chore(deps-dev): Update uv requirement from 0.9.2 to 0.9.3 by dependabot[bot] · Pull Request #983

chore(deps-dev): Update uv requirement from 0.9.2 to 0.9.3 by dependabot[bot] · Pull Request #983 · CycloneDX/cyclonedx-python

Updates the requirements on uv to permit the latest version.

Release notes

Sourced from uv's releases.

0.9.3

Release Notes

Released on 2025-10-14.

Python

Add CPython 3.15.0a1

Add CPython 3.13.9

Enhancements

Obfuscate secret token values in logs (#16164)

Bug fixes

Fix workspace with relative pathing (#16296)

Install uv 0.9.3

Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.9.3/uv-installer.sh | sh
Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.9.3/uv-installer.ps1 | iex"
Download uv 0.9.3

File Platform Checksum

uv-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum

uv-x86_64-apple-darwin.tar.gz Intel macOS checksum

uv-aarch64-pc-windows-msvc.zip ARM64 Windows checksum

uv-i686-pc-windows-msvc.zip x86 Windows checksum

uv-x86_64-pc-windows-msvc.zip x64 Windows checksum

uv-aarch64-unknown-linux-gnu.tar.gz ARM64 Linux checksum

uv-i686-unknown-linux-gnu.tar.gz x86 Linux checksum

uv-powerpc64-unknown-linux-gnu.tar.gz PPC64 Linux checksum

uv-powerpc64le-unknown-linux-gnu.tar.gz PPC64LE Linux checksum

uv-riscv64gc-unknown-linux-gnu.tar.gz RISCV Linux checksum

uv-s390x-unknown-linux-gnu.tar.gz S390x Linux checksum

uv-x86_64-unknown-linux-gnu.tar.gz x64 Linux checksum

uv-armv7-unknown-linux-gnueabihf.tar.gz ARMv7 Linux checksum

uv-aarch64-unknown-linux-musl.tar.gz ARM64 MUSL Linux checksum

File	Platform	Checksum
uv-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
uv-x86_64-apple-darwin.tar.gz	Intel macOS	checksum
uv-aarch64-pc-windows-msvc.zip	ARM64 Windows	checksum
uv-i686-pc-windows-msvc.zip	x86 Windows	checksum
uv-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
uv-aarch64-unknown-linux-gnu.tar.gz	ARM64 Linux	checksum
uv-i686-unknown-linux-gnu.tar.gz	x86 Linux	checksum
uv-powerpc64-unknown-linux-gnu.tar.gz	PPC64 Linux	checksum
uv-powerpc64le-unknown-linux-gnu.tar.gz	PPC64LE Linux	checksum
uv-riscv64gc-unknown-linux-gnu.tar.gz	RISCV Linux	checksum
uv-s390x-unknown-linux-gnu.tar.gz	S390x Linux	checksum
uv-x86_64-unknown-linux-gnu.tar.gz	x64 Linux	checksum
uv-armv7-unknown-linux-gnueabihf.tar.gz	ARMv7 Linux	checksum
uv-aarch64-unknown-linux-musl.tar.gz	ARM64 MUSL Linux	checksum

... (truncated)

Changelog

Sourced from uv's changelog.

0.9.3

Released on 2025-10-14.

Python

Add CPython 3.15.0a1

Add CPython 3.13.9

Enhancements

Obfuscate secret token values in logs (#16164)

Bug fixes

Fix workspace with relative pathing (#16296)

0.9.2

Released on 2025-10-10.

Python

Add CPython 3.9.24.

Add CPython 3.10.19.

Add CPython 3.11.14.

Add CPython 3.12.12.

Enhancements

Avoid inferring check URLs for pyx in uv publish (#16234)

Add uv tool list --show-python (#15814)

Documentation

Add missing "added in" to new environment variables in reference (#16217)

0.9.1

Released on 2025-10-09.

Enhancements

Log Python choice in uv init (#16182)

Fix pylock.toml config conflict error messages (#16211)

Configuration

Add UV_UPLOAD_HTTP_TIMEOUT and respect UV_HTTP_TIMEOUT in uploads (#16040)

Support UV_WORKING_DIRECTORY for setting --directory (#16125)

... (truncated)

Commits

83635a6 Update changelog to escape GitHub bad behavior (#16315)
9db7d38 Bump version to 0.9.3 (#16305)
d1413a6 Add CPython 3.15.0a1 and 3.13.9 (#16304)
b151e0e Fix workspace with relative pathing (#16296)
8eada16 Fix comments on python_no_transparent_upgrade_with_venv_patch_specification (...
f9fbf41 Update Rust crate ref-cast to v1.0.25 (#16272)
45e8b38 Update Rust crate thiserror to v2.0.17 (#16276)
ae273f3 Update Rust crate serde to v1.0.228 (#16275)
15829bb Obfuscate Bearer Token values in logs (#16164)
01d4338 Update Rust crate rkyv to v0.8.12 (#16274)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)