Skip to content

chore(deps): update all dependencies#127

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all
Open

chore(deps): update all dependencies#127
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all

Conversation

@renovate

@renovate renovate Bot commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Type Update Change
astral-sh/ruff-pre-commit repository patch v0.15.20v0.15.22
astral-sh/setup-uv action minor v8.2.0v8.3.2
astral-sh/ty-pre-commit repository patch v0.0.55v0.0.60
ghcr.io/astral-sh/uv final patch 0.11.250.11.29
oxc-project/mirrors-oxfmt repository minor v0.56.0v0.59.0
pre-commit/mirrors-mypy repository minor v2.1.0v2.3.0

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.


Release Notes

astral-sh/ruff-pre-commit (astral-sh/ruff-pre-commit)

v0.15.22

Compare Source

See: https://github.com/astral-sh/ruff/releases/tag/0.15.22

v0.15.21

Compare Source

astral-sh/setup-uv (astral-sh/setup-uv)

v8.3.2

Compare Source

v8.3.1

Compare Source

v8.3.0

Compare Source

astral-sh/ty-pre-commit (astral-sh/ty-pre-commit)

v0.0.60

Compare Source

See: https://github.com/astral-sh/ty/releases/tag/0.0.60

v0.0.59

Compare Source

See: https://github.com/astral-sh/ty/releases/tag/0.0.59

v0.0.58

Compare Source

See: https://github.com/astral-sh/ty/releases/tag/0.0.58

v0.0.57

Compare Source

See: https://github.com/astral-sh/ty/releases/tag/0.0.57

v0.0.56

Compare Source

See: https://github.com/astral-sh/ty/releases/tag/0.0.56

astral-sh/uv (ghcr.io/astral-sh/uv)

v0.11.29

Compare Source

Released on 2026-07-15.

Python
  • Use gzip-compressed artifacts for PyPy downloads (#​20265)
Enhancements
  • Add JSON output to uv tree (#​19978)
  • Add CUDA 13.2 as a supported PyTorch backend (#​20267)
  • Prefer local artifacts over URLs when installing from pylock.toml (#​20393)
  • Clarify diagnostics for unsatisfiable direct requirement ranges (#​20227)
  • Include the selected project name in missing-extra errors (#​20358)
Preview features
  • Preserve extras and dependency-group conflict context when selecting locked project tools (#​20078)
  • Split OSV audit queries that exceed the service's 1,000-package limit (#​20398)
  • Apply OSV fixed-version information only to the matching package and ecosystem (#​20399)
  • Skip the virtualenv distutils monkeypatch on Python 3.10 and later (#​20222)
  • Report invalid uv audit --service-url values instead of panicking (#​20374)
  • Include preview settings in the published SchemaStore schema (#​20304)
Performance
  • Reduce resolver work by widening selected versions across ranges without other known candidates (#​20115)
  • Defer client and build setup for no-op uv sync operations (#​20364)
  • Reuse workspace discovery during frozen syncs (#​20363)
  • Reuse workspace discovery after resolving settings (#​20356)
  • Reuse workspace discovery in uv tree, uv export, uv format, and uv audit (#​20359)
  • Avoid cache and interpreter setup when reading a project version (#​20360)
Bug fixes
  • Reject duplicate active package entries in pylock.toml (#​20391)
  • Preserve direct-archive hashes in uv pip freeze output (#​20395)
  • Explain conflicting root requirements instead of displaying an empty version range (#​20228)
  • Prevent build-backend data paths from escaping the project or bypassing wheel exclusions (#​20397)
  • Reject PEP 517 backend paths outside the source tree, including paths that escape through symlinks (#​20387)
  • Redact credentials from failed Git fetch commands (#​20401)
  • Fix exclusive post-release range ordering to match PEP 440 (#​20268)
  • Canonicalize equivalent PEP 440 ranges during dependency resolution (#​20182)
  • Honor Python version pins when initializing scripts (#​20404)
  • Respect package-scoped source filtering for scripts (#​20389)
  • Report existing environment incompatibilities when uv pip install --strict has nothing to install (#​20388)
  • Continue scanning platlib when purelib is missing (#​20405)
  • Handle versionless .egg-info files as legacy package metadata (#​20403)
  • Make repeated locking idempotent for impossible cross-variable platform markers (#​20369)
  • Report invalid cloud credential endpoint URLs instead of panicking (#​20372)
  • Report invalid pylock.toml artifact URLs instead of panicking (#​20373)
  • Report non-UTF-8 virtual environment paths instead of panicking while generating activation scripts (#​20375)
  • Return an unsupported-operation error from unimplemented build-backend requirement hooks (#​20376)
Documentation
  • Clarify --no-build behavior for editable requirements (#​20234)
  • Document uv's threat model (#​20236)
  • Reduce the number of badges in the README (#​11257)

v0.11.28

Compare Source

Released on 2026-07-07.

Security

This release updates our ZIP library, astral-async-zip, to v0.0.20, which includes 15 changes that harden our ZIP handling against parser differentials. uv may reject ZIP archives with malformed or ambiguous content that were previously accepted.

See the upstream commits for a full list of changes.

Python
Enhancements
  • Improve trace logs for unexpected error chains (#​20220)
  • Move lockfile update guidance to a hint (#​20219)
  • Preserve indentation for multiline error causes (#​20156)
  • Render user errors with their cause chains (#​20217)
  • Route final command errors through the printer to respect -q and -qq (#​20163)
  • Use standard rendering for uv build errors (#​20159)
  • Use standard rendering for tool requirement errors (#​20160)
Performance
  • Only compile bytecode for installed distributions in uv pip install (#​19914)
  • Avoid allocating URL-safe Git revisions (#​20194)
  • Avoid allocating canonical Python request strings (#​20193)
  • Avoid allocating custom Astral mirror URLs (#​20204)
  • Avoid allocating expanded compatibility tags (#​20190)
  • Avoid allocating shell strings that need no escaping (#​20196)
  • Avoid allocating static ABI descriptions (#​20201)
  • Avoid allocating static Windows executable names (#​20200)
  • Avoid allocating static dependency table names (#​20199)
  • Avoid allocating static platform triple components (#​20195)
  • Avoid allocating static resolver report labels (#​20198)
  • Avoid allocating static unavailable-version messages (#​20197)
  • Avoid allocating unchanged Python download architectures (#​20202)
  • Avoid allocating unchanged paths during case normalization (#​20203)
  • Avoid allocations when expanding group conflicts (#​20211)
  • Avoid allocations when formatting requirements (#​20206)
  • Avoid cloning credential lookup services (#​20210)
  • Avoid cloning dry-run distributions (#​20209)
  • Avoid cloning owned dependency metadata (#​20212)
  • Avoid redundant direct URL clones (#​20207)
  • Create metadata version errors lazily (#​20205)
  • Optimize expanded tag compatibility checks (#​20171)
  • Optimize parsing of single-digit three-part versions (#​20118)
Bug fixes
  • Avoid overflow when computing HTTP cache age (#​20178)
  • Respect --upgrade when upgrade-package is configured (#​19955)
  • Support uv tree in dependency-group-only projects (#​20167)
  • Treat cache entries as stale at exact expiration (#​20183)

v0.11.27

Compare Source

Released on 2026-07-06.

Enhancements
  • Continue on ignored errors when fetching wheel metadata (#​12255)
  • Use caching for --python-downloads-json-url (#​16749)
Preview features
  • Discover extensionless shebang scripts in uv workspace list --scripts (#​20099)
Performance
  • Avoid full site-packages scans for direct reinstalls (#​20119)
  • Avoid redundant pyproject parsing (#​20076)
  • Cache default dependency markers when reading locks (#​20125)
  • Enable SIMD-accelerated TOML parsing (#​20079)
  • Intern requires-python specifiers in Simple API parsing (#​20104)
  • Read cache entries into exact-sized buffers (#​20120)
  • Reduce VersionSpecifiers parsing allocations (#​20105)
  • Reduce site-packages scan allocation overhead (#​20087)
  • Reuse package names when parsing wheel filenames (#​20110)
  • Sort Simple API files after grouping (#​20112)
Bug fixes
  • Always emit packages table for pylock.toml (#​20145)
  • Avoid blank line for empty uv pip tree (#​20062)
  • Encode hashes in file paths (#​19807)
  • Error on a registry uv.lock package without a version instead of panicking (#​19855)
  • Preserve conditional extra markers in exports (#​20148)
  • Skip the ambiguous authority check for file transport VCS URLs (#​20086)
  • Sync index format when uv add --index updates an existing index URL (#​19818)
Other changes

v0.11.26

Compare Source

Released on 2026-06-30.

Performance
  • Adapt uv to IDs-only PubGrub dependencies (#​20048)
  • Avoid allocations in ForkMap::contains (#​20023)
  • Reuse resolver work across PubGrub iterations (#​20020)
  • Speed up candidate selection for disjoint ranges (#​20026)
Bug fixes
  • Warn when the build cache is inside the source directory (#​20056)
oxc-project/mirrors-oxfmt (oxc-project/mirrors-oxfmt)

v0.59.0

Compare Source

v0.58.0

Compare Source

v0.57.0

Compare Source

pre-commit/mirrors-mypy (pre-commit/mirrors-mypy)

v2.3.0

Compare Source

v2.2.0

Compare Source


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • Between 12:00 AM and 03:59 AM (* 0-3 * * *)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot changed the title chore(deps): update pre-commit hook oxc-project/mirrors-oxfmt to v0.57.0 chore(deps): update all dependencies Jun 30, 2026
@renovate
renovate Bot force-pushed the renovate/all branch 7 times, most recently from bba49b6 to 68c4b89 Compare July 8, 2026 14:02
@renovate
renovate Bot force-pushed the renovate/all branch 7 times, most recently from 500cb2e to 84eaf40 Compare July 16, 2026 11:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants