chore(deps-dev): Update uv requirement from 0.9.7 to 0.9.8 by dependabot[bot] · Pull Request #992

chore(deps-dev): Update uv requirement from 0.9.7 to 0.9.8 by dependabot[bot] · Pull Request #992 · CycloneDX/cyclonedx-python

Updates the requirements on uv to permit the latest version.

Release notes

Sourced from uv's releases.

0.9.8

Release Notes

Released on 2025-11-07.

Enhancements

Accept multiple packages in uv export (#16603)

Accept multiple packages in uv sync (#16543)

Add a uv cache size command (#16032)

Add prerelease guidance for build-system resolution failures (#16550)

Allow Python requests to include +gil to require a GIL-enabled interpreter (#16537)

Avoid pluralizing 'retry' for single value (#16535)

Enable first-class dependency exclusions (#16528)

Fix inclusive constraints on available package versions in resolver errors (#16629)

Improve uv init error for invalid directory names (#16554)

Show help on uv build -h (#16632)

Include the Python variant suffix in "Using Python ..." messages (#16536)

Log most recently modified file for cache-keys (#16338)

Update Docker builds to use nightly Rust toolchain with musl v1.2.5 (#16584)

Configuration

Expose UV_NO_GROUP as an environment variable (#16529)

Add UV_NO_SOURCES as an environment variable (#15883)

Bug fixes

Allow --check and --locked to be used together in uv lock (#16538)

Allow for unnormalized names in the METADATA file (#16547) (#16548)

Fix missing value_type for default-groups in schema (#16575)

Respect multi-GPU outputs in nvidia-smi (#15460)

Fix DNS lookup errors in Docker containers (#8450)

Documentation

Fix typo in uv tool list doc (#16625)

Note uv pip list name normalization in docs (#13210)

Other changes

Update Rust toolchain to 1.91 and MSRV to 1.89 (#16531)

Install uv 0.9.8

Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.9.8/uv-installer.sh | sh

... (truncated)

Changelog

Sourced from uv's changelog.

0.9.8

Released on 2025-11-07.

Enhancements

Accept multiple packages in uv export (#16603)

Accept multiple packages in uv sync (#16543)

Add a uv cache size command (#16032)

Add prerelease guidance for build-system resolution failures (#16550)

Allow Python requests to include +gil to require a GIL-enabled interpreter (#16537)

Avoid pluralizing 'retry' for single value (#16535)

Enable first-class dependency exclusions (#16528)

Fix inclusive constraints on available package versions in resolver errors (#16629)

Improve uv init error for invalid directory names (#16554)

Show help on uv build -h (#16632)

Include the Python variant suffix in "Using Python ..." messages (#16536)

Log most recently modified file for cache-keys (#16338)

Update Docker builds to use nightly Rust toolchain with musl v1.2.5 (#16584)

Configuration

Expose UV_NO_GROUP as an environment variable (#16529)

Add UV_NO_SOURCES as an environment variable (#15883)

Bug fixes

Allow --check and --locked to be used together in uv lock (#16538)

Allow for unnormalized names in the METADATA file (#16547) (#16548)

Fix missing value_type for default-groups in schema (#16575)

Respect multi-GPU outputs in nvidia-smi (#15460)

Fix DNS lookup errors in Docker containers (#8450)

Documentation

Fix typo in uv tool list doc (#16625)

Note uv pip list name normalization in docs (#13210)

Other changes

Update Rust toolchain to 1.91 and MSRV to 1.89 (#16531)

0.9.7

Released on 2025-10-30.

Enhancements

Add Windows x86-32 emulation support to interpreter architecture checks (#13475)

Improve readability of progress bars (#16509)

... (truncated)

Commits

85c5d32 Bump version to 0.9.8 (#16636)
bfecc99 Fix inclusive constraints on available package versions in resolver errors (#...
5e181d3 Show help on uv build -h (#16632)
08229ca Add expectation for externally managed marker in x86-64 macOS system test (#1...
4740d26 Remove fast path from uv-git fetch (#16607)
e5c10cd Fix typo in uv tool list doc (#16625)
5fe8af1 Accept multiple packages in uv export (#16603)
148b694 Make augment_requirement a method (#16592)
3068fa8 Docker builds target rust toolchain with bundled musl v1.2.5 (#16584)
9a6eafc Accept multiple packages in uv sync (#16543)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)