Skip to content

Bump uv from 0.8.22 to 0.8.23#436

Merged
edmorley merged 2 commits intomainfrom
dependabot/pip/uv-0.8.23
Oct 5, 2025
Merged

Bump uv from 0.8.22 to 0.8.23#436
edmorley merged 2 commits intomainfrom
dependabot/pip/uv-0.8.23

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Oct 5, 2025

Bumps uv from 0.8.22 to 0.8.23.

Release notes

Sourced from uv's releases.

0.8.23

Release Notes

Released on 2025-10-03.

Enhancements

  • Build s390x on stable Rust compiler version (#16082)
  • Add UV_SKIP_WHEEL_FILENAME_CHECK to allow installing invalid wheels (#16046)

Bug fixes

  • Avoid rejecting already-installed URL distributions with --no-sources (#16094)
  • Confirm that the directory name is a valid Python install key during managed check (#16080)
  • Ignore origin when comparing installed tools (#16055)
  • Make cache control lookups robust to username (#16088)
  • Re-order lock validation checks by severity (#16045)
  • Remove tracking of inferred dependency conflicts (#15909)
  • Respect --no-color on the CLI (#16044)
  • Deduplicate marker-specific dependencies in uv pip tree output (#16078)

Documentation

  • Document transparent x86_64 emulation on aarch64 (#16041)
  • Document why we ban URLs from index dependencies (#15929)
  • Fix rendering of _CONDA_ROOT in reference (#16114)
  • Windows arm64 and Linux RISC-V64 are Tier 2 supported (#16027)

Install uv 0.8.23

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.8.23/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.8.23/uv-installer.ps1 | iex"

Download uv 0.8.23

File Platform Checksum
uv-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
uv-x86_64-apple-darwin.tar.gz Intel macOS checksum
uv-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
uv-i686-pc-windows-msvc.zip x86 Windows checksum

... (truncated)

Changelog

Sourced from uv's changelog.

0.8.23

Released on 2025-10-03.

Enhancements

  • Build s390x on stable Rust compiler version (#16082)
  • Add UV_SKIP_WHEEL_FILENAME_CHECK to allow installing invalid wheels (#16046)

Bug fixes

  • Avoid rejecting already-installed URL distributions with --no-sources (#16094)
  • Confirm that the directory name is a valid Python install key during managed check (#16080)
  • Ignore origin when comparing installed tools (#16055)
  • Make cache control lookups robust to username (#16088)
  • Re-order lock validation checks by severity (#16045)
  • Remove tracking of inferred dependency conflicts (#15909)
  • Respect --no-color on the CLI (#16044)
  • Deduplicate marker-specific dependencies in uv pip tree output (#16078)

Documentation

  • Document transparent x86_64 emulation on aarch64 (#16041)
  • Document why we ban URLs from index dependencies (#15929)
  • Fix rendering of _CONDA_ROOT in reference (#16114)
  • Windows arm64 and Linux RISC-V64 are Tier 2 supported (#16027)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump uv from 0.8.22 to 0.8.23
88a6a5f 
Bumps [uv](https://github.com/astral-sh/uv) from 0.8.22 to 0.8.23.
- [Release notes](https://github.com/astral-sh/uv/releases)
- [Changelog](https://github.com/astral-sh/uv/blob/main/CHANGELOG.md)
- [Commits](astral-sh/uv@0.8.22...0.8.23)

---
updated-dependencies:
- dependency-name: uv
  dependency-version: 0.8.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Dependabot PRs that update Python dependencies labels Oct 5, 2025
@dependabot dependabot bot requested a review from edmorley as a code owner October 5, 2025 09:08
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Dependabot PRs that update Python dependencies labels Oct 5, 2025
@edmorley edmorley enabled auto-merge (squash) October 5, 2025 09:22
@edmorley edmorley merged commit 86472d1 into main Oct 5, 2025
6 checks passed
@edmorley edmorley deleted the dependabot/pip/uv-0.8.23 branch October 5, 2025 09:26
heroku-linguist bot added a commit that referenced this pull request Oct 5, 2025
@heroku-linguist
Prepare release v2.6.0
63c9c89 
## heroku/python

### Changed

- Changed the `pip install` commands used to install the pip and Poetry package managers to now use `--isolated` mode. ([#434](#434))
- Added more Python project related file and directory names to the list recognised by buildpack detection. ([#435](#435))
- Updated uv from 0.8.20 to 0.8.23. ([#431](#431) and [#436](#436))
@heroku-linguist heroku-linguist bot mentioned this pull request Oct 5, 2025
Merged
heroku-linguist bot added a commit to heroku/cnb-builder-images that referenced this pull request Oct 5, 2025
@heroku-linguist
Update heroku/buildpacks-python to v2.6.0
1645924 
## heroku/python

### Changed

- Changed the `pip install` commands used to install the pip and Poetry package managers to now use `--isolated` mode. ([#434](heroku/buildpacks-python#434))
- Added more Python project related file and directory names to the list recognised by buildpack detection. ([#435](heroku/buildpacks-python#435))
- Updated uv from 0.8.20 to 0.8.23. ([#431](heroku/buildpacks-python#431) and [#436](heroku/buildpacks-python#436))
@heroku-linguist heroku-linguist bot mentioned this pull request Oct 5, 2025
Merged
@edmorley
Copy link
Copy Markdown
Member

edmorley commented Oct 5, 2025

https://devcenter.heroku.com/changelog-items/3414

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@edmorley edmorley edmorley approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Dependabot PRs that update Python dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@edmorley