Releases: astral-sh/uv
0.11.17
Release Notes
Released on 2026-05-28.
Enhancements
- Add a diagnostic for
uv addwith standard library modules (#19572) - Expose
uv workspaceand itslistsubcommand in help output (#19533) - Improve the "403 forbidden" hint to suggest
ignore-error-codeswhen applicable (#19521) - Skip direct URL lock freshness checks while offline (#19596)
- Add
import-namesandimport-namespacessupport touv-build(PEP 794) (#19380) - Add a
--no-editable-packageflag to various commands (#19584) - Infer Python version requests from source trees in
uv toolinvocations (#19577)
Preview features
- Add module owners to
uv workspace metadata(#19122) - Do not allow
uv venv --clearto remove non-virtual environments (#19595)
Bug fixes
- Improve the performance of large entries in
tool.uv.conflicts(#19538) - Avoid modifying the parent process' env with
--env-fileinuv run(#19567) - Fix script environment creation for scripts with long filenames (#19539)
- Fix transitive Git archive dependencies in lockfiles (#19589)
- Preserve Git repository URLs in direct URL metadata (#19590)
- Support redirects in
--check-url(#19594) - Accept case-insensitive HTML tags in
--find-linksparsing (#19537) - Reject duplicate script metadata blocks (#19544)
- Ban names like "python3" as script entry points (#19535, #19536)
- Validate Git LFS artifacts for Git archives (#19592)
- Use a relative path when creating symlinks in cache to improve relocatability (#19033)
Documentation
- Fix malformed positional anchors in the CLI reference (#19575)
Install uv 0.11.17
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.17/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.17/uv-installer.ps1 | iex"Download uv 0.11.17
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.11.16
Release Notes
Released on 2026-05-21.
Enhancements
Preview features
Configuration
- Allow disabling reading the system config with
UV_NO_SYSTEM_CONFIG(#19476)
Bug fixes
- Allow environment variables that take a list to be empty (#19503)
- Ensure that incompatible wheel hints do not leak secrets (#19504)
- Reject unsafe entry points in
uv-build(#19495) - Restrict delimiters in entry point parsing (#19471)
- uv-netrc: fix multi-word no-space comment lines causing parse errors (#19494)
Documentation
- Document and test relative exclude-newer support for uv pip (#19475)
Install uv 0.11.16
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex"Download uv 0.11.16
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.11.15
Release Notes
Released on 2026-05-18.
Security
- Fix a TAR parser differential, see GHSA-3cv2-h65g-fgmm (#19463)
- Enforce that entry points cannot escape in the scripts directory, see GHSA-4gg8-gxpx-9rph (#19464)
Enhancements
- Add TOML v1.1 -> v1.0 backwards compatibility for source distributions (#18741)
- Add support for Azure request signing (#19421)
- Apply stricter validation to all wheel filename segments (#19364)
- Reject empty strings as an invalid package name (#19435)
- Use structured errors for signing authentication failures (#19422)
Preview
- uv audit: Add JSON output (#19305)
Configuration
- Respect
required-environmentsinuv pip compile(#19378)
Performance
- Avoid parsing JSON manifest when local Python is available (#19398)
- Avoid walking nested directories in linker conflict registration (#19382)
- Optimize async wheel ZIP writing (#19383)
- Fix dead "already trimmed" fast-path in
Version::only_release_trimmed(#19425)
Bug fixes
- Apply workspace-member
[tool.uv.sources]credentials underuv sync --frozen(#19423) - Skip empty directories in uv build outputs (#19437)
- Fix Git submodule handling when using relative paths (#12156)
- Fix line number reporting in netrc parsing (#19452)
Documentation
- Move Bazel auth helper setup into integration guide (#19392)
Install uv 0.11.15
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.ps1 | iex"Download uv 0.11.15
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.11.14
Release Notes
Released on 2026-05-12.
Enhancements
- Add Astral mirror URL override (#19206)
- Ignore
top_level.txtentries in uninstall that are not valid Python identifiers (#19340)
Bug fixes
- Avoid applying
.envfiles in parent process (#19343) - Filter ANSI codes in logging output (#19311)
- Fix
uv treeshowing extra-conditional deps for packages required without extras (#19332) - Respect build options (e.g.,
--no-build) during lock validation (#19366)
Install uv 0.11.14
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.14/uv-installer.ps1 | iex"Download uv 0.11.14
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.11.13
Release Notes
Released on 2026-05-10.
Bug fixes
- Include data files in editable builds (#19312)
- Respect
--require-hasheswhen installing frompylock.tomlfiles (#19334)
Python
- Add CPython 3.14.5
Install uv 0.11.13
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.13/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.13/uv-installer.ps1 | iex"Download uv 0.11.13
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.11.12
Release Notes
Released on 2026-05-08.
Python
- Add CPython 3.15.0b1
Enhancements
- Add
--no-editablesupport touv pip install(#19306) - Require git refs in URLs to be percent-encoded (#19320)
Bug fixes
-
Respect
--no-devoverUV_DEV=1(#19313) -
Don't suggest non-existent
--no-frozenflag (#19290) (#19294)
Documentation
- Fix bug from inconsistent workflow name in GHA-PyPI guide example (#19309)
Install uv 0.11.12
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.12/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.12/uv-installer.ps1 | iex"Download uv 0.11.12
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.11.11
Release Notes
Released on 2026-05-06.
Bug fixes
- Accept legacy ID format from pre-0.11.9 cache entries (#19301)
Install uv 0.11.11
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.11/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.11/uv-installer.ps1 | iex"Download uv 0.11.11
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.11.10
Release Notes
Released on 2026-05-05.
Bug fixes
- Allow pre-release Python requests with non-zero patch versions (#19286)
Install uv 0.11.10
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.10/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.10/uv-installer.ps1 | iex"Download uv 0.11.10
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.11.9
Release Notes
Released on 2026-05-04.
Note due to a timeout publishing to crates.io, the GitHub portion of this release was published manually by a maintainer using the artifacts built in CI. Consequently, GitHub attestations will not be available. Additionally, this release will not be fully published to crates.io. There should be no other effects.
Python 3.14.5 release candidate
This release includes a special release candidate for the next Python 3.14 patch release. Python 3.14 included a new garbage collection implementation, which reduced pause times but caused significant unexpected memory pressure in production environments. In 3.14.5 and 3.15, the previous garbage collection implementation will be restored.
We would greatly appreciate if you tested the 3.14.5rc1 version included in this release. The stable version is expected to be released soon and any feedback on potential issues would be helpful to the Python development team.
For more context, see the announcement, issue, and pull request.
Issues with the new release can be reported in the uv or CPython issue trackers.
Python
- Upgrade PyPy to v7.3.22
- Add CPython 3.14.5rc1
- On macOS, CPython statically links
libpythonto match Linux
Enhancements
- Omit compatible release desugaring for pre-release hints (#19267)
- Fix file locks on Android (#18323)
Preview
uv auditadd reporting for adverse project statuses (#19128)
Bug fixes
- Discover versioned Python executables when
requires-pythonpins a version (#18700) - Fix URL prefix matching to require path boundaries (#19154)
- Fix transitive Git path dependencies in lockfiles (#19269)
- Handle incorrect unlock error in
LockedFile::dropon Wine (#19229) - Prevent uninstalling site-packages for empty
top_level.txtin.egg-info(#19114) - Use symlinks instead of junctions on Wine (#19213)
- Fix floating-point environment handling on ARMv7 (#19157)
- Redact credentials from remote requirements URL in offline errors (#19216)
- Windows tramplolines no longer set
PYTHONHOMEand only set__PYVENV_LAUNCHER__for virtual environments (#19199)
Documentation
- Mark
--native-tlsandUV_NATIVE_TLSas deprecated (#18705) - Re-add
pytorch-triton-rocmto PyTorch ROCm docs (#19241) - Tweak changelog entries for 0.11.8 (#19188)
- Add 'Exporting lockfiles' to the Concepts->Projects index (#19209)
- Clarify that
uv initcreates git files / folders in the projects guide (#19183)
Install uv 0.11.9
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.9/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.9/uv-installer.ps1 | iex"Download uv 0.11.9
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.11.8
Release Notes
Released on 2026-04-27.
Enhancements
- Add
--python-downloads-json-urltopython pin(#19092) - Fetch uv from Astral mirror during self-update (#18682)
- Support
pip uninstall -y(#19082) - Allow
exclude-newerto be missing from the lockfile whenexclude-newer-spanis present (#19024) - Only show the version number in
uv self version --short(#19019) - Silence warnings on empty
SSL_CERT_DIRdirectory (#19018) - Use a sentinel timestamp for relative
exclude-newerandexclude-newer-packagevalues in lockfiles (#19022, #19101)
Configuration
- Add
UV_PYTHON_NO_REGISTRY(#19035) - Add an environment variable for
UV_NO_PROJECT(#19052) - Expose
UV_PYTHON_SEARCH_PATHfor Python discoveryPATHoverrides (#19034)
Bug fixes
- Add
rust-toolchain.tomlto uv-build sdist (#19131) - Ensure uv invocations of git do not inherit repository location environment variables (#19088)
- Redact pre-signed upload URLs in verbose output (#19146)
- Handle transitive URL dependencies in PEP 517 build requirements (#19076, #19086)
- Support
uv lockon apyproject.tomlthat only contains dependency-groups (#19087) - Disable transparent Python upgrades in projects when a patch version is requested via
.python-version(#19102) - Fix Python variant tagging in the Windows registry (#19012)
- Ban external symlinks in
.tar.zstwheels (#19144)
Distributions
- Remove deprecated license classifiers from uv-build and add Python 3.14 classifier (#19130)
Documentation
- Bump astral-sh/setup-uv version in docs (#19030)
- Update PyTorch documentation for PyTorch 2.11 (#19095)
Install uv 0.11.8
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.8/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.8/uv-installer.ps1 | iex"Download uv 0.11.8
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>