chore(deps-dev): Update uv requirement from 0.8.14 to 0.8.15 by dependabot[bot] · Pull Request #964

chore(deps-dev): Update uv requirement from 0.8.14 to 0.8.15 by dependabot[bot] · Pull Request #964 · CycloneDX/cyclonedx-python

Updates the requirements on uv to permit the latest version.

Release notes

Sourced from uv's releases.

0.8.15

Release Notes

Python

Upgrade SQLite 3.50.4 in CPython builds for CVE-2025-6965 (see also python/cpython#137134)

Enhancements

Add uv auth commands for credential management (#15570)

Add pyx support to uv auth commands (#15636)

Add uv tree --show-sizes to show package sizes (#15531)

Add --python-platform riscv64-unknown-linux (#15630)

Add --python-platform to uv run and uv tool (#15515)

Add uv publish --dry-run (#15638)

Add zstandard support for wheels (#15645)

Allow registries to pre-provide core metadata (#15644)

Retry streaming Python and binary download errors (#15567)

Bug fixes

Fix settings rendering for extra-build-dependencies (#15622)

Skip non-existent directories in bytecode compilation (#15608)

Error messages

Add error trace to invalid package format (#15626)

Install uv 0.8.15

Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.8.15/uv-installer.sh | sh
Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.8.15/uv-installer.ps1 | iex"
Download uv 0.8.15

File Platform Checksum

uv-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum

uv-x86_64-apple-darwin.tar.gz Intel macOS checksum

uv-aarch64-pc-windows-msvc.zip ARM64 Windows checksum

uv-i686-pc-windows-msvc.zip x86 Windows checksum

File	Platform	Checksum
uv-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
uv-x86_64-apple-darwin.tar.gz	Intel macOS	checksum
uv-aarch64-pc-windows-msvc.zip	ARM64 Windows	checksum
uv-i686-pc-windows-msvc.zip	x86 Windows	checksum

... (truncated)

Changelog

Sourced from uv's changelog.

0.8.15

Python

Upgrade SQLite 3.50.4 in CPython builds for CVE-2025-6965 (see also python/cpython#137134)

Enhancements

Add uv auth commands for credential management (#15570)

Add pyx support to uv auth commands (#15636)

Add uv tree --show-sizes to show package sizes (#15531)

Add --python-platform riscv64-unknown-linux (#15630)

Add --python-platform to uv run and uv tool (#15515)

Add uv publish --dry-run (#15638)

Add zstandard support for wheels (#15645)

Allow registries to pre-provide core metadata (#15644)

Retry streaming Python and binary download errors (#15567)

Bug fixes

Fix settings rendering for extra-build-dependencies (#15622)

Skip non-existent directories in bytecode compilation (#15608)

Error messages

Add error trace to invalid package format (#15626)

0.8.14

Python

Add managed CPython distributions for aarch64 musl

Enhancements

Add --python-platform to uv pip check (#15486)

Add an environment variable for UV_ISOLATED (#15428)

Add logging to the uv build backend (#15533)

Allow more trailing null bytes in zip files (#15452)

Allow pinning managed Python versions to specific build versions (#15314)

Cache PyTorch wheels by default (#15481)

Reject already-installed wheels that don't match the target platform (#15484)

Add --no-install-local option to uv sync, uv add and uv export (#15328)

Include cycle error message in uv pip CLI (#15453)

Preview features

Fix format of {version} on uv format failure (#15527)

Lock during installs in uv format to prevent races (#15551)

Respect --project in uv format (#15438)

... (truncated)

Commits

8473ecb Require HTTPS for CDN requests (#15660)
ad35d12 Make uv auth dir service-aware (#15649)
70cb0df Bump version to v0.8.15 (#15648)
4e48d75 Add zstandard support for wheels (#15645)
7606f1a Add uv publish --dry-run (#15638)
b57ad17 Allow registries to pre-provide core metadata (#15644)
f88aaa8 Add pyx support to uv auth commands (#15636)
f9e98d1 Allow providing the uv auth login password or token via stdin (#15642)
63b93a1 Add test cases for URL matching with the native keyring (#15641)
8fcd88d Sync latest Python releases (#15631)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)