python-uv.spec

#
# spec file for package python-uv
#
# Copyright (c) 2025 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#


%if 0%{?suse_version} && 0%{?suse_version} < 1550
%global force_gcc_version 13
%endif

%if 0%{?suse_version} > 1600
%bcond_without mold
%else
%bcond_with    mold
%endif

%if %{with mold}
%global build_rustflags "-C" "linker=clang" "-C" "link-arg='-fuse-ld=/usr/bin/mold -Wl,-z,relro,-z,now'" "-C" "debuginfo=2" "-C" "incremental=false" "-C" "strip=none"
%endif

%bcond_without libalternatives
%{?sle15_python_module_pythons}
Name:           python-uv
Version:        0.9.5
Release:        0
Summary:        A Python package installer and resolver, written in Rust
License:        Apache-2.0 OR MIT
URL:            https://github.com/astral-sh/uv
Source0:        https://github.com/astral-sh/uv/archive/refs/tags/%{version}.tar.gz#/%{name}-%{version}.tar.gz
Source1:        vendor.tar.zst
BuildRequires:  %{python_module maturin}
BuildRequires:  %{python_module pip}
BuildRequires:  %{python_module tomli}
BuildRequires:  alts
BuildRequires:  cargo >= 1.88
BuildRequires:  cargo-packaging
BuildRequires:  cmake
BuildRequires:  fdupes
%if 0%{?suse_version} > 1600
BuildRequires:  c++_compiler
BuildRequires:  c_compiler
BuildRequires:  clang
BuildRequires:  mold
%else
BuildRequires:  gcc13
BuildRequires:  gcc13-c++
BuildRequires:  libstdc++6-devel-gcc13
%endif
BuildRequires:  python-rpm-macros
BuildRequires:  zstd
Obsoletes:      uv < %{version}
Provides:       uv = %{version}
Requires:       alts
Requires:       python3

%package        -n uv-fish-completion
Summary:        Fish Completion for %{name}
Provides:       python-uv-fish-completion = %{version}
Supplements:    (uv and fish)
Requires:       fish
Requires:       uv
BuildArch:      noarch

%description    -n uv-fish-completion
Fish command-line completion support for %{name}.

%package        -n uv-zsh-completion
Summary:        Zsh Completion for %{name}
Provides:       python-uv-zsh-completion = %{version}
Supplements:    (uv and zsh)
Requires:       uv
Requires:       zsh
BuildArch:      noarch

%description    -n uv-zsh-completion
Zsh command-line completion support for %{name}.

%package        -n uv-bash-completion
Summary:        Bash Completion for %{name}
Provides:       python-uv-bash-completion = %{version}
Supplements:    (uv and bash-completion)
Requires:       bash-completion
Requires:       uv
BuildArch:      noarch

%description    -n uv-bash-completion
Bash command-line completion support for %{name}.

%python_subpackages

%description
uv is a Python package installer and resolver, written in Rust. Designed as a
drop-in replacement for common pip and pip-tools workflows.

%prep
%autosetup -p1 -a1 -n uv-%{version}
%ifnarch x86_64
# Reduce memory consumption for non x86 arches
sed -i '/lto = "fat"/d' Cargo.toml
%endif

%build
export LDFLAGS="--no-keep-memory"
export CARGO_AUDITABLE="auditable"
export CARGO_INCREMENTAL=0
export CARGO_FEATURE_VENDORED=1
export RUSTFLAGS="%build_rustflags"
export CARGO_NET_OFFLINE=true
%ifarch %rust_tier1_arches
export CARGO_PROFILE_RELEASE_DEBUG=full
%else
export CARGO_PROFILE_RELEASE_DEBUG=limited
%endif
export CARGO_PROFILE_RELEASE_SPLIT_DEBUGINFO=off
export CARGO_PROFILE_RELEASE_STRIP=false
%if 0%{?force_gcc_version}
export CC="gcc-%{?force_gcc_version}"
export CXX="g++-%{?force_gcc_version}"
%endif
%pyproject_wheel

%install
export PATH="%{buildroot}%{_bindir}:${PATH}"
mkdir -p %{buildroot}%{_datadir}/bash-completion/completions
mkdir -p %{buildroot}%{_datadir}/fish/vendor_completions.d
mkdir -p %{buildroot}%{_datadir}/zsh/site-functions
export CARGO_AUDITABLE="auditable"
export CARGO_INCREMENTAL=0
export CARGO_FEATURE_VENDORED=1
export RUSTFLAGS="%build_rustflags"
export CARGO_NET_OFFLINE=true
%ifarch %rust_tier1_arches
export CARGO_PROFILE_RELEASE_DEBUG=full
%else
export CARGO_PROFILE_RELEASE_DEBUG=limited
%endif
%if 0%{?force_gcc_version}
export CC="gcc-%{?force_gcc_version}"
export CXX="g++-%{?force_gcc_version}"
%endif
export CARGO_PROFILE_RELEASE_SPLIT_DEBUGINFO=off
export CARGO_PROFILE_RELEASE_STRIP=false
%pyproject_install
%python_expand %fdupes %{buildroot}%{$python_sitearch}
%python_clone -a %{buildroot}%{_bindir}/uv
%python_group_libalternatives uv
%python_clone -a %{buildroot}%{_bindir}/uvx
%python_group_libalternatives uvx

%python_expand uv-%{$python_bin_suffix} --generate-shell-completion bash > %{buildroot}%{_datadir}/bash-completion/completions/uv
%python_expand uv-%{$python_bin_suffix} --generate-shell-completion fish > %{buildroot}%{_datadir}/fish/vendor_completions.d/uv.fish
%python_expand uv-%{$python_bin_suffix} --generate-shell-completion zsh  > %{buildroot}%{_datadir}/zsh/site-functions/_uv
%python_expand uv-%{$python_bin_suffix} tool uvx --generate-shell-completion bash > %{buildroot}%{_datadir}/bash-completion/completions/uvx
%python_expand uv-%{$python_bin_suffix} tool uvx --generate-shell-completion fish > %{buildroot}%{_datadir}/fish/vendor_completions.d/uvx.fish
%python_expand uv-%{$python_bin_suffix} tool uvx --generate-shell-completion zsh  > %{buildroot}%{_datadir}/zsh/site-functions/_uvx

%pre
%python_libalternatives_reset_alternative uv
%python_libalternatives_reset_alternative uvx

%files %{python_files}
%license LICENSE-*
%doc README.md
%python_alternative %{_bindir}/uv
%python_alternative %{_bindir}/uvx
%{python_sitearch}/uv
%{python_sitearch}/uv-%{version}.dist-info

%files -n uv-bash-completion
%dir %{_datadir}/bash-completion
%dir %{_datadir}/bash-completion/completions
%{_datadir}/bash-completion/completions/uv
%{_datadir}/bash-completion/completions/uvx

%files -n uv-fish-completion
%dir %{_datadir}/fish
%dir %{_datadir}/fish/vendor_completions.d
%{_datadir}/fish/vendor_completions.d/uv.fish
%{_datadir}/fish/vendor_completions.d/uvx.fish

%files -n uv-zsh-completion
%dir %{_datadir}/zsh
%dir %{_datadir}/zsh/site-functions
%{_datadir}/zsh/site-functions/_uv
%{_datadir}/zsh/site-functions/_uvx

%changelog
- update to 0.9.3 * Enhancements * Obfuscate secret token values in logs * Bug fixes * Fix workspace with relative pathing OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-uv?expand=0&rev=133 2025-10-16 22:26:06 +00:00			`#`
			`# spec file for package python-uv`
			`#`
			`# Copyright (c) 2025 SUSE LLC and contributors`
			`#`
			`# All modifications and additions to the file contributed by third parties`
			`# remain the property of their copyright owners, unless otherwise agreed`
			`# upon. The license for this file, and modifications and additions to the`
			`# file, is the same license as for the pristine package itself (unless the`
			`# license for the pristine package is not an Open Source License, in which`
			`# case the license is the MIT License). An "Open Source License" is a`
			`# license that conforms to the Open Source Definition (Version 1.9)`
			`# published by the Open Source Initiative.`

			`# Please submit bugfixes or comments via https://bugs.opensuse.org/`
			`#`


			`%if 0%{?suse_version} && 0%{?suse_version} < 1550`
			`%global force_gcc_version 13`
			`%endif`

			`%if 0%{?suse_version} > 1600`
			`%bcond_without mold`
			`%else`
			`%bcond_with mold`
			`%endif`

			`%if %{with mold}`
			`%global build_rustflags "-C" "linker=clang" "-C" "link-arg='-fuse-ld=/usr/bin/mold -Wl,-z,relro,-z,now'" "-C" "debuginfo=2" "-C" "incremental=false" "-C" "strip=none"`
			`%endif`

			`%bcond_without libalternatives`
			`%{?sle15_python_module_pythons}`
			`Name: python-uv`
- update to 0.9.5 (bsc#1252399, CVE-2025-62518) This release contains an upgrade to astral-tokio-tar, which addresses a vulnerability in tar extraction on malformed archives with mismatching size information between the ustar header and PAX extensions. While the astral-tokio-tar advisory has been graded as "high" due its potential broader impact, the specific impact to uv is low due to a lack of novel attacker capability. Specifically, uv only processes tar archives from source distributions, which already possess the capability for full arbitrary code execution by design, meaning that an attacker gains no additional capabilities through astral-tokio-tar. Regardless, we take the hypothetical risk of parser differentials very seriously. Out of an abundance of caution, we have assigned this upgrade an advisory: https://github.com/astral-sh/uv/security/advisories/GHSA-w476-p2h3-79g9 * Security * Upgrade astral-tokio-tar to 0.5.6 to address a parsing differential (#16387) * Enhancements * Add required environment marker example to hint (#16244) * Fix typo in MissingTopLevel warning (#16351) * Improve 403 Forbidden error message to indicate package may not exist (#16353) * Add a hint on uv pip install failure if the --system flag is used to select an externally managed interpreter (#16318) * Bug fixes * Fix backtick escaping for PowerShell (#16307) * Documentation * Document metadata consistency expectation (#15683) * Remove outdated aarch64 musl note (#16385) OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-uv?expand=0&rev=137 2025-10-22 05:57:02 +00:00			`Version: 0.9.5`
- update to 0.9.3 * Enhancements * Obfuscate secret token values in logs * Bug fixes * Fix workspace with relative pathing OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-uv?expand=0&rev=133 2025-10-16 22:26:06 +00:00			`Release: 0`
			`Summary: A Python package installer and resolver, written in Rust`
			`License: Apache-2.0 OR MIT`
			`URL: https://github.com/astral-sh/uv`
			`Source0: https://github.com/astral-sh/uv/archive/refs/tags/%{version}.tar.gz#/%{name}-%{version}.tar.gz`
			`Source1: vendor.tar.zst`
			`BuildRequires: %{python_module maturin}`
			`BuildRequires: %{python_module pip}`
			`BuildRequires: %{python_module tomli}`
			`BuildRequires: alts`
			`BuildRequires: cargo >= 1.88`
			`BuildRequires: cargo-packaging`
			`BuildRequires: cmake`
			`BuildRequires: fdupes`
			`%if 0%{?suse_version} > 1600`
			`BuildRequires: c++_compiler`
			`BuildRequires: c_compiler`
			`BuildRequires: clang`
			`BuildRequires: mold`
			`%else`
			`BuildRequires: gcc13`
			`BuildRequires: gcc13-c++`
			`BuildRequires: libstdc++6-devel-gcc13`
			`%endif`
			`BuildRequires: python-rpm-macros`
			`BuildRequires: zstd`
			`Obsoletes: uv < %{version}`
			`Provides: uv = %{version}`
			`Requires: alts`
			`Requires: python3`

			`%package -n uv-fish-completion`
			`Summary: Fish Completion for %{name}`
			`Provides: python-uv-fish-completion = %{version}`
			`Supplements: (uv and fish)`
			`Requires: fish`
			`Requires: uv`
			`BuildArch: noarch`

			`%description -n uv-fish-completion`
			`Fish command-line completion support for %{name}.`

			`%package -n uv-zsh-completion`
			`Summary: Zsh Completion for %{name}`
			`Provides: python-uv-zsh-completion = %{version}`
			`Supplements: (uv and zsh)`
			`Requires: uv`
			`Requires: zsh`
			`BuildArch: noarch`

			`%description -n uv-zsh-completion`
			`Zsh command-line completion support for %{name}.`

			`%package -n uv-bash-completion`
			`Summary: Bash Completion for %{name}`
			`Provides: python-uv-bash-completion = %{version}`
			`Supplements: (uv and bash-completion)`
			`Requires: bash-completion`
			`Requires: uv`
			`BuildArch: noarch`

			`%description -n uv-bash-completion`
			`Bash command-line completion support for %{name}.`

			`%python_subpackages`

			`%description`
			`uv is a Python package installer and resolver, written in Rust. Designed as a`
			`drop-in replacement for common pip and pip-tools workflows.`

			`%prep`
			`%autosetup -p1 -a1 -n uv-%{version}`
			`%ifnarch x86_64`
			`# Reduce memory consumption for non x86 arches`
			`sed -i '/lto = "fat"/d' Cargo.toml`
			`%endif`

			`%build`
			`export LDFLAGS="--no-keep-memory"`
			`export CARGO_AUDITABLE="auditable"`
			`export CARGO_INCREMENTAL=0`
			`export CARGO_FEATURE_VENDORED=1`
			`export RUSTFLAGS="%build_rustflags"`
			`export CARGO_NET_OFFLINE=true`
			`%ifarch %rust_tier1_arches`
			`export CARGO_PROFILE_RELEASE_DEBUG=full`
			`%else`
			`export CARGO_PROFILE_RELEASE_DEBUG=limited`
			`%endif`
			`export CARGO_PROFILE_RELEASE_SPLIT_DEBUGINFO=off`
			`export CARGO_PROFILE_RELEASE_STRIP=false`
			`%if 0%{?force_gcc_version}`
			`export CC="gcc-%{?force_gcc_version}"`
			`export CXX="g++-%{?force_gcc_version}"`
			`%endif`
			`%pyproject_wheel`

			`%install`
			`export PATH="%{buildroot}%{_bindir}:${PATH}"`
			`mkdir -p %{buildroot}%{_datadir}/bash-completion/completions`
			`mkdir -p %{buildroot}%{_datadir}/fish/vendor_completions.d`
			`mkdir -p %{buildroot}%{_datadir}/zsh/site-functions`
			`export CARGO_AUDITABLE="auditable"`
			`export CARGO_INCREMENTAL=0`
			`export CARGO_FEATURE_VENDORED=1`
			`export RUSTFLAGS="%build_rustflags"`
			`export CARGO_NET_OFFLINE=true`
			`%ifarch %rust_tier1_arches`
			`export CARGO_PROFILE_RELEASE_DEBUG=full`
			`%else`
			`export CARGO_PROFILE_RELEASE_DEBUG=limited`
			`%endif`
			`%if 0%{?force_gcc_version}`
			`export CC="gcc-%{?force_gcc_version}"`
			`export CXX="g++-%{?force_gcc_version}"`
			`%endif`
			`export CARGO_PROFILE_RELEASE_SPLIT_DEBUGINFO=off`
			`export CARGO_PROFILE_RELEASE_STRIP=false`
			`%pyproject_install`
			`%python_expand %fdupes %{buildroot}%{$python_sitearch}`
			`%python_clone -a %{buildroot}%{_bindir}/uv`
			`%python_group_libalternatives uv`
			`%python_clone -a %{buildroot}%{_bindir}/uvx`
			`%python_group_libalternatives uvx`

			`%python_expand uv-%{$python_bin_suffix} --generate-shell-completion bash > %{buildroot}%{_datadir}/bash-completion/completions/uv`
			`%python_expand uv-%{$python_bin_suffix} --generate-shell-completion fish > %{buildroot}%{_datadir}/fish/vendor_completions.d/uv.fish`
			`%python_expand uv-%{$python_bin_suffix} --generate-shell-completion zsh > %{buildroot}%{_datadir}/zsh/site-functions/_uv`
			`%python_expand uv-%{$python_bin_suffix} tool uvx --generate-shell-completion bash > %{buildroot}%{_datadir}/bash-completion/completions/uvx`
			`%python_expand uv-%{$python_bin_suffix} tool uvx --generate-shell-completion fish > %{buildroot}%{_datadir}/fish/vendor_completions.d/uvx.fish`
			`%python_expand uv-%{$python_bin_suffix} tool uvx --generate-shell-completion zsh > %{buildroot}%{_datadir}/zsh/site-functions/_uvx`

			`%pre`
			`%python_libalternatives_reset_alternative uv`
			`%python_libalternatives_reset_alternative uvx`

			`%files %{python_files}`
			`%license LICENSE-*`
			`%doc README.md`
			`%python_alternative %{_bindir}/uv`
			`%python_alternative %{_bindir}/uvx`
			`%{python_sitearch}/uv`
			`%{python_sitearch}/uv-%{version}.dist-info`

			`%files -n uv-bash-completion`
			`%dir %{_datadir}/bash-completion`
			`%dir %{_datadir}/bash-completion/completions`
			`%{_datadir}/bash-completion/completions/uv`
			`%{_datadir}/bash-completion/completions/uvx`

			`%files -n uv-fish-completion`
			`%dir %{_datadir}/fish`
			`%dir %{_datadir}/fish/vendor_completions.d`
			`%{_datadir}/fish/vendor_completions.d/uv.fish`
			`%{_datadir}/fish/vendor_completions.d/uvx.fish`

			`%files -n uv-zsh-completion`
			`%dir %{_datadir}/zsh`
			`%dir %{_datadir}/zsh/site-functions`
			`%{_datadir}/zsh/site-functions/_uv`
			`%{_datadir}/zsh/site-functions/_uvx`

			`%changelog`