Commit Graph

80 Commits

Author SHA1 Message Date
Zanie Blue 464a33ca82 Bump version to 0.11.3 (#18805) 2026-04-01 15:52:54 -05:00
Zanie Blue 02036a8ba5 Bump version to 0.11.2 (#18732) 2026-03-26 20:44:25 +00:00
Zanie Blue a6042f67fc Bump version to 0.11.1 (#18704) 2026-03-24 22:18:22 +00:00
Zanie Blue 1f31f0e9fb Bump version to 0.11.0 (#18683)
Co-authored-by: Zsolt Dollenstein <zsol.zsol@gmail.com>
Co-authored-by: Geoffrey Thomas <geofft@ldpreload.com>
2026-03-23 21:13:35 +00:00
Zanie Blue 00d72dac7b Bump version to 0.10.12 (#18578) 2026-03-19 21:18:55 +00:00
Charlie Marsh 006b56b12d Bump version to 0.10.11 (#18521)
Co-authored-by: Tomasz Kramkowski <tom@astral.sh>
2026-03-16 19:32:39 -04:00
Zanie Blue 8c730aaad6 Bump version to 0.10.10 (#18455) 2026-03-13 14:35:08 -05:00
Zanie Blue f675560f32 Bump version to 0.10.9 (#18357) 2026-03-06 14:00:59 -06:00
Zanie Blue 363aea27be Drop the sys-info dependency (#18324)
Part of https://github.com/astral-sh/uv/issues/14574 and
https://github.com/termux/termux-packages/issues/27547

Avoids the downstream patch at
https://github.com/termux/termux-packages/blob/master/packages/uv/0001-sys-info-replace-index-with-strchr.diff

`sys-info-rs` has not been updated in years
https://github.com/FillZpp/sys-info-rs — it includes C code and can't be
built on Termux https://github.com/FillZpp/sys-info-rs/issues/116

I considered switching to https://github.com/GuillaumeGomez/sysinfo but
our usage is trivial, so we implement our requirements in `uv-platform`
instead
2026-03-06 16:30:19 +00:00
Zanie Blue c021be36ab Bump version to 0.10.8 (#18277) 2026-03-03 15:08:03 -06:00
Zsolt Dollenstein 08ab1a3447 Bump version to 0.10.7 (#18212) 2026-02-27 07:07:47 -05:00
Zanie Blue a91bcf2683 Bump version to 0.10.6 (#18189) 2026-02-24 17:33:36 -06:00
Zanie Blue f5b95ba548 Fix Python version selection for scripts with a requires-python conflicting with .python-version (#18097)
See https://github.com/astral-sh/uv/issues/17717#issuecomment-3886377795

Updates `ScriptPython::from_request` to match the implementation of
`WorkspacePython::from_request` and adds filtering such that if the
`.python-version` conflicts with the `requires-python`, we prefer the
latter.

Co-authored-by: Claude <noreply@anthropic.com>
2026-02-24 05:16:48 -06:00
Zanie Blue e2c05a54e6 Bump version to 0.10.5 (#18172) 2026-02-23 16:16:32 -06:00
Tomasz Kramkowski 079e3fd059 Bump version to 0.10.4 (#18072) 2026-02-17 21:15:57 +00:00
Tomasz Kramkowski c75a0c625c Bump version to 0.10.3 (#18012) 2026-02-16 10:42:51 +00:00
Tomasz Kramkowski a788db7e5d Bump version to 0.10.2 (#17958) 2026-02-10 18:21:21 +00:00
konsti b1b14d39ae Bump version to 0.10.1 (#17953) 2026-02-10 11:14:16 +00:00
Zanie Blue 0ba432459a Bump version to 0.10.0 (#17882)
Co-authored-by: Brent Westbrook <36778786+ntBre@users.noreply.github.com>
2026-02-05 20:28:44 +00:00
Zanie Blue d2ab2d0208 Stabilize Python upgrades (#17766)
Includes a few things...

- Drops preview warnings for use of `uv python upgrade` and `uv python
install --upgrade`
- Adds `--resolve-links` to `uv python find`, which I needed in test
cases to retain existing snapshots
- Fixes issues in our "Using environment ..." messages on Windows which
were incorrect
- Refactors `from_executable` for the `PythonMinorVersionLink` type
(https://github.com/astral-sh/uv/pull/17842/commits/28b2ed2525327d94fdf5372a29bbbc476d74680f)
to use the type system to prevent incorrect construction (for above)
- Removes special casing where we only upgrade links if they already
exist, which existed so preview wasn't needed on every invocation
- Fixes a bug with `PythonMinorVersionLink::exists` which returned
`true` even if the link pointed to the wrong Python installation leading
to discovery failures
2026-02-05 11:52:18 -06:00
Zanie Blue ea4560831e Bump version to 0.9.30 (#17865) 2026-02-04 21:18:04 +00:00
Zanie Blue 1f1321d842 Bump version to 0.9.29 (#17837) 2026-02-03 13:06:01 -06:00
Zanie Blue 0e1351e400 Bump version to 0.9.28 (#17738) 2026-01-29 13:51:05 -06:00
Zanie Blue b5797b2ab4 Bump version to 0.9.27 (#17706) 2026-01-26 22:38:10 +00:00
Zanie Blue ee4f003628 Bump version to 0.9.26 (#17496) 2026-01-15 14:25:54 -06:00
Zanie Blue 38fcac0f36 Bump version to 0.9.25 (#17449) 2026-01-13 16:55:34 -06:00
Zanie Blue 0fda1525eb Bump version to 0.9.24 (#17395) 2026-01-09 22:09:11 +00:00
Zanie Blue 00f07541a1 Bump version to 0.9.23 (#17385) 2026-01-09 19:09:04 +00:00
konsti 82a6a66b81 Bump version to 0.9.22 (#17333)
There's a hyper-util bump to get out separate from other reqwest related
changes.
2026-01-06 11:23:12 +01:00
Zanie Blue 0dc9556adb Bump version to 0.9.21 (#17270) 2025-12-30 15:46:08 +00:00
Charlie Marsh 765a967236 Bump version to 0.9.20 (#17256)
## Summary

In #17254, I failed to bump the versions of the various internal crates,
so need to re-release.
2025-12-29 20:13:57 +00:00
konsti 0cee76417f Bump version to 0.9.18 (#17141)
It's been a week.

---------

Co-authored-by: Zanie Blue <contact@zanie.dev>
2025-12-16 13:32:35 +00:00
Zanie Blue 2b5d65e61d Bump version to 0.9.17 (#17058) 2025-12-09 16:36:00 -06:00
Zanie Blue a63e5b62e3 Bump version to 0.9.16 (#17008) 2025-12-06 07:52:06 -06:00
samypr100 ed63be5dab chore(🧹): const env var usage cleanup (#16950)
## Summary

* Updates existing references to use EnvVars where usage was missing.
* Adds missing entries to env var usages, e.g. new env var declarations
in uv-trampoline, tests, etc.
* Note: this doesn't affect trampoline sizes as the end result is the
same
* Fixes versioning of `UV_HIDE_BUILD_OUTPUT`.

## Test Plan

Existing Tests. Compiled the trampolines locally to verify zero changes
(size, binary).

## Question

Will this complicate the crates publishing release process? I'm not
certain yet if it will be an issue for uv-trampoline (non-workspace
member) to reference a uv workspace member from a bump & release
perspective wrt lock files. If so, I'll revert the uv-trampoline changes
but keep the others.
2025-12-02 22:16:46 -08:00
Zanie Blue e7af5838bb Bump version to 0.9.15 (#16942) 2025-12-02 17:48:28 -06:00
Zsolt Dollenstein 05814f9cd5 Bump version to 0.9.14 (#16909) 2025-12-01 11:52:15 -05:00
Zanie Blue 735b87004c Bump version to 0.9.13 (#16862) 2025-11-26 15:12:54 +00:00
Zanie Blue 0fb1233363 Bump version to 0.9.12 (#16840) 2025-11-24 23:22:12 +00:00
Zanie Blue 1de0cbea94 Use the word "internal" in crate descriptions (#16810)
ref
https://github.com/astral-sh/uv/pull/16809#pullrequestreview-3494007588
2025-11-21 13:22:47 -06:00
Zanie Blue 563438f13d Fix documentation links for crates (#16801)
Part of https://github.com/astral-sh/uv/issues/4392

We shouldn't link to PyPI, and dropping the workspace-level
documentation link should mean that we get the auto-generated `docs.rs`
links.
2025-11-21 10:44:58 -06:00
Zanie Blue dfe89047bb Publish to crates.io (#16770) 2025-11-20 21:26:44 +00:00
Meitar Reihan b9826778b9 Support http/https URLs in uv python --python-downloads-json-url (#16542)
continuation PR based on #14687

---------

Co-authored-by: Geoffrey Thomas <geofft@ldpreload.com>
Co-authored-by: Aria Desires <aria.desires@gmail.com>
2025-11-14 17:51:24 -05:00
konsti cd49e1d11f Use the windows crate facade consistently (#15737)
The initial motivation for this change was that we were using both the
`windows`, the `window_sys` and the `windows_core` crate in various
places. These crates have slightly unconventional versioning scheme
where there is a large workspace with the same version in general, but
only some crates get breaking releases when a new breaking release
happens, the others stay on the previous breaking version. The `windows`
crate is a shim for all three of them, with a single version. This
simplifies handling the versions.

Using `windows` over `windows_sys` has the advantage of a higher level
error interface, we now get a `Result` for all windows API calls instead
of C-style int-returns and get-last-error calls. This makes the
uv-keyring crate more resilient.

We keep using the `windows_registry` crate, which provides a higher
level interface to windows registry access.
2025-09-09 15:07:14 +00:00
Charlie Marsh ac84f5aedc Move preview features into a dedicated crate (#15482)
## Summary

This is causing some cyclic dependencies issues for me, because these
can be used in virtually _any_ crate (like `uv-install-wheel`), which
then means that all of `uv-configuration` becomes a dependency, etc. I
think this should be a leaf crate so that we can safely depend on it
anywhere.
2025-08-24 09:55:30 -04:00
Zanie Blue 00efde06b6 Split platform detection code into a dedicated uv-platform crate (#14918)
In service of some subsequent work...
2025-07-28 14:12:04 -05:00
Zanie Blue a701d3c447 Use workspace dependencies for crate dev-dependencies (#14903) 2025-07-25 13:57:49 -05:00
John Mumm e9d5780369 Support transparent Python patch version upgrades (#13954)
> NOTE: The PRs that were merged into this feature branch have all been
independently reviewed. But it's also useful to see all of the changes
in their final form. I've added comments to significant changes
throughout the PR to aid discussion.

This PR introduces transparent Python version upgrades to uv, allowing
for a smoother experience when upgrading to new patch versions.
Previously, upgrading Python patch versions required manual updates to
each virtual environment. Now, virtual environments can transparently
upgrade to newer patch versions.

Due to significant changes in how uv installs and executes managed
Python executables, this functionality is initially available behind a
`--preview` flag. Once an installation has been made upgradeable through
`--preview`, subsequent operations (like `uv venv -p 3.10` or patch
upgrades) will work without requiring the flag again. This is
accomplished by checking for the existence of a minor version symlink
directory (or junction on Windows).

### Features

* New `uv python upgrade` command to upgrade installed Python versions
to the latest available patch release:
``` 
# Upgrade specific minor version 
uv python upgrade 3.12 --preview
# Upgrade all installed minor versions
uv python upgrade --preview
```
* Transparent upgrades also occur when installing newer patch versions: 
```
uv python install 3.10.8 --preview
# Automatically upgrades existing 3.10 environments
uv python install 3.10.18
```
* Support for transparently upgradeable Python `bin` installations via
`--preview` flag
```
uv python install 3.13 --preview
# Automatically upgrades the `bin` installation if there is a newer patch version available
uv python upgrade 3.13 --preview
```
* Virtual environments can still be tied to a patch version if desired
(ignoring patch upgrades):
```
uv venv -p 3.10.8
```

### Implementation

Transparent upgrades are implemented using:
* Minor version symlink directories (Unix) or junctions (Windows)
* On Windows, trampolines simulate paths with junctions
* Symlink directory naming follows Python build standalone format: e.g.,
`cpython-3.10-macos-aarch64-none`
* Upgrades are scoped to the minor version key (as represented in the
naming format: implementation-minor version+variant-os-arch-libc)
* If the context does not provide a patch version request and the
interpreter is from a managed CPython installation, the `Interpreter`
used by `uv python run` will use the full symlink directory executable
path when available, enabling transparently upgradeable environments
created with the `venv` module (`uv run python -m venv`)

New types:
* `PythonMinorVersionLink`: in a sense, the core type for this PR, this
is a representation of a minor version symlink directory (or junction on
Windows) that points to the highest installed managed CPython patch
version for a minor version key.
* `PythonInstallationMinorVersionKey`: provides a view into a
`PythonInstallationKey` that excludes the patch and prerelease. This is
used for grouping installations by minor version key (e.g., to find the
highest available patch installation for that minor version key) and for
minor version directory naming.

### Compatibility

* Supports virtual environments created with:
  * `uv venv`
* `uv run python -m venv` (using managed Python that was installed or
upgraded with `--preview`)
  * Virtual environments created within these environments
* Existing virtual environments from before these changes continue to
work but aren't transparently upgradeable without being recreated
* Supports both standard Python (`python3.10`) and freethreaded Python
(`python3.10t`)
* Support for transparently upgrades is currently only available for
managed CPython installations

Closes #7287
Closes #7325
Closes #7892
Closes #9031
Closes #12977

---------

Co-authored-by: Zanie Blue <contact@zanie.dev>
2025-06-20 16:17:13 +02:00
John Mumm c19a294a48 Add DisplaySafeUrl newtype to prevent leaking of credentials by default (#13560)
Prior to this PR, there were numerous places where uv would leak
credentials in logs. We had a way to mask credentials by calling methods
or a recently-added `redact_url` function, but this was not secure by
default. There were a number of other types (like `GitUrl`) that would
leak credentials on display.

This PR adds a `DisplaySafeUrl` newtype to prevent leaking credentials
when logging by default. It takes a maximalist approach, replacing the
use of `Url` almost everywhere. This includes when first parsing config
files, when storing URLs in types like `GitUrl`, and also when storing
URLs in types that in practice will never contain credentials (like
`DirectorySourceUrl`). The idea is to make it easy for developers to do
the right thing and for the compiler to support this (and to minimize
ever having to manually convert back and forth). Displaying credentials
now requires an active step. Note that despite this maximalist approach,
the use of the newtype should be zero cost.

One conspicuous place this PR does not use `DisplaySafeUrl` is in the
`uv-auth` crate. That would require new clones since there are calls to
`request.url()` that return a `&Url`. One option would have been to make
`DisplaySafeUrl` wrap a `Cow`, but this would lead to lifetime
annotations all over the codebase. I've created a separate PR based on
this one (#13576) that updates `uv-auth` to use `DisplaySafeUrl` with
one new clone. We can discuss the tradeoffs there.

Most of this PR just replaces `Url` with `DisplaySafeUrl`. The core is
`uv_redacted/lib.rs`, where the newtype is implemented. To make it
easier to review the rest, here are some points of note:

* `DisplaySafeUrl` has a `Display` implementation that masks
credentials. Currently, it will still display the username when there is
both a username and password. If we think is the wrong choice, it can
now be changed in one place.
* `DisplaySafeUrl` has a `remove_credentials()` method and also a
`.to_string_with_credentials()` method. This allows us to use it in a
variety of scenarios.
* `IndexUrl::redacted()` was renamed to
`IndexUrl::removed_credentials()` to make it clearer that we are not
masking.
* We convert from a `DisplaySafeUrl` to a `Url` when calling `reqwest`
methods like `.get()` and `.head()`.
* We convert from a `DisplaySafeUrl` to a `Url` when creating a
`uv_auth::Index`. That is because, as mentioned above, I will be
updating the `uv_auth` crate to use this newtype in a separate PR.
* A number of tests (e.g., in `pip_install.rs`) that formerly used
filters to mask tokens in the test output no longer need those filters
since tokens in URLs are now masked automatically.
* The one place we are still knowingly writing credentials to
`pyproject.toml` is when a URL with credentials is passed to `uv add`
with `--raw`. Since displaying credentials is no longer automatic, I
have added a `to_string_with_credentials()` method to the `Pep508Url`
trait. This is used when `--raw` is passed. Adding it to that trait is a
bit weird, but it's the simplest way to achieve the goal. I'm open to
suggestions on how to improve this, but note that because of the way
we're using generic bounds, it's not as simple as just creating a
separate trait for that method.
2025-05-27 00:05:30 +02:00
konsti 1afadda819 Add more context to errors in high level crates. (#13351)
Add error context in some places where it was previously missing, and a
few style improvements.
2025-05-12 11:04:41 +00:00