chore(deps-dev): Update uv requirement from 0.9.8 to 0.9.9 by dependabot[bot] · Pull Request #994

chore(deps-dev): Update uv requirement from 0.9.8 to 0.9.9 by dependabot[bot] · Pull Request #994 · CycloneDX/cyclonedx-python

Updates the requirements on uv to permit the latest version.

Release notes

Sourced from uv's releases.

0.9.9

Release Notes

Released on 2025-11-12.

Deprecations

Deprecate use of --project in uv init (#16674)

Enhancements

Add iOS support to Python interpreter discovery (#16686)

Reject ambiguously parsed URLs (#16622)

Allow explicit values in uv version --bump (#16555)

Warn on use of managed pre-release Python versions when a stable version is available (#16619)

Allow signing trampolines on Windows by using .rcdata to store metadata (#15068)

Add --only-emit-workspace and similar variants to uv export (#16681)

Preview features

Add uv workspace dir command (#16678)

Add uv workspace metadata command (#16516)

Configuration

Add UV_NO_DEFAULT_GROUPS environment variable (#16645)

Bug fixes

Remove torch-model-archiver and torch-tb-profiler from PyTorch backend (#16655)

Fix Pixi environment detection (#16585)

Documentation

Fix CMD path in FastAPI Dockerfile (#16701)

Install uv 0.9.9

Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.9.9/uv-installer.sh | sh
Install prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.9.9/uv-installer.ps1 | iex"

... (truncated)

Changelog

Sourced from uv's changelog.

0.9.9

Released on 2025-11-12.

Deprecations

Deprecate use of --project in uv init (#16674)

Enhancements

Add iOS support to Python interpreter discovery (#16686)

Reject ambiguously parsed URLs (#16622)

Allow explicit values in uv version --bump (#16555)

Warn on use of managed pre-release Python versions when a stable version is available (#16619)

Allow signing trampolines on Windows by using .rcdata to store metadata (#15068)

Add --only-emit-workspace and similar variants to uv export (#16681)

Preview features

Add uv workspace dir command (#16678)

Add uv workspace metadata command (#16516)

Configuration

Add UV_NO_DEFAULT_GROUPS environment variable (#16645)

Bug fixes

Remove torch-model-archiver and torch-tb-profiler from PyTorch backend (#16655)

Fix Pixi environment detection (#16585)

Documentation

Fix CMD path in FastAPI Dockerfile (#16701)

0.9.8

Released on 2025-11-07.

Enhancements

Accept multiple packages in uv export (#16603)

Accept multiple packages in uv sync (#16543)

Add a uv cache size command (#16032)

Add prerelease guidance for build-system resolution failures (#16550)

Allow Python requests to include +gil to require a GIL-enabled interpreter (#16537)

Avoid pluralizing 'retry' for single value (#16535)

Enable first-class dependency exclusions (#16528)

Fix inclusive constraints on available package versions in resolver errors (#16629)

... (truncated)

Commits

4fac4cb Bump version to 0.9.9 (#16708)
e96354a Always attach linehaul data (#16705)
2c0d166 Add only-emit-workspace and similar variants to uv export (#16681)
ae1edef Reject ambiguously parsed URLs (#16622)
82c6127 chore: fix typo in crates/uv-virtualenv/README.md (#16700)
c16a5fd Fix shell-specific test snapshots (#16688)
d32cc63 Deny stdout/stderr printing in uv crate via clippy (#16695)
2de987e Skip python_install_emulated_macos except on ARM64 macos with rosetta (#16687)
1b38b47 Warn on managed prerelease interpreters when a stable build is available (#16...
92230ba Fix CMD path in FastAPI Dockerfile (#16701)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)