 metadata block ([#13460](https://github.com/astral-sh/uv/pull/13460))
+
+### Documentation
+
+- Use "export" instead of "install" in `uv export` arguments ([#13430](https://github.com/astral-sh/uv/pull/13430))
+- Remove extra newline ([#13461](https://github.com/astral-sh/uv/pull/13461))

 ### Preview features

- Emit JSON output in `uv sync` with `--quiet` ([#14810](https://github.com/astral-sh/uv/pull/14810))
+- Build backend: Normalize glob paths ([#13465](https://github.com/astral-sh/uv/pull/13465))

-### Bug fixes
+## 0.7.3

- Allow removal of virtual environments with missing interpreters ([#14812](https://github.com/astral-sh/uv/pull/14812))
- Apply `Cache-Control` overrides to response, not request headers ([#14736](https://github.com/astral-sh/uv/pull/14736))
- Copy entry points into ephemeral environments to ensure layers are respected ([#14790](https://github.com/astral-sh/uv/pull/14790))
- Workaround Jupyter Lab application directory discovery in ephemeral environments ([#14790](https://github.com/astral-sh/uv/pull/14790))
- Enforce `requires-python` in `pylock.toml` ([#14787](https://github.com/astral-sh/uv/pull/14787))
- Fix kebab casing of `README` variants in build backend ([#14762](https://github.com/astral-sh/uv/pull/14762))
- Improve concurrency resilience of removing Python versions from the Windows registry ([#14717](https://github.com/astral-sh/uv/pull/14717))
- Retry HTTP requests on invalid data errors ([#14703](https://github.com/astral-sh/uv/pull/14703))
- Update virtual environment removal to delete `pyvenv.cfg` last ([#14808](https://github.com/astral-sh/uv/pull/14808))
- Error on unknown fields in `dependency-metadata` ([#14801](https://github.com/astral-sh/uv/pull/14801))
+### Enhancements

-### Documentation
+- Add `--dry-run` support to `uv self update` ([#9829](https://github.com/astral-sh/uv/pull/9829))
+- Add `--show-with` to `uv tool list` to list packages included by `--with` ([#13264](https://github.com/astral-sh/uv/pull/13264))
+- De-duplicate fetched index URLs ([#13205](https://github.com/astral-sh/uv/pull/13205))
+- Support more zip compression formats: bzip2, lzma, xz, zstd ([#13285](https://github.com/astral-sh/uv/pull/13285))
+- Add support for downloading GraalPy ([#13172](https://github.com/astral-sh/uv/pull/13172))
+- Improve error message when a virtual environment Python symlink is broken ([#12168](https://github.com/astral-sh/uv/pull/12168))
+- Use `fs_err` for paths in symlinking errors ([#13303](https://github.com/astral-sh/uv/pull/13303))
+- Minify and embed managed Python JSON at compile time ([#12967](https://github.com/astral-sh/uv/pull/12967))

- Recommend installing `setup-uv` after `setup-python` in Github Actions integration guide ([#14741](https://github.com/astral-sh/uv/pull/14741))
- Clarify which portions of `requires-python` behavior are consistent with pip ([#14752](https://github.com/astral-sh/uv/pull/14752))
+### Preview features

-## 0.8.0
-
-Since we released uv [0.7.0](https://github.com/astral-sh/uv/releases/tag/0.7.0) in April, we've accumulated various changes that improve correctness and user experience, but could break some workflows. This release contains those changes; many have been marked as breaking out of an abundance of caution. We expect most users to be able to upgrade without making changes.
-
-This release also includes the stabilization of a couple `uv python install` features, which have been available under preview since late last year.
-
-### Breaking changes
-
- **Install Python executables into a directory on the `PATH` ([#14626](https://github.com/astral-sh/uv/pull/14626))**
-  
-  `uv python install` now installs a versioned Python executable (e.g., `python3.13`) into a directory on the `PATH` (e.g., `~/.local/bin`) by default. This behavior has been available under the `--preview` flag since [Oct 2024](https://github.com/astral-sh/uv/pull/8458). This change should not be breaking unless it shadows a Python executable elsewhere on the `PATH`.
-  
-  To install unversioned executables, i.e., `python3` and `python`, use the `--default` flag. The `--default` flag has also been in preview, but is not stabilized in this release.
-  
-  Note that these executables point to the base Python installation and only include the standard library. That means they will not include dependencies from your current project (use `uv run python` instead) and you cannot install packages into their environment (use `uvx --with <package> python` instead).
-  
-  As with tool installation, the target directory respects common variables like `XDG_BIN_HOME` and can be overridden with a `UV_PYTHON_BIN_DIR` variable.
-  
-  You can opt out of this behavior with `uv python install --no-bin` or `UV_PYTHON_INSTALL_BIN=0`.
-  
-  See the [documentation on installing Python executables](https://docs.astral.sh/uv/concepts/python-versions/#installing-python-executables) for more details.
- **Register Python versions with the Windows Registry ([#14625](https://github.com/astral-sh/uv/pull/14625))**
-  
-  `uv python install` now registers the installed Python version with the Windows Registry as specified by [PEP 514](https://peps.python.org/pep-0514/). This allows using uv installed Python versions via the `py` launcher. This behavior has been available under the `--preview` flag since [Jan 2025](https://github.com/astral-sh/uv/pull/10634). This change should not be breaking, as using the uv Python versions with `py` requires explicit opt in.
-  
-  You can opt out of this behavior with `uv python install --no-registry` or `UV_PYTHON_INSTALL_REGISTRY=0`.
- **Prompt before removing an existing directory in `uv venv` ([#14309](https://github.com/astral-sh/uv/pull/14309))**
-  
-  Previously, `uv venv` would remove an existing virtual environment without confirmation. While this is consistent with the behavior of project commands (e.g., `uv sync`), it's surprising to users that are using imperative workflows (i.e., `uv pip`). Now, `uv venv` will prompt for confirmation before removing an existing virtual environment. **If not in an interactive context, uv will still remove the virtual environment for backwards compatibility. However, this behavior is likely to change in a future release.**
-  
-  The behavior for other commands (e.g., `uv sync`) is unchanged.
-  
-  You can opt out of this behavior by setting `UV_VENV_CLEAR=1` or passing the `--clear` flag.
- **Validate that discovered interpreters meet the Python preference ([#7934](https://github.com/astral-sh/uv/pull/7934))**
-  
-  uv allows opting out of its managed Python versions with the `--no-managed-python` and `python-preference` options.
-  
-  Previously, uv would not enforce this option for Python interpreters discovered on the `PATH`. For example, if a symlink to a managed Python interpreter was created, uv would allow it to be used even if `--no-managed-python` was provided. Now, uv ignores Python interpreters that do not match the Python preference *unless* they are in an active virtual environment or are explicitly requested, e.g., with `--python /path/to/python3.13`.
-  
-  Similarly, uv would previously not invalidate existing project environments if they did not match the Python preference. Now, uv will invalidate and recreate project environments when the Python preference changes.
-  
-  You can opt out of this behavior by providing the explicit path to the Python interpreter providing `--managed-python` / `--no-managed-python` matching the interpreter you want.
- **Install dependencies without build systems when they are `path` sources ([#14413](https://github.com/astral-sh/uv/pull/14413))**
-  
-  When working on a project, uv uses the [presence of a build system](https://docs.astral.sh/uv/concepts/projects/config/#build-systems) to determine if it should be built and installed into the environment. However, when a project is a dependency of another project, it can be surprising for the dependency to be missing from the environment.
-  
-  Previously, uv would not build and install dependencies with [`path` sources](https://docs.astral.sh/uv/concepts/projects/dependencies/#path) unless they declared a build system or set `tool.uv.package = true`. Now, dependencies with `path` sources are built and installed regardless of the presence of a build system. If a build system is not present, the `setuptools.build_meta:__legacy__ ` backend will be used (per [PEP 517](https://peps.python.org/pep-0517/#source-trees)).
-  
-  You can opt out of this behavior by setting `package = false` in the source declaration, e.g.:
-  
-  ```toml
-  [tool.uv.sources]
-  foo = { path = "./foo", package = false }
-  ```
-  
-  Or, by setting `tool.uv.package = false` in the dependent `pyproject.toml`.
-  
-  See the documentation on [virtual dependencies](https://docs.astral.sh/uv/concepts/projects/dependencies/#virtual-dependencies) for details.
- **Install dependencies without build systems when they are workspace members ([#14663](https://github.com/astral-sh/uv/pull/14663))**
-  
-  As described above for dependencies with `path` sources, uv previously would not build and install workspace members that did not declare a build system. Now, uv will build and install workspace members that are a dependency of *another* workspace member regardless of the presence of a build system. The behavior is unchanged for workspace members that are not included in the `project.dependencies`, `project.optional-dependencies`, or `dependency-groups` tables of another workspace member.
-  
-  You can opt out of this behavior by setting `tool.uv.package = false` in the workspace member's `pyproject.toml`.
-  
-  See the documentation on [virtual dependencies](https://docs.astral.sh/uv/concepts/projects/dependencies/#virtual-dependencies) for details.
- **Bump `--python-platform linux` to `manylinux_2_28` ([#14300](https://github.com/astral-sh/uv/pull/14300))**
-  
-  uv allows performing [platform-specific resolution](https://docs.astral.sh/uv/concepts/resolution/#platform-specific-resolution) for explicit targets and provides short aliases, e.g., `linux`, for common targets.
-  
-  Previously, the default target for `--python-platform linux` was `manylinux_2_17`, which is compatible with most Linux distributions from 2014 or newer. We now default to `manylinux_2_28`, which is compatible with most Linux distributions from 2019 or newer.  This change follows the lead of other tools, such as `cibuildwheel`, which changed their default to `manylinux_2_28` in [Mar 2025](https://github.com/pypa/cibuildwheel/pull/2330).
-  
-  This change only affects users requesting a specific target platform. Otherwise, uv detects the `manylinux` target from your local glibc version.
-  
-  You can opt out of this behavior by using `--python-platform x86_64-manylinux_2_17` instead.
- **Remove `uv version` fallback ([#14161](https://github.com/astral-sh/uv/pull/14161))**
-  
-  In [Apr 2025](https://github.com/astral-sh/uv/pull/12349), uv changed the `uv version` command to an interface for viewing and updating the version of the current project. However, when outside a project, `uv version` would continue to display uv's version for backwards compatibility. Now, when used outside of a project, `uv version` will fail.
-  
-  You cannot opt out of this behavior. Use `uv self version` instead.
- **Require `--global` for removal of the global Python pin ([#14169](https://github.com/astral-sh/uv/pull/14169))**
-  
-  Previously, `uv python pin --rm` would allow you to remove the global Python pin without opt in. Now, uv requires the `--global` flag to remove the global Python pin.
-  
-  You cannot opt out of this behavior. Use the `--global` flag instead.
- **Support conflicting editable settings across groups ([#14197](https://github.com/astral-sh/uv/pull/14197))**
-  
-  Previously, uv would always treat a package as editable if any requirement requested it as editable. However, this prevented users from declaring `path` sources that toggled the `editable` setting across dependency groups. Now, uv allows declaring different `editable` values for conflicting groups. However, if a project includes a path dependency twice, once with `editable = true` and once without any editable annotation, those are now considered conflicting, and uv will exit with an error.
-  
-  You cannot opt out of this behavior. Use consistent `editable` settings or [mark groups as conflicting](https://docs.astral.sh/uv/concepts/projects/config/#conflicting-dependencies).
- **Make `uv_build` the default build backend in `uv init` ([#14661](https://github.com/astral-sh/uv/pull/14661))**
-  
-  The uv build backend (`uv_build`) was [stabilized in uv 0.7.19](https://github.com/astral-sh/uv/releases/tag/0.7.19). Now, it is the default build backend for `uv init --package` and `uv init --lib`. Previously, `hatchling` was the default build backend. A build backend is still not used without opt-in in `uv init`, but we expect to change this in a future release.
-  
-  You can opt out of this behavior with `uv init --build-backend hatchling`.
- **Set default `UV_TOOL_BIN_DIR` on Docker images ([#13391](https://github.com/astral-sh/uv/pull/13391))**
-  
-  Previously, `UV_TOOL_BIN_DIR` was not set in Docker images which meant that `uv tool install` did not install tools into a directory on the `PATH` without additional configuration. Now, `UV_TOOL_BIN_DIR` is set to `/usr/local/bin` in all Docker derived images.
-  
-  When the default image user is overridden (e.g. `USER <UID>`) with a less privileged user, this may cause `uv tool install` to fail.
-  
-  You can opt out of this behavior by setting an alternative `UV_TOOL_BIN_DIR`.
- **Update `--check` to return an exit code of 1 ([#14167](https://github.com/astral-sh/uv/pull/14167))**
-  
-  uv uses an exit code of 1 to indicate a "successful failure" and an exit code of 2 to indicate an "error".
-  
-  Previously, `uv lock --check` and `uv sync --check` would exit with a code of 2 when the lockfile or environment were outdated. Now, uv will exit with a code of 1.
-  
-  You cannot opt out of this behavior.
- **Use an ephemeral environment for `uv run --with` invocations ([#14447](https://github.com/astral-sh/uv/pull/14447))**
-  
-  When using `uv run --with`, uv layers the requirements requested using `--with` into another virtual environment and caches it. Previously, uv would invoke the Python interpreter in this layered environment. However, this allows poisoning the cached environment and introduces race conditions for concurrent invocations. Now, uv will layer *another* empty virtual environment on top of the cached environment and invoke the Python interpreter there. This should only cause breakage in cases where the environment is being inspected at runtime.
-  
-  You cannot opt out of this behavior.
- **Restructure the `uv venv` command output and exit codes ([#14546](https://github.com/astral-sh/uv/pull/14546))**
-  
-  Previously, uv used `miette` to format the `uv venv` output. However, this was inconsistent with most of the uv CLI. Now, the output is a little different and the exit code has switched from 1 to 2 for some error cases.
-  
-  You cannot opt out of this behavior.
- **Default to `--workspace` when adding subdirectories ([#14529](https://github.com/astral-sh/uv/pull/14529))**
-  
-  When using `uv add` to add a subdirectory in a workspace, uv now defaults to adding the target as a workspace member.
-  
-  You can opt out of this behavior by providing `--no-workspace`.
- **Add missing validations for disallowed `uv.toml` fields ([#14322](https://github.com/astral-sh/uv/pull/14322))**
-  
-  uv does not allow some settings in the `uv.toml`. Previously, some settings were silently ignored when present in the `uv.toml`. Now, uv will error.
-  
-  You cannot opt out of this behavior. Use `--no-config` or remove the invalid settings.
+- Build backend: Make preview default and add configuration docs ([#12804](https://github.com/astral-sh/uv/pull/12804))
+- Build backend: Allow escaping in globs ([#13313](https://github.com/astral-sh/uv/pull/13313))
+- Build backend: Make builds reproducible across operating systems ([#13171](https://github.com/astral-sh/uv/pull/13171))

 ### Configuration

- Add support for toggling Python bin and registry install options via env vars ([#14662](https://github.com/astral-sh/uv/pull/14662))
+- Add `python-downloads-json-url` option for `uv.toml` to configure custom Python installations via JSON URL ([#12974](https://github.com/astral-sh/uv/pull/12974))

-## 0.7.x
+### Bug fixes

-See [changelogs/0.7.x](./changelogs/0.7.x.md)
+- Check nested IO errors for retries ([#13260](https://github.com/astral-sh/uv/pull/13260))
+- Accept `musllinux_1_0` as a valid platform tag ([#13289](https://github.com/astral-sh/uv/pull/13289))
+- Fix discovery of pre-release managed Python versions in range requests ([#13330](https://github.com/astral-sh/uv/pull/13330))
+- Respect locked script preferences in `uv run --with` ([#13283](https://github.com/astral-sh/uv/pull/13283))
+- Retry streaming downloads on broken pipe errors ([#13281](https://github.com/astral-sh/uv/pull/13281))
+- Treat already-installed base environment packages as preferences in `uv run --with` ([#13284](https://github.com/astral-sh/uv/pull/13284))
+- Avoid enumerating sources in errors for path Python requests ([#13335](https://github.com/astral-sh/uv/pull/13335))
+- Avoid re-creating virtual environment with `--no-sync` ([#13287](https://github.com/astral-sh/uv/pull/13287))
+
+### Documentation
+
+- Remove outdated description of index strategy ([#13326](https://github.com/astral-sh/uv/pull/13326))
+- Update "Viewing the version" docs ([#13241](https://github.com/astral-sh/uv/pull/13241))
+
+## 0.7.2
+
+### Enhancements
+
+- Improve trace log for retryable errors ([#13228](https://github.com/astral-sh/uv/pull/13228))
+- Use "error" instead of "warning" for self-update message ([#13229](https://github.com/astral-sh/uv/pull/13229))
+- Error when `uv version` is used with project-specific flags but no project is found ([#13203](https://github.com/astral-sh/uv/pull/13203))
+
+### Bug fixes
+
+- Fix incorrect virtual environment invalidation for pre-release Python versions ([#13234](https://github.com/astral-sh/uv/pull/13234))
+- Fix patching of `clang` in managed Python sysconfig ([#13237](https://github.com/astral-sh/uv/pull/13237))
+- Respect `--project` in `uv version` ([#13230](https://github.com/astral-sh/uv/pull/13230))
+
+## 0.7.1
+
+### Enhancement
+
+- Add support for BLAKE2b-256 ([#13204](https://github.com/astral-sh/uv/pull/13204))
+
+### Bugfix
+
+- Revert fix handling of authentication when encountering redirects ([#13215](https://github.com/astral-sh/uv/pull/13215))
+
+## 0.7.0
+
+This release contains various changes that improve correctness and user experience, but could break some workflows; many changes have been marked as breaking out of an abundance of caution. We expect most users to be able to upgrade without making changes.
+
+### Breaking changes
+
+- **Update `uv version` to display and update project versions ([#12349](https://github.com/astral-sh/uv/pull/12349))**
+  
+  Previously, `uv version` displayed uv's version. Now, `uv version` will display or update the project's version. This interface was [heavily requested](https://github.com/astral-sh/uv/issues/6298) and, after much consideration, we decided that transitioning the top-level command was the best option.
+  
+  Here's a brief example:
+  
+  ```console
+  $ uv init example
+  Initialized project `example` at `./example`
+  $ cd example
+  $ uv version
+  example 0.1.0
+  $ uv version --bump major
+  example 0.1.0 => 1.0.0
+  $ uv version --short
+  1.0.0
+  ```
+  
+  If used outside of a project, uv will fallback to showing its own version still:
+  
+  ```console
+  $ uv version
+  warning: failed to read project: No `pyproject.toml` found in current directory or any parent directory
+    running `uv self version` for compatibility with old `uv version` command.
+    this fallback will be removed soon, pass `--preview` to make this an error.
+  
+  uv 0.7.0 (4433f41c9 2025-04-29)
+  ```
+  
+  As described in the warning, `--preview` can be used to error instead:
+  
+  ```console
+  $ uv version --preview
+  error: No `pyproject.toml` found in current directory or any parent directory
+  ```
+  
+  The previous functionality of `uv version` was moved to `uv self version`.
+- **Avoid fallback to subsequent indexes on authentication failure ([#12805](https://github.com/astral-sh/uv/pull/12805))**
+  
+  When using the `first-index` strategy (the default), uv will stop searching indexes for a package once it is found on a single index. Previously, uv considered a package as "missing" from an index during authentication failures, such as an HTTP 401 or HTTP 403 (normally, missing packages are represented by an HTTP 404). This behavior was motivated by unusual responses from some package indexes, but reduces the safety of uv's index strategy when authentication fails. Now, uv will consider an authentication failure as a stop-point when searching for a package across indexes. The `index.ignore-error-codes` option can be used to recover the existing behavior, e.g.:
+  
+  ```toml
+  [[tool.uv.index]]
+  name = "pytorch"
+  url = "https://download.pytorch.org/whl/cpu"
+  ignore-error-codes = [401, 403]
+  ```
+  
+  Since PyTorch's indexes always return a HTTP 403 for missing packages, uv special-cases indexes on the `pytorch.org` domain to ignore that error code by default.
+- **Require the command in `uvx <name>` to be available in the Python environment ([#11603](https://github.com/astral-sh/uv/pull/11603))**
+  
+  Previously, `uvx` would attempt to execute a command even if it was not provided by a Python package. For example, if we presume `foo` is an empty Python package which provides no command, `uvx foo` would invoke the `foo` command on the `PATH` (if present). Now, uv will error early if the `foo` executable is not provided by the requested Python package. This check is not enforced when `--from` is used, so patterns like `uvx --from foo bash -c "..."` are still valid. uv also still allows `uvx foo` where the `foo` executable is provided by a dependency of `foo` instead of `foo` itself, as this is fairly common for packages which depend on a dedicated package for their command-line interface.
+- **Use index URL instead of package URL for keyring credential lookups ([#12651](https://github.com/astral-sh/uv/pull/12651))**
+  
+  When determining credentials for querying a package URL, uv previously sent the full URL to the `keyring` command. However, some keyring plugins expect to receive the *index URL* (which is usually a parent of the package URL). Now, uv requests credentials for the index URL instead. This behavior matches `pip`.
+- **Remove `--version` from subcommands ([#13108](https://github.com/astral-sh/uv/pull/13108))**
+  
+  Previously, uv allowed the `--version` flag on arbitrary subcommands, e.g., `uv run --version`. However, the `--version` flag is useful for other operations since uv is a package manager. Consequently, we've removed the `--version` flag from subcommands — it is only available as `uv --version`.
+- **Omit Python 3.7 downloads from managed versions ([#13022](https://github.com/astral-sh/uv/pull/13022))**
+  
+  Python 3.7 is EOL and not formally supported by uv; however, Python 3.7 was previously available for download on a subset of platforms.
+- **Reject non-PEP 751 TOML files in install, compile, and export commands ([#13120](https://github.com/astral-sh/uv/pull/13120), [#13119](https://github.com/astral-sh/uv/pull/13119))**
+  
+  Previously, uv treated arbitrary `.toml` files passed to commands (e.g., `uv pip install -r foo.toml` or `uv pip compile -o foo.toml`) as `requirements.txt`-formatted files. Now, uv will error instead. If using PEP 751 lockfiles, use the standardized format for custom names instead, e.g., `pylock.foo.toml`.
+- **Ignore arbitrary Python requests in version files ([#12909](https://github.com/astral-sh/uv/pull/12909))**
+  
+  uv allows arbitrary strings to be used for Python version requests, in which they are treated as an executable name to search for in the `PATH`. However, using this form of request in `.python-version` files is non-standard and conflicts with `pyenv-virtualenv` which writes environment names to `.python-version` files. In this release, uv will now ignore requests that are arbitrary strings when found in `.python-version` files.
+- **Error on unknown dependency object specifiers ([12811](https://github.com/astral-sh/uv/pull/12811))**
+  
+  The `[dependency-groups]` entries can include "object specifiers", e.g. `set-phasers-to = ...` in:
+  
+  ```toml
+  [dependency-groups]
+  foo = ["pyparsing"]
+  bar = [{set-phasers-to = "stun"}]
+  ```
+  
+  However, the only current spec-compliant object specifier is `include-group`. Previously, uv would ignore unknown object specifiers. Now, uv will error.
+- **Make `--frozen` and `--no-sources` conflicting options ([#12671](https://github.com/astral-sh/uv/pull/12671))**
+  
+  Using `--no-sources` always requires a new resolution and `--frozen` will always fail when used with it. Now, this conflict is encoded in the CLI options for clarity.
+- **Treat empty `UV_PYTHON_INSTALL_DIR` and `UV_TOOL_DIR` as unset ([#12907](https://github.com/astral-sh/uv/pull/12907), [#12905](https://github.com/astral-sh/uv/pull/12905))**
+  
+  Previously, these variables were treated as set to the current working directory when set to an empty string. Now, uv will ignore these variables when empty. This matches uv's behavior for other environment variables which configure directories.
+
+### Enhancements
+
+- Disallow mixing requirements across PyTorch indexes ([#13179](https://github.com/astral-sh/uv/pull/13179))
+- Add optional managed Python archive download cache ([#12175](https://github.com/astral-sh/uv/pull/12175))
+- Add `poetry-core` as a `uv init` build backend option ([#12781](https://github.com/astral-sh/uv/pull/12781))
+- Show tag hints when failing to find a compatible wheel in `pylock.toml` ([#13136](https://github.com/astral-sh/uv/pull/13136))
+- Report Python versions in `pyvenv.cfg` version mismatch ([#13027](https://github.com/astral-sh/uv/pull/13027))
+
+### Bug fixes
+
+- Avoid erroring on omitted wheel-only packages in `pylock.toml` ([#13132](https://github.com/astral-sh/uv/pull/13132))
+- Fix display name for `uvx --version` ([#13109](https://github.com/astral-sh/uv/pull/13109))
+- Restore handling of authentication when encountering redirects ([#13050](https://github.com/astral-sh/uv/pull/13050))
+- Respect build options (`--no-binary` et al) in `pylock.toml` ([#13134](https://github.com/astral-sh/uv/pull/13134))
+- Use `upload-time` rather than `upload_time` in `uv.lock` ([#13176](https://github.com/astral-sh/uv/pull/13176))
+
+### Documentation
+
+- Changed `fish` completions append `>>` to overwrite `>` ([#13130](https://github.com/astral-sh/uv/pull/13130))
+- Add `pylock.toml` mentions where relevant ([#13115](https://github.com/astral-sh/uv/pull/13115))
+- Add ROCm example to the PyTorch guide ([#13200](https://github.com/astral-sh/uv/pull/13200))
+- Upgrade PyTorch guide to CUDA 12.8 and PyTorch 2.7 ([#13199](https://github.com/astral-sh/uv/pull/13199))

 ## 0.6.x

--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -165,13 +165,6 @@ After making changes to the documentation, format the markdown files with:
 npx prettier --prose-wrap always --write "**/*.md"
 ```

-Note that the command above requires Node.js and npm to be installed on your system. As an
-alternative, you can run this command using Docker:
-
-```console
-$ docker run --rm -v .:/src/ -w /src/ node:alpine npx prettier --prose-wrap always --write "**/*.md"
-```
-
 ## Releases

 Releases can only be performed by Astral team members.
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@ -12,7 +12,7 @@ resolver = "2"

 [workspace.package]
 edition = "2024"
-rust-version = "1.86"
+rust-version = "1.85"
 homepage = "https://pypi.org/project/uv/"
 documentation = "https://pypi.org/project/uv/"
 repository = "https://github.com/astral-sh/uv"
@ -49,7 +49,6 @@ uv-once-map = { path = "crates/uv-once-map" }
 uv-options-metadata = { path = "crates/uv-options-metadata" }
 uv-pep440 = { path = "crates/uv-pep440", features = ["tracing", "rkyv", "version-ranges"] }
 uv-pep508 = { path = "crates/uv-pep508", features = ["non-pep508-extensions"] }
-uv-platform = { path = "crates/uv-platform" }
 uv-platform-tags = { path = "crates/uv-platform-tags" }
 uv-publish = { path = "crates/uv-publish" }
 uv-pypi-types = { path = "crates/uv-pypi-types" }
@ -76,13 +75,12 @@ uv-workspace = { path = "crates/uv-workspace" }
 anstream = { version = "0.6.15" }
 anyhow = { version = "1.0.89" }
 arcstr = { version = "1.2.0" }
-arrayvec = { version = "0.7.6" }
-astral-tokio-tar = { version = "0.5.2" }
+astral-tokio-tar = { version = "0.5.1" }
 async-channel = { version = "2.3.1" }
 async-compression = { version = "0.4.12", features = ["bzip2", "gzip", "xz", "zstd"] }
 async-trait = { version = "0.1.82" }
 async_http_range_reader = { version = "0.9.1" }
-async_zip = { git = "https://github.com/astral-sh/rs-async-zip", rev = "c909fda63fcafe4af496a07bfda28a5aae97e58d", features = ["bzip2", "deflate", "lzma", "tokio", "xz", "zstd"] }
+async_zip = { git = "https://github.com/charliermarsh/rs-async-zip", rev = "c909fda63fcafe4af496a07bfda28a5aae97e58d", features = ["bzip2", "deflate", "lzma", "tokio", "xz", "zstd"] }
 axoupdater = { version = "0.9.0", default-features = false }
 backon = { version = "1.3.0" }
 base64 = { version = "0.22.1" }
@ -94,7 +92,7 @@ cargo-util = { version = "0.2.14" }
 clap = { version = "4.5.17", features = ["derive", "env", "string", "wrap_help"] }
 clap_complete_command = { version = "0.6.1" }
 configparser = { version = "3.1.0" }
-console = { version = "0.16.0", default-features = false, features = ["std"] }
+console = { version = "0.15.11", default-features = false }
 csv = { version = "1.3.0" }
 ctrlc = { version = "3.4.5" }
 dashmap = { version = "6.1.0" }
@ -118,7 +116,7 @@ home = { version = "0.5.9" }
 html-escape = { version = "0.2.13" }
 http = { version = "1.1.0" }
 indexmap = { version = "2.5.0" }
-indicatif = { version = "0.18.0" }
+indicatif = { version = "0.17.8" }
 indoc = { version = "2.0.5" }
 itertools = { version = "0.14.0" }
 jiff = { version = "0.2.0", features = ["serde"] }
@ -144,16 +142,16 @@ ref-cast = { version = "1.0.24" }
 reflink-copy = { version = "0.1.19" }
 regex = { version = "1.10.6" }
 regex-automata = { version = "0.4.8", default-features = false, features = ["dfa-build", "dfa-search", "perf", "std", "syntax"] }
-reqwest = { version = "0.12.22", default-features = false, features = ["json", "gzip", "deflate", "zstd", "stream", "rustls-tls", "rustls-tls-native-roots", "socks", "multipart", "http2", "blocking"] }
-reqwest-middleware = { git = "https://github.com/astral-sh/reqwest-middleware", rev = "ad8b9d332d1773fde8b4cd008486de5973e0a3f8", features = ["multipart"] }
-reqwest-retry = { git = "https://github.com/astral-sh/reqwest-middleware", rev = "ad8b9d332d1773fde8b4cd008486de5973e0a3f8" }
+reqwest = { version = "0.12.7", default-features = false, features = ["json", "gzip", "stream", "rustls-tls", "rustls-tls-native-roots", "socks", "multipart", "http2", "blocking"] }
+reqwest-middleware = { version = "0.4.0", features = ["multipart"] }
+reqwest-retry = { version = "0.7.0" }
 rkyv = { version = "0.8.8", features = ["bytecheck"] }
 rmp-serde = { version = "1.3.0" }
 rust-netrc = { version = "0.1.2" }
 rustc-hash = { version = "2.0.0" }
 rustix = { version = "1.0.0", default-features = false, features = ["fs", "std"] }
 same-file = { version = "1.0.6" }
-schemars = { version = "1.0.0", features = ["url2"] }
+schemars = { version = "0.8.21", features = ["url"] }
 seahash = { version = "4.1.0" }
 self-replace = { version = "1.5.0" }
 serde = { version = "1.0.210", features = ["derive", "rc"] }
@ -173,8 +171,8 @@ tl = { git = "https://github.com/astral-sh/tl.git", rev = "6e25b2ee2513d75385101
 tokio = { version = "1.40.0", features = ["fs", "io-util", "macros", "process", "rt", "signal", "sync"] }
 tokio-stream = { version = "0.1.16" }
 tokio-util = { version = "0.7.12", features = ["compat", "io"] }
-toml = { version = "0.9.2", features = ["fast_hash"] }
-toml_edit = { version = "0.23.2", features = ["serde"] }
+toml = { version = "0.8.19" }
+toml_edit = { version = "0.22.21", features = ["serde"] }
 tracing = { version = "0.1.40" }
 tracing-durations-export = { version = "0.3.0", features = ["plot"] }
 tracing-subscriber = { version = "0.3.18", features = ["env-filter", "json", "registry"] }
@ -185,33 +183,16 @@ unscanny = { version = "0.1.0" }
 url = { version = "2.5.2", features = ["serde"] }
 version-ranges = { git = "https://github.com/astral-sh/pubgrub", rev = "06ec5a5f59ffaeb6cf5079c6cb184467da06c9db" }
 walkdir = { version = "2.5.0" }
-which = { version = "8.0.0", features = ["regex"] }
-windows = { version = "0.59.0", features = ["Win32_Globalization", "Win32_System_Console", "Win32_System_Kernel", "Win32_System_Diagnostics_Debug", "Win32_Storage_FileSystem"] }
+which = { version = "7.0.0", features = ["regex"] }
+windows = { version = "0.59.0", features = ["Win32_Storage_FileSystem"] }
 windows-core = { version = "0.59.0" }
 windows-registry = { version = "0.5.0" }
 windows-result = { version = "0.3.0" }
 windows-sys = { version = "0.59.0", features = ["Win32_Foundation", "Win32_Security", "Win32_Storage_FileSystem", "Win32_System_Ioctl", "Win32_System_IO", "Win32_System_Registry"] }
-wiremock = { version = "0.6.4" }
+wiremock = { version = "0.6.2" }
 xz2 = { version = "0.1.7" }
 zip = { version = "2.2.3", default-features = false, features = ["deflate", "zstd", "bzip2", "lzma", "xz"] }

-# dev-dependencies
-assert_cmd = { version = "2.0.16" }
-assert_fs = { version = "1.1.2" }
-byteorder = { version = "1.5.0" }
-filetime = { version = "0.2.25" }
-http-body-util = { version = "0.1.2" }
-hyper = { version = "1.4.1", features = ["server", "http1"] }
-hyper-util = { version = "0.1.8", features = ["tokio"] }
-ignore = { version = "0.4.23" }
-insta = { version = "1.40.0", features = ["json", "filters", "redactions"] }
-predicates = { version = "3.1.2" }
-similar = { version = "2.6.0" }
-temp-env = { version = "0.3.6" }
-test-case = { version = "3.3.1" }
-test-log = { version = "0.2.16", features = ["trace"], default-features = false }
-whoami = { version = "1.6.0" }
-
 [workspace.metadata.cargo-shear]
 ignored = ["flate2", "xz2"]

@ -233,7 +214,6 @@ missing_panics_doc = "allow"
 module_name_repetitions = "allow"
 must_use_candidate = "allow"
 similar_names = "allow"
-struct_excessive_bools = "allow"
 too_many_arguments = "allow"
 too_many_lines = "allow"
 used_underscore_binding = "allow"
@ -316,6 +296,83 @@ codegen-units = 1
 [profile.dist]
 inherits = "release"

-[patch.crates-io]
-reqwest-middleware = { git = "https://github.com/astral-sh/reqwest-middleware", rev = "ad8b9d332d1773fde8b4cd008486de5973e0a3f8" }
-reqwest-retry = { git = "https://github.com/astral-sh/reqwest-middleware", rev = "ad8b9d332d1773fde8b4cd008486de5973e0a3f8" }
+# Config for 'dist'
+[workspace.metadata.dist]
+# The preferred dist version to use in CI (Cargo.toml SemVer syntax)
+cargo-dist-version = "0.28.4"
+# make a package being included in our releases opt-in instead of opt-out
+dist = false
+# CI backends to support
+ci = "github"
+# The installers to generate for each app
+installers = ["shell", "powershell"]
+# The archive format to use for windows builds (defaults .zip)
+windows-archive = ".zip"
+# The archive format to use for non-windows builds (defaults .tar.xz)
+unix-archive = ".tar.gz"
+# Target platforms to build apps for (Rust target-triple syntax)
+targets = [
+  "aarch64-apple-darwin",
+  "aarch64-pc-windows-msvc",
+  "aarch64-unknown-linux-gnu",
+  "aarch64-unknown-linux-musl",
+  "arm-unknown-linux-musleabihf",
+  "armv7-unknown-linux-gnueabihf",
+  "armv7-unknown-linux-musleabihf",
+  "i686-pc-windows-msvc",
+  "i686-unknown-linux-gnu",
+  "i686-unknown-linux-musl",
+  "powerpc64-unknown-linux-gnu",
+  "powerpc64le-unknown-linux-gnu",
+  "s390x-unknown-linux-gnu",
+  "x86_64-apple-darwin",
+  "x86_64-pc-windows-msvc",
+  "x86_64-unknown-linux-gnu",
+  "x86_64-unknown-linux-musl",
+]
+# Whether to auto-include files like READMEs, LICENSEs, and CHANGELOGs (default true)
+auto-includes = false
+# Whether dist should create a Github Release or use an existing draft
+create-release = true
+# Which actions to run on pull requests
+pr-run-mode = "plan"
+# Whether CI should trigger releases with dispatches instead of tag pushes
+dispatch-releases = true
+# Which phase dist should use to create the GitHub release
+github-release = "announce"
+# Whether CI should include auto-generated code to build local artifacts
+build-local-artifacts = false
+# Local artifacts jobs to run in CI
+local-artifacts-jobs = ["./build-binaries", "./build-docker"]
+# Publish jobs to run in CI
+publish-jobs = ["./publish-pypi"]
+# Post-announce jobs to run in CI
+post-announce-jobs = ["./publish-docs"]
+# Custom permissions for GitHub Jobs
+github-custom-job-permissions = { "build-docker" = { packages = "write", contents = "read", id-token = "write", attestations = "write" } }
+# Whether to install an updater program
+install-updater = false
+# Path that installers should place binaries in
+install-path = ["$XDG_BIN_HOME/", "$XDG_DATA_HOME/../bin", "~/.local/bin"]
+
+[workspace.metadata.dist.github-custom-runners]
+global = "depot-ubuntu-latest-4"
+
+[workspace.metadata.dist.min-glibc-version]
+# Override glibc version for specific target triplets.
+aarch64-unknown-linux-gnu = "2.28"
+# Override all remaining glibc versions.
+"*" = "2.17"
+
+[workspace.metadata.dist.github-action-commits]
+"actions/checkout" = "11bd71901bbe5b1630ceea73d27597364c9af683" # v4
+"actions/upload-artifact" = "6027e3dd177782cd8ab9af838c04fd81a07f1d47" # v4.6.2
+"actions/download-artifact" = "d3f86a106a0bac45b974a628896c90dbdf5c8093" # v4.3.0
+"actions/attest-build-provenance" = "c074443f1aee8d4aeeae555aebba3282517141b2" #v2.2.3
+
+[workspace.metadata.dist.binaries]
+"*" = ["uv", "uvx"]
+# Add "uvw" binary for Windows targets
+aarch64-pc-windows-msvc = ["uv", "uvx", "uvw"]
+i686-pc-windows-msvc = ["uv", "uvx", "uvw"]
+x86_64-pc-windows-msvc = ["uv", "uvx", "uvw"]
--- a/changelogs/0.4.x.md
+++ b/changelogs/0.4.x.md
@ -960,7 +960,7 @@ argument (or the `UV_INDEX` environment variable); to replace the default index
 These changes are entirely backwards-compatible with the deprecated `--index-url` and
 `--extra-index-url` options, which continue to work as before.

-See the [Index](https://docs.astral.sh/uv/concepts/indexes/) documentation for more.
+See the [Index](https://docs.astral.sh/uv/configuration/indexes/) documentation for more.

 ### Enhancements

--- a/changelogs/0.6.x.md
+++ b/changelogs/0.6.x.md
@ -1,5 +1,3 @@
-# Changelog 0.6.x
-
 ## 0.6.0

 There have been 31 releases and 1135 pull requests since
--- a/changelogs/0.7.x.md
+++ b/changelogs/0.7.x.md
@ -1,995 +0,0 @@
-# Changelog 0.7.x
-
-## 0.7.0
-
-This release contains various changes that improve correctness and user experience, but could break
-some workflows; many changes have been marked as breaking out of an abundance of caution. We expect
-most users to be able to upgrade without making changes.
-
-### Breaking changes
-
- **Update `uv version` to display and update project versions
-  ([#12349](https://github.com/astral-sh/uv/pull/12349))**
-
-  Previously, `uv version` displayed uv's version. Now, `uv version` will display or update the
-  project's version. This interface was
-  [heavily requested](https://github.com/astral-sh/uv/issues/6298) and, after much consideration, we
-  decided that transitioning the top-level command was the best option.
-
-  Here's a brief example:
-
-  ```console
-  $ uv init example
-  Initialized project `example` at `./example`
-  $ cd example
-  $ uv version
-  example 0.1.0
-  $ uv version --bump major
-  example 0.1.0 => 1.0.0
-  $ uv version --short
-  1.0.0
-  ```
-
-  If used outside of a project, uv will fallback to showing its own version still:
-
-  ```console
-  $ uv version
-  warning: failed to read project: No `pyproject.toml` found in current directory or any parent directory
-    running `uv self version` for compatibility with old `uv version` command.
-    this fallback will be removed soon, pass `--preview` to make this an error.
-
-  uv 0.7.0 (4433f41c9 2025-04-29)
-  ```
-
-  As described in the warning, `--preview` can be used to error instead:
-
-  ```console
-  $ uv version --preview
-  error: No `pyproject.toml` found in current directory or any parent directory
-  ```
-
-  The previous functionality of `uv version` was moved to `uv self version`.
-
- **Avoid fallback to subsequent indexes on authentication failure
-  ([#12805](https://github.com/astral-sh/uv/pull/12805))**
-
-  When using the `first-index` strategy (the default), uv will stop searching indexes for a package
-  once it is found on a single index. Previously, uv considered a package as "missing" from an index
-  during authentication failures, such as an HTTP 401 or HTTP 403 (normally, missing packages are
-  represented by an HTTP 404). This behavior was motivated by unusual responses from some package
-  indexes, but reduces the safety of uv's index strategy when authentication fails. Now, uv will
-  consider an authentication failure as a stop-point when searching for a package across indexes.
-  The `index.ignore-error-codes` option can be used to recover the existing behavior, e.g.:
-
-  ```toml
-  [[tool.uv.index]]
-  name = "pytorch"
-  url = "https://download.pytorch.org/whl/cpu"
-  ignore-error-codes = [401, 403]
-  ```
-
-  Since PyTorch's indexes always return a HTTP 403 for missing packages, uv special-cases indexes on
-  the `pytorch.org` domain to ignore that error code by default.
-
- **Require the command in `uvx <name>` to be available in the Python environment
-  ([#11603](https://github.com/astral-sh/uv/pull/11603))**
-
-  Previously, `uvx` would attempt to execute a command even if it was not provided by a Python
-  package. For example, if we presume `foo` is an empty Python package which provides no command,
-  `uvx foo` would invoke the `foo` command on the `PATH` (if present). Now, uv will error early if
-  the `foo` executable is not provided by the requested Python package. This check is not enforced
-  when `--from` is used, so patterns like `uvx --from foo bash -c "..."` are still valid. uv also
-  still allows `uvx foo` where the `foo` executable is provided by a dependency of `foo` instead of
-  `foo` itself, as this is fairly common for packages which depend on a dedicated package for their
-  command-line interface.
-
- **Use index URL instead of package URL for keyring credential lookups
-  ([#12651](https://github.com/astral-sh/uv/pull/12651))**
-
-  When determining credentials for querying a package URL, uv previously sent the full URL to the
-  `keyring` command. However, some keyring plugins expect to receive the _index URL_ (which is
-  usually a parent of the package URL). Now, uv requests credentials for the index URL instead. This
-  behavior matches `pip`.
-
- **Remove `--version` from subcommands ([#13108](https://github.com/astral-sh/uv/pull/13108))**
-
-  Previously, uv allowed the `--version` flag on arbitrary subcommands, e.g., `uv run --version`.
-  However, the `--version` flag is useful for other operations since uv is a package manager.
-  Consequently, we've removed the `--version` flag from subcommands — it is only available as
-  `uv --version`.
-
- **Omit Python 3.7 downloads from managed versions
-  ([#13022](https://github.com/astral-sh/uv/pull/13022))**
-
-  Python 3.7 is EOL and not formally supported by uv; however, Python 3.7 was previously available
-  for download on a subset of platforms.
-
- **Reject non-PEP 751 TOML files in install, compile, and export commands
-  ([#13120](https://github.com/astral-sh/uv/pull/13120),
-  [#13119](https://github.com/astral-sh/uv/pull/13119))**
-
-  Previously, uv treated arbitrary `.toml` files passed to commands (e.g.,
-  `uv pip install -r foo.toml` or `uv pip compile -o foo.toml`) as `requirements.txt`-formatted
-  files. Now, uv will error instead. If using PEP 751 lockfiles, use the standardized format for
-  custom names instead, e.g., `pylock.foo.toml`.
-
- **Ignore arbitrary Python requests in version files
-  ([#12909](https://github.com/astral-sh/uv/pull/12909))**
-
-  uv allows arbitrary strings to be used for Python version requests, in which they are treated as
-  an executable name to search for in the `PATH`. However, using this form of request in
-  `.python-version` files is non-standard and conflicts with `pyenv-virtualenv` which writes
-  environment names to `.python-version` files. In this release, uv will now ignore requests that
-  are arbitrary strings when found in `.python-version` files.
-
- **Error on unknown dependency object specifiers
-  ([12811](https://github.com/astral-sh/uv/pull/12811))**
-
-  The `[dependency-groups]` entries can include "object specifiers", e.g. `set-phasers-to = ...` in:
-
-  ```toml
-  [dependency-groups]
-  foo = ["pyparsing"]
-  bar = [{set-phasers-to = "stun"}]
-  ```
-
-  However, the only current spec-compliant object specifier is `include-group`. Previously, uv would
-  ignore unknown object specifiers. Now, uv will error.
-
- **Make `--frozen` and `--no-sources` conflicting options
-  ([#12671](https://github.com/astral-sh/uv/pull/12671))**
-
-  Using `--no-sources` always requires a new resolution and `--frozen` will always fail when used
-  with it. Now, this conflict is encoded in the CLI options for clarity.
-
- **Treat empty `UV_PYTHON_INSTALL_DIR` and `UV_TOOL_DIR` as unset
-  ([#12907](https://github.com/astral-sh/uv/pull/12907),
-  [#12905](https://github.com/astral-sh/uv/pull/12905))**
-
-  Previously, these variables were treated as set to the current working directory when set to an
-  empty string. Now, uv will ignore these variables when empty. This matches uv's behavior for other
-  environment variables which configure directories.
-
-### Enhancements
-
- Disallow mixing requirements across PyTorch indexes
-  ([#13179](https://github.com/astral-sh/uv/pull/13179))
- Add optional managed Python archive download cache
-  ([#12175](https://github.com/astral-sh/uv/pull/12175))
- Add `poetry-core` as a `uv init` build backend option
-  ([#12781](https://github.com/astral-sh/uv/pull/12781))
- Show tag hints when failing to find a compatible wheel in `pylock.toml`
-  ([#13136](https://github.com/astral-sh/uv/pull/13136))
- Report Python versions in `pyvenv.cfg` version mismatch
-  ([#13027](https://github.com/astral-sh/uv/pull/13027))
-
-### Bug fixes
-
- Avoid erroring on omitted wheel-only packages in `pylock.toml`
-  ([#13132](https://github.com/astral-sh/uv/pull/13132))
- Fix display name for `uvx --version` ([#13109](https://github.com/astral-sh/uv/pull/13109))
- Restore handling of authentication when encountering redirects
-  ([#13050](https://github.com/astral-sh/uv/pull/13050))
- Respect build options (`--no-binary` et al) in `pylock.toml`
-  ([#13134](https://github.com/astral-sh/uv/pull/13134))
- Use `upload-time` rather than `upload_time` in `uv.lock`
-  ([#13176](https://github.com/astral-sh/uv/pull/13176))
-
-### Documentation
-
- Changed `fish` completions append `>>` to overwrite `>`
-  ([#13130](https://github.com/astral-sh/uv/pull/13130))
- Add `pylock.toml` mentions where relevant ([#13115](https://github.com/astral-sh/uv/pull/13115))
- Add ROCm example to the PyTorch guide ([#13200](https://github.com/astral-sh/uv/pull/13200))
- Upgrade PyTorch guide to CUDA 12.8 and PyTorch 2.7
-  ([#13199](https://github.com/astral-sh/uv/pull/13199))
-
-## 0.7.1
-
-### Enhancement
-
- Add support for BLAKE2b-256 ([#13204](https://github.com/astral-sh/uv/pull/13204))
-
-### Bugfix
-
- Revert fix handling of authentication when encountering redirects
-  ([#13215](https://github.com/astral-sh/uv/pull/13215))
-
-## 0.7.2
-
-### Enhancements
-
- Improve trace log for retryable errors ([#13228](https://github.com/astral-sh/uv/pull/13228))
- Use "error" instead of "warning" for self-update message
-  ([#13229](https://github.com/astral-sh/uv/pull/13229))
- Error when `uv version` is used with project-specific flags but no project is found
-  ([#13203](https://github.com/astral-sh/uv/pull/13203))
-
-### Bug fixes
-
- Fix incorrect virtual environment invalidation for pre-release Python versions
-  ([#13234](https://github.com/astral-sh/uv/pull/13234))
- Fix patching of `clang` in managed Python sysconfig
-  ([#13237](https://github.com/astral-sh/uv/pull/13237))
- Respect `--project` in `uv version` ([#13230](https://github.com/astral-sh/uv/pull/13230))
-
-## 0.7.3
-
-### Enhancements
-
- Add `--dry-run` support to `uv self update` ([#9829](https://github.com/astral-sh/uv/pull/9829))
- Add `--show-with` to `uv tool list` to list packages included by `--with`
-  ([#13264](https://github.com/astral-sh/uv/pull/13264))
- De-duplicate fetched index URLs ([#13205](https://github.com/astral-sh/uv/pull/13205))
- Support more zip compression formats: bzip2, lzma, xz, zstd
-  ([#13285](https://github.com/astral-sh/uv/pull/13285))
- Add support for downloading GraalPy ([#13172](https://github.com/astral-sh/uv/pull/13172))
- Improve error message when a virtual environment Python symlink is broken
-  ([#12168](https://github.com/astral-sh/uv/pull/12168))
- Use `fs_err` for paths in symlinking errors ([#13303](https://github.com/astral-sh/uv/pull/13303))
- Minify and embed managed Python JSON at compile time
-  ([#12967](https://github.com/astral-sh/uv/pull/12967))
-
-### Preview features
-
- Build backend: Make preview default and add configuration docs
-  ([#12804](https://github.com/astral-sh/uv/pull/12804))
- Build backend: Allow escaping in globs ([#13313](https://github.com/astral-sh/uv/pull/13313))
- Build backend: Make builds reproducible across operating systems
-  ([#13171](https://github.com/astral-sh/uv/pull/13171))
-
-### Configuration
-
- Add `python-downloads-json-url` option for `uv.toml` to configure custom Python installations via
-  JSON URL ([#12974](https://github.com/astral-sh/uv/pull/12974))
-
-### Bug fixes
-
- Check nested IO errors for retries ([#13260](https://github.com/astral-sh/uv/pull/13260))
- Accept `musllinux_1_0` as a valid platform tag
-  ([#13289](https://github.com/astral-sh/uv/pull/13289))
- Fix discovery of pre-release managed Python versions in range requests
-  ([#13330](https://github.com/astral-sh/uv/pull/13330))
- Respect locked script preferences in `uv run --with`
-  ([#13283](https://github.com/astral-sh/uv/pull/13283))
- Retry streaming downloads on broken pipe errors
-  ([#13281](https://github.com/astral-sh/uv/pull/13281))
- Treat already-installed base environment packages as preferences in `uv run --with`
-  ([#13284](https://github.com/astral-sh/uv/pull/13284))
- Avoid enumerating sources in errors for path Python requests
-  ([#13335](https://github.com/astral-sh/uv/pull/13335))
- Avoid re-creating virtual environment with `--no-sync`
-  ([#13287](https://github.com/astral-sh/uv/pull/13287))
-
-### Documentation
-
- Remove outdated description of index strategy
-  ([#13326](https://github.com/astral-sh/uv/pull/13326))
- Update "Viewing the version" docs ([#13241](https://github.com/astral-sh/uv/pull/13241))
-
-## 0.7.4
-
-### Enhancements
-
- Add more context to external errors ([#13351](https://github.com/astral-sh/uv/pull/13351))
- Align indentation of long arguments ([#13394](https://github.com/astral-sh/uv/pull/13394))
- Preserve order of dependencies which are sorted naively
-  ([#13334](https://github.com/astral-sh/uv/pull/13334))
- Align progress bars by largest name length ([#13266](https://github.com/astral-sh/uv/pull/13266))
- Reinstall local packages in `uv add` ([#13462](https://github.com/astral-sh/uv/pull/13462))
- Rename `--raw-sources` to `--raw` ([#13348](https://github.com/astral-sh/uv/pull/13348))
- Show 'Downgraded' when `self update` is used to install an older version
-  ([#13340](https://github.com/astral-sh/uv/pull/13340))
- Suggest `uv self update` if required uv version is newer
-  ([#13305](https://github.com/astral-sh/uv/pull/13305))
- Add 3.14 beta images to uv Docker images ([#13390](https://github.com/astral-sh/uv/pull/13390))
- Add comma after "i.e." in Conda environment error
-  ([#13423](https://github.com/astral-sh/uv/pull/13423))
- Be more precise in unpinned packages warning
-  ([#13426](https://github.com/astral-sh/uv/pull/13426))
- Fix detection of sorted dependencies when include-group is used
-  ([#13354](https://github.com/astral-sh/uv/pull/13354))
- Fix display of HTTP responses in trace logs for retry of errors
-  ([#13339](https://github.com/astral-sh/uv/pull/13339))
- Log skip reasons during Python installation key interpreter match checks
-  ([#13472](https://github.com/astral-sh/uv/pull/13472))
- Redact credentials when displaying URLs ([#13333](https://github.com/astral-sh/uv/pull/13333))
-
-### Bug fixes
-
- Avoid erroring on `pylock.toml` dependency entries
-  ([#13384](https://github.com/astral-sh/uv/pull/13384))
- Avoid panics for cannot-be-a-base URLs ([#13406](https://github.com/astral-sh/uv/pull/13406))
- Ensure cached realm credentials are applied if no password is found for index URL
-  ([#13463](https://github.com/astral-sh/uv/pull/13463))
- Fix `.tgz` parsing to respect true extension
-  ([#13382](https://github.com/astral-sh/uv/pull/13382))
- Fix double self-dependency ([#13366](https://github.com/astral-sh/uv/pull/13366))
- Reject `pylock.toml` in `uv add -r` ([#13421](https://github.com/astral-sh/uv/pull/13421))
- Retain dot-separated wheel tags during cache prune
-  ([#13379](https://github.com/astral-sh/uv/pull/13379))
- Retain trailing comments after PEP 723 metadata block
-  ([#13460](https://github.com/astral-sh/uv/pull/13460))
-
-### Documentation
-
- Use "export" instead of "install" in `uv export` arguments
-  ([#13430](https://github.com/astral-sh/uv/pull/13430))
- Remove extra newline ([#13461](https://github.com/astral-sh/uv/pull/13461))
-
-### Preview features
-
- Build backend: Normalize glob paths ([#13465](https://github.com/astral-sh/uv/pull/13465))
-
-## 0.7.5
-
-### Bug fixes
-
- Support case-sensitive module discovery in the build backend
-  ([#13468](https://github.com/astral-sh/uv/pull/13468))
- Bump Simple cache bucket to v16 ([#13498](https://github.com/astral-sh/uv/pull/13498))
- Don't error when the script is too short for the buffer
-  ([#13488](https://github.com/astral-sh/uv/pull/13488))
- Add missing word in "script not supported" error
-  ([#13483](https://github.com/astral-sh/uv/pull/13483))
-
-## 0.7.6
-
-### Python
-
- Add Python 3.14 on musl
- Add free-threaded Python on musl
- Add Python 3.14.0a7
- Statically link `libpython` into the interpreter on Linux for a significant performance boost
-
-See the
-[`python-build-standalone` release notes](https://github.com/astral-sh/python-build-standalone/releases/tag/20250517)
-for more details.
-
-### Enhancements
-
- Improve compatibility of `VIRTUAL_ENV_PROMPT` value
-  ([#13501](https://github.com/astral-sh/uv/pull/13501))
- Bump MSRV to 1.85 and Edition 2024 ([#13516](https://github.com/astral-sh/uv/pull/13516))
-
-### Bug fixes
-
- Respect default extras in uv remove ([#13380](https://github.com/astral-sh/uv/pull/13380))
-
-### Documentation
-
- Fix PowerShell code blocks ([#13511](https://github.com/astral-sh/uv/pull/13511))
-
-## 0.7.7
-
-### Python
-
- Work around third-party packages that (incorrectly) assume the interpreter is dynamically linking
-  libpython
- Allow the experimental JIT to be enabled at runtime on Python 3.13 and 3.14 on macOS on aarch64
-  aka Apple Silicon
-
-See the
-[`python-build-standalone` release notes](https://github.com/astral-sh/python-build-standalone/releases/tag/20250521)
-for more details.
-
-### Bug fixes
-
- Make `uv version` lock and sync ([#13317](https://github.com/astral-sh/uv/pull/13317))
- Fix references to `ldd` in diagnostics to correctly refer to `ld.so`
-  ([#13552](https://github.com/astral-sh/uv/pull/13552))
-
-### Documentation
-
- Clarify adding SSH Git dependencies ([#13534](https://github.com/astral-sh/uv/pull/13534))
-
-## 0.7.8
-
-### Python
-
-We are reverting most of our Python changes from `uv 0.7.6` and `uv 0.7.7` due to a miscompilation
-that makes the Python interpreter behave incorrectly, resulting in spurious type-errors involving
-str. This issue seems to be isolated to x86_64 Linux, and affected at least Python 3.12, 3.13, and
-3.14.
-
-The following changes that were introduced in those versions of uv are temporarily being reverted
-while we test and deploy a proper fix for the miscompilation:
-
- Add Python 3.14 on musl
- free-threaded Python on musl
- Add Python 3.14.0a7
- Statically link `libpython` into the interpreter on Linux for a significant performance boost
-
-See [the issue for details](https://github.com/astral-sh/uv/issues/13610).
-
-### Documentation
-
- Remove misleading line in pin documentation ([#13611](https://github.com/astral-sh/uv/pull/13611))
-
-## 0.7.9
-
-### Python
-
-The changes reverted in [0.7.8](#078) have been restored.
-
-See the
-[`python-build-standalone` release notes](https://github.com/astral-sh/python-build-standalone/releases/tag/20250529)
-for more details.
-
-### Enhancements
-
- Improve obfuscation of credentials in URLs ([#13560](https://github.com/astral-sh/uv/pull/13560))
- Allow running non-default Python implementations via `uvx`
-  ([#13583](https://github.com/astral-sh/uv/pull/13583))
- Add `uvw` as alias for `uv` without console window on Windows
-  ([#11786](https://github.com/astral-sh/uv/pull/11786))
- Allow discovery of x86-64 managed Python builds on macOS
-  ([#13722](https://github.com/astral-sh/uv/pull/13722))
- Differentiate between implicit vs explicit architecture requests
-  ([#13723](https://github.com/astral-sh/uv/pull/13723))
- Implement ordering for Python architectures to prefer native installations
-  ([#13709](https://github.com/astral-sh/uv/pull/13709))
- Only show the first match per platform (and architecture) by default in `uv python list`
-  ([#13721](https://github.com/astral-sh/uv/pull/13721))
- Write the path of the parent environment to an `extends-environment` key in the `pyvenv.cfg` file
-  of an ephemeral environment ([#13598](https://github.com/astral-sh/uv/pull/13598))
- Improve the error message when libc cannot be found, e.g., when using the distroless containers
-  ([#13549](https://github.com/astral-sh/uv/pull/13549))
-
-### Performance
-
- Avoid rendering info log level ([#13642](https://github.com/astral-sh/uv/pull/13642))
- Improve performance of `uv-python` crate's manylinux submodule
-  ([#11131](https://github.com/astral-sh/uv/pull/11131))
- Optimize `Version` display ([#13643](https://github.com/astral-sh/uv/pull/13643))
- Reduce number of reference-checks for `uv cache clean`
-  ([#13669](https://github.com/astral-sh/uv/pull/13669))
-
-### Bug fixes
-
- Avoid reinstalling dependency group members with `--all-packages`
-  ([#13678](https://github.com/astral-sh/uv/pull/13678))
- Don't fail direct URL hash checking with dependency metadata
-  ([#13736](https://github.com/astral-sh/uv/pull/13736))
- Exit early on `self update` if global `--offline` is set
-  ([#13663](https://github.com/astral-sh/uv/pull/13663))
- Fix cases where the uv lock is incorrectly marked as out of date
-  ([#13635](https://github.com/astral-sh/uv/pull/13635))
- Include pre-release versions in `uv python install --reinstall`
-  ([#13645](https://github.com/astral-sh/uv/pull/13645))
- Set `LC_ALL=C` for git when checking git worktree
-  ([#13637](https://github.com/astral-sh/uv/pull/13637))
- Avoid rejecting Windows paths for remote Python download JSON targets
-  ([#13625](https://github.com/astral-sh/uv/pull/13625))
-
-### Preview
-
- Add `uv add --bounds` to configure version constraints
-  ([#12946](https://github.com/astral-sh/uv/pull/12946))
-
-### Documentation
-
- Add documentation about Python versions to Tools concept page
-  ([#7673](https://github.com/astral-sh/uv/pull/7673))
- Add example of enabling Dependabot ([#13692](https://github.com/astral-sh/uv/pull/13692))
- Fix `exclude-newer` date format for persistent configuration files
-  ([#13706](https://github.com/astral-sh/uv/pull/13706))
- Quote versions variables in GitLab documentation
-  ([#13679](https://github.com/astral-sh/uv/pull/13679))
- Update Dependabot support status ([#13690](https://github.com/astral-sh/uv/pull/13690))
- Explicitly specify to add a new repo entry to the repos list item in the `.pre-commit-config.yaml`
-  ([#10243](https://github.com/astral-sh/uv/pull/10243))
- Add integration with marimo guide ([#13691](https://github.com/astral-sh/uv/pull/13691))
- Add pronunciation to README ([#5336](https://github.com/astral-sh/uv/pull/5336))
-
-## 0.7.10
-
-### Enhancements
-
- Add `--show-extras` to `uv tool list` ([#13783](https://github.com/astral-sh/uv/pull/13783))
- Add dynamically generated sysconfig replacement mappings
-  ([#13441](https://github.com/astral-sh/uv/pull/13441))
- Add data locations to install wheel logs ([#13797](https://github.com/astral-sh/uv/pull/13797))
-
-### Bug fixes
-
- Avoid redaction of placeholder `git` username when using SSH authentication
-  ([#13799](https://github.com/astral-sh/uv/pull/13799))
- Propagate credentials to files on devpi indexes ending in `/+simple`
-  ([#13743](https://github.com/astral-sh/uv/pull/13743))
- Restore retention of credentials for direct URLs in `uv export`
-  ([#13809](https://github.com/astral-sh/uv/pull/13809))
-
-## 0.7.11
-
-### Python
-
- Add Python 3.14.0b1
- Add Python 3.13.4
- Add Python 3.12.11
- Add Python 3.11.13
- Add Python 3.10.18
- Add Python 3.9.23
-
-### Enhancements
-
- Add Pyodide support ([#12731](https://github.com/astral-sh/uv/pull/12731))
- Better error message for version specifier with missing operator
-  ([#13803](https://github.com/astral-sh/uv/pull/13803))
-
-### Bug fixes
-
- Downgrade `reqwest` and `hyper-util` to resolve connection reset errors over IPv6
-  ([#13835](https://github.com/astral-sh/uv/pull/13835))
- Prefer `uv`'s binary's version when checking if it's up to date
-  ([#13840](https://github.com/astral-sh/uv/pull/13840))
-
-### Documentation
-
- Use "terminal driver" instead of "shell" in `SIGINT` docs
-  ([#13787](https://github.com/astral-sh/uv/pull/13787))
-
-## 0.7.12
-
-### Enhancements
-
- Add `uv python pin --rm` to remove `.python-version` pins
-  ([#13860](https://github.com/astral-sh/uv/pull/13860))
- Don't hint at versions removed by `excluded-newer`
-  ([#13884](https://github.com/astral-sh/uv/pull/13884))
- Add hint to use `tool.uv.environments` on resolution error
-  ([#13455](https://github.com/astral-sh/uv/pull/13455))
- Add hint to use `tool.uv.required-environments` on resolution error
-  ([#13575](https://github.com/astral-sh/uv/pull/13575))
- Improve `python pin` error messages ([#13862](https://github.com/astral-sh/uv/pull/13862))
-
-### Bug fixes
-
- Lock environments during `uv sync`, `uv add` and `uv remove` to prevent race conditions
-  ([#13869](https://github.com/astral-sh/uv/pull/13869))
- Add `--no-editable` to `uv export` for `pylock.toml`
-  ([#13852](https://github.com/astral-sh/uv/pull/13852))
-
-### Documentation
-
- List `.gitignore` in project init files ([#13855](https://github.com/astral-sh/uv/pull/13855))
- Move the pip interface documentation into the concepts section
-  ([#13841](https://github.com/astral-sh/uv/pull/13841))
- Remove the configuration section in favor of concepts / reference
-  ([#13842](https://github.com/astral-sh/uv/pull/13842))
- Update Git and GitHub Actions docs to mention `gh auth login`
-  ([#13850](https://github.com/astral-sh/uv/pull/13850))
-
-### Preview
-
- Fix directory glob traversal fallback preventing exclusion of all files
-  ([#13882](https://github.com/astral-sh/uv/pull/13882))
-
-## 0.7.13
-
-### Python
-
- Add Python 3.14.0b2
- Add Python 3.13.5
- Fix stability of `uuid.getnode` on 3.13
-
-See the
-[`python-build-standalone` release notes](https://github.com/astral-sh/python-build-standalone/releases/tag/20250612)
-for more details.
-
-### Enhancements
-
- Download versions in `uv python pin` if not found
-  ([#13946](https://github.com/astral-sh/uv/pull/13946))
- Use TTY detection to determine if SIGINT forwarding is enabled
-  ([#13925](https://github.com/astral-sh/uv/pull/13925))
- Avoid fetching an exact, cached Git commit, even if it isn't locked
-  ([#13748](https://github.com/astral-sh/uv/pull/13748))
- Add `zstd` and `deflate` to `Accept-Encoding`
-  ([#13982](https://github.com/astral-sh/uv/pull/13982))
- Build binaries for riscv64 ([#12688](https://github.com/astral-sh/uv/pull/12688))
-
-### Bug fixes
-
- Check if relative URL is valid directory before treating as index
-  ([#13917](https://github.com/astral-sh/uv/pull/13917))
- Ignore Python discovery errors during `uv python pin`
-  ([#13944](https://github.com/astral-sh/uv/pull/13944))
- Do not allow `uv add --group ... --script` ([#13997](https://github.com/astral-sh/uv/pull/13997))
-
-### Preview changes
-
- Build backend: Support namespace packages ([#13833](https://github.com/astral-sh/uv/pull/13833))
-
-### Documentation
-
- Add 3.14 to the supported platform reference
-  ([#13990](https://github.com/astral-sh/uv/pull/13990))
- Add an `llms.txt` to uv ([#13929](https://github.com/astral-sh/uv/pull/13929))
- Add supported macOS version to the platform reference
-  ([#13993](https://github.com/astral-sh/uv/pull/13993))
- Update platform support reference to include Python implementation list
-  ([#13991](https://github.com/astral-sh/uv/pull/13991))
- Update pytorch.md ([#13899](https://github.com/astral-sh/uv/pull/13899))
- Update the CLI help and reference to include references to the Python bin directory
-  ([#13978](https://github.com/astral-sh/uv/pull/13978))
-
-## 0.7.14
-
-### Enhancements
-
- Add XPU to `--torch-backend` ([#14172](https://github.com/astral-sh/uv/pull/14172))
- Add ROCm backends to `--torch-backend` ([#14120](https://github.com/astral-sh/uv/pull/14120))
- Remove preview label from `--torch-backend` ([#14119](https://github.com/astral-sh/uv/pull/14119))
- Add `[tool.uv.dependency-groups].mygroup.requires-python`
-  ([#13735](https://github.com/astral-sh/uv/pull/13735))
- Add auto-detection for AMD GPUs ([#14176](https://github.com/astral-sh/uv/pull/14176))
- Show retries for HTTP status code errors ([#13897](https://github.com/astral-sh/uv/pull/13897))
- Support transparent Python patch version upgrades
-  ([#13954](https://github.com/astral-sh/uv/pull/13954))
- Warn on empty index directory ([#13940](https://github.com/astral-sh/uv/pull/13940))
- Publish to DockerHub ([#14088](https://github.com/astral-sh/uv/pull/14088))
-
-### Performance
-
- Make cold resolves about 10% faster ([#14035](https://github.com/astral-sh/uv/pull/14035))
-
-### Bug fixes
-
- Don't use walrus operator in interpreter query script
-  ([#14108](https://github.com/astral-sh/uv/pull/14108))
- Fix handling of changes to `requires-python`
-  ([#14076](https://github.com/astral-sh/uv/pull/14076))
- Fix implied `platform_machine` marker for `win_amd64` platform tag
-  ([#14041](https://github.com/astral-sh/uv/pull/14041))
- Only update existing symlink directories on preview uninstall
-  ([#14179](https://github.com/astral-sh/uv/pull/14179))
- Serialize Python requests for tools as canonicalized strings
-  ([#14109](https://github.com/astral-sh/uv/pull/14109))
- Support netrc and same-origin credential propagation on index redirects
-  ([#14126](https://github.com/astral-sh/uv/pull/14126))
- Support reading `dependency-groups` from pyproject.tomls with no `[project]`
-  ([#13742](https://github.com/astral-sh/uv/pull/13742))
- Handle an existing shebang in `uv init --script`
-  ([#14141](https://github.com/astral-sh/uv/pull/14141))
- Prevent concurrent updates of the environment in `uv run`
-  ([#14153](https://github.com/astral-sh/uv/pull/14153))
- Filter managed Python distributions by platform before querying when included in request
-  ([#13936](https://github.com/astral-sh/uv/pull/13936))
-
-### Documentation
-
- Replace cuda124 with cuda128 ([#14168](https://github.com/astral-sh/uv/pull/14168))
- Document the way member sources shadow workspace sources
-  ([#14136](https://github.com/astral-sh/uv/pull/14136))
- Sync documented PyTorch integration index for CUDA and ROCm versions from PyTorch website
-  ([#14100](https://github.com/astral-sh/uv/pull/14100))
-
-## 0.7.15
-
-### Enhancements
-
- Consistently use `Ordering::Relaxed` for standalone atomic use cases
-  ([#14190](https://github.com/astral-sh/uv/pull/14190))
- Warn on ambiguous relative paths for `--index`
-  ([#14152](https://github.com/astral-sh/uv/pull/14152))
- Skip GitHub fast path when rate-limited ([#13033](https://github.com/astral-sh/uv/pull/13033))
- Preserve newlines in `schema.json` descriptions
-  ([#13693](https://github.com/astral-sh/uv/pull/13693))
-
-### Bug fixes
-
- Add check for using minor version link when creating a venv on Windows
-  ([#14252](https://github.com/astral-sh/uv/pull/14252))
- Strip query parameters when parsing source URL
-  ([#14224](https://github.com/astral-sh/uv/pull/14224))
-
-### Documentation
-
- Add a link to PyPI FAQ to clarify what per-project token is
-  ([#14242](https://github.com/astral-sh/uv/pull/14242))
-
-### Preview features
-
- Allow symlinks in the build backend ([#14212](https://github.com/astral-sh/uv/pull/14212))
-
-## 0.7.16
-
-### Python
-
- Add Python 3.14.0b3
-
-See the
-[`python-build-standalone` release notes](https://github.com/astral-sh/python-build-standalone/releases/tag/20250626)
-for more details.
-
-### Enhancements
-
- Include path or URL when failing to convert in lockfile
-  ([#14292](https://github.com/astral-sh/uv/pull/14292))
- Warn when `~=` is used as a Python version specifier without a patch version
-  ([#14008](https://github.com/astral-sh/uv/pull/14008))
-
-### Preview features
-
- Ensure preview default Python installs are upgradeable
-  ([#14261](https://github.com/astral-sh/uv/pull/14261))
-
-### Performance
-
- Share workspace cache between lock and sync operations
-  ([#14321](https://github.com/astral-sh/uv/pull/14321))
-
-### Bug fixes
-
- Allow local indexes to reference remote files
-  ([#14294](https://github.com/astral-sh/uv/pull/14294))
- Avoid rendering desugared prefix matches in error messages
-  ([#14195](https://github.com/astral-sh/uv/pull/14195))
- Avoid using path URL for workspace Git dependencies in `requirements.txt`
-  ([#14288](https://github.com/astral-sh/uv/pull/14288))
- Normalize index URLs to remove trailing slash
-  ([#14245](https://github.com/astral-sh/uv/pull/14245))
- Respect URL-encoded credentials in redirect location
-  ([#14315](https://github.com/astral-sh/uv/pull/14315))
- Lock the source tree when running setuptools, to protect concurrent builds
-  ([#14174](https://github.com/astral-sh/uv/pull/14174))
-
-### Documentation
-
- Note that GCP Artifact Registry download URLs must have `/simple` component
-  ([#14251](https://github.com/astral-sh/uv/pull/14251))
-
-## 0.7.17
-
-### Bug fixes
-
- Apply build constraints when resolving `--with` dependencies
-  ([#14340](https://github.com/astral-sh/uv/pull/14340))
- Drop trailing slashes when converting index URL from URL
-  ([#14346](https://github.com/astral-sh/uv/pull/14346))
- Ignore `UV_PYTHON_CACHE_DIR` when empty ([#14336](https://github.com/astral-sh/uv/pull/14336))
- Fix error message ordering for `pyvenv.cfg` version conflict
-  ([#14329](https://github.com/astral-sh/uv/pull/14329))
-
-## 0.7.18
-
-### Python
-
- Added arm64 Windows Python 3.11, 3.12, 3.13, and 3.14 These are not downloaded by default, since
-  x86-64 Python has broader ecosystem support on Windows. However, they can be requested with
-  `cpython-<version>-windows-aarch64`.
-
-See the
-[python-build-standalone release](https://github.com/astral-sh/python-build-standalone/releases/tag/20250630)
-for more details.
-
-### Enhancements
-
- Keep track of retries in `ManagedPythonDownload::fetch_with_retry`
-  ([#14378](https://github.com/astral-sh/uv/pull/14378))
- Reuse build (virtual) environments across resolution and installation
-  ([#14338](https://github.com/astral-sh/uv/pull/14338))
- Improve trace message for cached Python interpreter query
-  ([#14328](https://github.com/astral-sh/uv/pull/14328))
- Use parsed URLs for conflicting URL error message
-  ([#14380](https://github.com/astral-sh/uv/pull/14380))
-
-### Preview features
-
- Ignore invalid build backend settings when not building
-  ([#14372](https://github.com/astral-sh/uv/pull/14372))
-
-### Bug fixes
-
- Fix equals-star and tilde-equals with `python_version` and `python_full_version`
-  ([#14271](https://github.com/astral-sh/uv/pull/14271))
- Include the canonical path in the interpreter query cache key
-  ([#14331](https://github.com/astral-sh/uv/pull/14331))
- Only drop build directories on program exit ([#14304](https://github.com/astral-sh/uv/pull/14304))
- Error instead of panic on conflict between global and subcommand flags
-  ([#14368](https://github.com/astral-sh/uv/pull/14368))
- Consistently normalize trailing slashes on URLs with no path segments
-  ([#14349](https://github.com/astral-sh/uv/pull/14349))
-
-### Documentation
-
- Add instructions for publishing to JFrog's Artifactory
-  ([#14253](https://github.com/astral-sh/uv/pull/14253))
- Edits to the build backend documentation ([#14376](https://github.com/astral-sh/uv/pull/14376))
-
-## 0.7.19
-
-The **[uv build backend](https://docs.astral.sh/uv/concepts/build-backend/) is now stable**, and
-considered ready for production use.
-
-The uv build backend is a great choice for pure Python projects. It has reasonable defaults, with
-the goal of requiring zero configuration for most users, but provides flexible configuration to
-accommodate most Python project structures. It integrates tightly with uv, to improve messaging and
-user experience. It validates project metadata and structures, preventing common mistakes. And,
-finally, it's very fast — `uv sync` on a new project (from `uv init`) is 10-30x faster than with
-other build backends.
-
-To use uv as a build backend in an existing project, add `uv_build` to the `[build-system]` section
-in your `pyproject.toml`:
-
-```toml
-[build-system]
-requires = ["uv_build>=0.7.19,<0.8.0"]
-build-backend = "uv_build"
-```
-
-In a future release, it will replace `hatchling` as the default in `uv init`. As before, uv will
-remain compatible with all standards-compliant build backends.
-
-### Python
-
- Add PGO distributions of Python for aarch64 Linux, which are more optimized for better performance
-
-See the
-[python-build-standalone release](https://github.com/astral-sh/python-build-standalone/releases/tag/20250702)
-for more details.
-
-### Enhancements
-
- Ignore Python patch version for `--universal` pip compile
-  ([#14405](https://github.com/astral-sh/uv/pull/14405))
- Update the tilde version specifier warning to include more context
-  ([#14335](https://github.com/astral-sh/uv/pull/14335))
- Clarify behavior and hint on tool install when no executables are available
-  ([#14423](https://github.com/astral-sh/uv/pull/14423))
-
-### Bug fixes
-
- Make project and interpreter lock acquisition non-fatal
-  ([#14404](https://github.com/astral-sh/uv/pull/14404))
- Includes `sys.prefix` in cached environment keys to avoid `--with` collisions across projects
-  ([#14403](https://github.com/astral-sh/uv/pull/14403))
-
-### Documentation
-
- Add a migration guide from pip to uv projects
-  ([#12382](https://github.com/astral-sh/uv/pull/12382))
-
-## 0.7.20
-
-### Python
-
- Add Python 3.14.0b4
- Add zstd support to Python 3.14 on Unix (it already was available on Windows)
- Add PyPy 7.3.20 (for Python 3.11.13)
-
-See the [PyPy](https://pypy.org/posts/2025/07/pypy-v7320-release.html) and
-[`python-build-standalone`](https://github.com/astral-sh/python-build-standalone/releases/tag/20250708)
-release notes for more details.
-
-### Enhancements
-
- Add `--workspace` flag to `uv add` ([#14496](https://github.com/astral-sh/uv/pull/14496))
- Add auto-detection for Intel GPUs ([#14386](https://github.com/astral-sh/uv/pull/14386))
- Drop trailing arguments when writing shebangs
-  ([#14519](https://github.com/astral-sh/uv/pull/14519))
- Add debug message when skipping Python downloads
-  ([#14509](https://github.com/astral-sh/uv/pull/14509))
- Add support for declaring multiple modules in namespace packages
-  ([#14460](https://github.com/astral-sh/uv/pull/14460))
-
-### Bug fixes
-
- Revert normalization of trailing slashes on index URLs
-  ([#14511](https://github.com/astral-sh/uv/pull/14511))
- Fix forced resolution with all extras in `uv version`
-  ([#14434](https://github.com/astral-sh/uv/pull/14434))
- Fix handling of pre-releases in preferences ([#14498](https://github.com/astral-sh/uv/pull/14498))
- Remove transparent variants in `uv-extract` to enable retries
-  ([#14450](https://github.com/astral-sh/uv/pull/14450))
-
-### Rust API
-
- Add method to get packages involved in a `NoSolutionError`
-  ([#14457](https://github.com/astral-sh/uv/pull/14457))
- Make `ErrorTree` for `NoSolutionError` public
-  ([#14444](https://github.com/astral-sh/uv/pull/14444))
-
-### Documentation
-
- Finish incomplete sentence in pip migration guide
-  ([#14432](https://github.com/astral-sh/uv/pull/14432))
- Remove `cache-dependency-glob` examples for `setup-uv`
-  ([#14493](https://github.com/astral-sh/uv/pull/14493))
- Remove `uv pip sync` suggestion with `pyproject.toml`
-  ([#14510](https://github.com/astral-sh/uv/pull/14510))
- Update documentation for GitHub to use `setup-uv@v6`
-  ([#14490](https://github.com/astral-sh/uv/pull/14490))
-
-## 0.7.21
-
-### Python
-
- Restore the SQLite `fts4`, `fts5`, `rtree`, and `geopoly` extensions on macOS and Linux
-
-See the
-[`python-build-standalone` release notes](https://github.com/astral-sh/python-build-standalone/releases/tag/20250712)
-for more details.
-
-### Enhancements
-
- Add `--python-platform` to `uv sync` ([#14320](https://github.com/astral-sh/uv/pull/14320))
- Support pre-releases in `uv version --bump` ([#13578](https://github.com/astral-sh/uv/pull/13578))
- Add `-w` shorthand for `--with` ([#14530](https://github.com/astral-sh/uv/pull/14530))
- Add an exception handler on Windows to display information on crash
-  ([#14582](https://github.com/astral-sh/uv/pull/14582))
- Add hint when Python downloads are disabled ([#14522](https://github.com/astral-sh/uv/pull/14522))
- Add `UV_HTTP_RETRIES` to customize retry counts
-  ([#14544](https://github.com/astral-sh/uv/pull/14544))
- Follow leaf symlinks matched by globs in `cache-key`
-  ([#13438](https://github.com/astral-sh/uv/pull/13438))
- Support parent path components (`..`) in globs in `cache-key`
-  ([#13469](https://github.com/astral-sh/uv/pull/13469))
- Improve `cache-key` performance ([#13469](https://github.com/astral-sh/uv/pull/13469))
-
-### Preview features
-
- Add `uv sync --output-format json` ([#13689](https://github.com/astral-sh/uv/pull/13689))
-
-### Bug fixes
-
- Do not re-resolve with a new Python version in `uv tool` if it is incompatible with `--python`
-  ([#14606](https://github.com/astral-sh/uv/pull/14606))
-
-### Documentation
-
- Document how to nest dependency groups with `include-group`
-  ([#14539](https://github.com/astral-sh/uv/pull/14539))
- Fix repeated word in Pyodide doc ([#14554](https://github.com/astral-sh/uv/pull/14554))
- Update CONTRIBUTING.md with instructions to format Markdown files via Docker
-  ([#14246](https://github.com/astral-sh/uv/pull/14246))
- Fix version number for `setup-python` ([#14533](https://github.com/astral-sh/uv/pull/14533))
-
-## 0.7.22
-
-### Python
-
- Upgrade GraalPy to 24.2.2
-
-See the [GraalPy release notes](https://github.com/oracle/graalpython/releases/tag/graal-24.2.2) for
-more details.
-
-### Configuration
-
- Add `UV_COMPILE_BYTECODE_TIMEOUT` environment variable
-  ([#14369](https://github.com/astral-sh/uv/pull/14369))
- Allow users to override index `cache-control` headers
-  ([#14620](https://github.com/astral-sh/uv/pull/14620))
- Add `UV_LIBC` to override libc selection in multi-libc environment
-  ([#14646](https://github.com/astral-sh/uv/pull/14646))
-
-### Bug fixes
-
- Fix `--all-arches` when paired with `--only-downloads`
-  ([#14629](https://github.com/astral-sh/uv/pull/14629))
- Skip Windows Python interpreters that return a broken MSIX package code
-  ([#14636](https://github.com/astral-sh/uv/pull/14636))
- Warn on invalid `uv.toml` when provided via direct path
-  ([#14653](https://github.com/astral-sh/uv/pull/14653))
- Improve async signal safety in Windows exception handler
-  ([#14619](https://github.com/astral-sh/uv/pull/14619))
-
-### Documentation
-
- Mention the `revision` in the lockfile versioning doc
-  ([#14634](https://github.com/astral-sh/uv/pull/14634))
- Move "Conflicting dependencies" to the "Resolution" page
-  ([#14633](https://github.com/astral-sh/uv/pull/14633))
- Rename "Dependency specifiers" section to exclude PEP 508 reference
-  ([#14631](https://github.com/astral-sh/uv/pull/14631))
- Suggest `uv cache clean` prior to `--reinstall`
-  ([#14659](https://github.com/astral-sh/uv/pull/14659))
-
-### Preview features
-
- Make preview Python registration on Windows non-fatal
-  ([#14614](https://github.com/astral-sh/uv/pull/14614))
- Update preview installation of Python executables to be non-fatal
-  ([#14612](https://github.com/astral-sh/uv/pull/14612))
- Add `uv python update-shell` ([#14627](https://github.com/astral-sh/uv/pull/14627))
--- a/clippy.toml
+++ b/clippy.toml
@ -6,8 +6,6 @@ doc-valid-idents = [
  "GraalPy",
  "ReFS",
  "PyTorch",
-  "ROCm",
-  "XPU",
  ".." # Include the defaults
 ]

@ -37,7 +35,7 @@ disallowed-methods = [
  "std::fs::soft_link",
  "std::fs::symlink_metadata",
  "std::fs::write",
-  { path = "std::os::unix::fs::symlink", allow-invalid = true },
-  { path = "std::os::windows::fs::symlink_dir", allow-invalid = true },
-  { path = "std::os::windows::fs::symlink_file", allow-invalid = true },
+  "std::os::unix::fs::symlink",
+  "std::os::windows::fs::symlink_dir",
+  "std::os::windows::fs::symlink_file",
 ]
--- a/crates/uv-auth/Cargo.toml
+++ b/crates/uv-auth/Cargo.toml
@ -33,8 +33,8 @@ tracing = { workspace = true }
 url = { workspace = true }

 [dev-dependencies]
-insta = { workspace = true }
+insta = { version = "1.40.0" }
 tempfile = { workspace = true }
-test-log = { workspace = true }
+test-log = { version = "0.2.16", features = ["trace"], default-features = false }
 tokio = { workspace = true }
 wiremock = { workspace = true }
--- a/crates/uv-auth/src/index.rs
+++ b/crates/uv-auth/src/index.rs
@ -86,7 +86,7 @@ impl Indexes {
        Self(FxHashSet::default())
    }

-    /// Create a new [`Indexes`] instance from an iterator of [`Index`]s.
+    /// Create a new [`AuthIndexUrls`] from an iterator of [`AuthIndexUrl`]s.
    pub fn from_indexes(urls: impl IntoIterator<Item = Index>) -> Self {
        let mut index_urls = Self::new();
        for url in urls {
--- a/crates/uv-auth/src/lib.rs
+++ b/crates/uv-auth/src/lib.rs
@ -15,7 +15,6 @@ mod credentials;
 mod index;
 mod keyring;
 mod middleware;
-mod providers;
 mod realm;

 // TODO(zanieb): Consider passing a cache explicitly throughout
--- a/crates/uv-auth/src/middleware.rs
+++ b/crates/uv-auth/src/middleware.rs
@ -7,7 +7,6 @@ use reqwest::{Request, Response};
 use reqwest_middleware::{Error, Middleware, Next};
 use tracing::{debug, trace, warn};

-use crate::providers::HuggingFaceProvider;
 use crate::{
    CREDENTIALS_CACHE, CredentialsCache, KeyringProvider,
    cache::FetchUrl,
@ -458,8 +457,9 @@ impl AuthMiddleware {
            Some(credentials)
        };

-        self.complete_request(credentials, request, extensions, next, auth_policy)
-            .await
+        return self
+            .complete_request(credentials, request, extensions, next, auth_policy)
+            .await;
    }

    /// Fetch credentials for a URL.
@ -503,13 +503,6 @@ impl AuthMiddleware {
            return credentials;
        }

-        // Support for known providers, like Hugging Face.
-        if let Some(credentials) = HuggingFaceProvider::credentials_for(url).map(Arc::new) {
-            debug!("Found Hugging Face credentials for {url}");
-            self.cache().fetches.done(key, Some(credentials.clone()));
-            return Some(credentials);
-        }
-
        // Netrc support based on: <https://github.com/gribouille/netrc>.
        let credentials = if let Some(credentials) = self.netrc.get().and_then(|netrc| {
            debug!("Checking netrc for credentials for {url}");
--- a/crates/uv-auth/src/providers.rs
+++ b/crates/uv-auth/src/providers.rs
@ -1,49 +0,0 @@
-use std::sync::LazyLock;
-use tracing::debug;
-use url::Url;
-
-use uv_static::EnvVars;
-
-use crate::Credentials;
-use crate::realm::{Realm, RealmRef};
-
-/// The [`Realm`] for the Hugging Face platform.
-static HUGGING_FACE_REALM: LazyLock<Realm> = LazyLock::new(|| {
-    let url = Url::parse("https://huggingface.co").expect("Failed to parse Hugging Face URL");
-    Realm::from(&url)
-});
-
-/// The authentication token for the Hugging Face platform, if set.
-static HUGGING_FACE_TOKEN: LazyLock<Option<Vec<u8>>> = LazyLock::new(|| {
-    // Extract the Hugging Face token from the environment variable, if it exists.
-    let hf_token = std::env::var(EnvVars::HF_TOKEN)
-        .ok()
-        .map(String::into_bytes)
-        .filter(|token| !token.is_empty())?;
-
-    if std::env::var_os(EnvVars::UV_NO_HF_TOKEN).is_some() {
-        debug!("Ignoring Hugging Face token from environment due to `UV_NO_HF_TOKEN`");
-        return None;
-    }
-
-    debug!("Found Hugging Face token in environment");
-    Some(hf_token)
-});
-
-/// A provider for authentication credentials for the Hugging Face platform.
-#[derive(Debug, Clone, PartialEq, Eq)]
-pub(crate) struct HuggingFaceProvider;
-
-impl HuggingFaceProvider {
-    /// Returns the credentials for the Hugging Face platform, if available.
-    pub(crate) fn credentials_for(url: &Url) -> Option<Credentials> {
-        if RealmRef::from(url) == *HUGGING_FACE_REALM {
-            if let Some(token) = HUGGING_FACE_TOKEN.as_ref() {
-                return Some(Credentials::Bearer {
-                    token: token.clone(),
-                });
-            }
-        }
-        None
-    }
-}
--- a/crates/uv-auth/src/realm.rs
+++ b/crates/uv-auth/src/realm.rs
@ -1,5 +1,5 @@
-use std::hash::{Hash, Hasher};
 use std::{fmt::Display, fmt::Formatter};
+
 use url::Url;
 use uv_small_str::SmallString;

@ -22,7 +22,7 @@ use uv_small_str::SmallString;
 // The port is only allowed to differ if it matches the "default port" for the scheme.
 // However, `url` (and therefore `reqwest`) sets the `port` to `None` if it matches the default port
 // so we do not need any special handling here.
-#[derive(Debug, Clone)]
+#[derive(Debug, Clone, PartialEq, Eq, Hash)]
 pub(crate) struct Realm {
    scheme: SmallString,
    host: Option<SmallString>,
@ -59,76 +59,6 @@ impl Display for Realm {
    }
 }

-impl PartialEq for Realm {
-    fn eq(&self, other: &Self) -> bool {
-        RealmRef::from(self) == RealmRef::from(other)
-    }
-}
-
-impl Eq for Realm {}
-
-impl Hash for Realm {
-    fn hash<H: Hasher>(&self, state: &mut H) {
-        RealmRef::from(self).hash(state);
-    }
-}
-
-/// A reference to a [`Realm`] that can be used for zero-allocation comparisons.
-#[derive(Debug, Copy, Clone)]
-pub(crate) struct RealmRef<'a> {
-    scheme: &'a str,
-    host: Option<&'a str>,
-    port: Option<u16>,
-}
-
-impl<'a> From<&'a Url> for RealmRef<'a> {
-    fn from(url: &'a Url) -> Self {
-        Self {
-            scheme: url.scheme(),
-            host: url.host_str(),
-            port: url.port(),
-        }
-    }
-}
-
-impl PartialEq for RealmRef<'_> {
-    fn eq(&self, other: &Self) -> bool {
-        self.scheme == other.scheme && self.host == other.host && self.port == other.port
-    }
-}
-
-impl Eq for RealmRef<'_> {}
-
-impl Hash for RealmRef<'_> {
-    fn hash<H: Hasher>(&self, state: &mut H) {
-        self.scheme.hash(state);
-        self.host.hash(state);
-        self.port.hash(state);
-    }
-}
-
-impl<'a> PartialEq<RealmRef<'a>> for Realm {
-    fn eq(&self, rhs: &RealmRef<'a>) -> bool {
-        RealmRef::from(self) == *rhs
-    }
-}
-
-impl PartialEq<Realm> for RealmRef<'_> {
-    fn eq(&self, rhs: &Realm) -> bool {
-        *self == RealmRef::from(rhs)
-    }
-}
-
-impl<'a> From<&'a Realm> for RealmRef<'a> {
-    fn from(realm: &'a Realm) -> Self {
-        Self {
-            scheme: &realm.scheme,
-            host: realm.host.as_deref(),
-            port: realm.port,
-        }
-    }
-}
-
 #[cfg(test)]
 mod tests {
    use url::{ParseError, Url};
--- a/crates/uv-bench/Cargo.toml
+++ b/crates/uv-bench/Cargo.toml
@ -18,6 +18,11 @@ workspace = true
 doctest = false
 bench = false

+[[bench]]
+name = "distribution-filename"
+path = "benches/distribution_filename.rs"
+harness = false
+
 [[bench]]
 name = "uv"
 path = "benches/uv.rs"
@ -29,6 +34,7 @@ uv-client = { workspace = true }
 uv-configuration = { workspace = true }
 uv-dispatch = { workspace = true }
 uv-distribution = { workspace = true }
+uv-distribution-filename = { workspace = true }
 uv-distribution-types = { workspace = true }
 uv-extract = { workspace = true, optional = true }
 uv-install-wheel = { workspace = true }
@ -42,10 +48,8 @@ uv-types = { workspace = true }
 uv-workspace = { workspace = true }

 anyhow = { workspace = true }
-codspeed-criterion-compat = { version = "3.0.2", default-features = false, optional = true }
-criterion = { version = "0.7.0", default-features = false, features = [
-  "async_tokio",
-] }
+codspeed-criterion-compat = { version = "2.7.2", default-features = false, optional = true }
+criterion = { version = "0.6.0", default-features = false, features = ["async_tokio"] }
 jiff = { workspace = true }
 tokio = { workspace = true }

--- a/crates/uv-bench/benches/distribution_filename.rs
+++ b/crates/uv-bench/benches/distribution_filename.rs
@ -0,0 +1,168 @@
+use std::str::FromStr;
+
+use uv_bench::criterion::{
+    BenchmarkId, Criterion, Throughput, criterion_group, criterion_main, measurement::WallTime,
+};
+use uv_distribution_filename::WheelFilename;
+use uv_platform_tags::{AbiTag, LanguageTag, PlatformTag, Tags};
+
+/// A set of platform tags extracted from burntsushi's Archlinux workstation.
+/// We could just re-create these via `Tags::from_env`, but those might differ
+/// depending on the platform. This way, we always use the same data. It also
+/// lets us assert tag compatibility regardless of where the benchmarks run.
+const PLATFORM_TAGS: &[(&str, &str, &str)] = include!("../inputs/platform_tags.rs");
+
+/// A set of wheel names used in the benchmarks below. We pick short and long
+/// names, as well as compatible and not-compatibles (with `PLATFORM_TAGS`)
+/// names.
+///
+/// The tuple is (name, filename, compatible) where `name` is a descriptive
+/// name for humans used in the benchmark definition. And `filename` is the
+/// actual wheel filename we want to benchmark operation on. And `compatible`
+/// indicates whether the tags in the wheel filename are expected to be
+/// compatible with the tags in `PLATFORM_TAGS`.
+const WHEEL_NAMES: &[(&str, &str, bool)] = &[
+    // This tests a case with a very short name that *is* compatible with
+    // PLATFORM_TAGS. It only uses one tag for each component (one Python
+    // version, one ABI and one platform).
+    (
+        "flyte-short-compatible",
+        "ipython-2.1.0-py3-none-any.whl",
+        true,
+    ),
+    // This tests a case with a long name that is *not* compatible. That
+    // is, all platform tags need to be checked against the tags in the
+    // wheel filename. This is essentially the worst possible practical
+    // case.
+    (
+        "flyte-long-incompatible",
+        "protobuf-3.5.2.post1-cp36-cp36m-macosx_10_6_intel.macosx_10_9_intel.macosx_10_9_x86_64.macosx_10_10_intel.macosx_10_10_x86_64.whl",
+        false,
+    ),
+    // This tests a case with a long name that *is* compatible. We
+    // expect this to be (on average) quicker because the compatibility
+    // check stops as soon as a positive match is found. (Where as the
+    // incompatible case needs to check all tags.)
+    (
+        "flyte-long-compatible",
+        "coverage-6.6.0b1-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
+        true,
+    ),
+];
+
+/// A list of names that are candidates for wheel filenames but will ultimately
+/// fail to parse.
+const INVALID_WHEEL_NAMES: &[(&str, &str)] = &[
+    ("flyte-short-extension", "mock-5.1.0.tar.gz"),
+    (
+        "flyte-long-extension",
+        "Pillow-5.4.0.dev0-py3.7-macosx-10.13-x86_64.egg",
+    ),
+];
+
+/// Benchmarks the construction of platform tags.
+///
+/// This only happens ~once per program startup. Originally, construction was
+/// trivial. But to speed up `WheelFilename::is_compatible`, we added some
+/// extra processing. We thus expect construction to become slower, but we
+/// write a benchmark to ensure it is still "reasonable."
+fn benchmark_build_platform_tags(c: &mut Criterion<WallTime>) {
+    let tags: Vec<(LanguageTag, AbiTag, PlatformTag)> = PLATFORM_TAGS
+        .iter()
+        .map(|&(py, abi, plat)| {
+            (
+                LanguageTag::from_str(py).unwrap(),
+                AbiTag::from_str(abi).unwrap(),
+                PlatformTag::from_str(plat).unwrap(),
+            )
+        })
+        .collect();
+
+    let mut group = c.benchmark_group("build_platform_tags");
+    group.bench_function(BenchmarkId::from_parameter("burntsushi-archlinux"), |b| {
+        b.iter(|| std::hint::black_box(Tags::new(tags.clone())));
+    });
+    group.finish();
+}
+
+/// Benchmarks `WheelFilename::from_str`. This has been observed to take some
+/// non-trivial time in profiling (although, at time of writing, not as much
+/// as tag compatibility). In the process of optimizing tag compatibility,
+/// we tweaked wheel filename parsing. This benchmark was therefore added to
+/// ensure we didn't regress here.
+fn benchmark_wheelname_parsing(c: &mut Criterion<WallTime>) {
+    let mut group = c.benchmark_group("wheelname_parsing");
+    for (name, filename, _) in WHEEL_NAMES.iter().copied() {
+        let len = u64::try_from(filename.len()).expect("length fits in u64");
+        group.throughput(Throughput::Bytes(len));
+        group.bench_function(BenchmarkId::from_parameter(name), |b| {
+            b.iter(|| {
+                filename
+                    .parse::<WheelFilename>()
+                    .expect("valid wheel filename");
+            });
+        });
+    }
+    group.finish();
+}
+
+/// Benchmarks `WheelFilename::from_str` when it fails. This routine is called
+/// on every filename in a package's metadata. A non-trivial portion of which
+/// are not wheel filenames. Ensuring that the error path is fast is thus
+/// probably a good idea.
+fn benchmark_wheelname_parsing_failure(c: &mut Criterion<WallTime>) {
+    let mut group = c.benchmark_group("wheelname_parsing_failure");
+    for (name, filename) in INVALID_WHEEL_NAMES.iter().copied() {
+        let len = u64::try_from(filename.len()).expect("length fits in u64");
+        group.throughput(Throughput::Bytes(len));
+        group.bench_function(BenchmarkId::from_parameter(name), |b| {
+            b.iter(|| {
+                filename
+                    .parse::<WheelFilename>()
+                    .expect_err("invalid wheel filename");
+            });
+        });
+    }
+    group.finish();
+}
+
+/// Benchmarks the `WheelFilename::is_compatible` routine. This was revealed
+/// to be the #1 bottleneck in the resolver. The main issue was that the
+/// set of platform tags (generated once) is quite large, and the original
+/// implementation did an exhaustive search over each of them for each tag in
+/// the wheel filename.
+fn benchmark_wheelname_tag_compatibility(c: &mut Criterion<WallTime>) {
+    let tags: Vec<(LanguageTag, AbiTag, PlatformTag)> = PLATFORM_TAGS
+        .iter()
+        .map(|&(py, abi, plat)| {
+            (
+                LanguageTag::from_str(py).unwrap(),
+                AbiTag::from_str(abi).unwrap(),
+                PlatformTag::from_str(plat).unwrap(),
+            )
+        })
+        .collect();
+    let tags = Tags::new(tags);
+
+    let mut group = c.benchmark_group("wheelname_tag_compatibility");
+    for (name, filename, expected) in WHEEL_NAMES.iter().copied() {
+        let wheelname: WheelFilename = filename.parse().expect("valid wheel filename");
+        let len = u64::try_from(filename.len()).expect("length fits in u64");
+        group.throughput(Throughput::Bytes(len));
+        group.bench_function(BenchmarkId::from_parameter(name), |b| {
+            b.iter(|| {
+                assert_eq!(expected, wheelname.is_compatible(&tags));
+            });
+        });
+    }
+    group.finish();
+}
+
+criterion_group!(
+    uv_distribution_filename,
+    benchmark_build_platform_tags,
+    benchmark_wheelname_parsing,
+    benchmark_wheelname_parsing_failure,
+    benchmark_wheelname_tag_compatibility,
+);
+criterion_main!(uv_distribution_filename);
--- a/crates/uv-bench/benches/uv.rs
+++ b/crates/uv-bench/benches/uv.rs
@ -1,6 +1,6 @@
 use std::str::FromStr;

-use std::hint::black_box;
+use uv_bench::criterion::black_box;
 use uv_bench::criterion::{Criterion, criterion_group, criterion_main, measurement::WallTime};
 use uv_cache::Cache;
 use uv_client::RegistryClientBuilder;
@ -86,12 +86,12 @@ mod resolver {
    use uv_cache::Cache;
    use uv_client::RegistryClient;
    use uv_configuration::{
-        BuildOptions, Concurrency, ConfigSettings, Constraints, IndexStrategy,
-        PackageConfigSettings, Preview, SourceStrategy,
+        BuildOptions, Concurrency, ConfigSettings, Constraints, IndexStrategy, PreviewMode,
+        SourceStrategy,
    };
    use uv_dispatch::{BuildDispatch, SharedState};
    use uv_distribution::DistributionDatabase;
-    use uv_distribution_types::{DependencyMetadata, IndexLocations, RequiresPython};
+    use uv_distribution_types::{DependencyMetadata, IndexLocations};
    use uv_install_wheel::LinkMode;
    use uv_pep440::Version;
    use uv_pep508::{MarkerEnvironment, MarkerEnvironmentBuilder};
@ -99,7 +99,7 @@ mod resolver {
    use uv_pypi_types::{Conflicts, ResolverMarkerEnvironment};
    use uv_python::Interpreter;
    use uv_resolver::{
-        ExcludeNewer, FlatIndex, InMemoryIndex, Manifest, OptionsBuilder, PythonRequirement,
+        FlatIndex, InMemoryIndex, Manifest, OptionsBuilder, PythonRequirement, RequiresPython,
        Resolver, ResolverEnvironment, ResolverOutput,
    };
    use uv_types::{BuildIsolation, EmptyInstalledPackages, HashStrategy};
@ -141,12 +141,10 @@ mod resolver {
        universal: bool,
    ) -> Result<ResolverOutput> {
        let build_isolation = BuildIsolation::default();
-        let extra_build_requires = uv_distribution::ExtraBuildRequires::default();
        let build_options = BuildOptions::default();
        let concurrency = Concurrency::default();
        let config_settings = ConfigSettings::default();
-        let config_settings_package = PackageConfigSettings::default();
-        let exclude_newer = ExcludeNewer::global(
+        let exclude_newer = Some(
            jiff::civil::date(2024, 9, 1)
                .to_zoned(jiff::tz::TimeZone::UTC)
                .unwrap()
@ -160,9 +158,7 @@ mod resolver {
        let index = InMemoryIndex::default();
        let index_locations = IndexLocations::default();
        let installed_packages = EmptyInstalledPackages;
-        let options = OptionsBuilder::new()
-            .exclude_newer(exclude_newer.clone())
-            .build();
+        let options = OptionsBuilder::new().exclude_newer(exclude_newer).build();
        let sources = SourceStrategy::default();
        let dependency_metadata = DependencyMetadata::default();
        let conflicts = Conflicts::empty();
@ -188,9 +184,7 @@ mod resolver {
            state,
            IndexStrategy::default(),
            &config_settings,
-            &config_settings_package,
            build_isolation,
-            &extra_build_requires,
            LinkMode::default(),
            &build_options,
            &hashes,
@ -198,7 +192,7 @@ mod resolver {
            sources,
            workspace_cache,
            concurrency,
-            Preview::default(),
+            PreviewMode::Enabled,
        );

        let markers = if universal {
@ -212,7 +206,6 @@ mod resolver {
            options,
            &python_requirement,
            markers,
-            interpreter.markers(),
            conflicts,
            Some(&TAGS),
            &flat_index,
--- a/crates/uv-build-backend/Cargo.toml
+++ b/crates/uv-build-backend/Cargo.toml
@ -1,13 +1,13 @@
 [package]
 name = "uv-build-backend"
 version = "0.1.0"
-edition = { workspace = true }
-rust-version = { workspace = true }
-homepage = { workspace = true }
-documentation = { workspace = true }
-repository = { workspace = true }
-authors = { workspace = true }
-license = { workspace = true }
+edition.workspace = true
+rust-version.workspace = true
+homepage.workspace = true
+documentation.workspace = true
+repository.workspace = true
+authors.workspace = true
+license.workspace = true

 [lib]
 doctest = false
@ -31,7 +31,6 @@ flate2 = { workspace = true, default-features = false }
 fs-err = { workspace = true }
 globset = { workspace = true }
 itertools = { workspace = true }
-rustc-hash = { workspace = true }
 schemars = { workspace = true, optional = true }
 serde = { workspace = true }
 sha2 = { workspace = true }
@ -56,6 +55,5 @@ schemars = ["dep:schemars", "uv-pypi-types/schemars"]

 [dev-dependencies]
 indoc = { workspace = true }
-insta = { workspace = true }
-regex = { workspace = true }
+insta = { version = "1.40.0", features = ["filters"] }
 tempfile = { workspace = true }
--- a/crates/uv-build-backend/src/lib.rs
+++ b/crates/uv-build-backend/src/lib.rs
@ -9,17 +9,18 @@ pub use settings::{BuildBackendSettings, WheelDataIncludes};
 pub use source_dist::{build_source_dist, list_source_dist};
 pub use wheel::{build_editable, build_wheel, list_wheel, metadata};

+use std::fs::FileType;
 use std::io;
 use std::path::{Path, PathBuf};
 use std::str::FromStr;
+
 use thiserror::Error;
 use tracing::debug;
-use walkdir::DirEntry;

 use uv_fs::Simplified;
 use uv_globfilter::PortableGlobError;
 use uv_normalize::PackageName;
-use uv_pypi_types::{Identifier, IdentifierParseError};
+use uv_pypi_types::IdentifierParseError;

 use crate::metadata::ValidationError;
 use crate::settings::ModuleName;
@ -32,8 +33,8 @@ pub enum Error {
    Toml(#[from] toml::de::Error),
    #[error("Invalid pyproject.toml")]
    Validation(#[from] ValidationError),
-    #[error("Invalid module name: {0}")]
-    InvalidModuleName(String, #[source] IdentifierParseError),
+    #[error(transparent)]
+    Identifier(#[from] IdentifierParseError),
    #[error("Unsupported glob expression in: `{field}`")]
    PortableGlob {
        field: String,
@ -55,14 +56,33 @@ pub enum Error {
        #[source]
        err: walkdir::Error,
    },
+    #[error("Unsupported file type {:?}: `{}`", _1, _0.user_display())]
+    UnsupportedFileType(PathBuf, FileType),
    #[error("Failed to write wheel zip archive")]
    Zip(#[from] zip::result::ZipError),
    #[error("Failed to write RECORD file")]
    Csv(#[from] csv::Error),
-    #[error("Expected a Python module at: `{}`", _0.user_display())]
+    #[error(
+        "Missing source directory at: `{}`",
+        _0.user_display()
+    )]
+    MissingSrc(PathBuf),
+    #[error(
+        "Expected a Python module directory at: `{}`",
+        _0.user_display()
+    )]
    MissingInitPy(PathBuf),
-    #[error("For namespace packages, `__init__.py[i]` is not allowed in parent directory: `{}`", _0.user_display())]
-    NotANamespace(PathBuf),
+    #[error(
+        "Missing module directory for `{}` in `{}`. Found: `{}`",
+        module_name,
+        src_root.user_display(),
+        dir_listing.join("`, `")
+    )]
+    MissingModuleDir {
+        module_name: String,
+        src_root: PathBuf,
+        dir_listing: Vec<String>,
+    },
    /// Either an absolute path or a parent path through `..`.
    #[error("Module root must be inside the project: `{}`", _0.user_display())]
    InvalidModuleRoot(PathBuf),
@ -85,16 +105,6 @@ trait DirectoryWriter {
    /// Files added through the method are considered generated when listing included files.
    fn write_bytes(&mut self, path: &str, bytes: &[u8]) -> Result<(), Error>;

-    /// Add the file or directory to the path.
-    fn write_dir_entry(&mut self, entry: &DirEntry, target_path: &str) -> Result<(), Error> {
-        if entry.file_type().is_dir() {
-            self.write_directory(target_path)?;
-        } else {
-            self.write_file(target_path, entry.path())?;
-        }
-        Ok(())
-    }
-
    /// Add a local file.
    fn write_file(&mut self, path: &str, file: &Path) -> Result<(), Error>;

@ -185,166 +195,106 @@ fn check_metadata_directory(
    Ok(())
 }

-/// Returns the source root and the module path(s) with the `__init__.py[i]`  below to it while
-/// checking the project layout and names.
-///
-/// Some target platforms have case-sensitive filesystems, while others have case-insensitive
-/// filesystems. We always lower case the package name, our default for the module, while some
-/// users want uppercase letters in their module names. For example, the package name is `pil_util`,
-/// but the module `PIL_util`. To make the behavior as consistent as possible across platforms as
-/// possible, we require that an upper case name is given explicitly through
-/// `tool.uv.build-backend.module-name`.
-///
-/// By default, the dist-info-normalized package name is the module name. For
-/// dist-info-normalization, the rules are lowercasing, replacing `.` with `_` and
-/// replace `-` with `_`. Since `.` and `-` are not allowed in identifiers, we can use a string
-/// comparison with the module name.
-///
-/// While we recommend one module per package, it is possible to declare a list of modules.
+/// Resolve the source root, module root and the module name.
 fn find_roots(
    source_tree: &Path,
    pyproject_toml: &PyProjectToml,
    relative_module_root: &Path,
    module_name: Option<&ModuleName>,
-    namespace: bool,
-) -> Result<(PathBuf, Vec<PathBuf>), Error> {
+) -> Result<(PathBuf, PathBuf), Error> {
    let relative_module_root = uv_fs::normalize_path(relative_module_root);
    let src_root = source_tree.join(&relative_module_root);
    if !src_root.starts_with(source_tree) {
        return Err(Error::InvalidModuleRoot(relative_module_root.to_path_buf()));
    }
    let src_root = source_tree.join(&relative_module_root);
-    debug!("Source root: {}", src_root.user_display());
-
-    if namespace {
-        // `namespace = true` disables module structure checks.
-        let modules_relative = if let Some(module_name) = module_name {
-            match module_name {
-                ModuleName::Name(name) => {
-                    vec![name.split('.').collect::<PathBuf>()]
-                }
-                ModuleName::Names(names) => names
-                    .iter()
-                    .map(|name| name.split('.').collect::<PathBuf>())
-                    .collect(),
-            }
-        } else {
-            vec![PathBuf::from(
-                pyproject_toml.name().as_dist_info_name().to_string(),
-            )]
-        };
-        for module_relative in &modules_relative {
-            debug!("Namespace module path: {}", module_relative.user_display());
-        }
-        return Ok((src_root, modules_relative));
-    }
-
-    let modules_relative = if let Some(module_name) = module_name {
-        match module_name {
-            ModuleName::Name(name) => vec![module_path_from_module_name(&src_root, name)?],
-            ModuleName::Names(names) => names
-                .iter()
-                .map(|name| module_path_from_module_name(&src_root, name))
-                .collect::<Result<_, _>>()?,
-        }
-    } else {
-        vec![find_module_path_from_package_name(
-            &src_root,
-            pyproject_toml.name(),
-        )?]
-    };
-    for module_relative in &modules_relative {
-        debug!("Module path: {}", module_relative.user_display());
-    }
-    Ok((src_root, modules_relative))
+    let module_root = find_module_root(&src_root, module_name, pyproject_toml.name())?;
+    Ok((src_root, module_root))
 }

-/// Infer stubs packages from package name alone.
+/// Match the module name to its module directory with potentially different casing.
 ///
-/// There are potential false positives if someone had a regular package with `-stubs`.
-/// The `Identifier` checks in `module_path_from_module_name` are here covered by the `PackageName`
-/// validation.
-fn find_module_path_from_package_name(
+/// Some target platforms have case-sensitive filesystems, while others have case-insensitive
+/// filesystems and we always lower case the package name, our default for the module, while some
+/// users want uppercase letters in their module names. For example, the package name is `pil_util`,
+/// but the module `PIL_util`.
+///
+/// By default, the dist-info-normalized package name is the module name. For
+/// dist-info-normalization, the rules are lowercasing, replacing `.` with `_` and
+/// replace `-` with `_`. Since `.` and `-` are not allowed in identifiers, we can use a string
+/// comparison with the module name.
+///
+/// To make the behavior as consistent as possible across platforms as possible, we require that an
+/// upper case name is given explicitly through `tool.uv.module-name`.
+///
+/// Returns the module root path, the directory below which the `__init__.py` lives.
+fn find_module_root(
    src_root: &Path,
+    module_name: Option<&ModuleName>,
    package_name: &PackageName,
 ) -> Result<PathBuf, Error> {
+    let (module_name, stubs) = if let Some(module_name) = module_name {
+        // This name can be uppercase.
+        match module_name {
+            ModuleName::Identifier(module_name) => (module_name.to_string(), false),
+            ModuleName::Stubs(module_name) => (module_name.to_string(), true),
+        }
+    } else {
+        // Infer stubs packages from package name alone. There are potential false positives if
+        // someone had a regular package with `-stubs`.
        if let Some(stem) = package_name.to_string().strip_suffix("-stubs") {
            debug!("Building stubs package instead of a regular package");
            let module_name = PackageName::from_str(stem)
                .expect("non-empty package name prefix must be valid package name")
                .as_dist_info_name()
                .to_string();
-        let module_relative = PathBuf::from(format!("{module_name}-stubs"));
-        let init_pyi = src_root.join(&module_relative).join("__init__.pyi");
-        if !init_pyi.is_file() {
-            return Err(Error::MissingInitPy(init_pyi));
-        }
-        Ok(module_relative)
+            (format!("{module_name}-stubs"), true)
        } else {
            // This name is always lowercase.
-        let module_relative = PathBuf::from(package_name.as_dist_info_name().to_string());
-        let init_py = src_root.join(&module_relative).join("__init__.py");
-        if !init_py.is_file() {
-            return Err(Error::MissingInitPy(init_py));
+            (package_name.as_dist_info_name().to_string(), false)
        }
-        Ok(module_relative)
-    }
-}
-
-/// Determine the relative module path from an explicit module name.
-fn module_path_from_module_name(src_root: &Path, module_name: &str) -> Result<PathBuf, Error> {
-    // This name can be uppercase.
-    let module_relative = module_name.split('.').collect::<PathBuf>();
-
-    // Check if we have a regular module or a namespace.
-    let (root_name, namespace_segments) =
-        if let Some((root_name, namespace_segments)) = module_name.split_once('.') {
-            (
-                root_name,
-                namespace_segments.split('.').collect::<Vec<&str>>(),
-            )
-        } else {
-            (module_name, Vec::new())
    };

-    // Check if we have an implementation or a stubs package.
-    // For stubs for a namespace, the `-stubs` prefix must be on the root.
-    let stubs = if let Some(stem) = root_name.strip_suffix("-stubs") {
-        // Check that the stubs belong to a valid module.
-        Identifier::from_str(stem)
-            .map_err(|err| Error::InvalidModuleName(module_name.to_string(), err))?;
-        true
-    } else {
-        Identifier::from_str(root_name)
-            .map_err(|err| Error::InvalidModuleName(module_name.to_string(), err))?;
-        false
+    let dir = match fs_err::read_dir(src_root) {
+        Ok(dir_iterator) => dir_iterator.collect::<Result<Vec<_>, _>>()?,
+        Err(err) if err.kind() == io::ErrorKind::NotFound => {
+            return Err(Error::MissingSrc(src_root.to_path_buf()));
+        }
+        Err(err) => return Err(Error::Io(err)),
    };
-
-    // For a namespace, check that all names below the root is valid.
-    for segment in namespace_segments {
-        Identifier::from_str(segment)
-            .map_err(|err| Error::InvalidModuleName(module_name.to_string(), err))?;
-    }
-
-    // Check that an `__init__.py[i]` exists for the module.
-    let init_py =
-        src_root
-            .join(&module_relative)
-            .join(if stubs { "__init__.pyi" } else { "__init__.py" });
-    if !init_py.is_file() {
-        return Err(Error::MissingInitPy(init_py));
-    }
-
-    // For a namespace, check that the directories above the lowest are namespace directories.
-    for namespace_dir in module_relative.ancestors().skip(1) {
-        if src_root.join(namespace_dir).join("__init__.py").exists()
-            || src_root.join(namespace_dir).join("__init__.pyi").exists()
+    let module_root = dir.iter().find_map(|entry| {
+        // TODO(konsti): Do we ever need to check if `dir/{module_name}/__init__.py` exists because
+        // the wrong casing may be recorded on disk?
+        if entry
+            .file_name()
+            .to_str()
+            .is_some_and(|file_name| file_name == module_name)
        {
-            return Err(Error::NotANamespace(src_root.join(namespace_dir)));
+            Some(entry.path())
+        } else {
+            None
        }
+    });
+    let init_py = if stubs { "__init__.pyi" } else { "__init__.py" };
+    let module_root = if let Some(module_root) = module_root {
+        if module_root.join(init_py).is_file() {
+            module_root.clone()
+        } else {
+            return Err(Error::MissingInitPy(module_root.join(init_py)));
        }
+    } else {
+        return Err(Error::MissingModuleDir {
+            module_name,
+            src_root: src_root.to_path_buf(),
+            dir_listing: dir
+                .into_iter()
+                .filter_map(|entry| Some(entry.file_name().to_str()?.to_string()))
+                .collect(),
+        });
+    };

-    Ok(module_relative)
+    debug!("Module name: `{}`", module_name);
+    Ok(module_root)
 }

 #[cfg(test)]
@ -355,7 +305,6 @@ mod tests {
    use indoc::indoc;
    use insta::assert_snapshot;
    use itertools::Itertools;
-    use regex::Regex;
    use sha2::Digest;
    use std::io::{BufReader, Read};
    use std::iter;
@ -363,8 +312,6 @@ mod tests {
    use uv_distribution_filename::{SourceDistFilename, WheelFilename};
    use uv_fs::{copy_dir_all, relative_to};

-    const MOCK_UV_VERSION: &str = "1.0.0+test";
-
    fn format_err(err: &Error) -> String {
        let context = iter::successors(std::error::Error::source(&err), |&err| err.source())
            .map(|err| format!("  Caused by: {err}"))
@ -391,19 +338,19 @@ mod tests {
    fn build(source_root: &Path, dist: &Path) -> Result<BuildResults, Error> {
        // Build a direct wheel, capture all its properties to compare it with the indirect wheel
        // latest and remove it since it has the same filename as the indirect wheel.
-        let (_name, direct_wheel_list_files) = list_wheel(source_root, MOCK_UV_VERSION)?;
-        let direct_wheel_filename = build_wheel(source_root, dist, None, MOCK_UV_VERSION)?;
+        let (_name, direct_wheel_list_files) = list_wheel(source_root, "1.0.0+test")?;
+        let direct_wheel_filename = build_wheel(source_root, dist, None, "1.0.0+test")?;
        let direct_wheel_path = dist.join(direct_wheel_filename.to_string());
        let direct_wheel_contents = wheel_contents(&direct_wheel_path);
        let direct_wheel_hash = sha2::Sha256::digest(fs_err::read(&direct_wheel_path)?);
        fs_err::remove_file(&direct_wheel_path)?;

        // Build a source distribution.
-        let (_name, source_dist_list_files) = list_source_dist(source_root, MOCK_UV_VERSION)?;
+        let (_name, source_dist_list_files) = list_source_dist(source_root, "1.0.0+test")?;
        // TODO(konsti): This should run in the unpacked source dist tempdir, but we need to
        // normalize the path.
-        let (_name, wheel_list_files) = list_wheel(source_root, MOCK_UV_VERSION)?;
-        let source_dist_filename = build_source_dist(source_root, dist, MOCK_UV_VERSION)?;
+        let (_name, wheel_list_files) = list_wheel(source_root, "1.0.0+test")?;
+        let source_dist_filename = build_source_dist(source_root, dist, "1.0.0+test")?;
        let source_dist_path = dist.join(source_dist_filename.to_string());
        let source_dist_contents = sdist_contents(&source_dist_path);

@ -417,7 +364,7 @@ mod tests {
            source_dist_filename.name.as_dist_info_name(),
            source_dist_filename.version
        ));
-        let wheel_filename = build_wheel(&sdist_top_level_directory, dist, None, MOCK_UV_VERSION)?;
+        let wheel_filename = build_wheel(&sdist_top_level_directory, dist, None, "1.0.0+test")?;
        let wheel_contents = wheel_contents(&dist.join(wheel_filename.to_string()));

        // Check that direct and indirect wheels are identical.
@ -439,15 +386,6 @@ mod tests {
        })
    }

-    fn build_err(source_root: &Path) -> String {
-        let dist = TempDir::new().unwrap();
-        let build_err = build(source_root, dist.path()).unwrap_err();
-        let err_message: String = format_err(&build_err)
-            .replace(&source_root.user_display().to_string(), "[TEMP_PATH]")
-            .replace('\\', "/");
-        err_message
-    }
-
    fn sdist_contents(source_dist_path: &Path) -> Vec<String> {
        let sdist_reader = BufReader::new(File::open(source_dist_path).unwrap());
        let mut source_dist = tar::Archive::new(GzDecoder::new(sdist_reader));
@ -518,14 +456,14 @@ mod tests {
        ] {
            copy_dir_all(built_by_uv.join(dir), src.path().join(dir)).unwrap();
        }
-        for filename in [
+        for dir in [
            "pyproject.toml",
            "README.md",
            "uv.lock",
            "LICENSE-APACHE",
            "LICENSE-MIT",
        ] {
-            fs_err::copy(built_by_uv.join(filename), src.path().join(filename)).unwrap();
+            fs_err::copy(built_by_uv.join(dir), src.path().join(dir)).unwrap();
        }

        // Clear executable bit on Unix to build the same archive between Unix and Windows.
@ -542,14 +480,6 @@ mod tests {
            fs_err::set_permissions(&path, perms).unwrap();
        }

-        // Redact the uv_build version to keep the hash stable across releases
-        let pyproject_toml = fs_err::read_to_string(src.path().join("pyproject.toml")).unwrap();
-        let current_requires =
-            Regex::new(r#"requires = \["uv_build>=[0-9.]+,<[0-9.]+"\]"#).unwrap();
-        let mocked_requires = r#"requires = ["uv_build>=1,<2"]"#;
-        let pyproject_toml = current_requires.replace(pyproject_toml.as_str(), mocked_requires);
-        fs_err::write(src.path().join("pyproject.toml"), pyproject_toml.as_bytes()).unwrap();
-
        // Add some files to be excluded
        let module_root = src.path().join("src").join("built_by_uv");
        fs_err::create_dir_all(module_root.join("__pycache__")).unwrap();
@ -568,7 +498,7 @@ mod tests {
        // Check that the source dist is reproducible across platforms.
        assert_snapshot!(
            format!("{:x}", sha2::Sha256::digest(fs_err::read(&source_dist_path).unwrap())),
-            @"871d1f859140721b67cbeaca074e7a2740c88c38028d0509eba87d1285f1da9e"
+            @"dab46bcc4d66960a11cfdc19604512a8e1a3241a67536f7e962166760e9c575c"
        );
        // Check both the files we report and the actual files
        assert_snapshot!(format_file_list(build.source_dist_list_files, src.path()), @r"
@ -622,7 +552,7 @@ mod tests {
        // Check that the wheel is reproducible across platforms.
        assert_snapshot!(
            format!("{:x}", sha2::Sha256::digest(fs_err::read(&wheel_path).unwrap())),
-            @"342bf60c8406144f459358cde92408686c1631fe22389d042ce80379e589d6ec"
+            @"ac3f68ac448023bca26de689d80401bff57f764396ae802bf4666234740ffbe3"
        );
        assert_snapshot!(build.wheel_contents.join("\n"), @r"
        built_by_uv-0.1.0.data/data/
@ -680,7 +610,7 @@ mod tests {
            license = { file = "license.txt" }

            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
+            requires = ["uv_build>=0.5.15,<0.6"]
            build-backend = "uv_build"
        "#
            },
@ -748,7 +678,7 @@ mod tests {
            version = "1.0.0"

            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
+            requires = ["uv_build>=0.5.15,<0.6"]
            build-backend = "uv_build"
        "#
            },
@ -812,7 +742,7 @@ mod tests {
            version = "1.0.0"

            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
+            requires = ["uv_build>=0.5.15,<0.6"]
            build-backend = "uv_build"

            [tool.uv.build-backend]
@ -854,7 +784,7 @@ mod tests {
            version = "1.0.0"

            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
+            requires = ["uv_build>=0.5.15,<0.6"]
            build-backend = "uv_build"

            [tool.uv.build-backend]
@ -879,7 +809,7 @@ mod tests {
            version = "1.0.0"

            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
+            requires = ["uv_build>=0.5.15,<0.6"]
            build-backend = "uv_build"

            [tool.uv.build-backend]
@ -915,7 +845,7 @@ mod tests {
            .replace('\\', "/");
        assert_snapshot!(
            err_message,
-            @"Expected a Python module at: `[TEMP_PATH]/src/camel_case/__init__.py`"
+            @"Missing module directory for `camel_case` in `[TEMP_PATH]/src`. Found: `camelCase`"
        );
    }

@ -928,7 +858,7 @@ mod tests {
            version = "1.0.0"

            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
+            requires = ["uv_build>=0.5.15,<0.6"]
            build-backend = "uv_build"

            [tool.uv.build-backend]
@ -942,10 +872,14 @@ mod tests {
        let err_message = format_err(&build_err);
        assert_snapshot!(
            err_message,
-            @r"
-        Invalid module name: django@home-stubs
-          Caused by: Invalid character `@` at position 7 for identifier `django@home`, expected an underscore or an alphanumeric character
-        "
+            @r#"
+        Invalid pyproject.toml
+          Caused by: TOML parse error at line 10, column 15
+           |
+        10 | module-name = "django@home-stubs"
+           |               ^^^^^^^^^^^^^^^^^^^
+        Invalid character `@` at position 7 for identifier `django@home`, expected an underscore or an alphanumeric character
+        "#
        );
    }

@ -959,7 +893,7 @@ mod tests {
            version = "1.0.0"

            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
+            requires = ["uv_build>=0.5.15,<0.6"]
            build-backend = "uv_build"
            "#
        };
@ -980,7 +914,7 @@ mod tests {
            .replace('\\', "/");
        assert_snapshot!(
            err_message,
-            @"Expected a Python module at: `[TEMP_PATH]/src/stuffed_bird-stubs/__init__.pyi`"
+            @"Expected a Python module directory at: `[TEMP_PATH]/src/stuffed_bird-stubs/__init__.pyi`"
        );

        // Create the correct file
@ -1010,7 +944,7 @@ mod tests {
            version = "1.0.0"

            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
+            requires = ["uv_build>=0.5.15,<0.6"]
            build-backend = "uv_build"

            [tool.uv.build-backend]
@ -1022,342 +956,4 @@ mod tests {
        let build2 = build(src.path(), dist.path()).unwrap();
        assert_eq!(build1.wheel_contents, build2.wheel_contents);
    }
-
-    /// A simple namespace package with a single root `__init__.py`.
-    #[test]
-    fn simple_namespace_package() {
-        let src = TempDir::new().unwrap();
-        let pyproject_toml = indoc! {r#"
-            [project]
-            name = "simple-namespace-part"
-            version = "1.0.0"
-
-            [tool.uv.build-backend]
-            module-name = "simple_namespace.part"
-
-            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
-            build-backend = "uv_build"
-            "#
-        };
-        fs_err::write(src.path().join("pyproject.toml"), pyproject_toml).unwrap();
-        fs_err::create_dir_all(src.path().join("src").join("simple_namespace").join("part"))
-            .unwrap();
-
-        assert_snapshot!(
-            build_err(src.path()),
-            @"Expected a Python module at: `[TEMP_PATH]/src/simple_namespace/part/__init__.py`"
-        );
-
-        // Create the correct file
-        File::create(
-            src.path()
-                .join("src")
-                .join("simple_namespace")
-                .join("part")
-                .join("__init__.py"),
-        )
-        .unwrap();
-
-        // For a namespace package, there must not be an `__init__.py` here.
-        let bogus_init_py = src
-            .path()
-            .join("src")
-            .join("simple_namespace")
-            .join("__init__.py");
-        File::create(&bogus_init_py).unwrap();
-        assert_snapshot!(
-            build_err(src.path()),
-            @"For namespace packages, `__init__.py[i]` is not allowed in parent directory: `[TEMP_PATH]/src/simple_namespace`"
-        );
-        fs_err::remove_file(bogus_init_py).unwrap();
-
-        let dist = TempDir::new().unwrap();
-        let build1 = build(src.path(), dist.path()).unwrap();
-        assert_snapshot!(build1.source_dist_contents.join("\n"), @r"
-        simple_namespace_part-1.0.0/
-        simple_namespace_part-1.0.0/PKG-INFO
-        simple_namespace_part-1.0.0/pyproject.toml
-        simple_namespace_part-1.0.0/src
-        simple_namespace_part-1.0.0/src/simple_namespace
-        simple_namespace_part-1.0.0/src/simple_namespace/part
-        simple_namespace_part-1.0.0/src/simple_namespace/part/__init__.py
-        ");
-        assert_snapshot!(build1.wheel_contents.join("\n"), @r"
-        simple_namespace/
-        simple_namespace/part/
-        simple_namespace/part/__init__.py
-        simple_namespace_part-1.0.0.dist-info/
-        simple_namespace_part-1.0.0.dist-info/METADATA
-        simple_namespace_part-1.0.0.dist-info/RECORD
-        simple_namespace_part-1.0.0.dist-info/WHEEL
-        ");
-
-        // Check that `namespace = true` works too.
-        let pyproject_toml = indoc! {r#"
-            [project]
-            name = "simple-namespace-part"
-            version = "1.0.0"
-
-            [tool.uv.build-backend]
-            module-name = "simple_namespace.part"
-            namespace = true
-
-            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
-            build-backend = "uv_build"
-            "#
-        };
-        fs_err::write(src.path().join("pyproject.toml"), pyproject_toml).unwrap();
-
-        let build2 = build(src.path(), dist.path()).unwrap();
-        assert_eq!(build1, build2);
-    }
-
-    /// A complex namespace package with a multiple root `__init__.py`.
-    #[test]
-    fn complex_namespace_package() {
-        let src = TempDir::new().unwrap();
-        let pyproject_toml = indoc! {r#"
-            [project]
-            name = "complex-namespace"
-            version = "1.0.0"
-
-            [tool.uv.build-backend]
-            namespace = true
-
-            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
-            build-backend = "uv_build"
-            "#
-        };
-        fs_err::write(src.path().join("pyproject.toml"), pyproject_toml).unwrap();
-        fs_err::create_dir_all(
-            src.path()
-                .join("src")
-                .join("complex_namespace")
-                .join("part_a"),
-        )
-        .unwrap();
-        File::create(
-            src.path()
-                .join("src")
-                .join("complex_namespace")
-                .join("part_a")
-                .join("__init__.py"),
-        )
-        .unwrap();
-        fs_err::create_dir_all(
-            src.path()
-                .join("src")
-                .join("complex_namespace")
-                .join("part_b"),
-        )
-        .unwrap();
-        File::create(
-            src.path()
-                .join("src")
-                .join("complex_namespace")
-                .join("part_b")
-                .join("__init__.py"),
-        )
-        .unwrap();
-
-        let dist = TempDir::new().unwrap();
-        let build1 = build(src.path(), dist.path()).unwrap();
-        assert_snapshot!(build1.wheel_contents.join("\n"), @r"
-        complex_namespace-1.0.0.dist-info/
-        complex_namespace-1.0.0.dist-info/METADATA
-        complex_namespace-1.0.0.dist-info/RECORD
-        complex_namespace-1.0.0.dist-info/WHEEL
-        complex_namespace/
-        complex_namespace/part_a/
-        complex_namespace/part_a/__init__.py
-        complex_namespace/part_b/
-        complex_namespace/part_b/__init__.py
-        ");
-
-        // Check that setting the name manually works equally.
-        let pyproject_toml = indoc! {r#"
-            [project]
-            name = "complex-namespace"
-            version = "1.0.0"
-
-            [tool.uv.build-backend]
-            module-name = "complex_namespace"
-            namespace = true
-
-            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
-            build-backend = "uv_build"
-            "#
-        };
-        fs_err::write(src.path().join("pyproject.toml"), pyproject_toml).unwrap();
-
-        let build2 = build(src.path(), dist.path()).unwrap();
-        assert_eq!(build1, build2);
-    }
-
-    /// Stubs for a namespace package.
-    #[test]
-    fn stubs_namespace() {
-        let src = TempDir::new().unwrap();
-        let pyproject_toml = indoc! {r#"
-            [project]
-            name = "cloud.db.schema-stubs"
-            version = "1.0.0"
-
-            [tool.uv.build-backend]
-            module-name = "cloud-stubs.db.schema"
-
-            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
-            build-backend = "uv_build"
-            "#
-        };
-        fs_err::write(src.path().join("pyproject.toml"), pyproject_toml).unwrap();
-        fs_err::create_dir_all(
-            src.path()
-                .join("src")
-                .join("cloud-stubs")
-                .join("db")
-                .join("schema"),
-        )
-        .unwrap();
-        File::create(
-            src.path()
-                .join("src")
-                .join("cloud-stubs")
-                .join("db")
-                .join("schema")
-                .join("__init__.pyi"),
-        )
-        .unwrap();
-
-        let dist = TempDir::new().unwrap();
-        let build = build(src.path(), dist.path()).unwrap();
-        assert_snapshot!(build.wheel_contents.join("\n"), @r"
-        cloud-stubs/
-        cloud-stubs/db/
-        cloud-stubs/db/schema/
-        cloud-stubs/db/schema/__init__.pyi
-        cloud_db_schema_stubs-1.0.0.dist-info/
-        cloud_db_schema_stubs-1.0.0.dist-info/METADATA
-        cloud_db_schema_stubs-1.0.0.dist-info/RECORD
-        cloud_db_schema_stubs-1.0.0.dist-info/WHEEL
-        ");
-    }
-
-    /// A package with multiple modules, one a regular module and two namespace modules.
-    #[test]
-    fn multiple_module_names() {
-        let src = TempDir::new().unwrap();
-        let pyproject_toml = indoc! {r#"
-            [project]
-            name = "simple-namespace-part"
-            version = "1.0.0"
-
-            [tool.uv.build-backend]
-            module-name = ["foo", "simple_namespace.part_a", "simple_namespace.part_b"]
-
-            [build-system]
-            requires = ["uv_build>=0.5.15,<0.6.0"]
-            build-backend = "uv_build"
-            "#
-        };
-        fs_err::write(src.path().join("pyproject.toml"), pyproject_toml).unwrap();
-        fs_err::create_dir_all(src.path().join("src").join("foo")).unwrap();
-        fs_err::create_dir_all(
-            src.path()
-                .join("src")
-                .join("simple_namespace")
-                .join("part_a"),
-        )
-        .unwrap();
-        fs_err::create_dir_all(
-            src.path()
-                .join("src")
-                .join("simple_namespace")
-                .join("part_b"),
-        )
-        .unwrap();
-
-        // Most of these checks exist in other tests too, but we want to ensure that they apply
-        // with multiple modules too.
-
-        // The first module is missing an `__init__.py`.
-        assert_snapshot!(
-            build_err(src.path()),
-            @"Expected a Python module at: `[TEMP_PATH]/src/foo/__init__.py`"
-        );
-
-        // Create the first correct `__init__.py` file
-        File::create(src.path().join("src").join("foo").join("__init__.py")).unwrap();
-
-        // The second module, a namespace, is missing an `__init__.py`.
-        assert_snapshot!(
-            build_err(src.path()),
-            @"Expected a Python module at: `[TEMP_PATH]/src/simple_namespace/part_a/__init__.py`"
-        );
-
-        // Create the other two correct `__init__.py` files
-        File::create(
-            src.path()
-                .join("src")
-                .join("simple_namespace")
-                .join("part_a")
-                .join("__init__.py"),
-        )
-        .unwrap();
-        File::create(
-            src.path()
-                .join("src")
-                .join("simple_namespace")
-                .join("part_b")
-                .join("__init__.py"),
-        )
-        .unwrap();
-
-        // For the second module, a namespace, there must not be an `__init__.py` here.
-        let bogus_init_py = src
-            .path()
-            .join("src")
-            .join("simple_namespace")
-            .join("__init__.py");
-        File::create(&bogus_init_py).unwrap();
-        assert_snapshot!(
-            build_err(src.path()),
-            @"For namespace packages, `__init__.py[i]` is not allowed in parent directory: `[TEMP_PATH]/src/simple_namespace`"
-        );
-        fs_err::remove_file(bogus_init_py).unwrap();
-
-        let dist = TempDir::new().unwrap();
-        let build = build(src.path(), dist.path()).unwrap();
-        assert_snapshot!(build.source_dist_contents.join("\n"), @r"
-        simple_namespace_part-1.0.0/
-        simple_namespace_part-1.0.0/PKG-INFO
-        simple_namespace_part-1.0.0/pyproject.toml
-        simple_namespace_part-1.0.0/src
-        simple_namespace_part-1.0.0/src/foo
-        simple_namespace_part-1.0.0/src/foo/__init__.py
-        simple_namespace_part-1.0.0/src/simple_namespace
-        simple_namespace_part-1.0.0/src/simple_namespace/part_a
-        simple_namespace_part-1.0.0/src/simple_namespace/part_a/__init__.py
-        simple_namespace_part-1.0.0/src/simple_namespace/part_b
-        simple_namespace_part-1.0.0/src/simple_namespace/part_b/__init__.py
-        ");
-        assert_snapshot!(build.wheel_contents.join("\n"), @r"
-        foo/
-        foo/__init__.py
-        simple_namespace/
-        simple_namespace/part_a/
-        simple_namespace/part_a/__init__.py
-        simple_namespace/part_b/
-        simple_namespace/part_b/__init__.py
-        simple_namespace_part-1.0.0.dist-info/
-        simple_namespace_part-1.0.0.dist-info/METADATA
-        simple_namespace_part-1.0.0.dist-info/RECORD
-        simple_namespace_part-1.0.0.dist-info/WHEEL
-        ");
-    }
 }
--- a/crates/uv-build-backend/src/metadata.rs
+++ b/crates/uv-build-backend/src/metadata.rs
@ -7,7 +7,7 @@ use std::str::FromStr;

 use itertools::Itertools;
 use serde::Deserialize;
-use tracing::{debug, trace, warn};
+use tracing::{debug, trace};
 use version_ranges::Ranges;
 use walkdir::WalkDir;

@ -54,6 +54,10 @@ pub enum ValidationError {
        "Entrypoint groups must consist of letters and numbers separated by dots, invalid group: `{0}`"
    )]
    InvalidGroup(String),
+    #[error(
+        "Entrypoint names must consist of letters, numbers, dots, underscores and dashes; invalid name: `{0}`"
+    )]
+    InvalidName(String),
    #[error("Use `project.scripts` instead of `project.entry-points.console_scripts`")]
    ReservedScripts,
    #[error("Use `project.gui-scripts` instead of `project.entry-points.gui_scripts`")]
@ -167,7 +171,7 @@ impl PyProjectToml {
    ///
    /// ```toml
    /// [build-system]
-    /// requires = ["uv_build>=0.4.15,<0.5.0"]
+    /// requires = ["uv_build>=0.4.15,<5"]
    /// build-backend = "uv_build"
    /// ```
    pub fn check_build_system(&self, uv_version: &str) -> Vec<String> {
@ -616,14 +620,12 @@ impl PyProjectToml {

        let _ = writeln!(writer, "[{group}]");
        for (name, object_reference) in entries {
+            // More strict than the spec, we enforce the recommendation
            if !name
                .chars()
                .all(|c| c.is_alphanumeric() || c == '.' || c == '-' || c == '_')
            {
-                warn!(
-                    "Entrypoint names should consist of letters, numbers, dots, underscores and \
-                    dashes; non-compliant name: `{name}`"
-                );
+                return Err(ValidationError::InvalidName(name.to_string()));
            }

            // TODO(konsti): Validate that the object references are valid Python identifiers.
@ -701,7 +703,7 @@ struct Project {
 /// The optional `project.readme` key in a pyproject.toml as specified in
 /// <https://packaging.python.org/en/latest/specifications/pyproject-toml/#readme>.
 #[derive(Deserialize, Debug, Clone)]
-#[serde(untagged, rename_all_fields = "kebab-case")]
+#[serde(untagged, rename_all = "kebab-case")]
 pub(crate) enum Readme {
    /// Relative path to the README.
    String(PathBuf),
@ -711,7 +713,7 @@ pub(crate) enum Readme {
        content_type: String,
        charset: Option<String>,
    },
-    /// The full description of the project as an inline value.
+    /// The full description of the project as inline value.
    Text {
        text: String,
        content_type: String,
@ -824,7 +826,7 @@ mod tests {
            {payload}

            [build-system]
-            requires = ["uv_build>=0.4.15,<0.5.0"]
+            requires = ["uv_build>=0.4.15,<5"]
            build-backend = "uv_build"
        "#
        }
@ -907,7 +909,7 @@ mod tests {
            foo-bar = "foo:bar"

            [build-system]
-            requires = ["uv_build>=0.4.15,<0.5.0"]
+            requires = ["uv_build>=0.4.15,<5"]
            build-backend = "uv_build"
        "#
        };
@ -963,65 +965,6 @@ mod tests {
        "###);
    }

-    #[test]
-    fn readme() {
-        let temp_dir = TempDir::new().unwrap();
-
-        fs_err::write(
-            temp_dir.path().join("Readme.md"),
-            indoc! {r"
-            # Foo
-
-            This is the foo library.
-        "},
-        )
-        .unwrap();
-
-        fs_err::write(
-            temp_dir.path().join("License.txt"),
-            indoc! {r#"
-                THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
-                INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
-                PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
-                HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
-                CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE
-                OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-        "#},
-        )
-        .unwrap();
-
-        let contents = indoc! {r#"
-            # See https://github.com/pypa/sampleproject/blob/main/pyproject.toml for another example
-
-            [project]
-            name = "hello-world"
-            version = "0.1.0"
-            description = "A Python package"
-            readme = { file = "Readme.md", content-type = "text/markdown" }
-            requires_python = ">=3.12"
-
-            [build-system]
-            requires = ["uv_build>=0.4.15,<0.5"]
-            build-backend = "uv_build"
-        "#
-        };
-
-        let pyproject_toml = PyProjectToml::parse(contents).unwrap();
-        let metadata = pyproject_toml.to_metadata(temp_dir.path()).unwrap();
-
-        assert_snapshot!(metadata.core_metadata_format(), @r"
-        Metadata-Version: 2.3
-        Name: hello-world
-        Version: 0.1.0
-        Summary: A Python package
-        Description-Content-Type: text/markdown
-
-        # Foo
-
-        This is the foo library.
-        ");
-    }
-
    #[test]
    fn self_extras() {
        let temp_dir = TempDir::new().unwrap();
@ -1093,7 +1036,7 @@ mod tests {
            foo-bar = "foo:bar"

            [build-system]
-            requires = ["uv_build>=0.4.15,<0.5.0"]
+            requires = ["uv_build>=0.4.15,<5"]
            build-backend = "uv_build"
        "#
        };
@ -1161,7 +1104,7 @@ mod tests {
        let contents = extend_project("");
        let pyproject_toml = PyProjectToml::parse(&contents).unwrap();
        assert_snapshot!(
-            pyproject_toml.check_build_system("0.4.15+test").join("\n"),
+            pyproject_toml.check_build_system("1.0.0+test").join("\n"),
            @""
        );
    }
@ -1192,7 +1135,7 @@ mod tests {
            version = "0.1.0"

            [build-system]
-            requires = ["uv_build>=0.4.15,<0.5.0", "wheel"]
+            requires = ["uv_build>=0.4.15,<5", "wheel"]
            build-backend = "uv_build"
        "#};
        let pyproject_toml = PyProjectToml::parse(contents).unwrap();
@ -1228,7 +1171,7 @@ mod tests {
            version = "0.1.0"

            [build-system]
-            requires = ["uv_build>=0.4.15,<0.5.0"]
+            requires = ["uv_build>=0.4.15,<5"]
            build-backend = "setuptools"
        "#};
        let pyproject_toml = PyProjectToml::parse(contents).unwrap();
@ -1401,6 +1344,16 @@ mod tests {
        assert_snapshot!(script_error(&contents), @"Entrypoint groups must consist of letters and numbers separated by dots, invalid group: `a@b`");
    }

+    #[test]
+    fn invalid_entry_point_name() {
+        let contents = extend_project(indoc! {r#"
+            [project.scripts]
+            "a@b" = "bar"
+        "#
+        });
+        assert_snapshot!(script_error(&contents), @"Entrypoint names must consist of letters, numbers, dots, underscores and dashes; invalid name: `a@b`");
+    }
+
    #[test]
    fn invalid_entry_point_conflict_scripts() {
        let contents = extend_project(indoc! {r#"
--- a/crates/uv-build-backend/src/settings.rs
+++ b/crates/uv-build-backend/src/settings.rs
@ -1,9 +1,16 @@
-use serde::{Deserialize, Serialize};
+use serde::{Deserialize, Deserializer, Serialize, Serializer};
+use std::fmt::Display;
 use std::path::PathBuf;
+use std::str::FromStr;
 use uv_macros::OptionsMetadata;
+use uv_pypi_types::Identifier;

 /// Settings for the uv build backend (`uv_build`).
 ///
+/// !!! note
+///
+///     The uv build backend is currently in preview and may change in any future release.
+///
 /// Note that those settings only apply when using the `uv_build` backend, other build backends
 /// (such as hatchling) have their own configuration.
 ///
@ -31,19 +38,12 @@ pub struct BuildBackendSettings {
    /// `__init__.py`. An exception are stubs packages, whose name ends with `-stubs`, with the stem
    /// being the module name, and which contain a `__init__.pyi` file.
    ///
-    /// For namespace packages with a single module, the path can be dotted, e.g., `foo.bar` or
-    /// `foo-stubs.bar`.
-    ///
-    /// For namespace packages with multiple modules, the path can be a list, e.g.,
-    /// `["foo", "bar"]`. We recommend using a single module per package, splitting multiple
-    /// packages into a workspace.
-    ///
    /// Note that using this option runs the risk of creating two packages with different names but
    /// the same module names. Installing such packages together leads to unspecified behavior,
    /// often with corrupted files or directory trees.
    #[option(
        default = r#"None"#,
-        value_type = "str | list[str]",
+        value_type = "str",
        example = r#"module-name = "sklearn""#
    )]
    pub module_name: Option<ModuleName>,
@ -85,56 +85,6 @@ pub struct BuildBackendSettings {
    )]
    pub wheel_exclude: Vec<String>,

-    /// Build a namespace package.
-    ///
-    /// Build a PEP 420 implicit namespace package, allowing more than one root `__init__.py`.
-    ///
-    /// Use this option when the namespace package contains multiple root `__init__.py`, for
-    /// namespace packages with a single root `__init__.py` use a dotted `module-name` instead.
-    ///
-    /// To compare dotted `module-name` and `namespace = true`, the first example below can be
-    /// expressed with `module-name = "cloud.database"`: There is one root `__init__.py` `database`.
-    /// In the second example, we have three roots (`cloud.database`, `cloud.database_pro`,
-    /// `billing.modules.database_pro`), so `namespace = true` is required.
-    ///
-    /// ```text
-    /// src
-    /// └── cloud
-    ///     └── database
-    ///         ├── __init__.py
-    ///         ├── query_builder
-    ///         │   └── __init__.py
-    ///         └── sql
-    ///             ├── parser.py
-    ///             └── __init__.py
-    /// ```
-    ///
-    /// ```text
-    /// src
-    /// ├── cloud
-    /// │   ├── database
-    /// │   │   ├── __init__.py
-    /// │   │   ├── query_builder
-    /// │   │   │   └── __init__.py
-    /// │   │   └── sql
-    /// │   │       ├── __init__.py
-    /// │   │       └── parser.py
-    /// │   └── database_pro
-    /// │       ├── __init__.py
-    /// │       └── query_builder.py
-    /// └── billing
-    ///     └── modules
-    ///         └── database_pro
-    ///             ├── __init__.py
-    ///             └── sql.py
-    /// ```
-    #[option(
-        default = r#"false"#,
-        value_type = "bool",
-        example = r#"namespace = true"#
-    )]
-    pub namespace: bool,
-
    /// Data includes for wheels.
    ///
    /// Each entry is a directory, whose contents are copied to the matching directory in the wheel
@ -155,7 +105,7 @@ pub struct BuildBackendSettings {
    ///   with this package as build requirement use the include directory to find additional header
    ///   files.
    /// - `purelib` and `platlib`: Installed to the `site-packages` directory. It is not recommended
-    ///   to use these two options.
+    ///   to uses these two options.
    // TODO(konsti): We should show a flat example instead.
    // ```toml
    // [tool.uv.build-backend.data]
@ -165,7 +115,7 @@ pub struct BuildBackendSettings {
    #[option(
        default = r#"{}"#,
        value_type = "dict[str, str]",
-        example = r#"data = { headers = "include/headers", scripts = "bin" }"#
+        example = r#"data = { "headers": "include/headers", "scripts": "bin" }"#
    )]
    pub data: WheelDataIncludes,
 }
@ -179,21 +129,86 @@ impl Default for BuildBackendSettings {
            default_excludes: true,
            source_exclude: Vec::new(),
            wheel_exclude: Vec::new(),
-            namespace: false,
            data: WheelDataIncludes::default(),
        }
    }
 }

-/// Whether to include a single module or multiple modules.
-#[derive(Deserialize, Serialize, Debug, Clone, PartialEq, Eq)]
-#[cfg_attr(feature = "schemars", derive(schemars::JsonSchema))]
-#[serde(untagged)]
+/// Packages come in two kinds: Regular packages, where the name must be a valid Python identifier,
+/// and stubs packages.
+#[derive(Debug, Clone, PartialEq, Eq)]
 pub enum ModuleName {
-    /// A single module name.
-    Name(String),
-    /// Multiple module names, which are all included.
-    Names(Vec<String>),
+    /// A Python module name, which needs to be a valid Python identifier to be used with `import`.
+    Identifier(Identifier),
+    /// A type stubs package, whose name ends with `-stubs` with the stem being the module name.
+    Stubs(String),
+}
+
+impl Display for ModuleName {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            ModuleName::Identifier(module_name) => Display::fmt(module_name, f),
+            ModuleName::Stubs(module_name) => Display::fmt(module_name, f),
+        }
+    }
+}
+
+impl<'de> Deserialize<'de> for ModuleName {
+    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
+    where
+        D: Deserializer<'de>,
+    {
+        let module_name = String::deserialize(deserializer)?;
+        if let Some(stem) = module_name.strip_suffix("-stubs") {
+            // Check that the stubs belong to a valid module.
+            Identifier::from_str(stem)
+                .map(ModuleName::Identifier)
+                .map_err(serde::de::Error::custom)?;
+            Ok(ModuleName::Stubs(module_name))
+        } else {
+            Identifier::from_str(&module_name)
+                .map(ModuleName::Identifier)
+                .map_err(serde::de::Error::custom)
+        }
+    }
+}
+
+impl Serialize for ModuleName {
+    fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
+    where
+        S: Serializer,
+    {
+        match self {
+            ModuleName::Identifier(module_name) => module_name.serialize(serializer),
+            ModuleName::Stubs(module_name) => module_name.serialize(serializer),
+        }
+    }
+}
+
+#[cfg(feature = "schemars")]
+impl schemars::JsonSchema for ModuleName {
+    fn schema_name() -> String {
+        "ModuleName".to_string()
+    }
+
+    fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
+        schemars::schema::SchemaObject {
+            instance_type: Some(schemars::schema::InstanceType::String.into()),
+            string: Some(Box::new(schemars::schema::StringValidation {
+                // Best-effort Unicode support (https://stackoverflow.com/a/68844380/3549270)
+                pattern: Some(r"^[_\p{Alphabetic}][_0-9\p{Alphabetic}]*(-stubs)?$".to_string()),
+                ..schemars::schema::StringValidation::default()
+            })),
+            metadata: Some(Box::new(schemars::schema::Metadata {
+                description: Some(
+                    "The name of the module, or the name of a stubs package".to_string(),
+                ),
+                ..schemars::schema::Metadata::default()
+            })),
+            ..schemars::schema::SchemaObject::default()
+        }
+        .into()
+    }
 }

 /// Data includes for wheels.
--- a/crates/uv-build-backend/src/source_dist.rs
+++ b/crates/uv-build-backend/src/source_dist.rs
@ -68,24 +68,20 @@ fn source_dist_matcher(
    includes.push(globset::escape("pyproject.toml"));

    // Check that the source tree contains a module.
-    let (src_root, modules_relative) = find_roots(
+    let (_, module_root) = find_roots(
        source_tree,
        pyproject_toml,
        &settings.module_root,
        settings.module_name.as_ref(),
-        settings.namespace,
    )?;
-    for module_relative in modules_relative {
    // The wheel must not include any files included by the source distribution (at least until we
    // have files generated in the source dist -> wheel build step).
    let import_path = uv_fs::normalize_path(
-            &uv_fs::relative_to(src_root.join(module_relative), source_tree)
-                .expect("module root is inside source tree"),
+        &uv_fs::relative_to(module_root, source_tree).expect("module root is inside source tree"),
    )
    .portable_display()
    .to_string();
    includes.push(format!("{}/**", globset::escape(&import_path)));
-    }
    for include in includes {
        let glob = PortableGlobParser::Uv
            .parse(&include)
@ -252,16 +248,32 @@ fn write_source_dist(
            .expect("walkdir starts with root");

        if !include_matcher.match_path(relative) || exclude_matcher.is_match(relative) {
-            trace!("Excluding from sdist: `{}`", relative.user_display());
+            trace!("Excluding: `{}`", relative.user_display());
            continue;
        }

-        let entry_path = Path::new(&top_level)
+        debug!("Including {}", relative.user_display());
+        if entry.file_type().is_dir() {
+            writer.write_directory(
+                &Path::new(&top_level)
                    .join(relative)
                    .portable_display()
-            .to_string();
-        debug!("Adding to sdist: {}", relative.user_display());
-        writer.write_dir_entry(&entry, &entry_path)?;
+                    .to_string(),
+            )?;
+        } else if entry.file_type().is_file() {
+            writer.write_file(
+                &Path::new(&top_level)
+                    .join(relative)
+                    .portable_display()
+                    .to_string(),
+                entry.path(),
+            )?;
+        } else {
+            return Err(Error::UnsupportedFileType(
+                relative.to_path_buf(),
+                entry.file_type(),
+            ));
+        }
    }
    debug!("Visited {files_visited} files for source dist build");

--- a/crates/uv-build-backend/src/wheel.rs
+++ b/crates/uv-build-backend/src/wheel.rs
@ -1,7 +1,6 @@
 use fs_err::File;
 use globset::{GlobSet, GlobSetBuilder};
 use itertools::Itertools;
-use rustc_hash::FxHashSet;
 use sha2::{Digest, Sha256};
 use std::io::{BufReader, Read, Write};
 use std::path::{Path, PathBuf};
@ -18,7 +17,8 @@ use uv_warnings::warn_user_once;

 use crate::metadata::DEFAULT_EXCLUDES;
 use crate::{
-    BuildBackendSettings, DirectoryWriter, Error, FileList, ListWriter, PyProjectToml, find_roots,
+    BuildBackendSettings, DirectoryWriter, Error, FileList, ListWriter, PyProjectToml,
+    find_module_root, find_roots,
 };

 /// Build a wheel from the source tree and place it in the output directory.
@ -124,29 +124,15 @@ fn write_wheel(
    let exclude_matcher = build_exclude_matcher(excludes)?;

    debug!("Adding content files to wheel");
-    let (src_root, module_relative) = find_roots(
+    let (src_root, module_root) = find_roots(
        source_tree,
        pyproject_toml,
        &settings.module_root,
        settings.module_name.as_ref(),
-        settings.namespace,
    )?;

    let mut files_visited = 0;
-    let mut prefix_directories = FxHashSet::default();
-    for module_relative in module_relative {
-        // For convenience, have directories for the whole tree in the wheel
-        for ancestor in module_relative.ancestors().skip(1) {
-            if ancestor == Path::new("") {
-                continue;
-            }
-            // Avoid duplicate directories in the zip.
-            if prefix_directories.insert(ancestor.to_path_buf()) {
-                wheel_writer.write_directory(&ancestor.portable_display().to_string())?;
-            }
-        }
-
-        for entry in WalkDir::new(src_root.join(module_relative))
+    for entry in WalkDir::new(module_root)
        .sort_by_file_name()
        .into_iter()
        .filter_entry(|entry| !exclude_matcher.is_match(entry.path()))
@ -170,7 +156,7 @@ fn write_wheel(
            .path()
            .strip_prefix(source_tree)
            .expect("walkdir starts with root");
-            let entry_path = entry
+        let wheel_path = entry
            .path()
            .strip_prefix(&src_root)
            .expect("walkdir starts with root");
@ -178,10 +164,20 @@ fn write_wheel(
            trace!("Excluding from module: `{}`", match_path.user_display());
            continue;
        }
+        let wheel_path = wheel_path.portable_display().to_string();

-            let entry_path = entry_path.portable_display().to_string();
-            debug!("Adding to wheel: {entry_path}");
-            wheel_writer.write_dir_entry(&entry, &entry_path)?;
+        debug!("Adding to wheel: `{wheel_path}`");
+
+        if entry.file_type().is_dir() {
+            wheel_writer.write_directory(&wheel_path)?;
+        } else if entry.file_type().is_file() {
+            wheel_writer.write_file(&wheel_path, entry.path())?;
+        } else {
+            // TODO(konsti): We may want to support symlinks, there is support for installing them.
+            return Err(Error::UnsupportedFileType(
+                entry.path().to_path_buf(),
+                entry.file_type(),
+            ));
        }
    }
    debug!("Visited {files_visited} files for wheel build");
@ -271,13 +267,16 @@ pub fn build_editable(
    let mut wheel_writer = ZipDirectoryWriter::new_wheel(File::create(&wheel_path)?);

    debug!("Adding pth file to {}", wheel_path.user_display());
+    let src_root = source_tree.join(&settings.module_root);
+    if !src_root.starts_with(source_tree) {
+        return Err(Error::InvalidModuleRoot(settings.module_root.clone()));
+    }
+
    // Check that a module root exists in the directory we're linking from the `.pth` file
-    let (src_root, _module_relative) = find_roots(
-        source_tree,
-        &pyproject_toml,
-        &settings.module_root,
+    find_module_root(
+        &src_root,
        settings.module_name.as_ref(),
-        settings.namespace,
+        pyproject_toml.name(),
    )?;

    wheel_writer.write_bytes(
@ -515,12 +514,23 @@ fn wheel_subdir_from_globs(
            continue;
        }

-        let license_path = Path::new(target)
+        let relative_licenses = Path::new(target)
            .join(relative)
            .portable_display()
            .to_string();
-        debug!("Adding for {}: `{}`", globs_field, relative.user_display());
-        wheel_writer.write_dir_entry(&entry, &license_path)?;
+
+        if entry.file_type().is_dir() {
+            wheel_writer.write_directory(&relative_licenses)?;
+        } else if entry.file_type().is_file() {
+            debug!("Adding {} file: `{}`", globs_field, relative.user_display());
+            wheel_writer.write_file(&relative_licenses, entry.path())?;
+        } else {
+            // TODO(konsti): We may want to support symlinks, there is support for installing them.
+            return Err(Error::UnsupportedFileType(
+                entry.path().to_path_buf(),
+                entry.file_type(),
+            ));
+        }
    }
    Ok(())
 }
@ -621,8 +631,8 @@ impl ZipDirectoryWriter {
        path: &str,
        executable_bit: bool,
    ) -> Result<Box<dyn Write + 'slf>, Error> {
-        // Set file permissions: 644 (rw-r--r--) for regular files, 755 (rwxr-xr-x) for executables
-        let permissions = if executable_bit { 0o755 } else { 0o644 };
+        // 644 is the default of the zip crate.
+        let permissions = if executable_bit { 775 } else { 664 };
        let options = zip::write::SimpleFileOptions::default()
            .unix_permissions(permissions)
            .compression_method(self.compression);
@ -634,10 +644,7 @@ impl ZipDirectoryWriter {
 impl DirectoryWriter for ZipDirectoryWriter {
    fn write_bytes(&mut self, path: &str, bytes: &[u8]) -> Result<(), Error> {
        trace!("Adding {}", path);
-        // Set appropriate permissions for metadata files (644 = rw-r--r--)
-        let options = zip::write::SimpleFileOptions::default()
-            .unix_permissions(0o644)
-            .compression_method(self.compression);
+        let options = zip::write::SimpleFileOptions::default().compression_method(self.compression);
        self.writer.start_file(path, options)?;
        self.writer.write_all(bytes)?;

--- a/crates/uv-build-frontend/Cargo.toml
+++ b/crates/uv-build-frontend/Cargo.toml
@ -17,7 +17,6 @@ doctest = false
 workspace = true

 [dependencies]
-uv-cache-key = { workspace = true }
 uv-configuration = { workspace = true }
 uv-distribution = { workspace = true }
 uv-distribution-types = { workspace = true }
@ -48,4 +47,4 @@ tracing = { workspace = true }
 rustc-hash = { workspace = true }

 [dev-dependencies]
-insta = { workspace = true }
+insta = { version = "1.40.0" }
--- a/crates/uv-build-frontend/src/lib.rs
+++ b/crates/uv-build-frontend/src/lib.rs
@ -4,7 +4,6 @@

 mod error;

-use std::borrow::Cow;
 use std::ffi::OsString;
 use std::fmt::Formatter;
 use std::fmt::Write;
@ -20,20 +19,17 @@ use fs_err as fs;
 use indoc::formatdoc;
 use itertools::Itertools;
 use rustc_hash::FxHashMap;
-use serde::de::{self, IntoDeserializer, SeqAccess, Visitor, value};
-use serde::{Deserialize, Deserializer};
+use serde::de::{IntoDeserializer, SeqAccess, Visitor, value};
+use serde::{Deserialize, Deserializer, de};
 use tempfile::TempDir;
 use tokio::io::AsyncBufReadExt;
 use tokio::process::Command;
 use tokio::sync::{Mutex, Semaphore};
-use tracing::{Instrument, debug, info_span, instrument, warn};
+use tracing::{Instrument, debug, info_span, instrument};

-use uv_cache_key::cache_digest;
-use uv_configuration::Preview;
 use uv_configuration::{BuildKind, BuildOutput, ConfigSettings, SourceStrategy};
 use uv_distribution::BuildRequires;
 use uv_distribution_types::{IndexLocations, Requirement, Resolution};
-use uv_fs::LockedFile;
 use uv_fs::{PythonExt, Simplified};
 use uv_pep440::Version;
 use uv_pep508::PackageName;
@ -43,7 +39,6 @@ use uv_static::EnvVars;
 use uv_types::{AnyErrorBuild, BuildContext, BuildIsolation, BuildStack, SourceBuildTrait};
 use uv_warnings::warn_user_once;
 use uv_workspace::WorkspaceCache;
-use uv_workspace::pyproject::ExtraBuildDependencies;

 pub use crate::error::{Error, MissingHeaderCause};

@ -205,11 +200,6 @@ impl Pep517Backend {
            {import}
        "#, backend_path = backend_path_encoded}
    }
-
-    fn is_setuptools(&self) -> bool {
-        // either `setuptools.build_meta` or `setuptools.build_meta:__legacy__`
-        self.backend.split(':').next() == Some("setuptools.build_meta")
-    }
 }

 /// Uses an [`Rc`] internally, clone freely.
@ -283,13 +273,11 @@ impl SourceBuild {
        workspace_cache: &WorkspaceCache,
        config_settings: ConfigSettings,
        build_isolation: BuildIsolation<'_>,
-        extra_build_dependencies: &ExtraBuildDependencies,
        build_stack: &BuildStack,
        build_kind: BuildKind,
        mut environment_variables: FxHashMap<OsString, OsString>,
        level: BuildOutput,
        concurrent_builds: usize,
-        preview: Preview,
    ) -> Result<Self, Error> {
        let temp_dir = build_context.cache().venv_dir()?;

@ -300,6 +288,7 @@ impl SourceBuild {
        };

        let default_backend: Pep517Backend = DEFAULT_BACKEND.clone();
+
        // Check if we have a PEP 517 build backend.
        let (pep517_backend, project) = Self::extract_pep517_backend(
            &source_tree,
@ -324,14 +313,6 @@ impl SourceBuild {
            .or(fallback_package_version)
            .cloned();

-        let extra_build_dependencies: Vec<Requirement> = package_name
-            .as_ref()
-            .and_then(|name| extra_build_dependencies.get(name).cloned())
-            .unwrap_or_default()
-            .into_iter()
-            .map(Requirement::from)
-            .collect();
-
        // Create a virtual environment, or install into the shared environment if requested.
        let venv = if let Some(venv) = build_isolation.shared_environment(package_name.as_ref()) {
            venv.clone()
@ -341,11 +322,9 @@ impl SourceBuild {
                interpreter.clone(),
                uv_virtualenv::Prompt::None,
                false,
-                uv_virtualenv::OnExisting::Remove,
                false,
                false,
                false,
-                preview,
            )?
        };

@ -354,18 +333,11 @@ impl SourceBuild {
        if build_isolation.is_isolated(package_name.as_ref()) {
            debug!("Resolving build requirements");

-            let dependency_sources = if extra_build_dependencies.is_empty() {
-                "`build-system.requires`"
-            } else {
-                "`build-system.requires` and `extra-build-dependencies`"
-            };
-
            let resolved_requirements = Self::get_resolved_requirements(
                build_context,
                source_build_context,
                &default_backend,
                &pep517_backend,
-                extra_build_dependencies,
                build_stack,
            )
            .await?;
@ -373,7 +345,7 @@ impl SourceBuild {
            build_context
                .install(&resolved_requirements, &venv, build_stack)
                .await
-                .map_err(|err| Error::RequirementsInstall(dependency_sources, err.into()))?;
+                .map_err(|err| Error::RequirementsInstall("`build-system.requires`", err.into()))?;
        } else {
            debug!("Proceeding without build isolation");
        }
@ -458,43 +430,15 @@ impl SourceBuild {
        })
    }

-    /// Acquire a lock on the source tree, if necessary.
-    async fn acquire_lock(&self) -> Result<Option<LockedFile>, Error> {
-        // Depending on the command, setuptools puts `*.egg-info`, `build/`, and `dist/` in the
-        // source tree, and concurrent invocations of setuptools using the same source dir can
-        // stomp on each other. We need to lock something to fix that, but we don't want to dump a
-        // `.lock` file into the source tree that the user will need to .gitignore. Take a global
-        // proxy lock instead.
-        let mut source_tree_lock = None;
-        if self.pep517_backend.is_setuptools() {
-            debug!("Locking the source tree for setuptools");
-            let canonical_source_path = self.source_tree.canonicalize()?;
-            let lock_path = env::temp_dir().join(format!(
-                "uv-setuptools-{}.lock",
-                cache_digest(&canonical_source_path)
-            ));
-            source_tree_lock = LockedFile::acquire(lock_path, self.source_tree.to_string_lossy())
-                .await
-                .inspect_err(|err| {
-                    warn!("Failed to acquire build lock: {err}");
-                })
-                .ok();
-        }
-        Ok(source_tree_lock)
-    }
-
    async fn get_resolved_requirements(
        build_context: &impl BuildContext,
        source_build_context: SourceBuildContext,
        default_backend: &Pep517Backend,
        pep517_backend: &Pep517Backend,
-        extra_build_dependencies: Vec<Requirement>,
        build_stack: &BuildStack,
    ) -> Result<Resolution, Error> {
        Ok(
-            if pep517_backend.requirements == default_backend.requirements
-                && extra_build_dependencies.is_empty()
-            {
+            if pep517_backend.requirements == default_backend.requirements {
                let mut resolution = source_build_context.default_resolution.lock().await;
                if let Some(resolved_requirements) = &*resolution {
                    resolved_requirements.clone()
@ -509,25 +453,12 @@ impl SourceBuild {
                    resolved_requirements
                }
            } else {
-                let (requirements, dependency_sources) = if extra_build_dependencies.is_empty() {
-                    (
-                        Cow::Borrowed(&pep517_backend.requirements),
-                        "`build-system.requires`",
-                    )
-                } else {
-                    // If there are extra build dependencies, we need to resolve them together with
-                    // the backend requirements.
-                    let mut requirements = pep517_backend.requirements.clone();
-                    requirements.extend(extra_build_dependencies);
-                    (
-                        Cow::Owned(requirements),
-                        "`build-system.requires` and `extra-build-dependencies`",
-                    )
-                };
                build_context
-                    .resolve(&requirements, build_stack)
+                    .resolve(&pep517_backend.requirements, build_stack)
                    .await
-                    .map_err(|err| Error::RequirementsResolve(dependency_sources, err.into()))?
+                    .map_err(|err| {
+                        Error::RequirementsResolve("`build-system.requires`", err.into())
+                    })?
            },
        )
    }
@ -544,9 +475,11 @@ impl SourceBuild {
    ) -> Result<(Pep517Backend, Option<Project>), Box<Error>> {
        match fs::read_to_string(source_tree.join("pyproject.toml")) {
            Ok(toml) => {
-                let pyproject_toml = toml_edit::Document::from_str(&toml)
+                let pyproject_toml: toml_edit::ImDocument<_> =
+                    toml_edit::ImDocument::from_str(&toml)
                        .map_err(Error::InvalidPyprojectTomlSyntax)?;
-                let pyproject_toml = PyProjectToml::deserialize(pyproject_toml.into_deserializer())
+                let pyproject_toml: PyProjectToml =
+                    PyProjectToml::deserialize(pyproject_toml.into_deserializer())
                        .map_err(Error::InvalidPyprojectTomlSchema)?;

                let backend = if let Some(build_system) = pyproject_toml.build_system {
@ -637,7 +570,6 @@ impl SourceBuild {
                            );
                        }
                    }
-
                    default_backend.clone()
                };
                Ok((backend, pyproject_toml.project))
@ -668,9 +600,6 @@ impl SourceBuild {
            return Ok(Some(metadata_dir.clone()));
        }

-        // Lock the source tree, if necessary.
-        let _lock = self.acquire_lock().await?;
-
        // Hatch allows for highly dynamic customization of metadata via hooks. In such cases, Hatch
        // can't uphold the PEP 517 contract, in that the metadata Hatch would return by
        // `prepare_metadata_for_build_wheel` isn't guaranteed to match that of the built wheel.
@ -783,15 +712,16 @@ impl SourceBuild {
    pub async fn build(&self, wheel_dir: &Path) -> Result<String, Error> {
        // The build scripts run with the extracted root as cwd, so they need the absolute path.
        let wheel_dir = std::path::absolute(wheel_dir)?;
-        let filename = self.pep517_build(&wheel_dir).await?;
+        let filename = self.pep517_build(&wheel_dir, &self.pep517_backend).await?;
        Ok(filename)
    }

    /// Perform a PEP 517 build for a wheel or source distribution (sdist).
-    async fn pep517_build(&self, output_dir: &Path) -> Result<String, Error> {
-        // Lock the source tree, if necessary.
-        let _lock = self.acquire_lock().await?;
-
+    async fn pep517_build(
+        &self,
+        output_dir: &Path,
+        pep517_backend: &Pep517Backend,
+    ) -> Result<String, Error> {
        // Write the hook output to a file so that we can read it back reliably.
        let outfile = self
            .temp_dir
@ -803,7 +733,7 @@ impl SourceBuild {
            BuildKind::Sdist => {
                debug!(
                    r#"Calling `{}.build_{}("{}", {})`"#,
-                    self.pep517_backend.backend,
+                    pep517_backend.backend,
                    self.build_kind,
                    output_dir.escape_for_python(),
                    self.config_settings.escape_for_python(),
@ -816,7 +746,7 @@ impl SourceBuild {
                    with open("{}", "w") as fp:
                        fp.write(sdist_filename)
                    "#,
-                    self.pep517_backend.backend_import(),
+                    pep517_backend.backend_import(),
                    self.build_kind,
                    output_dir.escape_for_python(),
                    self.config_settings.escape_for_python(),
@ -832,7 +762,7 @@ impl SourceBuild {
                    });
                debug!(
                    r#"Calling `{}.build_{}("{}", {}, {})`"#,
-                    self.pep517_backend.backend,
+                    pep517_backend.backend,
                    self.build_kind,
                    output_dir.escape_for_python(),
                    self.config_settings.escape_for_python(),
@ -846,7 +776,7 @@ impl SourceBuild {
                    with open("{}", "w") as fp:
                        fp.write(wheel_filename)
                    "#,
-                    self.pep517_backend.backend_import(),
+                    pep517_backend.backend_import(),
                    self.build_kind,
                    output_dir.escape_for_python(),
                    self.config_settings.escape_for_python(),
@ -876,7 +806,7 @@ impl SourceBuild {
            return Err(Error::from_command_output(
                format!(
                    "Call to `{}.build_{}` failed",
-                    self.pep517_backend.backend, self.build_kind
+                    pep517_backend.backend, self.build_kind
                ),
                &output,
                self.level,
@ -891,7 +821,7 @@ impl SourceBuild {
            return Err(Error::from_command_output(
                format!(
                    "Call to `{}.build_{}` failed",
-                    self.pep517_backend.backend, self.build_kind
+                    pep517_backend.backend, self.build_kind
                ),
                &output,
                self.level,
--- a/crates/uv-build/Cargo.toml
+++ b/crates/uv-build/Cargo.toml
@ -1,13 +1,13 @@
 [package]
 name = "uv-build"
-version = "0.8.4"
-edition = { workspace = true }
-rust-version = { workspace = true }
-homepage = { workspace = true }
-documentation = { workspace = true }
-repository = { workspace = true }
-authors = { workspace = true }
-license = { workspace = true }
+version = "0.7.10"
+edition.workspace = true
+rust-version.workspace = true
+homepage.workspace = true
+documentation.workspace = true
+repository.workspace = true
+authors.workspace = true
+license.workspace = true

 [dependencies]
 uv-build-backend = { workspace = true }
--- a/crates/uv-build/pyproject.toml
+++ b/crates/uv-build/pyproject.toml
@ -1,6 +1,6 @@
 [project]
 name = "uv-build"
-version = "0.8.4"
+version = "0.7.10"
 description = "The uv build backend"
 authors = [{ name = "Astral Software Inc.", email = "hey@astral.sh" }]
 requires-python = ">=3.8"
--- a/crates/uv-build/ruff.toml
+++ b/crates/uv-build/ruff.toml
@ -1,2 +0,0 @@
-# It is important retain compatibility with old versions in the build backend
-target-version = "py37"
--- a/crates/uv-cache-info/Cargo.toml
+++ b/crates/uv-cache-info/Cargo.toml
@ -24,7 +24,3 @@ thiserror = { workspace = true }
 toml = { workspace = true }
 tracing = { workspace = true }
 walkdir = { workspace = true }
-
-[dev-dependencies]
-anyhow = { workspace = true }
-tempfile = { workspace = true }
--- a/crates/uv-cache-info/src/cache_info.rs
+++ b/crates/uv-cache-info/src/cache_info.rs
@ -7,7 +7,6 @@ use serde::Deserialize;
 use tracing::{debug, warn};

 use crate::git_info::{Commit, Tags};
-use crate::glob::cluster_globs;
 use crate::timestamp::Timestamp;

 #[derive(Debug, thiserror::Error)]
@ -213,13 +212,9 @@ impl CacheInfo {
            }
        }

-        // If we have any globs, first cluster them using LCP and then do a single pass on each group.
+        // If we have any globs, process them in a single pass.
        if !globs.is_empty() {
-            for (glob_base, glob_patterns) in cluster_globs(&globs) {
-                let walker = globwalk::GlobWalkerBuilder::from_patterns(
-                    directory.join(glob_base),
-                    &glob_patterns,
-                )
+            let walker = globwalk::GlobWalkerBuilder::from_patterns(directory, &globs)
                .file_type(globwalk::FileType::FILE | globwalk::FileType::SYMLINK)
                .build()?;
            for entry in walker {
@ -230,38 +225,23 @@ impl CacheInfo {
                        continue;
                    }
                };
-                    let metadata = if entry.path_is_symlink() {
-                        // resolve symlinks for leaf entries without following symlinks while globbing
-                        match fs_err::metadata(entry.path()) {
-                            Ok(metadata) => metadata,
-                            Err(err) => {
-                                warn!("Failed to resolve symlink for glob entry: {err}");
-                                continue;
-                            }
-                        }
-                    } else {
-                        match entry.metadata() {
+                let metadata = match entry.metadata() {
                    Ok(metadata) => metadata,
                    Err(err) => {
                        warn!("Failed to read metadata for glob entry: {err}");
                        continue;
                    }
-                        }
                };
                if !metadata.is_file() {
-                        if !entry.path_is_symlink() {
-                            // don't warn if it was a symlink - it may legitimately resolve to a directory
                    warn!(
                        "Expected file for cache key, but found directory: `{}`",
                        entry.path().display()
                    );
-                        }
                    continue;
                }
                timestamp = max(timestamp, Some(Timestamp::from_metadata(&metadata)));
            }
        }
-        }

        debug!(
            "Computed cache info: {timestamp:?}, {commit:?}, {tags:?}, {env:?}, {directories:?}"
@ -360,71 +340,3 @@ enum DirectoryTimestamp {
    Timestamp(Timestamp),
    Inode(u64),
 }
-
-#[cfg(all(test, unix))]
-mod tests_unix {
-    use anyhow::Result;
-
-    use super::{CacheInfo, Timestamp};
-
-    #[test]
-    fn test_cache_info_symlink_resolve() -> Result<()> {
-        let dir = tempfile::tempdir()?;
-        let dir = dir.path().join("dir");
-        fs_err::create_dir_all(&dir)?;
-
-        let write_manifest = |cache_key: &str| {
-            fs_err::write(
-                dir.join("pyproject.toml"),
-                format!(
-                    r#"
-                [tool.uv]
-                cache-keys = [
-                    "{cache_key}"
-                ]
-                "#
-                ),
-            )
-        };
-
-        let touch = |path: &str| -> Result<_> {
-            let path = dir.join(path);
-            fs_err::create_dir_all(path.parent().unwrap())?;
-            fs_err::write(&path, "")?;
-            Ok(Timestamp::from_metadata(&path.metadata()?))
-        };
-
-        let cache_timestamp = || -> Result<_> { Ok(CacheInfo::from_directory(&dir)?.timestamp) };
-
-        write_manifest("x/**")?;
-        assert_eq!(cache_timestamp()?, None);
-        let y = touch("x/y")?;
-        assert_eq!(cache_timestamp()?, Some(y));
-        let z = touch("x/z")?;
-        assert_eq!(cache_timestamp()?, Some(z));
-
-        // leaf entry symlink should be resolved
-        let a = touch("../a")?;
-        fs_err::os::unix::fs::symlink(dir.join("../a"), dir.join("x/a"))?;
-        assert_eq!(cache_timestamp()?, Some(a));
-
-        // symlink directories should not be followed while globbing
-        let c = touch("../b/c")?;
-        fs_err::os::unix::fs::symlink(dir.join("../b"), dir.join("x/b"))?;
-        assert_eq!(cache_timestamp()?, Some(a));
-
-        // no globs, should work as expected
-        write_manifest("x/y")?;
-        assert_eq!(cache_timestamp()?, Some(y));
-        write_manifest("x/a")?;
-        assert_eq!(cache_timestamp()?, Some(a));
-        write_manifest("x/b/c")?;
-        assert_eq!(cache_timestamp()?, Some(c));
-
-        // symlink pointing to a directory
-        write_manifest("x/*b*")?;
-        assert_eq!(cache_timestamp()?, None);
-
-        Ok(())
-    }
-}
--- a/crates/uv-cache-info/src/glob.rs
+++ b/crates/uv-cache-info/src/glob.rs
@ -1,318 +0,0 @@
-use std::{
-    collections::BTreeMap,
-    path::{Component, Components, Path, PathBuf},
-};
-
-/// Check if a component of the path looks like it may be a glob pattern.
-///
-/// Note: this function is being used when splitting a glob pattern into a long possible
-/// base and the glob remainder (scanning through components until we hit the first component
-/// for which this function returns true). It is acceptable for this function to return
-/// false positives (e.g. patterns like 'foo[bar' or 'foo{bar') in which case correctness
-/// will not be affected but efficiency might be (because we'll traverse more than we should),
-/// however it should not return false negatives.
-fn is_glob_like(part: Component) -> bool {
-    matches!(part, Component::Normal(_))
-        && part.as_os_str().to_str().is_some_and(|part| {
-            ["*", "{", "}", "?", "[", "]"]
-                .into_iter()
-                .any(|c| part.contains(c))
-        })
-}
-
-#[derive(Debug, Default, Clone, PartialEq, Eq)]
-struct GlobParts {
-    base: PathBuf,
-    pattern: PathBuf,
-}
-
-/// Split a glob into longest possible base + shortest possible glob pattern.
-fn split_glob(pattern: impl AsRef<str>) -> GlobParts {
-    let pattern: &Path = pattern.as_ref().as_ref();
-
-    let mut glob = GlobParts::default();
-    let mut globbing = false;
-    let mut last = None;
-
-    for part in pattern.components() {
-        if let Some(last) = last {
-            if last != Component::CurDir {
-                if globbing {
-                    glob.pattern.push(last);
-                } else {
-                    glob.base.push(last);
-                }
-            }
-        }
-        if !globbing {
-            globbing = is_glob_like(part);
-        }
-        // we don't know if this part is the last one, defer handling it by one iteration
-        last = Some(part);
-    }
-
-    if let Some(last) = last {
-        // defer handling the last component to prevent draining entire pattern into base
-        if globbing || matches!(last, Component::Normal(_)) {
-            glob.pattern.push(last);
-        } else {
-            glob.base.push(last);
-        }
-    }
-    glob
-}
-
-/// Classic trie with edges being path components and values being glob patterns.
-#[derive(Default)]
-struct Trie<'a> {
-    children: BTreeMap<Component<'a>, Trie<'a>>,
-    patterns: Vec<&'a Path>,
-}
-
-impl<'a> Trie<'a> {
-    fn insert(&mut self, mut components: Components<'a>, pattern: &'a Path) {
-        if let Some(part) = components.next() {
-            self.children
-                .entry(part)
-                .or_default()
-                .insert(components, pattern);
-        } else {
-            self.patterns.push(pattern);
-        }
-    }
-
-    #[allow(clippy::needless_pass_by_value)]
-    fn collect_patterns(
-        &self,
-        pattern_prefix: PathBuf,
-        group_prefix: PathBuf,
-        patterns: &mut Vec<PathBuf>,
-        groups: &mut Vec<(PathBuf, Vec<PathBuf>)>,
-    ) {
-        // collect all patterns beneath and including this node
-        for pattern in &self.patterns {
-            patterns.push(pattern_prefix.join(pattern));
-        }
-        for (part, child) in &self.children {
-            if let Component::Normal(_) = part {
-                // for normal components, collect all descendant patterns ('normal' edges only)
-                child.collect_patterns(
-                    pattern_prefix.join(part),
-                    group_prefix.join(part),
-                    patterns,
-                    groups,
-                );
-            } else {
-                // for non-normal component edges, kick off separate group collection at this node
-                child.collect_groups(group_prefix.join(part), groups);
-            }
-        }
-    }
-
-    #[allow(clippy::needless_pass_by_value)]
-    fn collect_groups(&self, prefix: PathBuf, groups: &mut Vec<(PathBuf, Vec<PathBuf>)>) {
-        // LCP-style grouping of patterns
-        if self.patterns.is_empty() {
-            // no patterns in this node; child nodes can form independent groups
-            for (part, child) in &self.children {
-                child.collect_groups(prefix.join(part), groups);
-            }
-        } else {
-            // pivot point, we've hit a pattern node; we have to stop here and form a group
-            let mut group = Vec::new();
-            self.collect_patterns(PathBuf::new(), prefix.clone(), &mut group, groups);
-            groups.push((prefix, group));
-        }
-    }
-}
-
-/// Given a collection of globs, cluster them into (base, globs) groups so that:
-/// - base doesn't contain any glob symbols
-/// - each directory would only be walked at most once
-/// - base of each group is the longest common prefix of globs in the group
-pub(crate) fn cluster_globs(patterns: &[impl AsRef<str>]) -> Vec<(PathBuf, Vec<String>)> {
-    // split all globs into base/pattern
-    let globs: Vec<_> = patterns.iter().map(split_glob).collect();
-
-    // construct a path trie out of all split globs
-    let mut trie = Trie::default();
-    for glob in &globs {
-        trie.insert(glob.base.components(), &glob.pattern);
-    }
-
-    // run LCP-style aggregation of patterns in the trie into groups
-    let mut groups = Vec::new();
-    trie.collect_groups(PathBuf::new(), &mut groups);
-
-    // finally, convert resulting patterns to strings
-    groups
-        .into_iter()
-        .map(|(base, patterns)| {
-            (
-                base,
-                patterns
-                    .iter()
-                    // NOTE: this unwrap is ok because input patterns are valid utf-8
-                    .map(|p| p.to_str().unwrap().to_owned())
-                    .collect(),
-            )
-        })
-        .collect()
-}
-
-#[cfg(test)]
-mod tests {
-    use super::{GlobParts, cluster_globs, split_glob};
-
-    fn windowsify(path: &str) -> String {
-        if cfg!(windows) {
-            path.replace('/', "\\")
-        } else {
-            path.to_owned()
-        }
-    }
-
-    #[test]
-    fn test_split_glob() {
-        #[track_caller]
-        fn check(input: &str, base: &str, pattern: &str) {
-            let result = split_glob(input);
-            let expected = GlobParts {
-                base: base.into(),
-                pattern: pattern.into(),
-            };
-            assert_eq!(result, expected, "{input:?} != {base:?} + {pattern:?}");
-        }
-
-        check("", "", "");
-        check("a", "", "a");
-        check("a/b", "a", "b");
-        check("a/b/", "a", "b");
-        check("a/.//b/", "a", "b");
-        check("./a/b/c", "a/b", "c");
-        check("c/d/*", "c/d", "*");
-        check("c/d/*/../*", "c/d", "*/../*");
-        check("a/?b/c", "a", "?b/c");
-        check("/a/b/*", "/a/b", "*");
-        check("../x/*", "../x", "*");
-        check("a/{b,c}/d", "a", "{b,c}/d");
-        check("a/[bc]/d", "a", "[bc]/d");
-        check("*", "", "*");
-        check("*/*", "", "*/*");
-        check("..", "..", "");
-        check("/", "/", "");
-    }
-
-    #[test]
-    fn test_cluster_globs() {
-        #[track_caller]
-        fn check(input: &[&str], expected: &[(&str, &[&str])]) {
-            let input = input.iter().map(|s| windowsify(s)).collect::<Vec<_>>();
-
-            let mut result_sorted = cluster_globs(&input);
-            for (_, patterns) in &mut result_sorted {
-                patterns.sort_unstable();
-            }
-            result_sorted.sort_unstable();
-
-            let mut expected_sorted = Vec::new();
-            for (base, patterns) in expected {
-                let mut patterns_sorted = Vec::new();
-                for pattern in *patterns {
-                    patterns_sorted.push(windowsify(pattern));
-                }
-                patterns_sorted.sort_unstable();
-                expected_sorted.push((windowsify(base).into(), patterns_sorted));
-            }
-            expected_sorted.sort_unstable();
-
-            assert_eq!(
-                result_sorted, expected_sorted,
-                "{input:?} != {expected_sorted:?} (got: {result_sorted:?})"
-            );
-        }
-
-        check(&["a/b/*", "a/c/*"], &[("a/b", &["*"]), ("a/c", &["*"])]);
-        check(&["./a/b/*", "a/c/*"], &[("a/b", &["*"]), ("a/c", &["*"])]);
-        check(&["/a/b/*", "/a/c/*"], &[("/a/b", &["*"]), ("/a/c", &["*"])]);
-        check(
-            &["../a/b/*", "../a/c/*"],
-            &[("../a/b", &["*"]), ("../a/c", &["*"])],
-        );
-        check(&["x/*", "y/*"], &[("x", &["*"]), ("y", &["*"])]);
-        check(&[], &[]);
-        check(
-            &["./*", "a/*", "../foo/*.png"],
-            &[("", &["*", "a/*"]), ("../foo", &["*.png"])],
-        );
-        check(
-            &[
-                "?",
-                "/foo/?",
-                "/foo/bar/*",
-                "../bar/*.png",
-                "../bar/../baz/*.jpg",
-            ],
-            &[
-                ("", &["?"]),
-                ("/foo", &["?", "bar/*"]),
-                ("../bar", &["*.png"]),
-                ("../bar/../baz", &["*.jpg"]),
-            ],
-        );
-        check(&["/abs/path/*"], &[("/abs/path", &["*"])]);
-        check(&["/abs/*", "rel/*"], &[("/abs", &["*"]), ("rel", &["*"])]);
-        check(&["a/{b,c}/*", "a/d?/*"], &[("a", &["{b,c}/*", "d?/*"])]);
-        check(
-            &[
-                "../shared/a/[abc].png",
-                "../shared/a/b/*",
-                "../shared/b/c/?x/d",
-                "docs/important/*.{doc,xls}",
-                "docs/important/very/*",
-            ],
-            &[
-                ("../shared/a", &["[abc].png", "b/*"]),
-                ("../shared/b/c", &["?x/d"]),
-                ("docs/important", &["*.{doc,xls}", "very/*"]),
-            ],
-        );
-        check(&["file.txt"], &[("", &["file.txt"])]);
-        check(&["/"], &[("/", &[""])]);
-        check(&[".."], &[("..", &[""])]);
-        check(
-            &["file1.txt", "file2.txt"],
-            &[("", &["file1.txt", "file2.txt"])],
-        );
-        check(
-            &["a/file1.txt", "a/file2.txt"],
-            &[("a", &["file1.txt", "file2.txt"])],
-        );
-        check(
-            &["*", "a/b/*", "a/../c/*.jpg", "a/../c/*.png", "/a/*", "/b/*"],
-            &[
-                ("", &["*", "a/b/*"]),
-                ("a/../c", &["*.jpg", "*.png"]),
-                ("/a", &["*"]),
-                ("/b", &["*"]),
-            ],
-        );
-
-        if cfg!(windows) {
-            check(
-                &[
-                    r"\\foo\bar\shared/a/[abc].png",
-                    r"\\foo\bar\shared/a/b/*",
-                    r"\\foo\bar/shared/b/c/?x/d",
-                    r"D:\docs\important/*.{doc,xls}",
-                    r"D:\docs/important/very/*",
-                ],
-                &[
-                    (r"\\foo\bar\shared\a", &["[abc].png", r"b\*"]),
-                    (r"\\foo\bar\shared\b\c", &[r"?x\d"]),
-                    (r"D:\docs\important", &["*.{doc,xls}", r"very\*"]),
-                ],
-            );
-        }
-    }
-}
--- a/crates/uv-cache-info/src/lib.rs
+++ b/crates/uv-cache-info/src/lib.rs
@ -3,5 +3,4 @@ pub use crate::timestamp::*;

 mod cache_info;
 mod git_info;
-mod glob;
 mod timestamp;
--- a/crates/uv-cache/src/lib.rs
+++ b/crates/uv-cache/src/lib.rs
@ -985,8 +985,6 @@ pub enum CacheBucket {
    Builds,
    /// Reusable virtual environments used to invoke Python tools.
    Environments,
-    /// Cached Python downloads
-    Python,
 }

 impl CacheBucket {
@ -1009,7 +1007,6 @@ impl CacheBucket {
            Self::Archive => "archive-v0",
            Self::Builds => "builds-v0",
            Self::Environments => "environments-v2",
-            Self::Python => "python-v0",
        }
    }

@ -1111,12 +1108,7 @@ impl CacheBucket {
                let root = cache.bucket(self);
                summary += rm_rf(root)?;
            }
-            Self::Git
-            | Self::Interpreter
-            | Self::Archive
-            | Self::Builds
-            | Self::Environments
-            | Self::Python => {
+            Self::Git | Self::Interpreter | Self::Archive | Self::Builds | Self::Environments => {
                // Nothing to do.
            }
        }
--- a/crates/uv-cli/Cargo.toml
+++ b/crates/uv-cli/Cargo.toml
@ -42,7 +42,7 @@ serde = { workspace = true }
 url = { workspace = true }

 [dev-dependencies]
-insta = { workspace = true }
+insta = { version = "1.40.0", features = ["filters", "json"] }

 [features]
 default = []
--- a/crates/uv-cli/src/compat.rs
+++ b/crates/uv-cli/src/compat.rs
@ -13,6 +13,7 @@ pub trait CompatArgs {
 /// For example, users often pass `--allow-unsafe`, which is unnecessary with uv. But it's a
 /// nice user experience to warn, rather than fail, when users pass `--allow-unsafe`.
 #[derive(Args)]
+#[allow(clippy::struct_excessive_bools)]
 pub struct PipCompileCompatArgs {
    #[clap(long, hide = true)]
    allow_unsafe: bool,
@ -158,6 +159,7 @@ impl CompatArgs for PipCompileCompatArgs {
 ///
 /// These represent a subset of the `pip list` interface that uv supports by default.
 #[derive(Args)]
+#[allow(clippy::struct_excessive_bools)]
 pub struct PipListCompatArgs {
    #[clap(long, hide = true)]
    disable_pip_version_check: bool,
@ -182,6 +184,7 @@ impl CompatArgs for PipListCompatArgs {
 ///
 /// These represent a subset of the `pip-sync` interface that uv supports by default.
 #[derive(Args)]
+#[allow(clippy::struct_excessive_bools)]
 pub struct PipSyncCompatArgs {
    #[clap(short, long, hide = true)]
    ask: bool,
@ -265,7 +268,11 @@ enum Resolver {
 ///
 /// These represent a subset of the `virtualenv` interface that uv supports by default.
 #[derive(Args)]
+#[allow(clippy::struct_excessive_bools)]
 pub struct VenvCompatArgs {
+    #[clap(long, hide = true)]
+    clear: bool,
+
    #[clap(long, hide = true)]
    no_seed: bool,

@ -286,6 +293,12 @@ impl CompatArgs for VenvCompatArgs {
    /// behavior. If an argument is passed that does _not_ match uv's behavior, this method will
    /// return an error.
    fn validate(&self) -> Result<()> {
+        if self.clear {
+            warn_user!(
+                "virtualenv's `--clear` has no effect (uv always clears the virtual environment)"
+            );
+        }
+
        if self.no_seed {
            warn_user!(
                "virtualenv's `--no-seed` has no effect (uv omits seed packages by default)"
@ -314,6 +327,7 @@ impl CompatArgs for VenvCompatArgs {
 ///
 /// These represent a subset of the `pip install` interface that uv supports by default.
 #[derive(Args)]
+#[allow(clippy::struct_excessive_bools)]
 pub struct PipInstallCompatArgs {
    #[clap(long, hide = true)]
    disable_pip_version_check: bool,
@ -347,6 +361,7 @@ impl CompatArgs for PipInstallCompatArgs {
 ///
 /// These represent a subset of the `pip` interface that exists on all commands.
 #[derive(Args)]
+#[allow(clippy::struct_excessive_bools)]
 pub struct PipGlobalCompatArgs {
    #[clap(long, hide = true)]
    disable_pip_version_check: bool,
--- a/crates/uv-cli/src/lib.rs
+++ b/crates/uv-cli/src/lib.rs
--- a/crates/uv-cli/src/options.rs
+++ b/crates/uv-cli/src/options.rs
@ -1,10 +1,7 @@
-use anstream::eprintln;
-
 use uv_cache::Refresh;
-use uv_configuration::{ConfigSettings, PackageConfigSettings};
-use uv_resolver::{ExcludeNewer, ExcludeNewerPackage, PrereleaseMode};
+use uv_configuration::ConfigSettings;
+use uv_resolver::PrereleaseMode;
 use uv_settings::{Combine, PipOptions, ResolverInstallerOptions, ResolverOptions};
-use uv_warnings::owo_colors::OwoColorize;

 use crate::{
    BuildOptionsArgs, FetchArgs, IndexArgs, InstallerArgs, Maybe, RefreshArgs, ResolverArgs,
@ -12,27 +9,12 @@ use crate::{
 };

 /// Given a boolean flag pair (like `--upgrade` and `--no-upgrade`), resolve the value of the flag.
-pub fn flag(yes: bool, no: bool, name: &str) -> Option<bool> {
+pub fn flag(yes: bool, no: bool) -> Option<bool> {
    match (yes, no) {
        (true, false) => Some(true),
        (false, true) => Some(false),
        (false, false) => None,
-        (..) => {
-            eprintln!(
-                "{}{} `{}` and `{}` cannot be used together. \
-                Boolean flags on different levels are currently not supported \
-                (https://github.com/clap-rs/clap/issues/6049)",
-                "error".bold().red(),
-                ":".bold(),
-                format!("--{name}").green(),
-                format!("--no-{name}").green(),
-            );
-            // No error forwarding since should eventually be solved on the clap side.
-            #[allow(clippy::exit)]
-            {
-                std::process::exit(2);
-            }
-        }
+        (..) => unreachable!("Clap should make this impossible"),
    }
 }

@ -44,7 +26,7 @@ impl From<RefreshArgs> for Refresh {
            refresh_package,
        } = value;

-        Self::from_args(flag(refresh, no_refresh, "no-refresh"), refresh_package)
+        Self::from_args(flag(refresh, no_refresh), refresh_package)
    }
 }

@ -62,18 +44,16 @@ impl From<ResolverArgs> for PipOptions {
            pre,
            fork_strategy,
            config_setting,
-            config_settings_package,
            no_build_isolation,
            no_build_isolation_package,
            build_isolation,
            exclude_newer,
            link_mode,
            no_sources,
-            exclude_newer_package,
        } = args;

        Self {
-            upgrade: flag(upgrade, no_upgrade, "no-upgrade"),
+            upgrade: flag(upgrade, no_upgrade),
            upgrade_package: Some(upgrade_package),
            index_strategy,
            keyring_provider,
@ -86,15 +66,9 @@ impl From<ResolverArgs> for PipOptions {
            },
            config_settings: config_setting
                .map(|config_settings| config_settings.into_iter().collect::<ConfigSettings>()),
-            config_settings_package: config_settings_package.map(|config_settings| {
-                config_settings
-                    .into_iter()
-                    .collect::<PackageConfigSettings>()
-            }),
-            no_build_isolation: flag(no_build_isolation, build_isolation, "build-isolation"),
+            no_build_isolation: flag(no_build_isolation, build_isolation),
            no_build_isolation_package: Some(no_build_isolation_package),
            exclude_newer,
-            exclude_newer_package: exclude_newer_package.map(ExcludeNewerPackage::from_iter),
            link_mode,
            no_sources: if no_sources { Some(true) } else { None },
            ..PipOptions::from(index_args)
@ -112,7 +86,6 @@ impl From<InstallerArgs> for PipOptions {
            index_strategy,
            keyring_provider,
            config_setting,
-            config_settings_package,
            no_build_isolation,
            build_isolation,
            exclude_newer,
@ -120,26 +93,19 @@ impl From<InstallerArgs> for PipOptions {
            compile_bytecode,
            no_compile_bytecode,
            no_sources,
-            exclude_newer_package,
        } = args;

        Self {
-            reinstall: flag(reinstall, no_reinstall, "reinstall"),
+            reinstall: flag(reinstall, no_reinstall),
            reinstall_package: Some(reinstall_package),
            index_strategy,
            keyring_provider,
            config_settings: config_setting
                .map(|config_settings| config_settings.into_iter().collect::<ConfigSettings>()),
-            config_settings_package: config_settings_package.map(|config_settings| {
-                config_settings
-                    .into_iter()
-                    .collect::<PackageConfigSettings>()
-            }),
-            no_build_isolation: flag(no_build_isolation, build_isolation, "build-isolation"),
+            no_build_isolation: flag(no_build_isolation, build_isolation),
            exclude_newer,
-            exclude_newer_package: exclude_newer_package.map(ExcludeNewerPackage::from_iter),
            link_mode,
-            compile_bytecode: flag(compile_bytecode, no_compile_bytecode, "compile-bytecode"),
+            compile_bytecode: flag(compile_bytecode, no_compile_bytecode),
            no_sources: if no_sources { Some(true) } else { None },
            ..PipOptions::from(index_args)
        }
@ -163,7 +129,6 @@ impl From<ResolverInstallerArgs> for PipOptions {
            pre,
            fork_strategy,
            config_setting,
-            config_settings_package,
            no_build_isolation,
            no_build_isolation_package,
            build_isolation,
@ -172,13 +137,12 @@ impl From<ResolverInstallerArgs> for PipOptions {
            compile_bytecode,
            no_compile_bytecode,
            no_sources,
-            exclude_newer_package,
        } = args;

        Self {
-            upgrade: flag(upgrade, no_upgrade, "upgrade"),
+            upgrade: flag(upgrade, no_upgrade),
            upgrade_package: Some(upgrade_package),
-            reinstall: flag(reinstall, no_reinstall, "reinstall"),
+            reinstall: flag(reinstall, no_reinstall),
            reinstall_package: Some(reinstall_package),
            index_strategy,
            keyring_provider,
@ -191,17 +155,11 @@ impl From<ResolverInstallerArgs> for PipOptions {
            fork_strategy,
            config_settings: config_setting
                .map(|config_settings| config_settings.into_iter().collect::<ConfigSettings>()),
-            config_settings_package: config_settings_package.map(|config_settings| {
-                config_settings
-                    .into_iter()
-                    .collect::<PackageConfigSettings>()
-            }),
-            no_build_isolation: flag(no_build_isolation, build_isolation, "build-isolation"),
+            no_build_isolation: flag(no_build_isolation, build_isolation),
            no_build_isolation_package: Some(no_build_isolation_package),
            exclude_newer,
-            exclude_newer_package: exclude_newer_package.map(ExcludeNewerPackage::from_iter),
            link_mode,
-            compile_bytecode: flag(compile_bytecode, no_compile_bytecode, "compile-bytecode"),
+            compile_bytecode: flag(compile_bytecode, no_compile_bytecode),
            no_sources: if no_sources { Some(true) } else { None },
            ..PipOptions::from(index_args)
        }
@ -284,14 +242,12 @@ pub fn resolver_options(
        pre,
        fork_strategy,
        config_setting,
-        config_settings_package,
        no_build_isolation,
        no_build_isolation_package,
        build_isolation,
        exclude_newer,
        link_mode,
        no_sources,
-        exclude_newer_package,
    } = resolver_args;

    let BuildOptionsArgs {
@ -333,7 +289,7 @@ pub fn resolver_options(
                .filter_map(Maybe::into_option)
                .collect()
        }),
-        upgrade: flag(upgrade, no_upgrade, "no-upgrade"),
+        upgrade: flag(upgrade, no_upgrade),
        upgrade_package: Some(upgrade_package),
        index_strategy,
        keyring_provider,
@ -347,22 +303,13 @@ pub fn resolver_options(
        dependency_metadata: None,
        config_settings: config_setting
            .map(|config_settings| config_settings.into_iter().collect::<ConfigSettings>()),
-        config_settings_package: config_settings_package.map(|config_settings| {
-            config_settings
-                .into_iter()
-                .collect::<PackageConfigSettings>()
-        }),
-        no_build_isolation: flag(no_build_isolation, build_isolation, "build-isolation"),
+        no_build_isolation: flag(no_build_isolation, build_isolation),
        no_build_isolation_package: Some(no_build_isolation_package),
-        extra_build_dependencies: None,
-        exclude_newer: ExcludeNewer::from_args(
        exclude_newer,
-            exclude_newer_package.unwrap_or_default(),
-        ),
        link_mode,
-        no_build: flag(no_build, build, "build"),
+        no_build: flag(no_build, build),
        no_build_package: Some(no_build_package),
-        no_binary: flag(no_binary, binary, "binary"),
+        no_binary: flag(no_binary, binary),
        no_binary_package: Some(no_binary_package),
        no_sources: if no_sources { Some(true) } else { None },
    }
@ -388,12 +335,10 @@ pub fn resolver_installer_options(
        pre,
        fork_strategy,
        config_setting,
-        config_settings_package,
        no_build_isolation,
        no_build_isolation_package,
        build_isolation,
        exclude_newer,
-        exclude_newer_package,
        link_mode,
        compile_bytecode,
        no_compile_bytecode,
@ -441,13 +386,13 @@ pub fn resolver_installer_options(
                .filter_map(Maybe::into_option)
                .collect()
        }),
-        upgrade: flag(upgrade, no_upgrade, "upgrade"),
+        upgrade: flag(upgrade, no_upgrade),
        upgrade_package: if upgrade_package.is_empty() {
            None
        } else {
            Some(upgrade_package)
        },
-        reinstall: flag(reinstall, no_reinstall, "reinstall"),
+        reinstall: flag(reinstall, no_reinstall),
        reinstall_package: if reinstall_package.is_empty() {
            None
        } else {
@ -465,29 +410,22 @@ pub fn resolver_installer_options(
        dependency_metadata: None,
        config_settings: config_setting
            .map(|config_settings| config_settings.into_iter().collect::<ConfigSettings>()),
-        config_settings_package: config_settings_package.map(|config_settings| {
-            config_settings
-                .into_iter()
-                .collect::<PackageConfigSettings>()
-        }),
-        no_build_isolation: flag(no_build_isolation, build_isolation, "build-isolation"),
+        no_build_isolation: flag(no_build_isolation, build_isolation),
        no_build_isolation_package: if no_build_isolation_package.is_empty() {
            None
        } else {
            Some(no_build_isolation_package)
        },
-        extra_build_dependencies: None,
        exclude_newer,
-        exclude_newer_package: exclude_newer_package.map(ExcludeNewerPackage::from_iter),
        link_mode,
-        compile_bytecode: flag(compile_bytecode, no_compile_bytecode, "compile-bytecode"),
-        no_build: flag(no_build, build, "build"),
+        compile_bytecode: flag(compile_bytecode, no_compile_bytecode),
+        no_build: flag(no_build, build),
        no_build_package: if no_build_package.is_empty() {
            None
        } else {
            Some(no_build_package)
        },
-        no_binary: flag(no_binary, binary, "binary"),
+        no_binary: flag(no_binary, binary),
        no_binary_package: if no_binary_package.is_empty() {
            None
        } else {
--- a/crates/uv-client/Cargo.toml
+++ b/crates/uv-client/Cargo.toml
@ -60,9 +60,8 @@ url = { workspace = true }

 [dev-dependencies]
 anyhow = { workspace = true }
-http-body-util = { workspace = true }
-hyper = { workspace = true }
-hyper-util = { workspace = true }
-insta = { workspace = true }
+http-body-util = { version = "0.1.2" }
+hyper = { version = "1.4.1", features = ["server", "http1"] }
+hyper-util = { version = "0.1.8", features = ["tokio"] }
+insta = { version = "1.40.0", features = ["filters", "json", "redactions"] }
 tokio = { workspace = true }
-wiremock = { workspace = true }
--- a/crates/uv-client/src/base_client.rs
+++ b/crates/uv-client/src/base_client.rs
@ -6,27 +6,16 @@ use std::sync::Arc;
 use std::time::Duration;
 use std::{env, io, iter};

-use anyhow::Context;
-use anyhow::anyhow;
-use http::{
-    HeaderMap, HeaderName, HeaderValue, Method, StatusCode,
-    header::{
-        AUTHORIZATION, CONTENT_ENCODING, CONTENT_LENGTH, CONTENT_TYPE, COOKIE, LOCATION,
-        PROXY_AUTHORIZATION, REFERER, TRANSFER_ENCODING, WWW_AUTHENTICATE,
-    },
-};
 use itertools::Itertools;
-use reqwest::{Client, ClientBuilder, IntoUrl, Proxy, Request, Response, multipart};
+use reqwest::{Client, ClientBuilder, Proxy, Response};
 use reqwest_middleware::{ClientWithMiddleware, Middleware};
 use reqwest_retry::policies::ExponentialBackoff;
 use reqwest_retry::{
    DefaultRetryableStrategy, RetryTransientMiddleware, Retryable, RetryableStrategy,
 };
 use tracing::{debug, trace};
-use url::ParseError;
 use url::Url;

-use uv_auth::Credentials;
 use uv_auth::{AuthMiddleware, Indexes};
 use uv_configuration::{KeyringProviderType, TrustedHost};
 use uv_fs::Simplified;
@ -43,10 +32,6 @@ use crate::middleware::OfflineMiddleware;
 use crate::tls::read_identity;

 pub const DEFAULT_RETRIES: u32 = 3;
-/// Maximum number of redirects to follow before giving up.
-///
-/// This is the default used by [`reqwest`].
-const DEFAULT_MAX_REDIRECTS: u32 = 10;

 /// Selectively skip parts or the entire auth middleware.
 #[derive(Debug, Clone, Copy, Default)]
@ -67,7 +52,6 @@ pub struct BaseClientBuilder<'a> {
    keyring: KeyringProviderType,
    allow_insecure_host: Vec<TrustedHost>,
    native_tls: bool,
-    built_in_root_certs: bool,
    retries: u32,
    pub connectivity: Connectivity,
    markers: Option<&'a MarkerEnvironment>,
@ -77,31 +61,6 @@ pub struct BaseClientBuilder<'a> {
    default_timeout: Duration,
    extra_middleware: Option<ExtraMiddleware>,
    proxies: Vec<Proxy>,
-    redirect_policy: RedirectPolicy,
-    /// Whether credentials should be propagated during cross-origin redirects.
-    ///
-    /// A policy allowing propagation is insecure and should only be available for test code.
-    cross_origin_credential_policy: CrossOriginCredentialsPolicy,
-}
-
-/// The policy for handling HTTP redirects.
-#[derive(Debug, Default, Clone, Copy)]
-pub enum RedirectPolicy {
-    /// Use reqwest's built-in redirect handling. This bypasses our custom middleware
-    /// on redirect.
-    #[default]
-    BypassMiddleware,
-    /// Handle redirects manually, re-triggering our custom middleware for each request.
-    RetriggerMiddleware,
-}
-
-impl RedirectPolicy {
-    pub fn reqwest_policy(self) -> reqwest::redirect::Policy {
-        match self {
-            RedirectPolicy::BypassMiddleware => reqwest::redirect::Policy::default(),
-            RedirectPolicy::RetriggerMiddleware => reqwest::redirect::Policy::none(),
-        }
-    }
 }

 /// A list of user-defined middlewares to be applied to the client.
@ -128,7 +87,6 @@ impl BaseClientBuilder<'_> {
            keyring: KeyringProviderType::default(),
            allow_insecure_host: vec![],
            native_tls: false,
-            built_in_root_certs: false,
            connectivity: Connectivity::Online,
            retries: DEFAULT_RETRIES,
            markers: None,
@ -138,8 +96,6 @@ impl BaseClientBuilder<'_> {
            default_timeout: Duration::from_secs(30),
            extra_middleware: None,
            proxies: vec![],
-            redirect_policy: RedirectPolicy::default(),
-            cross_origin_credential_policy: CrossOriginCredentialsPolicy::Secure,
        }
    }
 }
@ -169,37 +125,12 @@ impl<'a> BaseClientBuilder<'a> {
        self
    }

-    /// Read the retry count from [`EnvVars::UV_HTTP_RETRIES`] if set, otherwise, make no change.
-    ///
-    /// Errors when [`EnvVars::UV_HTTP_RETRIES`] is not a valid u32.
-    pub fn retries_from_env(self) -> anyhow::Result<Self> {
-        // TODO(zanieb): We should probably parse this in another layer, but there's not a natural
-        // fit for it right now
-        if let Some(value) = env::var_os(EnvVars::UV_HTTP_RETRIES) {
-            Ok(self.retries(
-                value
-                    .to_string_lossy()
-                    .as_ref()
-                    .parse::<u32>()
-                    .context("Failed to parse `UV_HTTP_RETRIES`")?,
-            ))
-        } else {
-            Ok(self)
-        }
-    }
-
    #[must_use]
    pub fn native_tls(mut self, native_tls: bool) -> Self {
        self.native_tls = native_tls;
        self
    }

-    #[must_use]
-    pub fn built_in_root_certs(mut self, built_in_root_certs: bool) -> Self {
-        self.built_in_root_certs = built_in_root_certs;
-        self
-    }
-
    #[must_use]
    pub fn markers(mut self, markers: &'a MarkerEnvironment) -> Self {
        self.markers = Some(markers);
@ -242,35 +173,13 @@ impl<'a> BaseClientBuilder<'a> {
        self
    }

-    #[must_use]
-    pub fn redirect(mut self, policy: RedirectPolicy) -> Self {
-        self.redirect_policy = policy;
-        self
-    }
-
-    /// Allows credentials to be propagated on cross-origin redirects.
-    ///
-    /// WARNING: This should only be available for tests. In production code, propagating credentials
-    /// during cross-origin redirects can lead to security vulnerabilities including credential
-    /// leakage to untrusted domains.
-    #[cfg(test)]
-    #[must_use]
-    pub fn allow_cross_origin_credentials(mut self) -> Self {
-        self.cross_origin_credential_policy = CrossOriginCredentialsPolicy::Insecure;
-        self
-    }
-
    pub fn is_offline(&self) -> bool {
        matches!(self.connectivity, Connectivity::Offline)
    }

    /// Create a [`RetryPolicy`] for the client.
    fn retry_policy(&self) -> ExponentialBackoff {
-        let mut builder = ExponentialBackoff::builder();
-        if env::var_os(EnvVars::UV_TEST_NO_HTTP_RETRY_DELAY).is_some() {
-            builder = builder.retry_bounds(Duration::from_millis(0), Duration::from_millis(0));
-        }
-        builder.build_with_max_retries(self.retries)
+        ExponentialBackoff::builder().build_with_max_retries(self.retries)
    }

    pub fn build(&self) -> BaseClient {
@ -320,7 +229,6 @@ impl<'a> BaseClientBuilder<'a> {
            timeout,
            ssl_cert_file_exists,
            Security::Secure,
-            self.redirect_policy,
        );

        // Create an insecure client that accepts invalid certificates.
@ -329,20 +237,11 @@ impl<'a> BaseClientBuilder<'a> {
            timeout,
            ssl_cert_file_exists,
            Security::Insecure,
-            self.redirect_policy,
        );

        // Wrap in any relevant middleware and handle connectivity.
-        let client = RedirectClientWithMiddleware {
-            client: self.apply_middleware(raw_client.clone()),
-            redirect_policy: self.redirect_policy,
-            cross_origin_credentials_policy: self.cross_origin_credential_policy,
-        };
-        let dangerous_client = RedirectClientWithMiddleware {
-            client: self.apply_middleware(raw_dangerous_client.clone()),
-            redirect_policy: self.redirect_policy,
-            cross_origin_credentials_policy: self.cross_origin_credential_policy,
-        };
+        let client = self.apply_middleware(raw_client.clone());
+        let dangerous_client = self.apply_middleware(raw_dangerous_client.clone());

        BaseClient {
            connectivity: self.connectivity,
@ -359,16 +258,8 @@ impl<'a> BaseClientBuilder<'a> {
    /// Share the underlying client between two different middleware configurations.
    pub fn wrap_existing(&self, existing: &BaseClient) -> BaseClient {
        // Wrap in any relevant middleware and handle connectivity.
-        let client = RedirectClientWithMiddleware {
-            client: self.apply_middleware(existing.raw_client.clone()),
-            redirect_policy: self.redirect_policy,
-            cross_origin_credentials_policy: self.cross_origin_credential_policy,
-        };
-        let dangerous_client = RedirectClientWithMiddleware {
-            client: self.apply_middleware(existing.raw_dangerous_client.clone()),
-            redirect_policy: self.redirect_policy,
-            cross_origin_credentials_policy: self.cross_origin_credential_policy,
-        };
+        let client = self.apply_middleware(existing.raw_client.clone());
+        let dangerous_client = self.apply_middleware(existing.raw_dangerous_client.clone());

        BaseClient {
            connectivity: self.connectivity,
@ -388,7 +279,6 @@ impl<'a> BaseClientBuilder<'a> {
        timeout: Duration,
        ssl_cert_file_exists: bool,
        security: Security,
-        redirect_policy: RedirectPolicy,
    ) -> Client {
        // Configure the builder.
        let client_builder = ClientBuilder::new()
@ -396,8 +286,7 @@ impl<'a> BaseClientBuilder<'a> {
            .user_agent(user_agent)
            .pool_max_idle_per_host(20)
            .read_timeout(timeout)
-            .tls_built_in_root_certs(self.built_in_root_certs)
-            .redirect(redirect_policy.reqwest_policy());
+            .tls_built_in_root_certs(false);

        // If necessary, accept invalid certificates.
        let client_builder = match security {
@ -492,9 +381,9 @@ impl<'a> BaseClientBuilder<'a> {
 #[derive(Debug, Clone)]
 pub struct BaseClient {
    /// The underlying HTTP client that enforces valid certificates.
-    client: RedirectClientWithMiddleware,
+    client: ClientWithMiddleware,
    /// The underlying HTTP client that accepts invalid certificates.
-    dangerous_client: RedirectClientWithMiddleware,
+    dangerous_client: ClientWithMiddleware,
    /// The HTTP client without middleware.
    raw_client: Client,
    /// The HTTP client that accepts invalid certificates without middleware.
@ -519,7 +408,7 @@ enum Security {

 impl BaseClient {
    /// Selects the appropriate client based on the host's trustworthiness.
-    pub fn for_host(&self, url: &DisplaySafeUrl) -> &RedirectClientWithMiddleware {
+    pub fn for_host(&self, url: &DisplaySafeUrl) -> &ClientWithMiddleware {
        if self.disable_ssl(url) {
            &self.dangerous_client
        } else {
@ -527,12 +416,6 @@ impl BaseClient {
        }
    }

-    /// Executes a request, applying redirect policy.
-    pub async fn execute(&self, req: Request) -> reqwest_middleware::Result<Response> {
-        let client = self.for_host(&DisplaySafeUrl::from(req.url().clone()));
-        client.execute(req).await
-    }
-
    /// Returns `true` if the host is trusted to use the insecure client.
    pub fn disable_ssl(&self, url: &DisplaySafeUrl) -> bool {
        self.allow_insecure_host
@ -556,326 +439,6 @@ impl BaseClient {
    }
 }

-/// Wrapper around [`ClientWithMiddleware`] that manages redirects.
-#[derive(Debug, Clone)]
-pub struct RedirectClientWithMiddleware {
-    client: ClientWithMiddleware,
-    redirect_policy: RedirectPolicy,
-    /// Whether credentials should be preserved during cross-origin redirects.
-    ///
-    /// WARNING: This should only be available for tests. In production code, preserving credentials
-    /// during cross-origin redirects can lead to security vulnerabilities including credential
-    /// leakage to untrusted domains.
-    cross_origin_credentials_policy: CrossOriginCredentialsPolicy,
-}
-
-impl RedirectClientWithMiddleware {
-    /// Convenience method to make a `GET` request to a URL.
-    pub fn get<U: IntoUrl>(&self, url: U) -> RequestBuilder {
-        RequestBuilder::new(self.client.get(url), self)
-    }
-
-    /// Convenience method to make a `POST` request to a URL.
-    pub fn post<U: IntoUrl>(&self, url: U) -> RequestBuilder {
-        RequestBuilder::new(self.client.post(url), self)
-    }
-
-    /// Convenience method to make a `HEAD` request to a URL.
-    pub fn head<U: IntoUrl>(&self, url: U) -> RequestBuilder {
-        RequestBuilder::new(self.client.head(url), self)
-    }
-
-    /// Executes a request, applying the redirect policy.
-    pub async fn execute(&self, req: Request) -> reqwest_middleware::Result<Response> {
-        match self.redirect_policy {
-            RedirectPolicy::BypassMiddleware => self.client.execute(req).await,
-            RedirectPolicy::RetriggerMiddleware => self.execute_with_redirect_handling(req).await,
-        }
-    }
-
-    /// Executes a request. If the response is a redirect (one of HTTP 301, 302, 303, 307, or 308), the
-    /// request is executed again with the redirect location URL (up to a maximum number of
-    /// redirects).
-    ///
-    /// Unlike the built-in reqwest redirect policies, this sends the redirect request through the
-    /// entire middleware pipeline again.
-    ///
-    /// See RFC 7231 7.1.2 <https://www.rfc-editor.org/rfc/rfc7231#section-7.1.2> for details on
-    /// redirect semantics.
-    async fn execute_with_redirect_handling(
-        &self,
-        req: Request,
-    ) -> reqwest_middleware::Result<Response> {
-        let mut request = req;
-        let mut redirects = 0;
-        let max_redirects = DEFAULT_MAX_REDIRECTS;
-
-        loop {
-            let result = self
-                .client
-                .execute(request.try_clone().expect("HTTP request must be cloneable"))
-                .await;
-            let Ok(response) = result else {
-                return result;
-            };
-
-            if redirects >= max_redirects {
-                return Ok(response);
-            }
-
-            let Some(redirect_request) =
-                request_into_redirect(request, &response, self.cross_origin_credentials_policy)?
-            else {
-                return Ok(response);
-            };
-
-            redirects += 1;
-            request = redirect_request;
-        }
-    }
-
-    pub fn raw_client(&self) -> &ClientWithMiddleware {
-        &self.client
-    }
-}
-
-impl From<RedirectClientWithMiddleware> for ClientWithMiddleware {
-    fn from(item: RedirectClientWithMiddleware) -> ClientWithMiddleware {
-        item.client
-    }
-}
-
-/// Check if this is should be a redirect and, if so, return a new redirect request.
-///
-/// This implementation is based on the [`reqwest`] crate redirect implementation.
-/// It takes ownership of the original [`Request`] and mutates it to create the new
-/// redirect [`Request`].
-fn request_into_redirect(
-    mut req: Request,
-    res: &Response,
-    cross_origin_credentials_policy: CrossOriginCredentialsPolicy,
-) -> reqwest_middleware::Result<Option<Request>> {
-    let original_req_url = DisplaySafeUrl::from(req.url().clone());
-    let status = res.status();
-    let should_redirect = match status {
-        StatusCode::MOVED_PERMANENTLY
-        | StatusCode::FOUND
-        | StatusCode::TEMPORARY_REDIRECT
-        | StatusCode::PERMANENT_REDIRECT => true,
-        StatusCode::SEE_OTHER => {
-            // Per RFC 7231, HTTP 303 is intended for the user agent
-            // to perform a GET or HEAD request to the redirect target.
-            // Historically, some browsers also changed method from POST
-            // to GET on 301 or 302, but this is not required by RFC 7231
-            // and was not intended by the HTTP spec.
-            *req.body_mut() = None;
-            for header in &[
-                TRANSFER_ENCODING,
-                CONTENT_ENCODING,
-                CONTENT_TYPE,
-                CONTENT_LENGTH,
-            ] {
-                req.headers_mut().remove(header);
-            }
-
-            match *req.method() {
-                Method::GET | Method::HEAD => {}
-                _ => {
-                    *req.method_mut() = Method::GET;
-                }
-            }
-            true
-        }
-        _ => false,
-    };
-    if !should_redirect {
-        return Ok(None);
-    }
-
-    let location = res
-        .headers()
-        .get(LOCATION)
-        .ok_or(reqwest_middleware::Error::Middleware(anyhow!(
-            "Server returned redirect (HTTP {status}) without destination URL. This may indicate a server configuration issue"
-        )))?
-        .to_str()
-        .map_err(|_| {
-            reqwest_middleware::Error::Middleware(anyhow!(
-                "Invalid HTTP {status} 'Location' value: must only contain visible ascii characters"
-            ))
-        })?;
-
-    let mut redirect_url = match DisplaySafeUrl::parse(location) {
-        Ok(url) => url,
-        // Per RFC 7231, URLs should be resolved against the request URL.
-        Err(ParseError::RelativeUrlWithoutBase) => original_req_url.join(location).map_err(|err| {
-            reqwest_middleware::Error::Middleware(anyhow!(
-                "Invalid HTTP {status} 'Location' value `{location}` relative to `{original_req_url}`: {err}"
-            ))
-        })?,
-        Err(err) => {
-            return Err(reqwest_middleware::Error::Middleware(anyhow!(
-                "Invalid HTTP {status} 'Location' value `{location}`: {err}"
-            )));
-        }
-    };
-    // Per RFC 7231, fragments must be propagated
-    if let Some(fragment) = original_req_url.fragment() {
-        redirect_url.set_fragment(Some(fragment));
-    }
-
-    // Ensure the URL is a valid HTTP URI.
-    if let Err(err) = redirect_url.as_str().parse::<http::Uri>() {
-        return Err(reqwest_middleware::Error::Middleware(anyhow!(
-            "HTTP {status} 'Location' value `{redirect_url}` is not a valid HTTP URI: {err}"
-        )));
-    }
-
-    if redirect_url.scheme() != "http" && redirect_url.scheme() != "https" {
-        return Err(reqwest_middleware::Error::Middleware(anyhow!(
-            "Invalid HTTP {status} 'Location' value `{redirect_url}`: scheme needs to be https or http"
-        )));
-    }
-
-    let mut headers = HeaderMap::new();
-    std::mem::swap(req.headers_mut(), &mut headers);
-
-    let cross_host = redirect_url.host_str() != original_req_url.host_str()
-        || redirect_url.port_or_known_default() != original_req_url.port_or_known_default();
-    if cross_host {
-        if cross_origin_credentials_policy == CrossOriginCredentialsPolicy::Secure {
-            debug!("Received a cross-origin redirect. Removing sensitive headers.");
-            headers.remove(AUTHORIZATION);
-            headers.remove(COOKIE);
-            headers.remove(PROXY_AUTHORIZATION);
-            headers.remove(WWW_AUTHENTICATE);
-        }
-    // If the redirect request is not a cross-origin request and the original request already
-    // had a Referer header, attempt to set the Referer header for the redirect request.
-    } else if headers.contains_key(REFERER) {
-        if let Some(referer) = make_referer(&redirect_url, &original_req_url) {
-            headers.insert(REFERER, referer);
-        }
-    }
-
-    // Check if there are credentials on the redirect location itself.
-    // If so, move them to Authorization header.
-    if !redirect_url.username().is_empty() {
-        if let Some(credentials) = Credentials::from_url(&redirect_url) {
-            let _ = redirect_url.set_username("");
-            let _ = redirect_url.set_password(None);
-            headers.insert(AUTHORIZATION, credentials.to_header_value());
-        }
-    }
-
-    std::mem::swap(req.headers_mut(), &mut headers);
-    *req.url_mut() = Url::from(redirect_url);
-    debug!(
-        "Received HTTP {status}. Redirecting to {}",
-        DisplaySafeUrl::ref_cast(req.url())
-    );
-    Ok(Some(req))
-}
-
-/// Return a Referer [`HeaderValue`] according to RFC 7231.
-///
-/// Return [`None`] if https has been downgraded in the redirect location.
-fn make_referer(
-    redirect_url: &DisplaySafeUrl,
-    original_url: &DisplaySafeUrl,
-) -> Option<HeaderValue> {
-    if redirect_url.scheme() == "http" && original_url.scheme() == "https" {
-        return None;
-    }
-
-    let mut referer = original_url.clone();
-    referer.remove_credentials();
-    referer.set_fragment(None);
-    referer.as_str().parse().ok()
-}
-
-#[derive(Clone, Copy, Debug, Default, PartialEq, Eq, Hash)]
-pub(crate) enum CrossOriginCredentialsPolicy {
-    /// Do not propagate credentials on cross-origin requests.
-    #[default]
-    Secure,
-
-    /// Propagate credentials on cross-origin requests.
-    ///
-    /// WARNING: This should only be available for tests. In production code, preserving credentials
-    /// during cross-origin redirects can lead to security vulnerabilities including credential
-    /// leakage to untrusted domains.
-    #[cfg(test)]
-    Insecure,
-}
-
-/// A builder to construct the properties of a `Request`.
-///
-/// This wraps [`reqwest_middleware::RequestBuilder`] to ensure that the [`BaseClient`]
-/// redirect policy is respected if `send()` is called.
-#[derive(Debug)]
-#[must_use]
-pub struct RequestBuilder<'a> {
-    builder: reqwest_middleware::RequestBuilder,
-    client: &'a RedirectClientWithMiddleware,
-}
-
-impl<'a> RequestBuilder<'a> {
-    pub fn new(
-        builder: reqwest_middleware::RequestBuilder,
-        client: &'a RedirectClientWithMiddleware,
-    ) -> Self {
-        Self { builder, client }
-    }
-
-    /// Add a `Header` to this Request.
-    pub fn header<K, V>(mut self, key: K, value: V) -> Self
-    where
-        HeaderName: TryFrom<K>,
-        <HeaderName as TryFrom<K>>::Error: Into<http::Error>,
-        HeaderValue: TryFrom<V>,
-        <HeaderValue as TryFrom<V>>::Error: Into<http::Error>,
-    {
-        self.builder = self.builder.header(key, value);
-        self
-    }
-
-    /// Add a set of Headers to the existing ones on this Request.
-    ///
-    /// The headers will be merged in to any already set.
-    pub fn headers(mut self, headers: HeaderMap) -> Self {
-        self.builder = self.builder.headers(headers);
-        self
-    }
-
-    #[cfg(not(target_arch = "wasm32"))]
-    pub fn version(mut self, version: reqwest::Version) -> Self {
-        self.builder = self.builder.version(version);
-        self
-    }
-
-    #[cfg_attr(docsrs, doc(cfg(feature = "multipart")))]
-    pub fn multipart(mut self, multipart: multipart::Form) -> Self {
-        self.builder = self.builder.multipart(multipart);
-        self
-    }
-
-    /// Build a `Request`.
-    pub fn build(self) -> reqwest::Result<Request> {
-        self.builder.build()
-    }
-
-    /// Constructs the Request and sends it to the target URL, returning a
-    /// future Response.
-    pub async fn send(self) -> reqwest_middleware::Result<Response> {
-        self.client.execute(self.build()?).await
-    }
-
-    pub fn raw_builder(&self) -> &reqwest_middleware::RequestBuilder {
-        &self.builder
-    }
-}
-
 /// Extends [`DefaultRetryableStrategy`], to log transient request failures and additional retry cases.
 pub struct UvRetryableStrategy;

@ -928,34 +491,18 @@ pub fn is_extended_transient_error(err: &dyn Error) -> bool {
    }

    // IO Errors may be nested through custom IO errors.
-    let mut has_io_error = false;
    for io_err in find_sources::<io::Error>(&err) {
-        has_io_error = true;
-        let retryable_io_err_kinds = [
-            // https://github.com/astral-sh/uv/issues/12054
-            io::ErrorKind::BrokenPipe,
-            // From reqwest-middleware
-            io::ErrorKind::ConnectionAborted,
-            // https://github.com/astral-sh/uv/issues/3514
-            io::ErrorKind::ConnectionReset,
-            // https://github.com/astral-sh/uv/issues/14699
-            io::ErrorKind::InvalidData,
-            // https://github.com/astral-sh/uv/issues/9246
-            io::ErrorKind::UnexpectedEof,
-        ];
-        if retryable_io_err_kinds.contains(&io_err.kind()) {
-            trace!("Retrying error: `{}`", io_err.kind());
+        if io_err.kind() == io::ErrorKind::ConnectionReset
+            || io_err.kind() == io::ErrorKind::UnexpectedEof
+            || io_err.kind() == io::ErrorKind::BrokenPipe
+        {
+            trace!("Retrying error: `ConnectionReset` or `UnexpectedEof`");
            return true;
        }
-        trace!(
-            "Cannot retry IO error `{}`, not a retryable IO error kind",
-            io_err.kind()
-        );
+        trace!("Cannot retry IO error: not one of `ConnectionReset` or `UnexpectedEof`");
    }

-    if !has_io_error {
-        trace!("Cannot retry error: not an extended IO error");
-    }
+    trace!("Cannot retry error: not an IO error");
    false
 }

@ -981,204 +528,3 @@ fn find_source<E: Error + 'static>(orig: &dyn Error) -> Option<&E> {
 fn find_sources<E: Error + 'static>(orig: &dyn Error) -> impl Iterator<Item = &E> {
    iter::successors(find_source::<E>(orig), |&err| find_source(err))
 }
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use anyhow::Result;
-
-    use reqwest::{Client, Method};
-    use wiremock::matchers::method;
-    use wiremock::{Mock, MockServer, ResponseTemplate};
-
-    use crate::base_client::request_into_redirect;
-
-    #[tokio::test]
-    async fn test_redirect_preserves_authorization_header_on_same_origin() -> Result<()> {
-        for status in &[301, 302, 303, 307, 308] {
-            let server = MockServer::start().await;
-            Mock::given(method("GET"))
-                .respond_with(
-                    ResponseTemplate::new(*status)
-                        .insert_header("location", format!("{}/redirect", server.uri())),
-                )
-                .mount(&server)
-                .await;
-
-            let request = Client::new()
-                .get(server.uri())
-                .basic_auth("username", Some("password"))
-                .build()
-                .unwrap();
-
-            assert!(request.headers().contains_key(AUTHORIZATION));
-
-            let response = Client::builder()
-                .redirect(reqwest::redirect::Policy::none())
-                .build()
-                .unwrap()
-                .execute(request.try_clone().unwrap())
-                .await
-                .unwrap();
-
-            let redirect_request =
-                request_into_redirect(request, &response, CrossOriginCredentialsPolicy::Secure)?
-                    .unwrap();
-            assert!(redirect_request.headers().contains_key(AUTHORIZATION));
-        }
-
-        Ok(())
-    }
-
-    #[tokio::test]
-    async fn test_redirect_preserves_fragment() -> Result<()> {
-        for status in &[301, 302, 303, 307, 308] {
-            let server = MockServer::start().await;
-            Mock::given(method("GET"))
-                .respond_with(
-                    ResponseTemplate::new(*status)
-                        .insert_header("location", format!("{}/redirect", server.uri())),
-                )
-                .mount(&server)
-                .await;
-
-            let request = Client::new()
-                .get(format!("{}#fragment", server.uri()))
-                .build()
-                .unwrap();
-
-            let response = Client::builder()
-                .redirect(reqwest::redirect::Policy::none())
-                .build()
-                .unwrap()
-                .execute(request.try_clone().unwrap())
-                .await
-                .unwrap();
-
-            let redirect_request =
-                request_into_redirect(request, &response, CrossOriginCredentialsPolicy::Secure)?
-                    .unwrap();
-            assert!(
-                redirect_request
-                    .url()
-                    .fragment()
-                    .is_some_and(|fragment| fragment == "fragment")
-            );
-        }
-
-        Ok(())
-    }
-
-    #[tokio::test]
-    async fn test_redirect_removes_authorization_header_on_cross_origin() -> Result<()> {
-        for status in &[301, 302, 303, 307, 308] {
-            let server = MockServer::start().await;
-            Mock::given(method("GET"))
-                .respond_with(
-                    ResponseTemplate::new(*status)
-                        .insert_header("location", "https://cross-origin.com/simple"),
-                )
-                .mount(&server)
-                .await;
-
-            let request = Client::new()
-                .get(server.uri())
-                .basic_auth("username", Some("password"))
-                .build()
-                .unwrap();
-
-            assert!(request.headers().contains_key(AUTHORIZATION));
-
-            let response = Client::builder()
-                .redirect(reqwest::redirect::Policy::none())
-                .build()
-                .unwrap()
-                .execute(request.try_clone().unwrap())
-                .await
-                .unwrap();
-
-            let redirect_request =
-                request_into_redirect(request, &response, CrossOriginCredentialsPolicy::Secure)?
-                    .unwrap();
-            assert!(!redirect_request.headers().contains_key(AUTHORIZATION));
-        }
-
-        Ok(())
-    }
-
-    #[tokio::test]
-    async fn test_redirect_303_changes_post_to_get() -> Result<()> {
-        let server = MockServer::start().await;
-        Mock::given(method("POST"))
-            .respond_with(
-                ResponseTemplate::new(303)
-                    .insert_header("location", format!("{}/redirect", server.uri())),
-            )
-            .mount(&server)
-            .await;
-
-        let request = Client::new()
-            .post(server.uri())
-            .basic_auth("username", Some("password"))
-            .build()
-            .unwrap();
-
-        assert_eq!(request.method(), Method::POST);
-
-        let response = Client::builder()
-            .redirect(reqwest::redirect::Policy::none())
-            .build()
-            .unwrap()
-            .execute(request.try_clone().unwrap())
-            .await
-            .unwrap();
-
-        let redirect_request =
-            request_into_redirect(request, &response, CrossOriginCredentialsPolicy::Secure)?
-                .unwrap();
-        assert_eq!(redirect_request.method(), Method::GET);
-
-        Ok(())
-    }
-
-    #[tokio::test]
-    async fn test_redirect_no_referer_if_disabled() -> Result<()> {
-        for status in &[301, 302, 303, 307, 308] {
-            let server = MockServer::start().await;
-            Mock::given(method("GET"))
-                .respond_with(
-                    ResponseTemplate::new(*status)
-                        .insert_header("location", format!("{}/redirect", server.uri())),
-                )
-                .mount(&server)
-                .await;
-
-            let request = Client::builder()
-                .referer(false)
-                .build()
-                .unwrap()
-                .get(server.uri())
-                .basic_auth("username", Some("password"))
-                .build()
-                .unwrap();
-
-            assert!(!request.headers().contains_key(REFERER));
-
-            let response = Client::builder()
-                .redirect(reqwest::redirect::Policy::none())
-                .build()
-                .unwrap()
-                .execute(request.try_clone().unwrap())
-                .await
-                .unwrap();
-
-            let redirect_request =
-                request_into_redirect(request, &response, CrossOriginCredentialsPolicy::Secure)?
-                    .unwrap();
-
-            assert!(!redirect_request.headers().contains_key(REFERER));
-        }
-
-        Ok(())
-    }
-}
--- a/crates/uv-client/src/cached_client.rs
+++ b/crates/uv-client/src/cached_client.rs
@ -1,3 +1,4 @@
+use std::fmt::{Debug, Display, Formatter};
 use std::time::{Duration, SystemTime};
 use std::{borrow::Cow, path::Path};

@ -99,62 +100,44 @@ where
    }
 }

-/// Dispatch type: Either a cached client error or a (user specified) error from the callback
+/// Either a cached client error or a (user specified) error from the callback
 pub enum CachedClientError<CallbackError: std::error::Error + 'static> {
-    Client {
-        retries: Option<u32>,
-        err: Error,
-    },
-    Callback {
-        retries: Option<u32>,
-        err: CallbackError,
-    },
+    Client(Error),
+    Callback(CallbackError),
 }

-impl<CallbackError: std::error::Error + 'static> CachedClientError<CallbackError> {
-    /// Attach the number of retries to the error context.
-    ///
-    /// Adds to existing errors if any, in case different layers retried.
-    fn with_retries(self, retries: u32) -> Self {
+impl<CallbackError: std::error::Error + 'static> Display for CachedClientError<CallbackError> {
+    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
        match self {
-            CachedClientError::Client {
-                retries: existing_retries,
-                err,
-            } => CachedClientError::Client {
-                retries: Some(existing_retries.unwrap_or_default() + retries),
-                err,
-            },
-            CachedClientError::Callback {
-                retries: existing_retries,
-                err,
-            } => CachedClientError::Callback {
-                retries: Some(existing_retries.unwrap_or_default() + retries),
-                err,
-            },
+            CachedClientError::Client(err) => write!(f, "{err}"),
+            CachedClientError::Callback(err) => write!(f, "{err}"),
        }
    }
+}

-    fn retries(&self) -> Option<u32> {
+impl<CallbackError: std::error::Error + 'static> Debug for CachedClientError<CallbackError> {
+    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
        match self {
-            CachedClientError::Client { retries, .. } => *retries,
-            CachedClientError::Callback { retries, .. } => *retries,
+            CachedClientError::Client(err) => write!(f, "{err:?}"),
+            CachedClientError::Callback(err) => write!(f, "{err:?}"),
        }
    }
+}

-    fn error(&self) -> &dyn std::error::Error {
+impl<CallbackError: std::error::Error + 'static> std::error::Error
+    for CachedClientError<CallbackError>
+{
+    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
        match self {
-            CachedClientError::Client { err, .. } => err,
-            CachedClientError::Callback { err, .. } => err,
+            CachedClientError::Client(err) => Some(err),
+            CachedClientError::Callback(err) => Some(err),
        }
    }
 }

 impl<CallbackError: std::error::Error + 'static> From<Error> for CachedClientError<CallbackError> {
    fn from(error: Error) -> Self {
-        Self::Client {
-            retries: None,
-            err: error,
-        }
+        Self::Client(error)
    }
 }

@ -162,44 +145,30 @@ impl<CallbackError: std::error::Error + 'static> From<ErrorKind>
    for CachedClientError<CallbackError>
 {
    fn from(error: ErrorKind) -> Self {
-        Self::Client {
-            retries: None,
-            err: error.into(),
-        }
+        Self::Client(error.into())
    }
 }

 impl<E: Into<Self> + std::error::Error + 'static> From<CachedClientError<E>> for Error {
-    /// Attach retry error context, if there were retries.
    fn from(error: CachedClientError<E>) -> Self {
        match error {
-            CachedClientError::Client {
-                retries: Some(retries),
-                err,
-            } => Error::new(err.into_kind(), retries),
-            CachedClientError::Client { retries: None, err } => err,
-            CachedClientError::Callback {
-                retries: Some(retries),
-                err,
-            } => Error::new(err.into().into_kind(), retries),
-            CachedClientError::Callback { retries: None, err } => err.into(),
+            CachedClientError::Client(error) => error,
+            CachedClientError::Callback(error) => error.into(),
        }
    }
 }

 #[derive(Debug, Clone, Copy)]
-pub enum CacheControl<'a> {
+pub enum CacheControl {
    /// Respect the `cache-control` header from the response.
    None,
    /// Apply `max-age=0, must-revalidate` to the request.
    MustRevalidate,
    /// Allow the client to return stale responses.
    AllowStale,
-    /// Override the cache control header with a custom value.
-    Override(&'a str),
 }

-impl From<Freshness> for CacheControl<'_> {
+impl From<Freshness> for CacheControl {
    fn from(value: Freshness) -> Self {
        match value {
            Freshness::Fresh => Self::None,
@ -253,7 +222,7 @@ impl CachedClient {
        &self,
        req: Request,
        cache_entry: &CacheEntry,
-        cache_control: CacheControl<'_>,
+        cache_control: CacheControl,
        response_callback: Callback,
    ) -> Result<Payload, CachedClientError<CallBackError>> {
        let payload = self
@ -286,7 +255,7 @@ impl CachedClient {
        &self,
        req: Request,
        cache_entry: &CacheEntry,
-        cache_control: CacheControl<'_>,
+        cache_control: CacheControl,
        response_callback: Callback,
    ) -> Result<Payload::Target, CachedClientError<CallBackError>> {
        let fresh_req = req.try_clone().expect("HTTP request must be cloneable");
@ -296,7 +265,7 @@ impl CachedClient {
                .await?
        } else {
            debug!("No cache entry for: {}", req.url());
-            let (response, cache_policy) = self.fresh_request(req, cache_control).await?;
+            let (response, cache_policy) = self.fresh_request(req).await?;
            CachedResponse::ModifiedOrNew {
                response,
                cache_policy,
@ -310,12 +279,7 @@ impl CachedClient {
                        "Broken fresh cache entry (for payload) at {}, removing: {err}",
                        cache_entry.path().display()
                    );
-                    self.resend_and_heal_cache(
-                        fresh_req,
-                        cache_entry,
-                        cache_control,
-                        response_callback,
-                    )
+                    self.resend_and_heal_cache(fresh_req, cache_entry, response_callback)
                        .await
                }
            },
@ -336,12 +300,7 @@ impl CachedClient {
                                 (for payload) at {}, removing: {err}",
                                cache_entry.path().display()
                            );
-                            self.resend_and_heal_cache(
-                                fresh_req,
-                                cache_entry,
-                                cache_control,
-                                response_callback,
-                            )
+                            self.resend_and_heal_cache(fresh_req, cache_entry, response_callback)
                                .await
                        }
                    }
@ -357,12 +316,7 @@ impl CachedClient {
                // ETag didn't match). We need to make a fresh request.
                if response.status() == http::StatusCode::NOT_MODIFIED {
                    warn!("Server returned unusable 304 for: {}", fresh_req.url());
-                    self.resend_and_heal_cache(
-                        fresh_req,
-                        cache_entry,
-                        cache_control,
-                        response_callback,
-                    )
+                    self.resend_and_heal_cache(fresh_req, cache_entry, response_callback)
                        .await
                } else {
                    self.run_response_callback(
@ -386,10 +340,9 @@ impl CachedClient {
        &self,
        req: Request,
        cache_entry: &CacheEntry,
-        cache_control: CacheControl<'_>,
        response_callback: Callback,
    ) -> Result<Payload, CachedClientError<CallBackError>> {
-        let (response, cache_policy) = self.fresh_request(req, cache_control).await?;
+        let (response, cache_policy) = self.fresh_request(req).await?;

        let payload = self
            .run_response_callback(cache_entry, cache_policy, response, async |resp| {
@ -409,11 +362,10 @@ impl CachedClient {
        &self,
        req: Request,
        cache_entry: &CacheEntry,
-        cache_control: CacheControl<'_>,
        response_callback: Callback,
    ) -> Result<Payload::Target, CachedClientError<CallBackError>> {
        let _ = fs_err::tokio::remove_file(&cache_entry.path()).await;
-        let (response, cache_policy) = self.fresh_request(req, cache_control).await?;
+        let (response, cache_policy) = self.fresh_request(req).await?;
        self.run_response_callback(cache_entry, cache_policy, response, response_callback)
            .await
    }
@ -433,7 +385,7 @@ impl CachedClient {
        let data = response_callback(response)
            .boxed_local()
            .await
-            .map_err(|err| CachedClientError::Callback { retries: None, err })?;
+            .map_err(|err| CachedClientError::Callback(err))?;
        let Some(cache_policy) = cache_policy else {
            return Ok(data.into_target());
        };
@ -480,12 +432,12 @@ impl CachedClient {
    async fn send_cached(
        &self,
        mut req: Request,
-        cache_control: CacheControl<'_>,
+        cache_control: CacheControl,
        cached: DataWithCachePolicy,
    ) -> Result<CachedResponse, Error> {
        // Apply the cache control header, if necessary.
        match cache_control {
-            CacheControl::None | CacheControl::AllowStale | CacheControl::Override(..) => {}
+            CacheControl::None | CacheControl::AllowStale => {}
            CacheControl::MustRevalidate => {
                req.headers_mut().insert(
                    http::header::CACHE_CONTROL,
@ -499,14 +451,9 @@ impl CachedClient {
                CachedResponse::FreshCache(cached)
            }
            BeforeRequest::Stale(new_cache_policy_builder) => match cache_control {
-                CacheControl::None | CacheControl::MustRevalidate | CacheControl::Override(_) => {
+                CacheControl::None | CacheControl::MustRevalidate => {
                    debug!("Found stale response for: {}", req.url());
-                    self.send_cached_handle_stale(
-                        req,
-                        cache_control,
-                        cached,
-                        new_cache_policy_builder,
-                    )
+                    self.send_cached_handle_stale(req, cached, new_cache_policy_builder)
                        .await?
                }
                CacheControl::AllowStale => {
@ -520,7 +467,7 @@ impl CachedClient {
                    "Cached request doesn't match current request for: {}",
                    req.url()
                );
-                let (response, cache_policy) = self.fresh_request(req, cache_control).await?;
+                let (response, cache_policy) = self.fresh_request(req).await?;
                CachedResponse::ModifiedOrNew {
                    response,
                    cache_policy,
@ -532,30 +479,20 @@ impl CachedClient {
    async fn send_cached_handle_stale(
        &self,
        req: Request,
-        cache_control: CacheControl<'_>,
        cached: DataWithCachePolicy,
        new_cache_policy_builder: CachePolicyBuilder,
    ) -> Result<CachedResponse, Error> {
        let url = DisplaySafeUrl::from(req.url().clone());
        debug!("Sending revalidation request for: {url}");
-        let mut response = self
+        let response = self
            .0
+            .for_host(&url)
            .execute(req)
            .instrument(info_span!("revalidation_request", url = url.as_str()))
            .await
            .map_err(|err| ErrorKind::from_reqwest_middleware(url.clone(), err))?
            .error_for_status()
            .map_err(|err| ErrorKind::from_reqwest(url.clone(), err))?;
-
-        // If the user set a custom `Cache-Control` header, override it.
-        if let CacheControl::Override(header) = cache_control {
-            response.headers_mut().insert(
-                http::header::CACHE_CONTROL,
-                http::HeaderValue::from_str(header)
-                    .expect("Cache-Control header must be valid UTF-8"),
-            );
-        }
-
        match cached
            .cache_policy
            .after_response(new_cache_policy_builder, &response)
@ -584,39 +521,18 @@ impl CachedClient {
    async fn fresh_request(
        &self,
        req: Request,
-        cache_control: CacheControl<'_>,
    ) -> Result<(Response, Option<Box<CachePolicy>>), Error> {
        let url = DisplaySafeUrl::from(req.url().clone());
        trace!("Sending fresh {} request for {}", req.method(), url);
        let cache_policy_builder = CachePolicyBuilder::new(&req);
-        let mut response = self
+        let response = self
            .0
+            .for_host(&url)
            .execute(req)
            .await
-            .map_err(|err| ErrorKind::from_reqwest_middleware(url.clone(), err))?;
-
-        // If the user set a custom `Cache-Control` header, override it.
-        if let CacheControl::Override(header) = cache_control {
-            response.headers_mut().insert(
-                http::header::CACHE_CONTROL,
-                http::HeaderValue::from_str(header)
-                    .expect("Cache-Control header must be valid UTF-8"),
-            );
-        }
-
-        let retry_count = response
-            .extensions()
-            .get::<reqwest_retry::RetryCount>()
-            .map(|retries| retries.value());
-
-        if let Err(status_error) = response.error_for_status_ref() {
-            return Err(CachedClientError::<Error>::Client {
-                retries: retry_count,
-                err: ErrorKind::from_reqwest(url, status_error).into(),
-            }
-            .into());
-        }
-
+            .map_err(|err| ErrorKind::from_reqwest_middleware(url.clone(), err))?
+            .error_for_status()
+            .map_err(|err| ErrorKind::from_reqwest(url.clone(), err))?;
        let cache_policy = cache_policy_builder.build(&response);
        let cache_policy = if cache_policy.to_archived().is_storable() {
            Some(Box::new(cache_policy))
@ -636,7 +552,7 @@ impl CachedClient {
        &self,
        req: Request,
        cache_entry: &CacheEntry,
-        cache_control: CacheControl<'_>,
+        cache_control: CacheControl,
        response_callback: Callback,
    ) -> Result<Payload, CachedClientError<CallBackError>> {
        let payload = self
@ -660,10 +576,10 @@ impl CachedClient {
        &self,
        req: Request,
        cache_entry: &CacheEntry,
-        cache_control: CacheControl<'_>,
+        cache_control: CacheControl,
        response_callback: Callback,
    ) -> Result<Payload::Target, CachedClientError<CallBackError>> {
-        let mut past_retries = 0;
+        let mut n_past_retries = 0;
        let start_time = SystemTime::now();
        let retry_policy = self.uncached().retry_policy();
        loop {
@ -671,20 +587,11 @@ impl CachedClient {
            let result = self
                .get_cacheable(fresh_req, cache_entry, cache_control, &response_callback)
                .await;
-
-            // Check if the middleware already performed retries
-            let middleware_retries = match &result {
-                Err(err) => err.retries().unwrap_or_default(),
-                Ok(_) => 0,
-            };
-
            if result
                .as_ref()
-                .is_err_and(|err| is_extended_transient_error(err.error()))
+                .is_err_and(|err| is_extended_transient_error(err))
            {
-                // If middleware already retried, consider that in our retry budget
-                let total_retries = past_retries + middleware_retries;
-                let retry_decision = retry_policy.should_retry(start_time, total_retries);
+                let retry_decision = retry_policy.should_retry(start_time, n_past_retries);
                if let reqwest_retry::RetryDecision::Retry { execute_after } = retry_decision {
                    debug!(
                        "Transient failure while handling response from {}; retrying...",
@ -694,15 +601,10 @@ impl CachedClient {
                        .duration_since(SystemTime::now())
                        .unwrap_or_else(|_| Duration::default());
                    tokio::time::sleep(duration).await;
-                    past_retries += 1;
+                    n_past_retries += 1;
                    continue;
                }
            }
-
-            if past_retries > 0 {
-                return result.map_err(|err| err.with_retries(past_retries));
-            }
-
            return result;
        }
    }
@ -718,31 +620,22 @@ impl CachedClient {
        &self,
        req: Request,
        cache_entry: &CacheEntry,
-        cache_control: CacheControl<'_>,
        response_callback: Callback,
    ) -> Result<Payload, CachedClientError<CallBackError>> {
-        let mut past_retries = 0;
+        let mut n_past_retries = 0;
        let start_time = SystemTime::now();
        let retry_policy = self.uncached().retry_policy();
        loop {
            let fresh_req = req.try_clone().expect("HTTP request must be cloneable");
            let result = self
-                .skip_cache(fresh_req, cache_entry, cache_control, &response_callback)
+                .skip_cache(fresh_req, cache_entry, &response_callback)
                .await;
-
-            // Check if the middleware already performed retries
-            let middleware_retries = match &result {
-                Err(err) => err.retries().unwrap_or_default(),
-                _ => 0,
-            };
-
            if result
                .as_ref()
                .err()
-                .is_some_and(|err| is_extended_transient_error(err.error()))
+                .is_some_and(|err| is_extended_transient_error(err))
            {
-                let total_retries = past_retries + middleware_retries;
-                let retry_decision = retry_policy.should_retry(start_time, total_retries);
+                let retry_decision = retry_policy.should_retry(start_time, n_past_retries);
                if let reqwest_retry::RetryDecision::Retry { execute_after } = retry_decision {
                    debug!(
                        "Transient failure while handling response from {}; retrying...",
@ -752,15 +645,10 @@ impl CachedClient {
                        .duration_since(SystemTime::now())
                        .unwrap_or_else(|_| Duration::default());
                    tokio::time::sleep(duration).await;
-                    past_retries += 1;
+                    n_past_retries += 1;
                    continue;
                }
            }
-
-            if past_retries > 0 {
-                return result.map_err(|err| err.with_retries(past_retries));
-            }
-
            return result;
        }
    }
--- a/crates/uv-client/src/error.rs
+++ b/crates/uv-client/src/error.rs
@ -11,56 +11,19 @@ use uv_redacted::DisplaySafeUrl;
 use crate::middleware::OfflineError;
 use crate::{FlatIndexError, html};

-#[derive(Debug)]
+#[derive(Debug, thiserror::Error)]
+#[error(transparent)]
 pub struct Error {
    kind: Box<ErrorKind>,
-    retries: u32,
-}
-
-impl Display for Error {
-    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
-        if self.retries > 0 {
-            write!(
-                f,
-                "Request failed after {retries} retries",
-                retries = self.retries
-            )
-        } else {
-            Display::fmt(&self.kind, f)
-        }
-    }
-}
-
-impl std::error::Error for Error {
-    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
-        if self.retries > 0 {
-            Some(&self.kind)
-        } else {
-            self.kind.source()
-        }
-    }
 }

 impl Error {
-    /// Create a new [`Error`] with the given [`ErrorKind`] and number of retries.
-    pub fn new(kind: ErrorKind, retries: u32) -> Self {
-        Self {
-            kind: Box::new(kind),
-            retries,
-        }
-    }
-
-    /// Return the number of retries that were attempted before this error was returned.
-    pub fn retries(&self) -> u32 {
-        self.retries
-    }
-
-    /// Convert this error into an [`ErrorKind`].
+    /// Convert this error into its [`ErrorKind`] variant.
    pub fn into_kind(self) -> ErrorKind {
        *self.kind
    }

-    /// Return the [`ErrorKind`] of this error.
+    /// Get a reference to the [`ErrorKind`] variant of this error.
    pub fn kind(&self) -> &ErrorKind {
        &self.kind
    }
@ -115,7 +78,7 @@ impl Error {

            // The server returned a "Method Not Allowed" error, indicating it doesn't support
            // HEAD requests, so we can't check for range requests.
-            ErrorKind::WrappedReqwestError(_, err) => {
+            ErrorKind::WrappedReqwestError(_url, err) => {
                if let Some(status) = err.status() {
                    // If the server doesn't support HEAD requests, we can't check for range
                    // requests.
@ -180,7 +143,6 @@ impl From<ErrorKind> for Error {
    fn from(kind: ErrorKind) -> Self {
        Self {
            kind: Box::new(kind),
-            retries: 0,
        }
    }
 }
@ -190,6 +152,9 @@ pub enum ErrorKind {
    #[error(transparent)]
    InvalidUrl(#[from] uv_distribution_types::ToUrlError),

+    #[error(transparent)]
+    JoinRelativeUrl(#[from] uv_pypi_types::JoinRelativeError),
+
    #[error(transparent)]
    Flat(#[from] FlatIndexError),

@ -232,13 +197,6 @@ pub enum ErrorKind {
    #[error("Failed to fetch: `{0}`")]
    WrappedReqwestError(DisplaySafeUrl, #[source] WrappedReqwestError),

-    /// Add the number of failed retries to the error.
-    #[error("Request failed after {retries} retries")]
-    RequestWithRetries {
-        source: Box<ErrorKind>,
-        retries: u32,
-    },
-
    #[error("Received some unexpected JSON from {}", url)]
    BadJson {
        source: serde_json::Error,
@ -297,18 +255,13 @@ pub enum ErrorKind {
        "Network connectivity is disabled, but the requested data wasn't found in the cache for: `{0}`"
    )]
    Offline(String),
-
-    #[error("Invalid cache control header: `{0}`")]
-    InvalidCacheControl(String),
 }

 impl ErrorKind {
-    /// Create an [`ErrorKind`] from a [`reqwest::Error`].
    pub(crate) fn from_reqwest(url: DisplaySafeUrl, error: reqwest::Error) -> Self {
        Self::WrappedReqwestError(url, WrappedReqwestError::from(error))
    }

-    /// Create an [`ErrorKind`] from a [`reqwest_middleware::Error`].
    pub(crate) fn from_reqwest_middleware(
        url: DisplaySafeUrl,
        err: reqwest_middleware::Error,
--- a/crates/uv-client/src/flat_index.rs
+++ b/crates/uv-client/src/flat_index.rs
@ -246,7 +246,7 @@ impl<'a> FlatIndexClient<'a> {
                    .collect();
                Ok(FlatIndexEntries::from_entries(files))
            }
-            Err(CachedClientError::Client { err, .. }) if err.is_offline() => {
+            Err(CachedClientError::Client(err)) if err.is_offline() => {
                Ok(FlatIndexEntries::offline())
            }
            Err(err) => Err(err.into()),
--- a/crates/uv-client/src/httpcache/control.rs
+++ b/crates/uv-client/src/httpcache/control.rs
@ -21,6 +21,7 @@ use crate::rkyvutil::OwnedArchive;
    rkyv::Serialize,
 )]
 #[rkyv(derive(Debug))]
+#[allow(clippy::struct_excessive_bools)]
 pub struct CacheControl {
    // directives for requests and responses
    /// * <https://www.rfc-editor.org/rfc/rfc9111.html#name-max-age>
--- a/crates/uv-client/src/lib.rs
+++ b/crates/uv-client/src/lib.rs
@ -1,6 +1,6 @@
 pub use base_client::{
    AuthIntegration, BaseClient, BaseClientBuilder, DEFAULT_RETRIES, ExtraMiddleware,
-    RedirectClientWithMiddleware, RequestBuilder, UvRetryableStrategy, is_extended_transient_error,
+    UvRetryableStrategy, is_extended_transient_error,
 };
 pub use cached_client::{CacheControl, CachedClient, CachedClientError, DataWithCachePolicy};
 pub use error::{Error, ErrorKind, WrappedReqwestError};
--- a/crates/uv-client/src/registry_client.rs
+++ b/crates/uv-client/src/registry_client.rs
@ -10,6 +10,7 @@ use futures::{FutureExt, StreamExt, TryStreamExt};
 use http::{HeaderMap, StatusCode};
 use itertools::Either;
 use reqwest::{Proxy, Response};
+use reqwest_middleware::ClientWithMiddleware;
 use rustc_hash::FxHashMap;
 use tokio::sync::{Mutex, Semaphore};
 use tracing::{Instrument, debug, info_span, instrument, trace, warn};
@ -21,8 +22,8 @@ use uv_configuration::KeyringProviderType;
 use uv_configuration::{IndexStrategy, TrustedHost};
 use uv_distribution_filename::{DistFilename, SourceDistFilename, WheelFilename};
 use uv_distribution_types::{
-    BuiltDist, File, IndexCapabilities, IndexFormat, IndexLocations, IndexMetadataRef,
-    IndexStatusCodeDecision, IndexStatusCodeStrategy, IndexUrl, IndexUrls, Name,
+    BuiltDist, File, FileLocation, IndexCapabilities, IndexFormat, IndexLocations,
+    IndexMetadataRef, IndexStatusCodeDecision, IndexStatusCodeStrategy, IndexUrl, IndexUrls, Name,
 };
 use uv_metadata::{read_metadata_async_seek, read_metadata_async_stream};
 use uv_normalize::PackageName;
@ -34,15 +35,15 @@ use uv_redacted::DisplaySafeUrl;
 use uv_small_str::SmallString;
 use uv_torch::TorchStrategy;

-use crate::base_client::{BaseClientBuilder, ExtraMiddleware, RedirectPolicy};
+use crate::base_client::{BaseClientBuilder, ExtraMiddleware};
 use crate::cached_client::CacheControl;
 use crate::flat_index::FlatIndexEntry;
 use crate::html::SimpleHtml;
 use crate::remote_metadata::wheel_metadata_from_remote_zip;
 use crate::rkyvutil::OwnedArchive;
 use crate::{
-    BaseClient, CachedClient, Error, ErrorKind, FlatIndexClient, FlatIndexEntries,
-    RedirectClientWithMiddleware,
+    BaseClient, CachedClient, CachedClientError, Error, ErrorKind, FlatIndexClient,
+    FlatIndexEntries,
 };

 /// A builder for an [`RegistryClient`].
@ -115,25 +116,12 @@ impl<'a> RegistryClientBuilder<'a> {
        self
    }

-    pub fn retries_from_env(mut self) -> anyhow::Result<Self> {
-        self.base_client_builder = self.base_client_builder.retries_from_env()?;
-        Ok(self)
-    }
-
    #[must_use]
    pub fn native_tls(mut self, native_tls: bool) -> Self {
        self.base_client_builder = self.base_client_builder.native_tls(native_tls);
        self
    }

-    #[must_use]
-    pub fn built_in_root_certs(mut self, built_in_root_certs: bool) -> Self {
-        self.base_client_builder = self
-            .base_client_builder
-            .built_in_root_certs(built_in_root_certs);
-        self
-    }
-
    #[must_use]
    pub fn cache(mut self, cache: Cache) -> Self {
        self.cache = cache;
@ -164,23 +152,9 @@ impl<'a> RegistryClientBuilder<'a> {
        self
    }

-    /// Allows credentials to be propagated on cross-origin redirects.
-    ///
-    /// WARNING: This should only be available for tests. In production code, propagating credentials
-    /// during cross-origin redirects can lead to security vulnerabilities including credential
-    /// leakage to untrusted domains.
-    #[cfg(test)]
-    #[must_use]
-    pub fn allow_cross_origin_credentials(mut self) -> Self {
-        self.base_client_builder = self.base_client_builder.allow_cross_origin_credentials();
-        self
-    }
-
    pub fn build(self) -> RegistryClient {
        // Build a base client
-        let builder = self
-            .base_client_builder
-            .redirect(RedirectPolicy::RetriggerMiddleware);
+        let builder = self.base_client_builder;

        let client = builder.build();

@ -277,7 +251,7 @@ impl RegistryClient {
    }

    /// Return the [`BaseClient`] used by this client.
-    pub fn uncached_client(&self, url: &DisplaySafeUrl) -> &RedirectClientWithMiddleware {
+    pub fn uncached_client(&self, url: &DisplaySafeUrl) -> &ClientWithMiddleware {
        self.client.uncached().for_host(url)
    }

@ -519,17 +493,11 @@ impl RegistryClient {
            format!("{package_name}.rkyv"),
        );
        let cache_control = match self.connectivity {
-            Connectivity::Online => {
-                if let Some(header) = self.index_urls.simple_api_cache_control_for(index) {
-                    CacheControl::Override(header)
-                } else {
-                    CacheControl::from(
+            Connectivity::Online => CacheControl::from(
                self.cache
                    .freshness(&cache_entry, Some(package_name), None)
                    .map_err(ErrorKind::Io)?,
-                    )
-                }
-            }
+            ),
            Connectivity::Offline => CacheControl::AllowStale,
        };

@ -549,11 +517,11 @@ impl RegistryClient {

        match result {
            Ok(metadata) => Ok(SimpleMetadataSearchOutcome::Found(metadata)),
-            Err(err) => match err.kind() {
+            Err(err) => match err.into_kind() {
                // The package could not be found in the remote index.
-                ErrorKind::WrappedReqwestError(.., reqwest_err) => {
-                    let Some(status_code) = reqwest_err.status() else {
-                        return Err(err);
+                ErrorKind::WrappedReqwestError(url, err) => {
+                    let Some(status_code) = err.status() else {
+                        return Err(ErrorKind::WrappedReqwestError(url, err).into());
                    };
                    let decision =
                        status_code_strategy.handle_status_code(status_code, index, capabilities);
@ -562,7 +530,7 @@ impl RegistryClient {
                            status_code,
                            StatusCode::UNAUTHORIZED | StatusCode::FORBIDDEN
                        ) {
-                            return Err(err);
+                            return Err(ErrorKind::WrappedReqwestError(url, err).into());
                        }
                    }
                    Ok(SimpleMetadataSearchOutcome::from(decision))
@ -574,7 +542,7 @@ impl RegistryClient {
                // The package could not be found in the local index.
                ErrorKind::FileNotFound(_) => Ok(SimpleMetadataSearchOutcome::NotFound),

-                _ => Err(err),
+                err => Err(err.into()),
            },
        }
    }
@ -585,12 +553,12 @@ impl RegistryClient {
        package_name: &PackageName,
        url: &DisplaySafeUrl,
        cache_entry: &CacheEntry,
-        cache_control: CacheControl<'_>,
+        cache_control: CacheControl,
    ) -> Result<OwnedArchive<SimpleMetadata>, Error> {
        let simple_request = self
            .uncached_client(url)
            .get(Url::from(url.clone()))
-            .header("Accept-Encoding", "gzip, deflate, zstd")
+            .header("Accept-Encoding", "gzip")
            .header("Accept", MediaType::accepts())
            .build()
            .map_err(|err| ErrorKind::from_reqwest(url.clone(), err))?;
@ -639,16 +607,18 @@ impl RegistryClient {
            .boxed_local()
            .instrument(info_span!("parse_simple_api", package = %package_name))
        };
-        let simple = self
-            .cached_client()
+        self.cached_client()
            .get_cacheable_with_retry(
                simple_request,
                cache_entry,
                cache_control,
                parse_simple_response,
            )
-            .await?;
-        Ok(simple)
+            .await
+            .map_err(|err| match err {
+                CachedClientError::Client(err) => err,
+                CachedClientError::Callback(err) => err,
+            })
    }

    /// Fetch the [`SimpleMetadata`] from a local file, using a PEP 503-compatible directory
@ -701,14 +671,30 @@ impl RegistryClient {

                let wheel = wheels.best_wheel();

-                let url = wheel.file.url.to_url().map_err(ErrorKind::InvalidUrl)?;
-                let location = if url.scheme() == "file" {
+                let location = match &wheel.file.url {
+                    FileLocation::RelativeUrl(base, url) => {
+                        let url = uv_pypi_types::base_url_join_relative(base, url)
+                            .map_err(ErrorKind::JoinRelativeUrl)?;
+                        if url.scheme() == "file" {
                            let path = url
                                .to_file_path()
                                .map_err(|()| ErrorKind::NonFileUrl(url.clone()))?;
                            WheelLocation::Path(path)
                        } else {
                            WheelLocation::Url(url)
+                        }
+                    }
+                    FileLocation::AbsoluteUrl(url) => {
+                        let url = url.to_url().map_err(ErrorKind::InvalidUrl)?;
+                        if url.scheme() == "file" {
+                            let path = url
+                                .to_file_path()
+                                .map_err(|()| ErrorKind::NonFileUrl(url.clone()))?;
+                            WheelLocation::Path(path)
+                        } else {
+                            WheelLocation::Url(url)
+                        }
+                    }
                };

                match location {
@ -797,17 +783,11 @@ impl RegistryClient {
                format!("{}.msgpack", filename.cache_key()),
            );
            let cache_control = match self.connectivity {
-                Connectivity::Online => {
-                    if let Some(header) = self.index_urls.artifact_cache_control_for(index) {
-                        CacheControl::Override(header)
-                    } else {
-                        CacheControl::from(
+                Connectivity::Online => CacheControl::from(
                    self.cache
                        .freshness(&cache_entry, Some(&filename.name), None)
                        .map_err(ErrorKind::Io)?,
-                        )
-                    }
-                }
+                ),
                Connectivity::Offline => CacheControl::AllowStale,
            };

@ -873,25 +853,11 @@ impl RegistryClient {
            format!("{}.msgpack", filename.cache_key()),
        );
        let cache_control = match self.connectivity {
-            Connectivity::Online => {
-                if let Some(index) = index {
-                    if let Some(header) = self.index_urls.artifact_cache_control_for(index) {
-                        CacheControl::Override(header)
-                    } else {
-                        CacheControl::from(
+            Connectivity::Online => CacheControl::from(
                self.cache
                    .freshness(&cache_entry, Some(&filename.name), None)
                    .map_err(ErrorKind::Io)?,
-                        )
-                    }
-                } else {
-                    CacheControl::from(
-                        self.cache
-                            .freshness(&cache_entry, Some(&filename.name), None)
-                            .map_err(ErrorKind::Io)?,
-                    )
-                }
-            }
+            ),
            Connectivity::Offline => CacheControl::AllowStale,
        };

@ -934,13 +900,15 @@ impl RegistryClient {
                    .map_err(|err| ErrorKind::AsyncHttpRangeReader(url.clone(), err))?;
                    trace!("Getting metadata for {filename} by range request");
                    let text = wheel_metadata_from_remote_zip(filename, url, &mut reader).await?;
+                    let metadata =
                        ResolutionMetadata::parse_metadata(text.as_bytes()).map_err(|err| {
                            Error::from(ErrorKind::MetadataParseError(
                                filename.clone(),
                                url.to_string(),
                                Box::new(err),
                            ))
-                    })
+                        })?;
+                    Ok::<ResolutionMetadata, CachedClientError<Error>>(metadata)
                }
                .boxed_local()
                .instrument(info_span!("read_metadata_range_request", wheel = %filename))
@ -1254,192 +1222,12 @@ impl Connectivity {
 mod tests {
    use std::str::FromStr;

-    use url::Url;
    use uv_normalize::PackageName;
-    use uv_pypi_types::SimpleJson;
+    use uv_pypi_types::{JoinRelativeError, SimpleJson};
    use uv_redacted::DisplaySafeUrl;

    use crate::{SimpleMetadata, SimpleMetadatum, html::SimpleHtml};

-    use crate::RegistryClientBuilder;
-    use uv_cache::Cache;
-    use uv_distribution_types::{FileLocation, ToUrlError};
-    use uv_small_str::SmallString;
-    use wiremock::matchers::{basic_auth, method, path_regex};
-    use wiremock::{Mock, MockServer, ResponseTemplate};
-
-    type Error = Box<dyn std::error::Error>;
-
-    async fn start_test_server(username: &'static str, password: &'static str) -> MockServer {
-        let server = MockServer::start().await;
-
-        Mock::given(method("GET"))
-            .and(basic_auth(username, password))
-            .respond_with(ResponseTemplate::new(200))
-            .mount(&server)
-            .await;
-
-        Mock::given(method("GET"))
-            .respond_with(ResponseTemplate::new(401))
-            .mount(&server)
-            .await;
-
-        server
-    }
-
-    #[tokio::test]
-    async fn test_redirect_to_server_with_credentials() -> Result<(), Error> {
-        let username = "user";
-        let password = "password";
-
-        let auth_server = start_test_server(username, password).await;
-        let auth_base_url = DisplaySafeUrl::parse(&auth_server.uri())?;
-
-        let redirect_server = MockServer::start().await;
-
-        // Configure the redirect server to respond with a 302 to the auth server
-        Mock::given(method("GET"))
-            .respond_with(
-                ResponseTemplate::new(302).insert_header("Location", format!("{auth_base_url}")),
-            )
-            .mount(&redirect_server)
-            .await;
-
-        let redirect_server_url = DisplaySafeUrl::parse(&redirect_server.uri())?;
-
-        let cache = Cache::temp()?;
-        let registry_client = RegistryClientBuilder::new(cache)
-            .allow_cross_origin_credentials()
-            .build();
-        let client = registry_client.cached_client().uncached();
-
-        assert_eq!(
-            client
-                .for_host(&redirect_server_url)
-                .get(redirect_server.uri())
-                .send()
-                .await?
-                .status(),
-            401,
-            "Requests should fail if credentials are missing"
-        );
-
-        let mut url = redirect_server_url.clone();
-        let _ = url.set_username(username);
-        let _ = url.set_password(Some(password));
-
-        assert_eq!(
-            client
-                .for_host(&redirect_server_url)
-                .get(Url::from(url))
-                .send()
-                .await?
-                .status(),
-            200,
-            "Requests should succeed if credentials are present"
-        );
-
-        Ok(())
-    }
-
-    #[tokio::test]
-    async fn test_redirect_root_relative_url() -> Result<(), Error> {
-        let username = "user";
-        let password = "password";
-
-        let redirect_server = MockServer::start().await;
-
-        // Configure the redirect server to respond with a 307 with a relative URL.
-        Mock::given(method("GET"))
-            .and(path_regex("/foo/"))
-            .respond_with(
-                ResponseTemplate::new(307).insert_header("Location", "/bar/baz/".to_string()),
-            )
-            .mount(&redirect_server)
-            .await;
-
-        Mock::given(method("GET"))
-            .and(path_regex("/bar/baz/"))
-            .and(basic_auth(username, password))
-            .respond_with(ResponseTemplate::new(200))
-            .mount(&redirect_server)
-            .await;
-
-        let redirect_server_url = DisplaySafeUrl::parse(&redirect_server.uri())?.join("foo/")?;
-
-        let cache = Cache::temp()?;
-        let registry_client = RegistryClientBuilder::new(cache)
-            .allow_cross_origin_credentials()
-            .build();
-        let client = registry_client.cached_client().uncached();
-
-        let mut url = redirect_server_url.clone();
-        let _ = url.set_username(username);
-        let _ = url.set_password(Some(password));
-
-        assert_eq!(
-            client
-                .for_host(&url)
-                .get(Url::from(url))
-                .send()
-                .await?
-                .status(),
-            200,
-            "Requests should succeed for relative URL"
-        );
-
-        Ok(())
-    }
-
-    #[tokio::test]
-    async fn test_redirect_relative_url() -> Result<(), Error> {
-        let username = "user";
-        let password = "password";
-
-        let redirect_server = MockServer::start().await;
-
-        // Configure the redirect server to respond with a 307 with a relative URL.
-        Mock::given(method("GET"))
-            .and(path_regex("/foo/bar/baz/"))
-            .and(basic_auth(username, password))
-            .respond_with(ResponseTemplate::new(200))
-            .mount(&redirect_server)
-            .await;
-
-        Mock::given(method("GET"))
-            .and(path_regex("/foo/"))
-            .and(basic_auth(username, password))
-            .respond_with(
-                ResponseTemplate::new(307).insert_header("Location", "bar/baz/".to_string()),
-            )
-            .mount(&redirect_server)
-            .await;
-
-        let cache = Cache::temp()?;
-        let registry_client = RegistryClientBuilder::new(cache)
-            .allow_cross_origin_credentials()
-            .build();
-        let client = registry_client.cached_client().uncached();
-
-        let redirect_server_url = DisplaySafeUrl::parse(&redirect_server.uri())?.join("foo/")?;
-        let mut url = redirect_server_url.clone();
-        let _ = url.set_username(username);
-        let _ = url.set_password(Some(password));
-
-        assert_eq!(
-            client
-                .for_host(&url)
-                .get(Url::from(url))
-                .send()
-                .await?
-                .status(),
-            200,
-            "Requests should succeed for relative URL"
-        );
-
-        Ok(())
-    }
-
    #[test]
    fn ignore_failing_files() {
        // 1.7.7 has an invalid requires-python field (double comma), 1.7.8 is valid
@ -1493,7 +1281,7 @@ mod tests {
    ///
    /// See: <https://github.com/astral-sh/uv/issues/1388>
    #[test]
-    fn relative_urls_code_artifact() -> Result<(), ToUrlError> {
+    fn relative_urls_code_artifact() -> Result<(), JoinRelativeError> {
        let text = r#"
        <!DOCTYPE html>
        <html>
@ -1516,13 +1304,12 @@ mod tests {
        let base = DisplaySafeUrl::parse("https://account.d.codeartifact.us-west-2.amazonaws.com/pypi/shared-packages-pypi/simple/flask")
            .unwrap();
        let SimpleHtml { base, files } = SimpleHtml::parse(text, &base).unwrap();
-        let base = SmallString::from(base.as_str());

        // Test parsing of the file urls
        let urls = files
-            .into_iter()
-            .map(|file| FileLocation::new(file.url, &base).to_url())
-            .collect::<Result<Vec<_>, _>>()?;
+            .iter()
+            .map(|file| uv_pypi_types::base_url_join_relative(base.as_url().as_str(), &file.url))
+            .collect::<Result<Vec<_>, JoinRelativeError>>()?;
        let urls = urls
            .iter()
            .map(DisplaySafeUrl::to_string)
--- a/crates/uv-configuration/Cargo.toml
+++ b/crates/uv-configuration/Cargo.toml
@ -27,9 +27,7 @@ uv-pep440 = { workspace = true }
 uv-pep508 = { workspace = true, features = ["schemars"] }
 uv-platform-tags = { workspace = true }
 uv-static = { workspace = true }
-uv-warnings = { workspace = true }

-bitflags = { workspace = true }
 clap = { workspace = true, features = ["derive"], optional = true }
 either = { workspace = true }
 fs-err = { workspace = true }
--- a/crates/uv-configuration/src/build_options.rs
+++ b/crates/uv-configuration/src/build_options.rs
@ -4,7 +4,7 @@ use uv_pep508::PackageName;

 use crate::{PackageNameSpecifier, PackageNameSpecifiers};

-#[derive(Copy, Clone, Debug, Default, PartialEq, Eq, Hash)]
+#[derive(Copy, Clone, Debug, Default, PartialEq, Eq)]
 pub enum BuildKind {
    /// A PEP 517 wheel build.
    #[default]
--- a/crates/uv-configuration/src/config_settings.rs
+++ b/crates/uv-configuration/src/config_settings.rs
@ -3,7 +3,6 @@ use std::{
    str::FromStr,
 };
 use uv_cache_key::CacheKeyHasher;
-use uv_normalize::PackageName;

 #[derive(Debug, Clone)]
 pub struct ConfigSettingEntry {
@ -29,32 +28,6 @@ impl FromStr for ConfigSettingEntry {
    }
 }

-#[derive(Debug, Clone)]
-pub struct ConfigSettingPackageEntry {
-    /// The package name to apply the setting to.
-    package: PackageName,
-    /// The config setting entry.
-    setting: ConfigSettingEntry,
-}
-
-impl FromStr for ConfigSettingPackageEntry {
-    type Err = String;
-
-    fn from_str(s: &str) -> Result<Self, Self::Err> {
-        let Some((package_str, config_str)) = s.split_once(':') else {
-            return Err(format!(
-                "Invalid config setting: {s} (expected `PACKAGE:KEY=VALUE`)"
-            ));
-        };
-
-        let package = PackageName::from_str(package_str.trim())
-            .map_err(|e| format!("Invalid package name: {e}"))?;
-        let setting = ConfigSettingEntry::from_str(config_str)?;
-
-        Ok(Self { package, setting })
-    }
-}
-
 #[derive(Debug, Clone, PartialEq, Eq)]
 #[cfg_attr(feature = "schemars", derive(schemars::JsonSchema), schemars(untagged))]
 enum ConfigSettingValue {
@ -239,111 +212,6 @@ impl<'de> serde::Deserialize<'de> for ConfigSettings {
    }
 }

-/// Settings to pass to PEP 517 build backends on a per-package basis.
-#[derive(Debug, Default, Clone, PartialEq, Eq)]
-#[cfg_attr(feature = "schemars", derive(schemars::JsonSchema))]
-pub struct PackageConfigSettings(BTreeMap<PackageName, ConfigSettings>);
-
-impl FromIterator<ConfigSettingPackageEntry> for PackageConfigSettings {
-    fn from_iter<T: IntoIterator<Item = ConfigSettingPackageEntry>>(iter: T) -> Self {
-        let mut package_configs: BTreeMap<PackageName, Vec<ConfigSettingEntry>> = BTreeMap::new();
-
-        for entry in iter {
-            package_configs
-                .entry(entry.package)
-                .or_default()
-                .push(entry.setting);
-        }
-
-        let configs = package_configs
-            .into_iter()
-            .map(|(package, entries)| (package, entries.into_iter().collect()))
-            .collect();
-
-        Self(configs)
-    }
-}
-
-impl PackageConfigSettings {
-    /// Returns the config settings for a specific package, if any.
-    pub fn get(&self, package: &PackageName) -> Option<&ConfigSettings> {
-        self.0.get(package)
-    }
-
-    /// Returns `true` if there are no package-specific settings.
-    pub fn is_empty(&self) -> bool {
-        self.0.is_empty()
-    }
-
-    /// Merge two sets of package config settings, with the values in `self` taking precedence.
-    #[must_use]
-    pub fn merge(mut self, other: PackageConfigSettings) -> PackageConfigSettings {
-        for (package, settings) in other.0 {
-            match self.0.entry(package) {
-                Entry::Vacant(vacant) => {
-                    vacant.insert(settings);
-                }
-                Entry::Occupied(mut occupied) => {
-                    let merged = occupied.get().clone().merge(settings);
-                    occupied.insert(merged);
-                }
-            }
-        }
-        self
-    }
-}
-
-impl uv_cache_key::CacheKey for PackageConfigSettings {
-    fn cache_key(&self, state: &mut CacheKeyHasher) {
-        for (package, settings) in &self.0 {
-            package.to_string().cache_key(state);
-            settings.cache_key(state);
-        }
-    }
-}
-
-impl serde::Serialize for PackageConfigSettings {
-    fn serialize<S: serde::Serializer>(&self, serializer: S) -> Result<S::Ok, S::Error> {
-        use serde::ser::SerializeMap;
-
-        let mut map = serializer.serialize_map(Some(self.0.len()))?;
-        for (key, value) in &self.0 {
-            map.serialize_entry(&key.to_string(), value)?;
-        }
-        map.end()
-    }
-}
-
-impl<'de> serde::Deserialize<'de> for PackageConfigSettings {
-    fn deserialize<D: serde::Deserializer<'de>>(deserializer: D) -> Result<Self, D::Error> {
-        struct Visitor;
-
-        impl<'de> serde::de::Visitor<'de> for Visitor {
-            type Value = PackageConfigSettings;
-
-            fn expecting(&self, formatter: &mut std::fmt::Formatter) -> std::fmt::Result {
-                formatter.write_str("a map from package name to config settings")
-            }
-
-            fn visit_map<A: serde::de::MapAccess<'de>>(
-                self,
-                mut map: A,
-            ) -> Result<Self::Value, A::Error> {
-                let mut config = BTreeMap::default();
-                while let Some((key, value)) = map.next_entry::<String, ConfigSettings>()? {
-                    let package = PackageName::from_str(&key).map_err(|e| {
-                        serde::de::Error::custom(format!("Invalid package name: {e}"))
-                    })?;
-                    config.insert(package, value);
-                }
-                Ok(PackageConfigSettings(config))
-            }
-        }
-
-        deserializer.deserialize_map(Visitor)
-    }
-}
-
 #[cfg(test)]
 mod tests {
    use super::*;
@ -423,56 +291,4 @@ mod tests {
        );
        assert_eq!(settings.escape_for_python(), r#"{"key":"val\\1 {}value"}"#);
    }
-
-    #[test]
-    fn parse_config_setting_package_entry() {
-        // Test valid parsing
-        let entry = ConfigSettingPackageEntry::from_str("numpy:editable_mode=compat").unwrap();
-        assert_eq!(entry.package.as_ref(), "numpy");
-        assert_eq!(entry.setting.key, "editable_mode");
-        assert_eq!(entry.setting.value, "compat");
-
-        // Test with package name containing hyphens
-        let entry = ConfigSettingPackageEntry::from_str("my-package:some_key=value").unwrap();
-        assert_eq!(entry.package.as_ref(), "my-package");
-        assert_eq!(entry.setting.key, "some_key");
-        assert_eq!(entry.setting.value, "value");
-
-        // Test with spaces around values
-        let entry = ConfigSettingPackageEntry::from_str("  numpy : key = value  ").unwrap();
-        assert_eq!(entry.package.as_ref(), "numpy");
-        assert_eq!(entry.setting.key, "key");
-        assert_eq!(entry.setting.value, "value");
-    }
-
-    #[test]
-    fn collect_config_settings_package() {
-        let settings: PackageConfigSettings = vec![
-            ConfigSettingPackageEntry::from_str("numpy:editable_mode=compat").unwrap(),
-            ConfigSettingPackageEntry::from_str("numpy:another_key=value").unwrap(),
-            ConfigSettingPackageEntry::from_str("scipy:build_option=fast").unwrap(),
-        ]
-        .into_iter()
-        .collect();
-
-        let numpy_settings = settings
-            .get(&PackageName::from_str("numpy").unwrap())
-            .unwrap();
-        assert_eq!(
-            numpy_settings.0.get("editable_mode"),
-            Some(&ConfigSettingValue::String("compat".to_string()))
-        );
-        assert_eq!(
-            numpy_settings.0.get("another_key"),
-            Some(&ConfigSettingValue::String("value".to_string()))
-        );
-
-        let scipy_settings = settings
-            .get(&PackageName::from_str("scipy").unwrap())
-            .unwrap();
-        assert_eq!(
-            scipy_settings.0.get("build_option"),
-            Some(&ConfigSettingValue::String("fast".to_string()))
-        );
-    }
 }
--- a/crates/uv-configuration/src/dependency_groups.rs
+++ b/crates/uv-configuration/src/dependency_groups.rs
@ -186,18 +186,6 @@ impl DependencyGroupsInner {
        self.include.names().chain(&self.exclude)
    }

-    /// Returns an iterator over all groups that are included in the specification,
-    /// assuming `all_names` is an iterator over all groups.
-    pub fn group_names<'a, Names>(
-        &'a self,
-        all_names: Names,
-    ) -> impl Iterator<Item = &'a GroupName> + 'a
-    where
-        Names: Iterator<Item = &'a GroupName> + 'a,
-    {
-        all_names.filter(move |name| self.contains(name))
-    }
-
    /// Iterate over all groups the user explicitly asked for on the CLI
    pub fn explicit_names(&self) -> impl Iterator<Item = &GroupName> {
        let DependencyGroupsHistory {
@ -307,15 +295,6 @@ pub struct DependencyGroupsWithDefaults {
 }

 impl DependencyGroupsWithDefaults {
-    /// Do not enable any groups
-    ///
-    /// Many places in the code need to know what dependency-groups are active,
-    /// but various commands or subsystems never enable any dependency-groups,
-    /// in which case they want this.
-    pub fn none() -> Self {
-        DependencyGroups::default().with_defaults(DefaultGroups::default())
-    }
-
    /// Returns `true` if the specification was enabled, and *only* because it was a default
    pub fn contains_because_default(&self, group: &GroupName) -> bool {
        self.cur.contains(group) && !self.prev.contains(group)
--- a/crates/uv-configuration/src/extras.rs
+++ b/crates/uv-configuration/src/extras.rs
@ -155,8 +155,7 @@ impl ExtrasSpecificationInner {
        self.include.names().chain(&self.exclude)
    }

-    /// Returns an iterator over all extras that are included in the specification,
-    /// assuming `all_names` is an iterator over all extras.
+    /// Returns `true` if the specification includes the given extra.
    pub fn extra_names<'a, Names>(
        &'a self,
        all_names: Names,
@ -264,14 +263,6 @@ pub struct ExtrasSpecificationWithDefaults {
 }

 impl ExtrasSpecificationWithDefaults {
-    /// Do not enable any extras
-    ///
-    /// Many places in the code need to know what extras are active,
-    /// but various commands or subsystems never enable any extras,
-    /// in which case they want this.
-    pub fn none() -> Self {
-        ExtrasSpecification::default().with_defaults(DefaultExtras::default())
-    }
    /// Returns `true` if the specification was enabled, and *only* because it was a default
    pub fn contains_because_default(&self, extra: &ExtraName) -> bool {
        self.cur.contains(extra) && !self.prev.contains(extra)
--- a/crates/uv-configuration/src/name_specifiers.rs
+++ b/crates/uv-configuration/src/name_specifiers.rs
@ -1,5 +1,3 @@
-#[cfg(feature = "schemars")]
-use std::borrow::Cow;
 use std::str::FromStr;

 use uv_pep508::PackageName;
@ -65,16 +63,28 @@ impl<'de> serde::Deserialize<'de> for PackageNameSpecifier {

 #[cfg(feature = "schemars")]
 impl schemars::JsonSchema for PackageNameSpecifier {
-    fn schema_name() -> Cow<'static, str> {
-        Cow::Borrowed("PackageNameSpecifier")
+    fn schema_name() -> String {
+        "PackageNameSpecifier".to_string()
    }

-    fn json_schema(_gen: &mut schemars::generate::SchemaGenerator) -> schemars::Schema {
-        schemars::json_schema!({
-            "type": "string",
-            "pattern": r"^(:none:|:all:|([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9._-]*[a-zA-Z0-9]))$",
-            "description": "The name of a package, or `:all:` or `:none:` to select or omit all packages, respectively.",
-        })
+    fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
+        schemars::schema::SchemaObject {
+            instance_type: Some(schemars::schema::InstanceType::String.into()),
+            string: Some(Box::new(schemars::schema::StringValidation {
+                // See: https://packaging.python.org/en/latest/specifications/name-normalization/#name-format
+                pattern: Some(
+                    r"^(:none:|:all:|([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9._-]*[a-zA-Z0-9]))$"
+                        .to_string(),
+                ),
+                ..schemars::schema::StringValidation::default()
+            })),
+            metadata: Some(Box::new(schemars::schema::Metadata {
+                description: Some("The name of a package, or `:all:` or `:none:` to select or omit all packages, respectively.".to_string()),
+              ..schemars::schema::Metadata::default()
+            })),
+            ..schemars::schema::SchemaObject::default()
+        }
+        .into()
    }
 }

--- a/crates/uv-configuration/src/preview.rs
+++ b/crates/uv-configuration/src/preview.rs
@ -1,250 +1,37 @@
-use std::{
-    fmt::{Display, Formatter},
-    str::FromStr,
-};
-
-use thiserror::Error;
-use uv_warnings::warn_user_once;
-
-bitflags::bitflags! {
-    #[derive(Debug, Clone, Copy, PartialEq, Eq, Default)]
-    pub struct PreviewFeatures: u32 {
-        const PYTHON_INSTALL_DEFAULT = 1 << 0;
-        const PYTHON_UPGRADE = 1 << 1;
-        const JSON_OUTPUT = 1 << 2;
-        const PYLOCK = 1 << 3;
-        const ADD_BOUNDS = 1 << 4;
-        const EXTRA_BUILD_DEPENDENCIES = 1 << 5;
-    }
-}
-
-impl PreviewFeatures {
-    /// Returns the string representation of a single preview feature flag.
-    ///
-    /// Panics if given a combination of flags.
-    fn flag_as_str(self) -> &'static str {
-        match self {
-            Self::PYTHON_INSTALL_DEFAULT => "python-install-default",
-            Self::PYTHON_UPGRADE => "python-upgrade",
-            Self::JSON_OUTPUT => "json-output",
-            Self::PYLOCK => "pylock",
-            Self::ADD_BOUNDS => "add-bounds",
-            Self::EXTRA_BUILD_DEPENDENCIES => "extra-build-dependencies",
-            _ => panic!("`flag_as_str` can only be used for exactly one feature flag"),
-        }
-    }
-}
-
-impl Display for PreviewFeatures {
-    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
-        if self.is_empty() {
-            write!(f, "none")
-        } else {
-            let features: Vec<&str> = self.iter().map(PreviewFeatures::flag_as_str).collect();
-            write!(f, "{}", features.join(","))
-        }
-    }
-}
-
-#[derive(Debug, Error, Clone)]
-pub enum PreviewFeaturesParseError {
-    #[error("Empty string in preview features: {0}")]
-    Empty(String),
-}
-
-impl FromStr for PreviewFeatures {
-    type Err = PreviewFeaturesParseError;
-
-    fn from_str(s: &str) -> Result<Self, Self::Err> {
-        let mut flags = PreviewFeatures::empty();
-
-        for part in s.split(',') {
-            let part = part.trim();
-            if part.is_empty() {
-                return Err(PreviewFeaturesParseError::Empty(
-                    "Empty string in preview features".to_string(),
-                ));
-            }
-
-            let flag = match part {
-                "python-install-default" => Self::PYTHON_INSTALL_DEFAULT,
-                "python-upgrade" => Self::PYTHON_UPGRADE,
-                "json-output" => Self::JSON_OUTPUT,
-                "pylock" => Self::PYLOCK,
-                "add-bounds" => Self::ADD_BOUNDS,
-                "extra-build-dependencies" => Self::EXTRA_BUILD_DEPENDENCIES,
-                _ => {
-                    warn_user_once!("Unknown preview feature: `{part}`");
-                    continue;
-                }
-            };
-
-            flags |= flag;
-        }
-
-        Ok(flags)
-    }
-}
+use std::fmt::{Display, Formatter};

 #[derive(Debug, Clone, Copy, PartialEq, Eq, Default)]
-pub struct Preview {
-    flags: PreviewFeatures,
+pub enum PreviewMode {
+    #[default]
+    Disabled,
+    Enabled,
 }

-impl Preview {
-    pub fn new(flags: PreviewFeatures) -> Self {
-        Self { flags }
+impl PreviewMode {
+    pub fn is_enabled(&self) -> bool {
+        matches!(self, Self::Enabled)
    }

-    pub fn all() -> Self {
-        Self::new(PreviewFeatures::all())
-    }
-
-    pub fn from_args(
-        preview: bool,
-        no_preview: bool,
-        preview_features: &[PreviewFeatures],
-    ) -> Self {
-        if no_preview {
-            return Self::default();
-        }
-
-        if preview {
-            return Self::all();
-        }
-
-        let mut flags = PreviewFeatures::empty();
-
-        for features in preview_features {
-            flags |= *features;
-        }
-
-        Self { flags }
-    }
-
-    pub fn is_enabled(&self, flag: PreviewFeatures) -> bool {
-        self.flags.contains(flag)
+    pub fn is_disabled(&self) -> bool {
+        matches!(self, Self::Disabled)
    }
 }

-impl Display for Preview {
-    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
-        if self.flags.is_empty() {
-            write!(f, "disabled")
-        } else if self.flags == PreviewFeatures::all() {
-            write!(f, "enabled")
+impl From<bool> for PreviewMode {
+    fn from(version: bool) -> Self {
+        if version {
+            PreviewMode::Enabled
        } else {
-            write!(f, "{}", self.flags)
+            PreviewMode::Disabled
        }
    }
 }

-#[cfg(test)]
-mod tests {
-    use super::*;
-
-    #[test]
-    fn test_preview_features_from_str() {
-        // Test single feature
-        let features = PreviewFeatures::from_str("python-install-default").unwrap();
-        assert_eq!(features, PreviewFeatures::PYTHON_INSTALL_DEFAULT);
-
-        // Test multiple features
-        let features = PreviewFeatures::from_str("python-upgrade,json-output").unwrap();
-        assert!(features.contains(PreviewFeatures::PYTHON_UPGRADE));
-        assert!(features.contains(PreviewFeatures::JSON_OUTPUT));
-        assert!(!features.contains(PreviewFeatures::PYLOCK));
-
-        // Test with whitespace
-        let features = PreviewFeatures::from_str("pylock , add-bounds").unwrap();
-        assert!(features.contains(PreviewFeatures::PYLOCK));
-        assert!(features.contains(PreviewFeatures::ADD_BOUNDS));
-
-        // Test empty string error
-        assert!(PreviewFeatures::from_str("").is_err());
-        assert!(PreviewFeatures::from_str("pylock,").is_err());
-        assert!(PreviewFeatures::from_str(",pylock").is_err());
-
-        // Test unknown feature (should be ignored with warning)
-        let features = PreviewFeatures::from_str("unknown-feature,pylock").unwrap();
-        assert!(features.contains(PreviewFeatures::PYLOCK));
-        assert_eq!(features.bits().count_ones(), 1);
+impl Display for PreviewMode {
+    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
+        match self {
+            Self::Disabled => write!(f, "disabled"),
+            Self::Enabled => write!(f, "enabled"),
        }
-
-    #[test]
-    fn test_preview_features_display() {
-        // Test empty
-        let features = PreviewFeatures::empty();
-        assert_eq!(features.to_string(), "none");
-
-        // Test single feature
-        let features = PreviewFeatures::PYTHON_INSTALL_DEFAULT;
-        assert_eq!(features.to_string(), "python-install-default");
-
-        // Test multiple features
-        let features = PreviewFeatures::PYTHON_UPGRADE | PreviewFeatures::JSON_OUTPUT;
-        assert_eq!(features.to_string(), "python-upgrade,json-output");
-    }
-
-    #[test]
-    fn test_preview_display() {
-        // Test disabled
-        let preview = Preview::default();
-        assert_eq!(preview.to_string(), "disabled");
-
-        // Test enabled (all features)
-        let preview = Preview::all();
-        assert_eq!(preview.to_string(), "enabled");
-
-        // Test specific features
-        let preview = Preview::new(PreviewFeatures::PYTHON_UPGRADE | PreviewFeatures::PYLOCK);
-        assert_eq!(preview.to_string(), "python-upgrade,pylock");
-    }
-
-    #[test]
-    fn test_preview_from_args() {
-        // Test no_preview
-        let preview = Preview::from_args(true, true, &[]);
-        assert_eq!(preview.to_string(), "disabled");
-
-        // Test preview (all features)
-        let preview = Preview::from_args(true, false, &[]);
-        assert_eq!(preview.to_string(), "enabled");
-
-        // Test specific features
-        let features = vec![
-            PreviewFeatures::PYTHON_UPGRADE,
-            PreviewFeatures::JSON_OUTPUT,
-        ];
-        let preview = Preview::from_args(false, false, &features);
-        assert!(preview.is_enabled(PreviewFeatures::PYTHON_UPGRADE));
-        assert!(preview.is_enabled(PreviewFeatures::JSON_OUTPUT));
-        assert!(!preview.is_enabled(PreviewFeatures::PYLOCK));
-    }
-
-    #[test]
-    fn test_as_str_single_flags() {
-        assert_eq!(
-            PreviewFeatures::PYTHON_INSTALL_DEFAULT.flag_as_str(),
-            "python-install-default"
-        );
-        assert_eq!(
-            PreviewFeatures::PYTHON_UPGRADE.flag_as_str(),
-            "python-upgrade"
-        );
-        assert_eq!(PreviewFeatures::JSON_OUTPUT.flag_as_str(), "json-output");
-        assert_eq!(PreviewFeatures::PYLOCK.flag_as_str(), "pylock");
-        assert_eq!(PreviewFeatures::ADD_BOUNDS.flag_as_str(), "add-bounds");
-        assert_eq!(
-            PreviewFeatures::EXTRA_BUILD_DEPENDENCIES.flag_as_str(),
-            "extra-build-dependencies"
-        );
-    }
-
-    #[test]
-    #[should_panic(expected = "`flag_as_str` can only be used for exactly one feature flag")]
-    fn test_as_str_multiple_flags_panics() {
-        let features = PreviewFeatures::PYTHON_UPGRADE | PreviewFeatures::JSON_OUTPUT;
-        let _ = features.flag_as_str();
    }
 }
--- a/crates/uv-configuration/src/project_build_backend.rs
+++ b/crates/uv-configuration/src/project_build_backend.rs
@ -4,7 +4,11 @@
 #[cfg_attr(feature = "clap", derive(clap::ValueEnum))]
 #[cfg_attr(feature = "schemars", derive(schemars::JsonSchema))]
 pub enum ProjectBuildBackend {
-    #[cfg_attr(feature = "clap", value(alias = "uv-build", alias = "uv_build"))]
+    #[cfg_attr(
+        feature = "clap",
+        value(alias = "uv-build", alias = "uv_build", hide = true)
+    )]
+    #[cfg_attr(feature = "schemars", schemars(skip))]
    /// Use uv as the project build backend.
    Uv,
    #[serde(alias = "hatchling")]
--- a/crates/uv-configuration/src/required_version.rs
+++ b/crates/uv-configuration/src/required_version.rs
@ -1,6 +1,5 @@
-#[cfg(feature = "schemars")]
-use std::borrow::Cow;
-use std::{fmt::Formatter, str::FromStr};
+use std::fmt::Formatter;
+use std::str::FromStr;

 use uv_pep440::{Version, VersionSpecifier, VersionSpecifiers, VersionSpecifiersParseError};

@ -37,15 +36,20 @@ impl FromStr for RequiredVersion {

 #[cfg(feature = "schemars")]
 impl schemars::JsonSchema for RequiredVersion {
-    fn schema_name() -> Cow<'static, str> {
-        Cow::Borrowed("RequiredVersion")
+    fn schema_name() -> String {
+        String::from("RequiredVersion")
    }

-    fn json_schema(_generator: &mut schemars::generate::SchemaGenerator) -> schemars::Schema {
-        schemars::json_schema!({
-            "type": "string",
-            "description": "A version specifier, e.g. `>=0.5.0` or `==0.5.0`."
-        })
+    fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
+        schemars::schema::SchemaObject {
+            instance_type: Some(schemars::schema::InstanceType::String.into()),
+            metadata: Some(Box::new(schemars::schema::Metadata {
+                description: Some("A version specifier, e.g. `>=0.5.0` or `==0.5.0`.".to_string()),
+                ..schemars::schema::Metadata::default()
+            })),
+            ..schemars::schema::SchemaObject::default()
+        }
+        .into()
    }
 }

--- a/crates/uv-configuration/src/sources.rs
+++ b/crates/uv-configuration/src/sources.rs
@ -1,6 +1,4 @@
-#[derive(
-    Debug, Default, Clone, Copy, PartialEq, Eq, Hash, serde::Serialize, serde::Deserialize,
-)]
+#[derive(Debug, Default, Clone, Copy, PartialEq, Eq, serde::Serialize, serde::Deserialize)]
 #[serde(rename_all = "kebab-case", deny_unknown_fields)]
 pub enum SourceStrategy {
    /// Use `tool.uv.sources` when resolving dependencies.
--- a/crates/uv-configuration/src/target_triple.rs
+++ b/crates/uv-configuration/src/target_triple.rs
@ -33,7 +33,7 @@ pub enum TargetTriple {
    #[serde(rename = "i686-pc-windows-msvc")]
    I686PcWindowsMsvc,

-    /// An x86 Linux target. Equivalent to `x86_64-manylinux_2_28`.
+    /// An x86 Linux target. Equivalent to `x86_64-manylinux_2_17`.
    #[cfg_attr(feature = "clap", value(name = "x86_64-unknown-linux-gnu"))]
    #[serde(rename = "x86_64-unknown-linux-gnu")]
    #[serde(alias = "x8664-unknown-linux-gnu")]
@ -56,7 +56,7 @@ pub enum TargetTriple {
    #[serde(alias = "x8664-apple-darwin")]
    X8664AppleDarwin,

-    /// An ARM64 Linux target. Equivalent to `aarch64-manylinux_2_28`.
+    /// An ARM64 Linux target. Equivalent to `aarch64-manylinux_2_17`.
    #[cfg_attr(feature = "clap", value(name = "aarch64-unknown-linux-gnu"))]
    #[serde(rename = "aarch64-unknown-linux-gnu")]
    Aarch64UnknownLinuxGnu,
@ -226,10 +226,6 @@ pub enum TargetTriple {
    #[serde(rename = "aarch64-manylinux_2_40")]
    #[serde(alias = "aarch64-manylinux240")]
    Aarch64Manylinux240,
-
-    /// A wasm32 target using the Pyodide 2024 platform. Meant for use with Python 3.12.
-    #[cfg_attr(feature = "clap", value(name = "wasm32-pyodide2024"))]
-    Wasm32Pyodide2024,
 }

 impl TargetTriple {
@ -240,7 +236,7 @@ impl TargetTriple {
            Self::Linux | Self::X8664UnknownLinuxGnu => Platform::new(
                Os::Manylinux {
                    major: 2,
-                    minor: 28,
+                    minor: 17,
                },
                Arch::X86_64,
            ),
@ -262,7 +258,7 @@ impl TargetTriple {
            Self::Aarch64UnknownLinuxGnu => Platform::new(
                Os::Manylinux {
                    major: 2,
-                    minor: 28,
+                    minor: 17,
                },
                Arch::Aarch64,
            ),
@ -454,13 +450,6 @@ impl TargetTriple {
                },
                Arch::Aarch64,
            ),
-            Self::Wasm32Pyodide2024 => Platform::new(
-                Os::Pyodide {
-                    major: 2024,
-                    minor: 0,
-                },
-                Arch::Wasm32,
-            ),
        }
    }

@ -501,7 +490,6 @@ impl TargetTriple {
            Self::Aarch64Manylinux238 => "aarch64",
            Self::Aarch64Manylinux239 => "aarch64",
            Self::Aarch64Manylinux240 => "aarch64",
-            Self::Wasm32Pyodide2024 => "wasm32",
        }
    }

@ -542,7 +530,6 @@ impl TargetTriple {
            Self::Aarch64Manylinux238 => "Linux",
            Self::Aarch64Manylinux239 => "Linux",
            Self::Aarch64Manylinux240 => "Linux",
-            Self::Wasm32Pyodide2024 => "Emscripten",
        }
    }

@ -583,10 +570,6 @@ impl TargetTriple {
            Self::Aarch64Manylinux238 => "",
            Self::Aarch64Manylinux239 => "",
            Self::Aarch64Manylinux240 => "",
-            // This is the value Emscripten gives for its version:
-            // https://github.com/emscripten-core/emscripten/blob/4.0.8/system/lib/libc/emscripten_syscall_stubs.c#L63
-            // It doesn't really seem to mean anything? But for completeness we include it here.
-            Self::Wasm32Pyodide2024 => "#1",
        }
    }

@ -627,9 +610,6 @@ impl TargetTriple {
            Self::Aarch64Manylinux238 => "",
            Self::Aarch64Manylinux239 => "",
            Self::Aarch64Manylinux240 => "",
-            // This is the Emscripten compiler version for Pyodide 2024.
-            // See https://pyodide.org/en/stable/development/abi.html#pyodide-2024-0
-            Self::Wasm32Pyodide2024 => "3.1.58",
        }
    }

@ -670,7 +650,6 @@ impl TargetTriple {
            Self::Aarch64Manylinux238 => "posix",
            Self::Aarch64Manylinux239 => "posix",
            Self::Aarch64Manylinux240 => "posix",
-            Self::Wasm32Pyodide2024 => "posix",
        }
    }

@ -711,7 +690,6 @@ impl TargetTriple {
            Self::Aarch64Manylinux238 => "linux",
            Self::Aarch64Manylinux239 => "linux",
            Self::Aarch64Manylinux240 => "linux",
-            Self::Wasm32Pyodide2024 => "emscripten",
        }
    }

@ -752,7 +730,6 @@ impl TargetTriple {
            Self::Aarch64Manylinux238 => true,
            Self::Aarch64Manylinux239 => true,
            Self::Aarch64Manylinux240 => true,
-            Self::Wasm32Pyodide2024 => false,
        }
    }

--- a/crates/uv-configuration/src/threading.rs
+++ b/crates/uv-configuration/src/threading.rs
@ -62,7 +62,7 @@ pub static RAYON_PARALLELISM: AtomicUsize = AtomicUsize::new(0);
 /// `LazyLock::force(&RAYON_INITIALIZE)`.
 pub static RAYON_INITIALIZE: LazyLock<()> = LazyLock::new(|| {
    rayon::ThreadPoolBuilder::new()
-        .num_threads(RAYON_PARALLELISM.load(Ordering::Relaxed))
+        .num_threads(RAYON_PARALLELISM.load(Ordering::SeqCst))
        .stack_size(min_stack_size())
        .build_global()
        .expect("failed to initialize global rayon pool");
--- a/crates/uv-configuration/src/trusted_host.rs
+++ b/crates/uv-configuration/src/trusted_host.rs
@ -1,6 +1,4 @@
 use serde::{Deserialize, Deserializer};
-#[cfg(feature = "schemars")]
-use std::borrow::Cow;
 use std::str::FromStr;
 use url::Url;

@ -145,15 +143,20 @@ impl std::fmt::Display for TrustedHost {

 #[cfg(feature = "schemars")]
 impl schemars::JsonSchema for TrustedHost {
-    fn schema_name() -> Cow<'static, str> {
-        Cow::Borrowed("TrustedHost")
+    fn schema_name() -> String {
+        "TrustedHost".to_string()
    }

-    fn json_schema(_generator: &mut schemars::generate::SchemaGenerator) -> schemars::Schema {
-        schemars::json_schema!({
-            "type": "string",
-            "description": "A host or host-port pair."
-        })
+    fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
+        schemars::schema::SchemaObject {
+            instance_type: Some(schemars::schema::InstanceType::String.into()),
+            metadata: Some(Box::new(schemars::schema::Metadata {
+                description: Some("A host or host-port pair.".to_string()),
+                ..schemars::schema::Metadata::default()
+            })),
+            ..schemars::schema::SchemaObject::default()
+        }
+        .into()
    }
 }

--- a/crates/uv-console/Cargo.toml
+++ b/crates/uv-console/Cargo.toml
@ -1,14 +1,8 @@
 [package]
 name = "uv-console"
 version = "0.0.1"
-description = "Utilities for interacting with the terminal"
 edition = { workspace = true }
-rust-version = { workspace = true }
-homepage = { workspace = true }
-documentation = { workspace = true }
-repository = { workspace = true }
-authors = { workspace = true }
-license = { workspace = true }
+description = "Utilities for interacting with the terminal"

 [lib]
 doctest = false
--- a/crates/uv-console/src/lib.rs
+++ b/crates/uv-console/src/lib.rs
@ -6,25 +6,6 @@ use std::{cmp::Ordering, iter};
 /// This is a slimmed-down version of `dialoguer::Confirm`, with the post-confirmation report
 /// enabled.
 pub fn confirm(message: &str, term: &Term, default: bool) -> std::io::Result<bool> {
-    confirm_inner(message, None, term, default)
-}
-
-/// Prompt the user for confirmation in the given [`Term`], with a hint.
-pub fn confirm_with_hint(
-    message: &str,
-    hint: &str,
-    term: &Term,
-    default: bool,
-) -> std::io::Result<bool> {
-    confirm_inner(message, Some(hint), term, default)
-}
-
-fn confirm_inner(
-    message: &str,
-    hint: Option<&str>,
-    term: &Term,
-    default: bool,
-) -> std::io::Result<bool> {
    let prompt = format!(
        "{} {} {} {} {}",
        style("?".to_string()).for_stderr().yellow(),
@ -37,13 +18,6 @@ fn confirm_inner(
    );

    term.write_str(&prompt)?;
-    if let Some(hint) = hint {
-        term.write_str(&format!(
-            "\n\n{}{} {hint}",
-            style("hint").for_stderr().bold().cyan(),
-            style(":").for_stderr().bold()
-        ))?;
-    }
    term.hide_cursor()?;
    term.flush()?;

@ -82,14 +56,7 @@ fn confirm_inner(
            .cyan(),
    );

-    if hint.is_some() {
-        term.clear_last_lines(2)?;
-        // It's not clear why we need to clear to the end of the screen here, but it fixes lingering
-        // display of the hint on `bash` (the issue did not reproduce on `zsh`).
-        term.clear_to_end_of_screen()?;
-    } else {
    term.clear_line()?;
-    }
    term.write_line(&report)?;
    term.show_cursor()?;
    term.flush()?;
--- a/crates/uv-dev/src/compile.rs
+++ b/crates/uv-dev/src/compile.rs
@ -4,7 +4,7 @@ use clap::Parser;
 use tracing::info;

 use uv_cache::{Cache, CacheArgs};
-use uv_configuration::{Concurrency, Preview};
+use uv_configuration::Concurrency;
 use uv_python::{EnvironmentPreference, PythonEnvironment, PythonRequest};

 #[derive(Parser)]
@ -26,7 +26,6 @@ pub(crate) async fn compile(args: CompileArgs) -> anyhow::Result<()> {
            &PythonRequest::default(),
            EnvironmentPreference::OnlyVirtual,
            &cache,
-            Preview::default(),
        )?
        .into_interpreter();
        interpreter.sys_executable().to_path_buf()
--- a/crates/uv-dev/src/generate_env_vars_reference.rs
+++ b/crates/uv-dev/src/generate_env_vars_reference.rs
@ -21,7 +21,7 @@ pub(crate) fn main(args: &Args) -> anyhow::Result<()> {
    let filename = "environment.md";
    let reference_path = PathBuf::from(ROOT_DIR)
        .join("docs")
-        .join("reference")
+        .join("configuration")
        .join(filename);

    match args.mode {
--- a/crates/uv-dev/src/generate_json_schema.rs
+++ b/crates/uv-dev/src/generate_json_schema.rs
@ -3,7 +3,7 @@ use std::path::PathBuf;
 use anstream::println;
 use anyhow::{Result, bail};
 use pretty_assertions::StrComparison;
-use schemars::JsonSchema;
+use schemars::{JsonSchema, schema_for};
 use serde::Deserialize;

 use uv_settings::Options as SettingsOptions;
@ -91,10 +91,7 @@ const REPLACEMENTS: &[(&str, &str)] = &[

 /// Generate the JSON schema for the combined options as a string.
 fn generate() -> String {
-    let settings = schemars::generate::SchemaSettings::draft07();
-    let generator = schemars::SchemaGenerator::new(settings);
-    let schema = generator.into_root_schema_for::<CombinedOptions>();
-
+    let schema = schema_for!(CombinedOptions);
    let mut output = serde_json::to_string_pretty(&schema).unwrap();

    for (value, replacement) in REPLACEMENTS {
--- a/crates/uv-dev/src/generate_options_reference.rs
+++ b/crates/uv-dev/src/generate_options_reference.rs
@ -402,11 +402,6 @@ mod tests {

    #[test]
    fn test_generate_options_reference() -> Result<()> {
-        // Skip this test in CI to avoid redundancy with the dedicated CI job
-        if env::var_os(EnvVars::CI).is_some() {
-            return Ok(());
-        }
-
        let mode = if env::var(EnvVars::UV_UPDATE_SCHEMA).as_deref() == Ok("1") {
            Mode::Write
        } else {
--- a/crates/uv-dev/src/generate_sysconfig_mappings.rs
+++ b/crates/uv-dev/src/generate_sysconfig_mappings.rs
@ -11,7 +11,7 @@ use crate::ROOT_DIR;
 use crate::generate_all::Mode;

 /// Contains current supported targets
-const TARGETS_YML_URL: &str = "https://raw.githubusercontent.com/astral-sh/python-build-standalone/refs/tags/20250723/cpython-unix/targets.yml";
+const TARGETS_YML_URL: &str = "https://raw.githubusercontent.com/astral-sh/python-build-standalone/refs/tags/20250529/cpython-unix/targets.yml";

 #[derive(clap::Args)]
 pub(crate) struct Args {
@ -130,7 +130,7 @@ async fn generate() -> Result<String> {
    output.push_str("//! DO NOT EDIT\n");
    output.push_str("//!\n");
    output.push_str("//! Generated with `cargo run dev generate-sysconfig-metadata`\n");
-    output.push_str("//! Targets from <https://github.com/astral-sh/python-build-standalone/blob/20250723/cpython-unix/targets.yml>\n");
+    output.push_str("//! Targets from <https://github.com/astral-sh/python-build-standalone/blob/20250529/cpython-unix/targets.yml>\n");
    output.push_str("//!\n");

    // Disable clippy/fmt
--- a/crates/uv-dev/src/main.rs
+++ b/crates/uv-dev/src/main.rs
@ -6,7 +6,7 @@ use std::time::Instant;

 use anstream::eprintln;
 use owo_colors::OwoColorize;
-use tracing::{debug, trace};
+use tracing::debug;
 use tracing_durations_export::DurationsLayerBuilder;
 use tracing_durations_export::plot::PlotConfig;
 use tracing_subscriber::filter::Directive;
@ -68,7 +68,6 @@ async fn main() -> ExitCode {
    let result = run().await;
    debug!("Took {}ms", start.elapsed().as_millis());
    if let Err(err) = result {
-        trace!("Error trace: {err:?}");
        eprintln!("{}", "uv-dev failed".red().bold());
        for err in err.chain() {
            eprintln!("  {}: {}", "Caused by".red().bold(), err.to_string().trim());
--- a/crates/uv-dirs/Cargo.toml
+++ b/crates/uv-dirs/Cargo.toml
@ -24,5 +24,5 @@ fs-err = { workspace = true }
 tracing = { workspace = true }

 [dev-dependencies]
-assert_fs = { workspace = true }
+assert_fs = { version = "1.1.2" }
 indoc = { workspace = true }
--- a/crates/uv-dispatch/src/lib.rs
+++ b/crates/uv-dispatch/src/lib.rs
@ -11,18 +11,16 @@ use itertools::Itertools;
 use rustc_hash::FxHashMap;
 use thiserror::Error;
 use tracing::{debug, instrument, trace};
-
 use uv_build_backend::check_direct_build;
 use uv_build_frontend::{SourceBuild, SourceBuildContext};
 use uv_cache::Cache;
 use uv_client::RegistryClient;
 use uv_configuration::{
-    BuildKind, BuildOptions, ConfigSettings, Constraints, IndexStrategy, PackageConfigSettings,
-    Preview, Reinstall, SourceStrategy,
+    BuildKind, BuildOptions, ConfigSettings, Constraints, IndexStrategy, PreviewMode, Reinstall,
+    SourceStrategy,
 };
 use uv_configuration::{BuildOutput, Concurrency};
 use uv_distribution::DistributionDatabase;
-use uv_distribution::ExtraBuildRequires;
 use uv_distribution_filename::DistFilename;
 use uv_distribution_types::{
    CachedDist, DependencyMetadata, Identifier, IndexCapabilities, IndexLocations,
@ -37,8 +35,8 @@ use uv_resolver::{
    PythonRequirement, Resolver, ResolverEnvironment,
 };
 use uv_types::{
-    AnyErrorBuild, BuildArena, BuildContext, BuildIsolation, BuildStack, EmptyInstalledPackages,
-    HashStrategy, InFlight,
+    AnyErrorBuild, BuildContext, BuildIsolation, BuildStack, EmptyInstalledPackages, HashStrategy,
+    InFlight,
 };
 use uv_workspace::WorkspaceCache;

@ -89,19 +87,17 @@ pub struct BuildDispatch<'a> {
    shared_state: SharedState,
    dependency_metadata: &'a DependencyMetadata,
    build_isolation: BuildIsolation<'a>,
-    extra_build_requires: &'a ExtraBuildRequires,
    link_mode: uv_install_wheel::LinkMode,
    build_options: &'a BuildOptions,
    config_settings: &'a ConfigSettings,
-    config_settings_package: &'a PackageConfigSettings,
    hasher: &'a HashStrategy,
-    exclude_newer: ExcludeNewer,
+    exclude_newer: Option<ExcludeNewer>,
    source_build_context: SourceBuildContext,
    build_extra_env_vars: FxHashMap<OsString, OsString>,
    sources: SourceStrategy,
    workspace_cache: WorkspaceCache,
    concurrency: Concurrency,
-    preview: Preview,
+    preview: PreviewMode,
 }

 impl<'a> BuildDispatch<'a> {
@ -116,17 +112,15 @@ impl<'a> BuildDispatch<'a> {
        shared_state: SharedState,
        index_strategy: IndexStrategy,
        config_settings: &'a ConfigSettings,
-        config_settings_package: &'a PackageConfigSettings,
        build_isolation: BuildIsolation<'a>,
-        extra_build_requires: &'a ExtraBuildRequires,
        link_mode: uv_install_wheel::LinkMode,
        build_options: &'a BuildOptions,
        hasher: &'a HashStrategy,
-        exclude_newer: ExcludeNewer,
+        exclude_newer: Option<ExcludeNewer>,
        sources: SourceStrategy,
        workspace_cache: WorkspaceCache,
        concurrency: Concurrency,
-        preview: Preview,
+        preview: PreviewMode,
    ) -> Self {
        Self {
            client,
@ -139,9 +133,7 @@ impl<'a> BuildDispatch<'a> {
            dependency_metadata,
            index_strategy,
            config_settings,
-            config_settings_package,
            build_isolation,
-            extra_build_requires,
            link_mode,
            build_options,
            hasher,
@ -175,7 +167,7 @@ impl<'a> BuildDispatch<'a> {
 impl BuildContext for BuildDispatch<'_> {
    type SourceDistBuilder = SourceBuild;

-    async fn interpreter(&self) -> &Interpreter {
+    fn interpreter(&self) -> &Interpreter {
        self.interpreter
    }

@ -187,10 +179,6 @@ impl BuildContext for BuildDispatch<'_> {
        &self.shared_state.git
    }

-    fn build_arena(&self) -> &BuildArena<SourceBuild> {
-        &self.shared_state.build_arena
-    }
-
    fn capabilities(&self) -> &IndexCapabilities {
        &self.shared_state.capabilities
    }
@ -207,10 +195,6 @@ impl BuildContext for BuildDispatch<'_> {
        self.config_settings
    }

-    fn config_settings_package(&self) -> &PackageConfigSettings {
-        self.config_settings_package
-    }
-
    fn sources(&self) -> SourceStrategy {
        self.sources
    }
@ -223,10 +207,6 @@ impl BuildContext for BuildDispatch<'_> {
        &self.workspace_cache
    }

-    fn extra_build_dependencies(&self) -> &uv_workspace::pyproject::ExtraBuildDependencies {
-        &self.extra_build_requires.extra_build_dependencies
-    }
-
    async fn resolve<'data>(
        &'data self,
        requirements: &'data [Requirement],
@ -239,14 +219,13 @@ impl BuildContext for BuildDispatch<'_> {
        let resolver = Resolver::new(
            Manifest::simple(requirements.to_vec()).with_constraints(self.constraints.clone()),
            OptionsBuilder::new()
-                .exclude_newer(self.exclude_newer.clone())
+                .exclude_newer(self.exclude_newer)
                .index_strategy(self.index_strategy)
                .build_options(self.build_options.clone())
                .flexibility(Flexibility::Fixed)
                .build(),
            &python_requirement,
            ResolverEnvironment::specific(marker_env),
-            self.interpreter.markers(),
            // Conflicting groups only make sense when doing universal resolution.
            Conflicts::empty(),
            Some(tags),
@ -310,8 +289,6 @@ impl BuildContext for BuildDispatch<'_> {
            self.hasher,
            self.index_locations,
            self.config_settings,
-            self.config_settings_package,
-            self.extra_build_dependencies(),
            self.cache(),
            venv,
            tags,
@ -435,17 +412,6 @@ impl BuildContext for BuildDispatch<'_> {
            build_stack.insert(dist.distribution_id());
        }

-        // Get package-specific config settings if available; otherwise, use global settings.
-        let config_settings = if let Some(name) = dist_name {
-            if let Some(package_settings) = self.config_settings_package.get(name) {
-                package_settings.clone().merge(self.config_settings.clone())
-            } else {
-                self.config_settings.clone()
-            }
-        } else {
-            self.config_settings.clone()
-        };
-
        let builder = SourceBuild::setup(
            source,
            subdirectory,
@ -459,15 +425,13 @@ impl BuildContext for BuildDispatch<'_> {
            self.index_locations,
            sources,
            self.workspace_cache(),
-            config_settings,
+            self.config_settings.clone(),
            self.build_isolation,
-            self.extra_build_dependencies(),
            &build_stack,
            build_kind,
            self.build_extra_env_vars.clone(),
            build_output,
            self.concurrency.builds,
-            self.preview,
        )
        .boxed_local()
        .await?;
@ -482,6 +446,12 @@ impl BuildContext for BuildDispatch<'_> {
        build_kind: BuildKind,
        version_id: Option<&'data str>,
    ) -> Result<Option<DistFilename>, BuildDispatchError> {
+        // Direct builds are a preview feature with the uv build backend.
+        if self.preview.is_disabled() {
+            trace!("Preview is disabled, not checking for direct build");
+            return Ok(None);
+        }
+
        let source_tree = if let Some(subdir) = subdirectory {
            source.join(subdir)
        } else {
@ -549,8 +519,6 @@ pub struct SharedState {
    index: InMemoryIndex,
    /// The downloaded distributions.
    in_flight: InFlight,
-    /// Build directories for any PEP 517 builds executed during resolution or installation.
-    build_arena: BuildArena<SourceBuild>,
 }

 impl SharedState {
@ -563,7 +531,6 @@ impl SharedState {
        Self {
            git: self.git.clone(),
            capabilities: self.capabilities.clone(),
-            build_arena: self.build_arena.clone(),
            ..Default::default()
        }
    }
@ -587,9 +554,4 @@ impl SharedState {
    pub fn capabilities(&self) -> &IndexCapabilities {
        &self.capabilities
    }
-
-    /// Return the [`BuildArena`] used by the [`SharedState`].
-    pub fn build_arena(&self) -> &BuildArena<SourceBuild> {
-        &self.build_arena
-    }
 }
--- a/crates/uv-distribution-filename/Cargo.toml
+++ b/crates/uv-distribution-filename/Cargo.toml
@ -27,6 +27,7 @@ rkyv = { workspace = true, features = ["smallvec-1"] }
 serde = { workspace = true }
 smallvec = { workspace = true }
 thiserror = { workspace = true }
+url = { workspace = true }

 [dev-dependencies]
-insta = { workspace = true }
+insta = { version = "1.40.0" }
--- a/crates/uv-distribution-filename/src/wheel.rs
+++ b/crates/uv-distribution-filename/src/wheel.rs
@ -5,6 +5,7 @@ use std::str::FromStr;
 use memchr::memchr;
 use serde::{Deserialize, Deserializer, Serialize, Serializer, de};
 use thiserror::Error;
+use url::Url;

 use uv_cache_key::cache_digest;
 use uv_normalize::{InvalidNameError, PackageName};
@ -299,6 +300,29 @@ impl WheelFilename {
    }
 }

+impl TryFrom<&Url> for WheelFilename {
+    type Error = WheelFilenameError;
+
+    fn try_from(url: &Url) -> Result<Self, Self::Error> {
+        let filename = url
+            .path_segments()
+            .ok_or_else(|| {
+                WheelFilenameError::InvalidWheelFileName(
+                    url.to_string(),
+                    "URL must have a path".to_string(),
+                )
+            })?
+            .next_back()
+            .ok_or_else(|| {
+                WheelFilenameError::InvalidWheelFileName(
+                    url.to_string(),
+                    "URL must contain a filename".to_string(),
+                )
+            })?;
+        Self::from_str(filename)
+    }
+}
+
 impl<'de> Deserialize<'de> for WheelFilename {
    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
    where
--- a/crates/uv-distribution-types/Cargo.toml
+++ b/crates/uv-distribution-types/Cargo.toml
@ -29,7 +29,6 @@ uv-platform-tags = { workspace = true }
 uv-pypi-types = { workspace = true }
 uv-redacted = { workspace = true }
 uv-small-str = { workspace = true }
-uv-warnings = { workspace = true }

 arcstr = { workspace = true }
 bitflags = { workspace = true }
--- a/crates/uv-distribution-types/src/annotation.rs
+++ b/crates/uv-distribution-types/src/annotation.rs
@ -26,11 +26,7 @@ impl std::fmt::Display for SourceAnnotation {
                    write!(f, "{project_name} ({})", path.portable_display())
                }
                RequirementOrigin::Group(path, project_name, group) => {
-                    if let Some(project_name) = project_name {
                    write!(f, "{project_name} ({}:{group})", path.portable_display())
-                    } else {
-                        write!(f, "({}:{group})", path.portable_display())
-                    }
                }
                RequirementOrigin::Workspace => {
                    write!(f, "(workspace)")
@ -49,15 +45,11 @@ impl std::fmt::Display for SourceAnnotation {
                }
                RequirementOrigin::Group(path, project_name, group) => {
                    // Group is not used for override
-                    if let Some(project_name) = project_name {
                    write!(
                        f,
                        "--override {project_name} ({}:{group})",
                        path.portable_display()
                    )
-                    } else {
-                        write!(f, "--override ({}:{group})", path.portable_display())
-                    }
                }
                RequirementOrigin::Workspace => {
                    write!(f, "--override (workspace)")
--- a/crates/uv-distribution-types/src/buildable.rs
+++ b/crates/uv-distribution-types/src/buildable.rs
@ -124,10 +124,7 @@ impl SourceUrl<'_> {
    pub fn is_editable(&self) -> bool {
        matches!(
            self,
-            Self::Directory(DirectorySourceUrl {
-                editable: Some(true),
-                ..
-            })
+            Self::Directory(DirectorySourceUrl { editable: true, .. })
        )
    }

@ -213,7 +210,7 @@ impl<'a> From<&'a PathSourceDist> for PathSourceUrl<'a> {
 pub struct DirectorySourceUrl<'a> {
    pub url: &'a DisplaySafeUrl,
    pub install_path: Cow<'a, Path>,
-    pub editable: Option<bool>,
+    pub editable: bool,
 }

 impl std::fmt::Display for DirectorySourceUrl<'_> {
--- a/crates/uv-distribution-types/src/dependency_metadata.rs
+++ b/crates/uv-distribution-types/src/dependency_metadata.rs
@ -30,20 +30,21 @@ impl DependencyMetadata {

        if let Some(version) = version {
            // If a specific version was requested, search for an exact match, then a global match.
-            let metadata = if let Some(metadata) = versions
+            let metadata = versions
                .iter()
-                .find(|entry| entry.version.as_ref() == Some(version))
-            {
+                .find(|v| v.version.as_ref() == Some(version))
+                .inspect(|_| {
                    debug!("Found dependency metadata entry for `{package}=={version}`");
-                metadata
-            } else if let Some(metadata) = versions.iter().find(|entry| entry.version.is_none()) {
+                })
+                .or_else(|| versions.iter().find(|v| v.version.is_none()))
+                .inspect(|_| {
                    debug!("Found global metadata entry for `{package}`");
-                metadata
-            } else {
+                });
+            let Some(metadata) = metadata else {
                warn!("No dependency metadata entry found for `{package}=={version}`");
                return None;
            };
-
+            debug!("Found dependency metadata entry for `{package}=={version}`");
            Some(ResolutionMetadata {
                name: metadata.name.clone(),
                version: version.clone(),
@ -64,7 +65,6 @@ impl DependencyMetadata {
                return None;
            };
            debug!("Found dependency metadata entry for `{package}` (assuming: `{version}`)");
-
            Some(ResolutionMetadata {
                name: metadata.name.clone(),
                version,
@ -86,7 +86,7 @@ impl DependencyMetadata {
 /// <https://packaging.python.org/specifications/core-metadata/>.
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq, PartialOrd, Ord)]
 #[cfg_attr(feature = "schemars", derive(schemars::JsonSchema))]
-#[serde(rename_all = "kebab-case", deny_unknown_fields)]
+#[serde(rename_all = "kebab-case")]
 pub struct StaticMetadata {
    // Mandatory fields
    pub name: PackageName,
--- a/crates/uv-distribution-types/src/dist_error.rs
+++ b/crates/uv-distribution-types/src/dist_error.rs
@ -131,11 +131,11 @@ impl DerivationChain {
                        ));
                        let target = edge.source();
                        let extra = match edge.weight() {
-                            Edge::Optional(extra) => Some(extra.clone()),
+                            Edge::Optional(extra, ..) => Some(extra.clone()),
                            _ => None,
                        };
                        let group = match edge.weight() {
-                            Edge::Dev(group) => Some(group.clone()),
+                            Edge::Dev(group, ..) => Some(group.clone()),
                            _ => None,
                        };
                        queue.push_back((target, extra, group, path));
--- a/crates/uv-distribution-types/src/file.rs
+++ b/crates/uv-distribution-types/src/file.rs
@ -1,4 +1,3 @@
-use std::borrow::Cow;
 use std::fmt::{self, Display, Formatter};
 use std::str::FromStr;

@ -57,7 +56,10 @@ impl File {
                .map_err(|err| FileConversionError::RequiresPython(err.line().clone(), err))?,
            size: file.size,
            upload_time_utc_ms: file.upload_time.map(Timestamp::as_millisecond),
-            url: FileLocation::new(file.url, base),
+            url: match split_scheme(&file.url) {
+                Some(..) => FileLocation::AbsoluteUrl(UrlString::new(file.url)),
+                None => FileLocation::RelativeUrl(base.clone(), file.url),
+            },
            yanked: file.yanked,
        })
    }
@ -74,17 +76,6 @@ pub enum FileLocation {
 }

 impl FileLocation {
-    /// Parse a relative or absolute URL on a page with a base URL.
-    ///
-    /// This follows the HTML semantics where a link on a page is resolved relative to the URL of
-    /// that page.
-    pub fn new(url: SmallString, base: &SmallString) -> Self {
-        match split_scheme(&url) {
-            Some(..) => FileLocation::AbsoluteUrl(UrlString::new(url)),
-            None => FileLocation::RelativeUrl(base.clone(), url),
-        }
-    }
-
    /// Convert this location to a URL.
    ///
    /// A relative URL has its base joined to the path. An absolute URL is
@ -169,13 +160,16 @@ impl UrlString {
            .unwrap_or(self.as_ref())
    }

-    /// Return the [`UrlString`] (as a [`Cow`]) with any fragments removed.
+    /// Return the [`UrlString`] with any fragments removed.
    #[must_use]
-    pub fn without_fragment(&self) -> Cow<'_, Self> {
+    pub fn without_fragment(&self) -> Self {
+        Self(
            self.as_ref()
                .split_once('#')
-            .map(|(path, _)| Cow::Owned(UrlString(SmallString::from(path))))
-            .unwrap_or(Cow::Borrowed(self))
+                .map(|(path, _)| path)
+                .map(SmallString::from)
+                .unwrap_or_else(|| self.0.clone()),
+        )
    }
 }

@ -258,17 +252,16 @@ mod tests {

    #[test]
    fn without_fragment() {
-        // Borrows a URL without a fragment
-        let url = UrlString("https://example.com/path".into());
-        assert_eq!(&*url.without_fragment(), &url);
-        assert!(matches!(url.without_fragment(), Cow::Borrowed(_)));
-
-        // Removes the fragment if present on the URL
        let url = UrlString("https://example.com/path?query#fragment".into());
        assert_eq!(
-            &*url.without_fragment(),
-            &UrlString("https://example.com/path?query".into())
+            url.without_fragment(),
+            UrlString("https://example.com/path?query".into())
        );
-        assert!(matches!(url.without_fragment(), Cow::Owned(_)));
+
+        let url = UrlString("https://example.com/path#fragment".into());
+        assert_eq!(url.base_str(), "https://example.com/path");
+
+        let url = UrlString("https://example.com/path".into());
+        assert_eq!(url.base_str(), "https://example.com/path");
    }
 }
--- a/crates/uv-distribution-types/src/index.rs
+++ b/crates/uv-distribution-types/src/index.rs
@ -6,23 +6,11 @@ use thiserror::Error;

 use uv_auth::{AuthPolicy, Credentials};
 use uv_redacted::DisplaySafeUrl;
-use uv_small_str::SmallString;

 use crate::index_name::{IndexName, IndexNameError};
 use crate::origin::Origin;
 use crate::{IndexStatusCodeStrategy, IndexUrl, IndexUrlError, SerializableStatusCode};

-/// Cache control configuration for an index.
-#[derive(Debug, Clone, Hash, Eq, PartialEq, Ord, PartialOrd, Serialize, Deserialize, Default)]
-#[cfg_attr(feature = "schemars", derive(schemars::JsonSchema))]
-#[serde(rename_all = "kebab-case")]
-pub struct IndexCacheControl {
-    /// Cache control header for Simple API requests.
-    pub api: Option<SmallString>,
-    /// Cache control header for file downloads.
-    pub files: Option<SmallString>,
-}
-
 #[derive(Debug, Clone, Hash, Eq, PartialEq, Ord, PartialOrd, Serialize, Deserialize)]
 #[cfg_attr(feature = "schemars", derive(schemars::JsonSchema))]
 #[serde(rename_all = "kebab-case")]
@ -116,19 +104,6 @@ pub struct Index {
    /// ```
    #[serde(default)]
    pub ignore_error_codes: Option<Vec<SerializableStatusCode>>,
-    /// Cache control configuration for this index.
-    ///
-    /// When set, these headers will override the server's cache control headers
-    /// for both package metadata requests and artifact downloads.
-    ///
-    /// ```toml
-    /// [[tool.uv.index]]
-    /// name = "my-index"
-    /// url = "https://<omitted>/simple"
-    /// cache-control = { api = "max-age=600", files = "max-age=3600" }
-    /// ```
-    #[serde(default)]
-    pub cache_control: Option<IndexCacheControl>,
 }

 #[derive(
@ -167,7 +142,6 @@ impl Index {
            publish_url: None,
            authenticate: AuthPolicy::default(),
            ignore_error_codes: None,
-            cache_control: None,
        }
    }

@ -183,7 +157,6 @@ impl Index {
            publish_url: None,
            authenticate: AuthPolicy::default(),
            ignore_error_codes: None,
-            cache_control: None,
        }
    }

@ -199,7 +172,6 @@ impl Index {
            publish_url: None,
            authenticate: AuthPolicy::default(),
            ignore_error_codes: None,
-            cache_control: None,
        }
    }

@ -278,7 +250,6 @@ impl From<IndexUrl> for Index {
            publish_url: None,
            authenticate: AuthPolicy::default(),
            ignore_error_codes: None,
-            cache_control: None,
        }
    }
 }
@ -302,7 +273,6 @@ impl FromStr for Index {
                    publish_url: None,
                    authenticate: AuthPolicy::default(),
                    ignore_error_codes: None,
-                    cache_control: None,
                });
            }
        }
@ -319,7 +289,6 @@ impl FromStr for Index {
            publish_url: None,
            authenticate: AuthPolicy::default(),
            ignore_error_codes: None,
-            cache_control: None,
        })
    }
 }
@ -415,55 +384,3 @@ pub enum IndexSourceError {
    #[error("Index included a name, but the name was empty")]
    EmptyName,
 }
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-
-    #[test]
-    fn test_index_cache_control_headers() {
-        // Test that cache control headers are properly parsed from TOML
-        let toml_str = r#"
-            name = "test-index"
-            url = "https://test.example.com/simple"
-            cache-control = { api = "max-age=600", files = "max-age=3600" }
-        "#;
-
-        let index: Index = toml::from_str(toml_str).unwrap();
-        assert_eq!(index.name.as_ref().unwrap().as_ref(), "test-index");
-        assert!(index.cache_control.is_some());
-        let cache_control = index.cache_control.as_ref().unwrap();
-        assert_eq!(cache_control.api.as_deref(), Some("max-age=600"));
-        assert_eq!(cache_control.files.as_deref(), Some("max-age=3600"));
-    }
-
-    #[test]
-    fn test_index_without_cache_control() {
-        // Test that indexes work without cache control headers
-        let toml_str = r#"
-            name = "test-index"
-            url = "https://test.example.com/simple"
-        "#;
-
-        let index: Index = toml::from_str(toml_str).unwrap();
-        assert_eq!(index.name.as_ref().unwrap().as_ref(), "test-index");
-        assert_eq!(index.cache_control, None);
-    }
-
-    #[test]
-    fn test_index_partial_cache_control() {
-        // Test that cache control can have just one field
-        let toml_str = r#"
-            name = "test-index"
-            url = "https://test.example.com/simple"
-            cache-control = { api = "max-age=300" }
-        "#;
-
-        let index: Index = toml::from_str(toml_str).unwrap();
-        assert_eq!(index.name.as_ref().unwrap().as_ref(), "test-index");
-        assert!(index.cache_control.is_some());
-        let cache_control = index.cache_control.as_ref().unwrap();
-        assert_eq!(cache_control.api.as_deref(), Some("max-age=300"));
-        assert_eq!(cache_control.files, None);
-    }
-}
--- a/crates/uv-distribution-types/src/index_url.rs
+++ b/crates/uv-distribution-types/src/index_url.rs
@ -12,7 +12,6 @@ use url::{ParseError, Url};

 use uv_pep508::{Scheme, VerbatimUrl, VerbatimUrlError, split_scheme};
 use uv_redacted::DisplaySafeUrl;
-use uv_warnings::warn_user;

 use crate::{Index, IndexStatusCodeStrategy, Verbatim};

@ -39,8 +38,33 @@ impl IndexUrl {
    /// If no root directory is provided, relative paths are resolved against the current working
    /// directory.
    pub fn parse(path: &str, root_dir: Option<&Path>) -> Result<Self, IndexUrlError> {
-        let url = VerbatimUrl::from_url_or_path(path, root_dir)?;
-        Ok(Self::from(url))
+        let url = match split_scheme(path) {
+            Some((scheme, ..)) => {
+                match Scheme::parse(scheme) {
+                    Some(_) => {
+                        // Ex) `https://pypi.org/simple`
+                        VerbatimUrl::parse_url(path)?
+                    }
+                    None => {
+                        // Ex) `C:\Users\user\index`
+                        if let Some(root_dir) = root_dir {
+                            VerbatimUrl::from_path(path, root_dir)?
+                        } else {
+                            VerbatimUrl::from_absolute_path(std::path::absolute(path)?)?
+                        }
+                    }
+                }
+            }
+            None => {
+                // Ex) `/Users/user/index`
+                if let Some(root_dir) = root_dir {
+                    VerbatimUrl::from_path(path, root_dir)?
+                } else {
+                    VerbatimUrl::from_absolute_path(std::path::absolute(path)?)?
+                }
+            }
+        };
+        Ok(Self::from(url.with_given(path)))
    }

    /// Return the root [`Url`] of the index, if applicable.
@ -68,15 +92,20 @@ impl IndexUrl {

 #[cfg(feature = "schemars")]
 impl schemars::JsonSchema for IndexUrl {
-    fn schema_name() -> Cow<'static, str> {
-        Cow::Borrowed("IndexUrl")
+    fn schema_name() -> String {
+        "IndexUrl".to_string()
    }

-    fn json_schema(_generator: &mut schemars::generate::SchemaGenerator) -> schemars::Schema {
-        schemars::json_schema!({
-            "type": "string",
-            "description": "The URL of an index to use for fetching packages (e.g., `https://pypi.org/simple`), or a local path."
-        })
+    fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
+        schemars::schema::SchemaObject {
+            instance_type: Some(schemars::schema::InstanceType::String.into()),
+            metadata: Some(Box::new(schemars::schema::Metadata {
+                description: Some("The URL of an index to use for fetching packages (e.g., `https://pypi.org/simple`), or a local path.".to_string()),
+              ..schemars::schema::Metadata::default()
+            })),
+            ..schemars::schema::SchemaObject::default()
+        }
+        .into()
    }
 }

@ -111,30 +140,6 @@ impl IndexUrl {
            Cow::Owned(url)
        }
    }
-
-    /// Warn user if the given URL was provided as an ambiguous relative path.
-    ///
-    /// This is a temporary warning. Ambiguous values will not be
-    /// accepted in the future.
-    pub fn warn_on_disambiguated_relative_path(&self) {
-        let Self::Path(verbatim_url) = &self else {
-            return;
-        };
-
-        if let Some(path) = verbatim_url.given() {
-            if !is_disambiguated_path(path) {
-                if cfg!(windows) {
-                    warn_user!(
-                        "Relative paths passed to `--index` or `--default-index` should be disambiguated from index names (use `.\\{path}` or `./{path}`). Support for ambiguous values will be removed in the future"
-                    );
-                } else {
-                    warn_user!(
-                        "Relative paths passed to `--index` or `--default-index` should be disambiguated from index names (use `./{path}`). Support for ambiguous values will be removed in the future"
-                    );
-                }
-            }
-        }
-    }
 }

 impl Display for IndexUrl {
@ -157,28 +162,6 @@ impl Verbatim for IndexUrl {
    }
 }

-/// Checks if a path is disambiguated.
-///
-/// Disambiguated paths are absolute paths, paths with valid schemes,
-/// and paths starting with "./" or "../" on Unix or ".\\", "..\\",
-/// "./", or "../" on Windows.
-fn is_disambiguated_path(path: &str) -> bool {
-    if cfg!(windows) {
-        if path.starts_with(".\\") || path.starts_with("..\\") || path.starts_with('/') {
-            return true;
-        }
-    }
-    if path.starts_with("./") || path.starts_with("../") || Path::new(path).is_absolute() {
-        return true;
-    }
-    // Check if the path has a scheme (like `file://`)
-    if let Some((scheme, _)) = split_scheme(path) {
-        return Scheme::parse(scheme).is_some();
-    }
-    // This is an ambiguous relative path
-    false
-}
-
 /// An error that can occur when parsing an [`IndexUrl`].
 #[derive(Error, Debug)]
 pub enum IndexUrlError {
@ -203,11 +186,7 @@ impl serde::ser::Serialize for IndexUrl {
    where
        S: serde::ser::Serializer,
    {
-        match self {
-            Self::Pypi(url) => url.without_credentials().serialize(serializer),
-            Self::Url(url) => url.without_credentials().serialize(serializer),
-            Self::Path(url) => url.without_credentials().serialize(serializer),
-        }
+        self.to_string().serialize(serializer)
    }
 }

@ -400,8 +379,8 @@ impl<'a> IndexLocations {
    ///
    /// This includes explicit indexes, implicit indexes, flat indexes, and the default index.
    ///
-    /// The indexes will be returned in the reverse of the order in which they were defined, such
-    /// that the last-defined index is the first item in the vector.
+    /// The indexes will be returned in the order in which they were defined, such that the
+    /// last-defined index is the last item in the vector.
    pub fn allowed_indexes(&'a self) -> Vec<&'a Index> {
        if self.no_index {
            self.flat_index.iter().rev().collect()
@ -432,59 +411,6 @@ impl<'a> IndexLocations {
            indexes
        }
    }
-
-    /// Return a vector containing all known [`Index`] entries.
-    ///
-    /// This includes explicit indexes, implicit indexes, flat indexes, and default indexes;
-    /// in short, it includes all defined indexes, even if they're overridden by some other index
-    /// definition.
-    ///
-    /// The indexes will be returned in the reverse of the order in which they were defined, such
-    /// that the last-defined index is the first item in the vector.
-    pub fn known_indexes(&'a self) -> impl Iterator<Item = &'a Index> {
-        if self.no_index {
-            Either::Left(self.flat_index.iter().rev())
-        } else {
-            Either::Right(
-                std::iter::once(&*DEFAULT_INDEX)
-                    .chain(self.flat_index.iter().rev())
-                    .chain(self.indexes.iter().rev()),
-            )
-        }
-    }
-
-    /// Add all authenticated sources to the cache.
-    pub fn cache_index_credentials(&self) {
-        for index in self.known_indexes() {
-            if let Some(credentials) = index.credentials() {
-                let credentials = Arc::new(credentials);
-                uv_auth::store_credentials(index.raw_url(), credentials.clone());
-                if let Some(root_url) = index.root_url() {
-                    uv_auth::store_credentials(&root_url, credentials.clone());
-                }
-            }
-        }
-    }
-
-    /// Return the Simple API cache control header for an [`IndexUrl`], if configured.
-    pub fn simple_api_cache_control_for(&self, url: &IndexUrl) -> Option<&str> {
-        for index in &self.indexes {
-            if index.url() == url {
-                return index.cache_control.as_ref()?.api.as_deref();
-            }
-        }
-        None
-    }
-
-    /// Return the artifact cache control header for an [`IndexUrl`], if configured.
-    pub fn artifact_cache_control_for(&self, url: &IndexUrl) -> Option<&str> {
-        for index in &self.indexes {
-            if index.url() == url {
-                return index.cache_control.as_ref()?.files.as_deref();
-            }
-        }
-        None
-    }
 }

 impl From<&IndexLocations> for uv_auth::Indexes {
@ -585,23 +511,30 @@ impl<'a> IndexUrls {
    /// iterator.
    pub fn defined_indexes(&'a self) -> impl Iterator<Item = &'a Index> + 'a {
        if self.no_index {
-            return Either::Left(std::iter::empty());
-        }
-
+            Either::Left(std::iter::empty())
+        } else {
+            Either::Right(
+                {
                    let mut seen = FxHashSet::default();
-        let (non_default, default) = self
-            .indexes
+                    self.indexes
                        .iter()
                        .filter(move |index| {
-                if let Some(name) = &index.name {
-                    seen.insert(name)
-                } else {
-                    true
-                }
+                            index.name.as_ref().is_none_or(|name| seen.insert(name))
                        })
-            .partition::<Vec<_>, _>(|index| !index.default);
-
-        Either::Right(non_default.into_iter().chain(default))
+                        .filter(|index| !index.default)
+                }
+                .chain({
+                    let mut seen = FxHashSet::default();
+                    self.indexes
+                        .iter()
+                        .filter(move |index| {
+                            index.name.as_ref().is_none_or(|name| seen.insert(name))
+                        })
+                        .find(|index| index.default)
+                        .into_iter()
+                }),
+            )
+        }
    }

    /// Return the `--no-index` flag.
@ -618,26 +551,6 @@ impl<'a> IndexUrls {
        }
        IndexStatusCodeStrategy::Default
    }
-
-    /// Return the Simple API cache control header for an [`IndexUrl`], if configured.
-    pub fn simple_api_cache_control_for(&self, url: &IndexUrl) -> Option<&str> {
-        for index in &self.indexes {
-            if index.url() == url {
-                return index.cache_control.as_ref()?.api.as_deref();
-            }
-        }
-        None
-    }
-
-    /// Return the artifact cache control header for an [`IndexUrl`], if configured.
-    pub fn artifact_cache_control_for(&self, url: &IndexUrl) -> Option<&str> {
-        for index in &self.indexes {
-            if index.url() == url {
-                return index.cache_control.as_ref()?.files.as_deref();
-            }
-        }
-        None
-    }
 }

 bitflags::bitflags! {
@ -719,101 +632,3 @@ impl IndexCapabilities {
            .insert(Flags::FORBIDDEN);
    }
 }
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-
-    #[test]
-    fn test_index_url_parse_valid_paths() {
-        // Absolute path
-        assert!(is_disambiguated_path("/absolute/path"));
-        // Relative path
-        assert!(is_disambiguated_path("./relative/path"));
-        assert!(is_disambiguated_path("../../relative/path"));
-        if cfg!(windows) {
-            // Windows absolute path
-            assert!(is_disambiguated_path("C:/absolute/path"));
-            // Windows relative path
-            assert!(is_disambiguated_path(".\\relative\\path"));
-            assert!(is_disambiguated_path("..\\..\\relative\\path"));
-        }
-    }
-
-    #[test]
-    fn test_index_url_parse_ambiguous_paths() {
-        // Test single-segment ambiguous path
-        assert!(!is_disambiguated_path("index"));
-        // Test multi-segment ambiguous path
-        assert!(!is_disambiguated_path("relative/path"));
-    }
-
-    #[test]
-    fn test_index_url_parse_with_schemes() {
-        assert!(is_disambiguated_path("file:///absolute/path"));
-        assert!(is_disambiguated_path("https://registry.com/simple/"));
-        assert!(is_disambiguated_path(
-            "git+https://github.com/example/repo.git"
-        ));
-    }
-
-    #[test]
-    fn test_cache_control_lookup() {
-        use std::str::FromStr;
-
-        use uv_small_str::SmallString;
-
-        use crate::IndexFormat;
-        use crate::index_name::IndexName;
-
-        let indexes = vec![
-            Index {
-                name: Some(IndexName::from_str("index1").unwrap()),
-                url: IndexUrl::from_str("https://index1.example.com/simple").unwrap(),
-                cache_control: Some(crate::IndexCacheControl {
-                    api: Some(SmallString::from("max-age=300")),
-                    files: Some(SmallString::from("max-age=1800")),
-                }),
-                explicit: false,
-                default: false,
-                origin: None,
-                format: IndexFormat::Simple,
-                publish_url: None,
-                authenticate: uv_auth::AuthPolicy::default(),
-                ignore_error_codes: None,
-            },
-            Index {
-                name: Some(IndexName::from_str("index2").unwrap()),
-                url: IndexUrl::from_str("https://index2.example.com/simple").unwrap(),
-                cache_control: None,
-                explicit: false,
-                default: false,
-                origin: None,
-                format: IndexFormat::Simple,
-                publish_url: None,
-                authenticate: uv_auth::AuthPolicy::default(),
-                ignore_error_codes: None,
-            },
-        ];
-
-        let index_urls = IndexUrls::from_indexes(indexes);
-
-        let url1 = IndexUrl::from_str("https://index1.example.com/simple").unwrap();
-        assert_eq!(
-            index_urls.simple_api_cache_control_for(&url1),
-            Some("max-age=300")
-        );
-        assert_eq!(
-            index_urls.artifact_cache_control_for(&url1),
-            Some("max-age=1800")
-        );
-
-        let url2 = IndexUrl::from_str("https://index2.example.com/simple").unwrap();
-        assert_eq!(index_urls.simple_api_cache_control_for(&url2), None);
-        assert_eq!(index_urls.artifact_cache_control_for(&url2), None);
-
-        let url3 = IndexUrl::from_str("https://index3.example.com/simple").unwrap();
-        assert_eq!(index_urls.simple_api_cache_control_for(&url3), None);
-        assert_eq!(index_urls.artifact_cache_control_for(&url3), None);
-    }
-}
--- a/crates/uv-distribution-types/src/installed.rs
+++ b/crates/uv-distribution-types/src/installed.rs
@ -365,7 +365,7 @@ impl InstalledDist {
    pub fn installer(&self) -> Result<Option<String>, InstalledDistError> {
        let path = self.install_path().join("INSTALLER");
        match fs::read_to_string(path) {
-            Ok(installer) => Ok(Some(installer.trim().to_owned())),
+            Ok(installer) => Ok(Some(installer)),
            Err(err) if err.kind() == std::io::ErrorKind::NotFound => Ok(None),
            Err(err) => Err(err.into()),
        }
--- a/crates/uv-distribution-types/src/lib.rs
+++ b/crates/uv-distribution-types/src/lib.rs
@ -73,7 +73,6 @@ pub use crate::pip_index::*;
 pub use crate::prioritized_distribution::*;
 pub use crate::requested::*;
 pub use crate::requirement::*;
-pub use crate::requires_python::*;
 pub use crate::resolution::*;
 pub use crate::resolved::*;
 pub use crate::specified_requirement::*;
@ -101,7 +100,6 @@ mod pip_index;
 mod prioritized_distribution;
 mod requested;
 mod requirement;
-mod requires_python;
 mod resolution;
 mod resolved;
 mod specified_requirement;
@ -343,9 +341,9 @@ pub struct DirectorySourceDist {
    /// The absolute path to the distribution which we use for installing.
    pub install_path: Box<Path>,
    /// Whether the package should be installed in editable mode.
-    pub editable: Option<bool>,
+    pub editable: bool,
    /// Whether the package should be built and installed.
-    pub r#virtual: Option<bool>,
+    pub r#virtual: bool,
    /// The URL as it was provided by the user.
    pub url: VerbatimUrl,
 }
@ -452,8 +450,8 @@ impl Dist {
        name: PackageName,
        url: VerbatimUrl,
        install_path: &Path,
-        editable: Option<bool>,
-        r#virtual: Option<bool>,
+        editable: bool,
+        r#virtual: bool,
    ) -> Result<Dist, Error> {
        // Convert to an absolute path.
        let install_path = path::absolute(install_path)?;
@ -655,7 +653,7 @@ impl SourceDist {
    /// Returns `true` if the distribution is editable.
    pub fn is_editable(&self) -> bool {
        match self {
-            Self::Directory(DirectorySourceDist { editable, .. }) => editable.unwrap_or(false),
+            Self::Directory(DirectorySourceDist { editable, .. }) => *editable,
            _ => false,
        }
    }
@ -663,7 +661,7 @@ impl SourceDist {
    /// Returns `true` if the distribution is virtual.
    pub fn is_virtual(&self) -> bool {
        match self {
-            Self::Directory(DirectorySourceDist { r#virtual, .. }) => r#virtual.unwrap_or(false),
+            Self::Directory(DirectorySourceDist { r#virtual, .. }) => *r#virtual,
            _ => false,
        }
    }
--- a/crates/uv-distribution-types/src/pip_index.rs
+++ b/crates/uv-distribution-types/src/pip_index.rs
@ -3,8 +3,6 @@
 //! flags set.

 use serde::{Deserialize, Deserializer, Serialize};
-#[cfg(feature = "schemars")]
-use std::borrow::Cow;
 use std::path::Path;

 use crate::{Index, IndexUrl};
@ -52,14 +50,14 @@ macro_rules! impl_index {

        #[cfg(feature = "schemars")]
        impl schemars::JsonSchema for $name {
-            fn schema_name() -> Cow<'static, str> {
+            fn schema_name() -> String {
                IndexUrl::schema_name()
            }

            fn json_schema(
-                generator: &mut schemars::generate::SchemaGenerator,
-            ) -> schemars::Schema {
-                IndexUrl::json_schema(generator)
+                r#gen: &mut schemars::r#gen::SchemaGenerator,
+            ) -> schemars::schema::Schema {
+                IndexUrl::json_schema(r#gen)
            }
        }
    };
--- a/crates/uv-distribution-types/src/prioritized_distribution.rs
+++ b/crates/uv-distribution-types/src/prioritized_distribution.rs
@ -11,7 +11,7 @@ use uv_platform_tags::{AbiTag, IncompatibleTag, LanguageTag, PlatformTag, TagPri
 use uv_pypi_types::{HashDigest, Yanked};

 use crate::{
-    File, InstalledDist, KnownPlatform, RegistryBuiltDist, RegistryBuiltWheel, RegistrySourceDist,
+    InstalledDist, KnownPlatform, RegistryBuiltDist, RegistryBuiltWheel, RegistrySourceDist,
    ResolvedDistRef,
 };

@ -91,21 +91,13 @@ impl CompatibleDist<'_> {
        }
    }

-    // For installable distributions, return the prioritized distribution it was derived from.
-    pub fn prioritized(&self) -> Option<&PrioritizedDist> {
-        match self {
-            CompatibleDist::InstalledDist(_) => None,
-            CompatibleDist::SourceDist { prioritized, .. }
-            | CompatibleDist::CompatibleWheel { prioritized, .. }
-            | CompatibleDist::IncompatibleWheel { prioritized, .. } => Some(prioritized),
-        }
-    }
-
    /// Return the set of supported platform the distribution, in terms of their markers.
    pub fn implied_markers(&self) -> MarkerTree {
-        match self.prioritized() {
-            Some(prioritized) => prioritized.0.markers,
-            None => MarkerTree::TRUE,
+        match self {
+            CompatibleDist::InstalledDist(_) => MarkerTree::TRUE,
+            CompatibleDist::SourceDist { prioritized, .. } => prioritized.0.markers,
+            CompatibleDist::CompatibleWheel { prioritized, .. } => prioritized.0.markers,
+            CompatibleDist::IncompatibleWheel { prioritized, .. } => prioritized.0.markers,
        }
    }
 }
@ -565,20 +557,6 @@ impl PrioritizedDist {
        self.0.best_wheel_index.map(|i| &self.0.wheels[i])
    }

-    /// Returns an iterator of all wheels and the source distribution, if any.
-    pub fn files(&self) -> impl Iterator<Item = &File> {
-        self.0
-            .wheels
-            .iter()
-            .map(|(wheel, _)| wheel.file.as_ref())
-            .chain(
-                self.0
-                    .source
-                    .as_ref()
-                    .map(|(source_dist, _)| source_dist.file.as_ref()),
-            )
-    }
-
    /// Returns an iterator over all Python tags for the distribution.
    pub fn python_tags(&self) -> impl Iterator<Item = LanguageTag> + '_ {
        self.0
@ -839,7 +817,7 @@ pub fn implied_markers(filename: &WheelFilename) -> MarkerTree {
                tag_marker.and(MarkerTree::expression(MarkerExpression::String {
                    key: MarkerValueString::PlatformMachine,
                    operator: MarkerOperator::Equal,
-                    value: arcstr::literal!("AMD64"),
+                    value: arcstr::literal!("x86_64"),
                }));
                marker.or(tag_marker);
            }
@ -933,7 +911,7 @@ mod tests {
        );
        assert_markers(
            "numpy-2.2.1-cp313-cp313t-win_amd64.whl",
-            "sys_platform == 'win32' and platform_machine == 'AMD64'",
+            "sys_platform == 'win32' and platform_machine == 'x86_64'",
        );
        assert_markers(
            "numpy-2.2.1-cp313-cp313t-win_arm64.whl",
--- a/crates/uv-distribution-types/src/requirement.rs
+++ b/crates/uv-distribution-types/src/requirement.rs
@ -429,9 +429,9 @@ pub enum RequirementSource {
        /// The absolute path to the distribution which we use for installing.
        install_path: Box<Path>,
        /// For a source tree (a directory), whether to install as an editable.
-        editable: Option<bool>,
+        editable: bool,
        /// For a source tree (a directory), whether the project should be built and installed.
-        r#virtual: Option<bool>,
+        r#virtual: bool,
        /// The PEP 508 style URL in the format
        /// `file:///<path>#subdirectory=<subdirectory>`.
        url: VerbatimUrl,
@ -545,13 +545,7 @@ impl RequirementSource {

    /// Returns `true` if the source is editable.
    pub fn is_editable(&self) -> bool {
-        matches!(
-            self,
-            Self::Directory {
-                editable: Some(true),
-                ..
-            }
-        )
+        matches!(self, Self::Directory { editable: true, .. })
    }

    /// Returns `true` if the source is empty.
@ -798,11 +792,11 @@ impl From<RequirementSource> for RequirementSourceWire {
                r#virtual,
                url: _,
            } => {
-                if editable.unwrap_or(false) {
+                if editable {
                    Self::Editable {
                        editable: PortablePathBuf::from(install_path),
                    }
-                } else if r#virtual.unwrap_or(false) {
+                } else if r#virtual {
                    Self::Virtual {
                        r#virtual: PortablePathBuf::from(install_path),
                    }
@ -914,8 +908,8 @@ impl TryFrom<RequirementSourceWire> for RequirementSource {
                ))?;
                Ok(Self::Directory {
                    install_path: directory,
-                    editable: Some(false),
-                    r#virtual: Some(false),
+                    editable: false,
+                    r#virtual: false,
                    url,
                })
            }
@ -926,8 +920,8 @@ impl TryFrom<RequirementSourceWire> for RequirementSource {
                ))?;
                Ok(Self::Directory {
                    install_path: editable,
-                    editable: Some(true),
-                    r#virtual: Some(false),
+                    editable: true,
+                    r#virtual: false,
                    url,
                })
            }
@ -938,8 +932,8 @@ impl TryFrom<RequirementSourceWire> for RequirementSource {
                ))?;
                Ok(Self::Directory {
                    install_path: r#virtual,
-                    editable: Some(false),
-                    r#virtual: Some(true),
+                    editable: false,
+                    r#virtual: true,
                    url,
                })
            }
@ -986,8 +980,8 @@ mod tests {
            marker: MarkerTree::TRUE,
            source: RequirementSource::Directory {
                install_path: PathBuf::from(path).into_boxed_path(),
-                editable: Some(false),
-                r#virtual: Some(false),
+                editable: false,
+                r#virtual: false,
                url: VerbatimUrl::from_absolute_path(path).unwrap(),
            },
            origin: None,
--- a/crates/uv-distribution-types/src/resolution.rs
+++ b/crates/uv-distribution-types/src/resolution.rs
@ -1,5 +1,6 @@
 use uv_distribution_filename::DistExtension;
 use uv_normalize::{ExtraName, GroupName, PackageName};
+use uv_pep508::MarkerTree;
 use uv_pypi_types::{HashDigest, HashDigests};

 use crate::{
@ -201,12 +202,12 @@ impl Node {
    }
 }

-/// An edge in the resolution graph.
+/// An edge in the resolution graph, along with the marker that must be satisfied to traverse it.
 #[derive(Debug, Clone)]
 pub enum Edge {
-    Prod,
-    Optional(ExtraName),
-    Dev(GroupName),
+    Prod(MarkerTree),
+    Optional(ExtraName, MarkerTree),
+    Dev(GroupName, MarkerTree),
 }

 impl From<&ResolvedDist> for RequirementSource {
--- a/crates/uv-distribution-types/src/status_code_strategy.rs
+++ b/crates/uv-distribution-types/src/status_code_strategy.rs
@ -1,5 +1,3 @@
-#[cfg(feature = "schemars")]
-use std::borrow::Cow;
 use std::ops::Deref;

 use http::StatusCode;
@ -138,17 +136,17 @@ impl<'de> Deserialize<'de> for SerializableStatusCode {

 #[cfg(feature = "schemars")]
 impl schemars::JsonSchema for SerializableStatusCode {
-    fn schema_name() -> Cow<'static, str> {
-        Cow::Borrowed("StatusCode")
+    fn schema_name() -> String {
+        "StatusCode".to_string()
    }

-    fn json_schema(_generator: &mut schemars::generate::SchemaGenerator) -> schemars::Schema {
-        schemars::json_schema!({
-            "type": "number",
-            "minimum": 100,
-            "maximum": 599,
-            "description": "HTTP status code (100-599)"
-        })
+    fn json_schema(r#gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
+        let mut schema = r#gen.subschema_for::<u16>().into_object();
+        schema.metadata().description = Some("HTTP status code (100-599)".to_string());
+        schema.number().minimum = Some(100.0);
+        schema.number().maximum = Some(599.0);
+
+        schema.into()
    }
 }

--- a/crates/uv-distribution/Cargo.toml
+++ b/crates/uv-distribution/Cargo.toml
@ -60,7 +60,7 @@ zip = { workspace = true }

 [dev-dependencies]
 indoc = { workspace = true }
-insta = { workspace = true }
+insta = { version = "1.40.0", features = ["filters", "json", "redactions"] }

 [features]
 default = []
--- a/crates/uv-distribution/src/distribution_database.rs
+++ b/crates/uv-distribution/src/distribution_database.rs
@ -20,7 +20,8 @@ use uv_client::{
 };
 use uv_distribution_filename::WheelFilename;
 use uv_distribution_types::{
-    BuildableSource, BuiltDist, Dist, HashPolicy, Hashed, IndexUrl, InstalledDist, Name, SourceDist,
+    BuildableSource, BuiltDist, Dist, FileLocation, HashPolicy, Hashed, InstalledDist, Name,
+    SourceDist,
 };
 use uv_extract::hash::Hasher;
 use uv_fs::write_atomic;
@ -178,7 +179,12 @@ impl<'a, Context: BuildContext> DistributionDatabase<'a, Context> {
        match dist {
            BuiltDist::Registry(wheels) => {
                let wheel = wheels.best_wheel();
-                let url = wheel.file.url.to_url()?;
+                let url = match &wheel.file.url {
+                    FileLocation::RelativeUrl(base, url) => {
+                        uv_pypi_types::base_url_join_relative(base, url)?
+                    }
+                    FileLocation::AbsoluteUrl(url) => url.to_url()?,
+                };

                // Create a cache entry for the wheel.
                let wheel_entry = self.build_context.cache().entry(
@ -201,7 +207,6 @@ impl<'a, Context: BuildContext> DistributionDatabase<'a, Context> {
                match self
                    .stream_wheel(
                        url.clone(),
-                        dist.index(),
                        &wheel.filename,
                        wheel.file.size,
                        &wheel_entry,
@ -237,7 +242,6 @@ impl<'a, Context: BuildContext> DistributionDatabase<'a, Context> {
                        let archive = self
                            .download_wheel(
                                url,
-                                dist.index(),
                                &wheel.filename,
                                wheel.file.size,
                                &wheel_entry,
@ -274,7 +278,6 @@ impl<'a, Context: BuildContext> DistributionDatabase<'a, Context> {
                match self
                    .stream_wheel(
                        wheel.url.raw().clone(),
-                        None,
                        &wheel.filename,
                        None,
                        &wheel_entry,
@ -304,7 +307,6 @@ impl<'a, Context: BuildContext> DistributionDatabase<'a, Context> {
                        let archive = self
                            .download_wheel(
                                wheel.url.raw().clone(),
-                                None,
                                &wheel.filename,
                                None,
                                &wheel_entry,
@ -538,7 +540,6 @@ impl<'a, Context: BuildContext> DistributionDatabase<'a, Context> {
    async fn stream_wheel(
        &self,
        url: DisplaySafeUrl,
-        index: Option<&IndexUrl>,
        filename: &WheelFilename,
        size: Option<u64>,
        wheel_entry: &CacheEntry,
@ -621,24 +622,13 @@ impl<'a, Context: BuildContext> DistributionDatabase<'a, Context> {
        // Fetch the archive from the cache, or download it if necessary.
        let req = self.request(url.clone())?;

-        // Determine the cache control policy for the URL.
        let cache_control = match self.client.unmanaged.connectivity() {
-            Connectivity::Online => {
-                if let Some(header) = index.and_then(|index| {
-                    self.build_context
-                        .locations()
-                        .artifact_cache_control_for(index)
-                }) {
-                    CacheControl::Override(header)
-                } else {
-                    CacheControl::from(
+            Connectivity::Online => CacheControl::from(
                self.build_context
                    .cache()
                    .freshness(&http_entry, Some(&filename.name), None)
                    .map_err(Error::CacheRead)?,
-                    )
-                }
-            }
+            ),
            Connectivity::Offline => CacheControl::AllowStale,
        };

@ -654,8 +644,8 @@ impl<'a, Context: BuildContext> DistributionDatabase<'a, Context> {
            })
            .await
            .map_err(|err| match err {
-                CachedClientError::Callback { err, .. } => err,
-                CachedClientError::Client { err, .. } => Error::Client(err),
+                CachedClientError::Callback(err) => err,
+                CachedClientError::Client(err) => Error::Client(err),
            })?;

        // If the archive is missing the required hashes, or has since been removed, force a refresh.
@ -670,16 +660,11 @@ impl<'a, Context: BuildContext> DistributionDatabase<'a, Context> {
                .managed(async |client| {
                    client
                        .cached_client()
-                        .skip_cache_with_retry(
-                            self.request(url)?,
-                            &http_entry,
-                            cache_control,
-                            download,
-                        )
+                        .skip_cache_with_retry(self.request(url)?, &http_entry, download)
                        .await
                        .map_err(|err| match err {
-                            CachedClientError::Callback { err, .. } => err,
-                            CachedClientError::Client { err, .. } => Error::Client(err),
+                            CachedClientError::Callback(err) => err,
+                            CachedClientError::Client(err) => Error::Client(err),
                        })
                })
                .await?
@ -692,7 +677,6 @@ impl<'a, Context: BuildContext> DistributionDatabase<'a, Context> {
    async fn download_wheel(
        &self,
        url: DisplaySafeUrl,
-        index: Option<&IndexUrl>,
        filename: &WheelFilename,
        size: Option<u64>,
        wheel_entry: &CacheEntry,
@ -805,24 +789,13 @@ impl<'a, Context: BuildContext> DistributionDatabase<'a, Context> {
        // Fetch the archive from the cache, or download it if necessary.
        let req = self.request(url.clone())?;

-        // Determine the cache control policy for the URL.
        let cache_control = match self.client.unmanaged.connectivity() {
-            Connectivity::Online => {
-                if let Some(header) = index.and_then(|index| {
-                    self.build_context
-                        .locations()
-                        .artifact_cache_control_for(index)
-                }) {
-                    CacheControl::Override(header)
-                } else {
-                    CacheControl::from(
+            Connectivity::Online => CacheControl::from(
                self.build_context
                    .cache()
                    .freshness(&http_entry, Some(&filename.name), None)
                    .map_err(Error::CacheRead)?,
-                    )
-                }
-            }
+            ),
            Connectivity::Offline => CacheControl::AllowStale,
        };

@ -838,8 +811,8 @@ impl<'a, Context: BuildContext> DistributionDatabase<'a, Context> {
            })
            .await
            .map_err(|err| match err {
-                CachedClientError::Callback { err, .. } => err,
-                CachedClientError::Client { err, .. } => Error::Client(err),
+                CachedClientError::Callback(err) => err,
+                CachedClientError::Client(err) => Error::Client(err),
            })?;

        // If the archive is missing the required hashes, or has since been removed, force a refresh.
@ -854,16 +827,11 @@ impl<'a, Context: BuildContext> DistributionDatabase<'a, Context> {
                .managed(async |client| {
                    client
                        .cached_client()
-                        .skip_cache_with_retry(
-                            self.request(url)?,
-                            &http_entry,
-                            cache_control,
-                            download,
-                        )
+                        .skip_cache_with_retry(self.request(url)?, &http_entry, download)
                        .await
                        .map_err(|err| match err {
-                            CachedClientError::Callback { err, .. } => err,
-                            CachedClientError::Client { err, .. } => Error::Client(err),
+                            CachedClientError::Callback(err) => err,
+                            CachedClientError::Client(err) => Error::Client(err),
                        })
                })
                .await?
--- a/Show more
+++ b/Show more