chore(deps-dev): Update uv requirement from 0.10.2 to 0.10.7 by dependabot[bot] · Pull Request #1023 · CycloneDX/cyclonedx-python
Updates the requirements on uv to permit the latest version.
Release notes
Sourced from uv's releases.
0.10.7
Release Notes
Released on 2026-02-27.
Bug fixes
- Fix handling of junctions in Windows Containers on Windows (#18192)
Enhancements
Install uv 0.10.7
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.10.7/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.10.7/uv-installer.ps1 | iex"Download uv 0.10.7
... (truncated)
Changelog
Sourced from uv's changelog.
0.10.7
Released on 2026-02-27.
Bug fixes
- Fix handling of junctions in Windows Containers on Windows (#18192)
Enhancements
0.10.6
Released on 2026-02-24.
Bug fixes
- Apply lockfile marker normalization for fork markers (#18116)
- Fix Python version selection for scripts with a
requires-pythonconflicting with.python-version(#18097)- Preserve file permissions when using reflinks on Linux (#18187)
Documentation
- Remove verbose documentation from optional dependencies help text (#18180)
0.10.5
Released on 2026-02-23.
Enhancements
- Add hint when named index is found in a parent config file (#18087)
- Add warning for
uv lock --frozen(#17859)- Attempt to use reflinks by default on Linux (#18117)
- Fallback to hardlinks after reflink failure before copying (#18104)
- Filter
pylock.tomlwheels by tags andrequires-python(#18081)- Validate wheel filenames are normalized during
uv publish(#17783)- Fix message when
exclude-newerinvalidates the lock file (#18100)- Change the missing files log level to debug (#18075)
Performance
- Improve performance of repeated conflicts with an extra (#18094)
Bug fixes
... (truncated)
Commits
08ab1a3Bump version to 0.10.7 (#18212)4ade648Upload uv releases to a mirror (#18159)c34670eActivate logging for middleware retries (#18200)2591bfbFix handling of junctions in Windows Containers on Windows (#18192)3697a2dUse global semaphores for concurrency limits (#18156)c030397Update aws-actions/configure-aws-credentials action to v6 (#18048)a91bcf2Bump version to 0.10.6 (#18189)908a7c1Preserve file permissions when using reflinks on Linux (#18187)55cfaf9Apply lockfile marker normalization for fork markers (#18116)7ba5946Remove verbose documentation from optional dependencies help text (#18180)- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)