Accepting request 1322090 from devel:languages:python

- update to 0.9.17 * Enhancements * Add torch-tensorrt and torchao to the PyTorch list * Add hint for misplaced --verbose in uv tool run * Add support for relative durations in exclude-newer (a.k.a., dependency cooldowns) * Add support for relocatable nushell activation script * Bug fixes * Respect dropped (but explicit) indexes in dependency groups * Documentation * Improve source-exclude reference docs * Recommend UV_NO_DEV in Docker installs * Update UV_VERSION in docs for GitLab CI/CD OBS-URL: https://build.opensuse.org/request/show/1322090 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-uv?expand=0&rev=68
- update to 0.9.17
2025-12-11 17:38:48 +00:00 · 2025-12-11 00:13:38 +00:00 · 2025-12-09 11:48:49 +00:00 · 2025-12-08 10:02:01 +00:00 · 2025-12-04 10:25:30 +00:00 · 2025-12-03 15:54:58 +00:00
5 changed files with 651 additions and 34 deletions
--- a/python-uv-0.8.9.tar.gz
+++ b/python-uv-0.8.9.tar.gz
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a3164652c0da2ad7781184f761ccb2153a17b1ef6f00e7a75d59fbd5a2a4dac2
-size 4269678
--- a/python-uv-0.9.17.tar.gz
+++ b/python-uv-0.9.17.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ea948dc7141c56c798ff603f71793351917f9c777302d428840848515999fb29
+size 4774663
--- a/python-uv.changes
+++ b/python-uv.changes
@@ -1,3 +1,616 @@
+-------------------------------------------------------------------
+Wed Dec 10 21:09:53 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.9.17
+ * Enhancements
+  * Add torch-tensorrt and torchao to the PyTorch list 
+  * Add hint for misplaced --verbose in uv tool run 
+  * Add support for relative durations in exclude-newer (a.k.a., dependency cooldowns) 
+  * Add support for relocatable nushell activation script 
+ * Bug fixes
+  * Respect dropped (but explicit) indexes in dependency groups 
+ * Documentation
+  * Improve source-exclude reference docs 
+  * Recommend UV_NO_DEV in Docker installs 
+  * Update UV_VERSION in docs for GitLab CI/CD 
+
+-------------------------------------------------------------------
+Mon Dec  8 08:45:18 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.9.16 
+ * Enhancements
+  * Add a 5m default timeout to acquiring file locks to fail faster on deadlock 
+  * Add a stub debug subcommand to uv pip announcing its intentional absence 
+  * Add bounds in uv add --script 
+  * Add brew specific message for uv self update 
+  * Error when built wheel is for the wrong platform 
+  * Filter wheels from PEP 751 files based on --no-binary et al in uv pip compile 
+  * Support --target and --prefix in uv pip list, uv pip freeze, and uv pip show 
+  * Tweak language for build backend validation errors 
+  * Use explicit credentials cache instead of global static 
+  * Enable SIMD in HTML parsing 
+ * Preview features
+  * Fix missing preview warning in uv workspace metadata 
+  * Add a uv auth helper --protocol bazel command 
+ * Bug fixes
+  * Fix Pyston wheel compatibility tags 
+  * Allow redundant entries in tool.uv.build-backend.module-name but emit warnings 
+  * Fix infinite loop in non-attribute re-treats during HTML parsing 
+ * Documentation
+  * Clarify --project flag help text to indicate project discovery 
+  * Regenerate the crates.io READMEs on release 
+  * Update Docker integration guide to prefer COPY over ADD for simple cases 
+  * Update PyTorch documentation to include information about supporting CUDA 13.0.x 
+  * Update the versioning policy 
+  * Upgrade PyTorch documentation to latest versions 
+
+-------------------------------------------------------------------
+Wed Dec  3 15:49:50 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.9.15 
+ * Enhancements
+  * Add ROCm 6.4 to --torch-backend=auto 
+  * Add a Windows manifest to uv binaries 
+  * Add LFS toggle to Git sources 
+  * Cache source reads during resolution 
+  * Allow reading requirements from scripts without an extension 
+  * Allow reading requirements from scripts with HTTP(S) paths 
+ * Configuration
+  * Add UV_HIDE_BUILD_OUTPUT to omit build logs 
+ * Bug fixes
+  * Fix uv-trampoline-builder builds from crates.io by moving bundled executables 
+  * Respect NO_COLOR and always show the command as a header when paging uv help output 
+  * Use 0o666 permissions for flock files instead of 0o777 
+  * Revert "Bump astral-tl to v0.7.10 " to narrow down a regression causing hangs in metadata retrieval (#16938)
+ * Documentation
+  * Link to the uv version in crates.io member READMEs 
+
+-------------------------------------------------------------------
+Tue Dec  2 09:35:39 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.9.14 
+ * Performance
+  * Bump astral-tl to v0.7.10 to enable SIMD for HTML parsing 
+ * Bug fixes
+  * Allow earlier post releases with exclusive ordering 
+  * Prefer updating existing .zshenv over creating a new one in tool update-shell 
+  * Respect -e flags in uv add 
+ * Enhancements
+  * Attach subcommand to User-Agent string 
+  * Prefer UV_WORKING_DIR over UV_WORKING_DIRECTORY for consistency
+
+-------------------------------------------------------------------
+Thu Nov 27 13:14:15 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.9.13
+ * Bug fixes
+  * Validate URL wheel tags against Requires-Python and required environments 
+ * Enhancements
+  * Allow --with-requirements to load extensionless inline-metadata scripts 
+  * Collect and upload PEP 740 attestations during uv publish 
+  * Prevent uv export from overwriting pyproject.toml 
+ * Documentation
+  * Drop unpublished crates from the uv crates.io README 
+  * Fix the links to uv in crates.io member READMEs 
+  * Add a crates.io README for uv 
+  * Add documentation for intermediate Docker layers in a workspace 
+  * Enumerate workspace members in the uv crate README 
+  * Fix documentation links for crates 
+  * Generate a crates.io README for uv workspace members 
+  * Move the "Export" guide to the projects concept section 
+  * Update the cargo install recommendation to use crates 
+  * Use the word "internal" in crate descriptions 
+
+-------------------------------------------------------------------
+Mon Nov 24 10:17:23 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.9.11
+ * Enhancements
+  * Add SBOM support to uv export 
+  * Publish to crates.io 
+ * Preview features
+  * Add uv workspace list --paths 
+  * Fix the preview warning on uv workspace dir 
+ * Bug fixes
+  * Fix uv init author serialization via toml_edit inline tables 
+  * Fix status messages without TTY 
+  * Preserve end-of-line comment whitespace when editing pyproject.toml 
+  * Disable always-authenticate when running under Dependabot 
+ * Documentation
+  * Document the new behavior for free-threaded python versions 
+  * Improve note about build system in publish guide 
+  * Move do not upload publish note out of the guide into concepts 
+
+-------------------------------------------------------------------
+Tue Nov 18 15:27:07 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.9.10
+ * Enhancements
+  * Add support for SSL_CERT_DIR 
+  * Enforce UTF‑8-encoded license files during uv build 
+  * Error when a project.license-files glob matches nothing 
+  * pip install --target (and sync) install Python if necessary 
+  * Account for python_downloads_json_url in pre-release Python version warnings 
+  * Support HTTP/HTTPS URLs in uv python --python-downloads-json-url 
+ * Preview features
+  * Add support for --upgrade in uv python install 
+  * Fix handling of python install --default for pre-release Python versions 
+  * Add uv workspace list to list workspace members 
+ * Bug fixes
+  * Don't check file URLs for ambiguously parsed credentials 
+ * Documentation
+  * Add a "storage" reference document 
+
+-------------------------------------------------------------------
+Mon Nov 17 10:24:20 UTC 2025 - Nico Krapp <nico.krapp@suse.com>
+
+- Update to 0.9.9
+  * Deprecations
+    * Deprecate use of --project in uv init
+  * Enhancements
+    * Add iOS support to Python interpreter discovery
+    * Reject ambiguously parsed URLs
+    * Allow explicit values in uv version --bump
+    * Warn on use of managed pre-release Python versions when a stable version
+      is available
+    * Allow signing trampolines on Windows by using .rcdata to store metadata
+    * Add --only-emit-workspace and similar variants to uv export
+  * Preview features
+    * Add uv workspace dir command
+    * Add uv workspace metadata command
+  * Configuration
+    * Add UV_NO_DEFAULT_GROUPS environment variable
+  * Bug fixes
+    * Remove torch-model-archiver and torch-tb-profiler from PyTorch backend
+    * Fix Pixi environment detection
+  * Documentation
+    * Fix CMD path in FastAPI Dockerfile
+
+-------------------------------------------------------------------
+Mon Nov 10 10:23:13 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.9.8
+ * Enhancements
+  * Accept multiple packages in uv export 
+  * Accept multiple packages in uv sync 
+  * Add a uv cache size command 
+  * Add prerelease guidance for build-system resolution failures 
+  * Allow Python requests to include +gil to require a GIL-enabled interpreter 
+  * Avoid pluralizing 'retry' for single value 
+  * Enable first-class dependency exclusions 
+  * Fix inclusive constraints on available package versions in resolver errors 
+  * Improve uv init error for invalid directory names 
+  * Show help on uv build -h 
+  * Include the Python variant suffix in "Using Python ..." messages 
+  * Log most recently modified file for cache-keys 
+ * Configuration
+  * Expose UV_NO_GROUP as an environment variable 
+  * Add UV_NO_SOURCES as an environment variable 
+ * Bug fixes
+  * Allow --check and --locked to be used together in uv lock 
+  * Allow for unnormalized names in the METADATA file
+  * Fix missing value_type for default-groups in schema 
+  * Respect multi-GPU outputs in nvidia-smi 
+ * Documentation
+  * Fix typo in uv tool list doc 
+  * Note uv pip list name normalization in docs 
+
+-------------------------------------------------------------------
+Sat Nov  1 13:56:32 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- Update to 0.9.7 
+ * Enhancements
+  * Add Windows x86-32 emulation support to interpreter architecture checks 
+  * Improve readability of progress bars 
+  * Add GitHub attestations for uv release artifacts 
+  * Add --clear to uv build to remove old build artifacts 
+  * Add --no-create-gitignore to uv build 
+  * Do not error when a virtual environment directory cannot be removed due to a busy error 
+  * Improve hint on pip install --system when externally managed 
+  * Running uv lock --check with outdated lockfile will print that --check was passed, instead of --locked 
+  * Update uv init template for Maturin 
+  * Improve ordering of Python sources in logs 
+  * Restore DockerHub release images and annotations 
+ * Bug fixes
+  * Check for matching Python implementation during uv python upgrade 
+  * Deterministically order --find-links distributions 
+  * Don't panic in uv export --frozen when the lockfile is outdated 
+  * Fix root of uv tree when --package is used with circular dependencies 
+  * Show package list with pip freeze --quiet 
+  * Limit uv auth login pyx.dev retries to 60s 
+  * Add an empty group with uv add --group ... -r ... 
+  * Drop terminal coloring from uv auth token output 
+  * Don't use UV_LOCKED to enable --check flag 
+- This release contains an upgrade to Astral's fork of async_zip, which addresses potential sources of ZIP
+   parsing differentials between uv and other Python packaging tooling.
+   See GHSA-pqhf-p39g-3x64 for additional details.
+ * Security
+  * Address ZIP parsing differentials (GHSA-pqhf-p39g-3x64)
+ * Documentation
+  * Update docs for maturin build backend init template 
+  * Update docs to reflect previous changes to signal forwarding semantics 
+
+-------------------------------------------------------------------
+Wed Oct 22 05:48:12 UTC 2025 - Daniel Garcia <daniel.garcia@suse.com>
+
+- update to 0.9.5 (bsc#1252399, CVE-2025-62518)
+  This release contains an upgrade to astral-tokio-tar, which addresses
+  a vulnerability in tar extraction on malformed archives with
+  mismatching size information between the ustar header and PAX
+  extensions. While the astral-tokio-tar advisory has been graded as
+  "high" due its potential broader impact, the specific impact to uv is
+  low due to a lack of novel attacker capability. Specifically, uv only
+  processes tar archives from source distributions, which already
+  possess the capability for full arbitrary code execution by design,
+  meaning that an attacker gains no additional capabilities through
+  astral-tokio-tar.
+
+  Regardless, we take the hypothetical risk of parser differentials very
+  seriously. Out of an abundance of caution, we have assigned this
+  upgrade an advisory:
+  https://github.com/astral-sh/uv/security/advisories/GHSA-w476-p2h3-79g9
+
+  * Security
+    * Upgrade astral-tokio-tar to 0.5.6 to address a parsing
+      differential (#16387)
+  * Enhancements
+    * Add required environment marker example to hint (#16244)
+    * Fix typo in MissingTopLevel warning (#16351)
+    * Improve 403 Forbidden error message to indicate package may not
+      exist (#16353)
+    * Add a hint on uv pip install failure if the --system flag is
+      used to select an externally managed interpreter (#16318)
+  * Bug fixes
+    * Fix backtick escaping for PowerShell (#16307)
+  * Documentation
+    * Document metadata consistency expectation (#15683)
+    * Remove outdated aarch64 musl note (#16385)
+
+-------------------------------------------------------------------
+Sun Oct 19 22:01:08 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.9.4 
+ * Enhancements
+  * Add CUDA 13.0 support 
+  * Add auto-detection for Intel GPU on Windows 
+  * Implement display of RFC 9457 HTTP error contexts 
+ * Bug fixes
+  * Avoid obfuscating pyx tokens in uv auth token output 
+
+-------------------------------------------------------------------
+Thu Oct 16 22:24:47 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.9.3
+ * Enhancements
+  * Obfuscate secret token values in logs
+ * Bug fixes
+ * Fix workspace with relative pathing
+
+-------------------------------------------------------------------
+Fri Oct 10 21:02:22 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.9.2
+ * Enhancements
+  * Log Python choice in uv init 
+  * Fix pylock.toml config conflict error messages 
+  * Avoid inferring check URLs for pyx in uv publish 
+  * Add uv tool list --show-python 
+ * Configuration
+  * 
+  * Add UV_UPLOAD_HTTP_TIMEOUT and respect UV_HTTP_TIMEOUT in uploads 
+  * Support UV_WORKING_DIRECTORY for setting --directory 
+ * Bug fixes
+  * Allow missing Scripts directory 
+  * Fix handling of Python requests with pre-releases in ranges 
+  * Preserve comments on version bump 
+  * Retry all HTTP/2 errors 
+  * Treat deleted Windows registry keys as equivalent to missing ones 
+  * Ignore pre-release Python versions when a patch version is requested 
+ * Documentation
+  * Document why uv discards upper bounds on requires-python 
+  * Document uv version environment variables were added in 
+  * Add missing "added in" to new environment variables in reference 
+
+-------------------------------------------------------------------
+Wed Oct  8 17:16:36 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.9.0:
+ * Enhancements
+  * Don't warn when a dependency is constrained by another dependency 
+ * Bug fixes
+  * Fix uv python upgrade / install output when there is a no-op for one request 
+  * Surface pinned-version hint when uv tool upgrade can’t move the tool 
+  * Ban pre-release versions in uv python upgrade requests 
+  * Fix uv python upgrade replacement of installed binaries on pre-release to stable 
+ * Documentation
+  * Update uv pip compile args in layout.md 
+
+-------------------------------------------------------------------
+Tue Oct  7 12:04:24 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.8.24 
+ * Enhancements
+  * Add UV_SKIP_WHEEL_FILENAME_CHECK to allow installing invalid wheels
+  * Emit a message on cache clean and prune when lock is held
+  * Add --force flag for uv cache prune
+ * Documentation
+  * Document transparent x86_64 emulation on aarch64
+  * Document why we ban URLs from index dependencies
+  * Fix rendering of _CONDA_ROOT in reference
+  * Fix example of bumping beta version without patch bump
+ * Bug fixes
+  * Avoid rejecting already-installed URL distributions with --no-sources
+  * Confirm that the directory name is a valid Python install key during managed check
+  * Ignore origin when comparing installed tools
+  * Make cache control lookups robust to username
+  * Re-order lock validation checks by severity 
+  * Remove tracking of inferred dependency conflicts
+  * Respect --no-color on the CLI
+  * Deduplicate marker-specific dependencies in uv pip tree output
+
+-------------------------------------------------------------------
+Mon Sep 29 08:05:11 UTC 2025 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Remove uv-bash-completion, uv-fish-completion and uv-zsh-completion
+  packages as recommendations in the base package.
+  bsc#1249637
+
+-------------------------------------------------------------------
+Thu Sep 25 13:48:30 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update 0.8.22
+ * Security
+  * Upgrade astral-tokio-tar to 0.5.5 which hardens tar archive extraction 
+ * Preview features
+  * Add support for S3 request signing 
+  * Allow upgrading pre-release versions of the same minor Python version 
+ * Enhancements
+  * Refresh lockfile when --refresh is provided 
+  * Add --force flag for uv cache clean 
+  * Improve resolution errors with proxied packages 
+ * Bug fixes
+  * Hide freethreaded+debug Python downloads in uv python list 
+  * Retain the cache lock and temporary caches during uv run and uvx 
+ * Documentation
+  * Add package level conflicts to the conflicting dependencies docs 
+  * Document pyodide support 
+  * Document support for free-threaded and debug Python versions 
+  * Expand the contribution docs on issue selection 
+  * Tweak title for viewing version in project guide 
+
+-------------------------------------------------------------------
+Mon Sep 22 15:21:28 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.8.19 
+* Bug fixes
+ * Make uv cache clean parallel process safe
+ * Fix implied platform_machine marker for win_arm64 platform tag
+
+-------------------------------------------------------------------
+Thu Sep 18 09:47:19 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- upate to 0.8.18
+ * Enhancements
+  * Add PyG packages to torch backend 
+  * Add handling for unnamed conda environments in base environment detection 
+  * Allow selection of debug build interpreters 
+  * Improve uv init defaults for native build backend cache keys 
+  * Error when pyproject.toml target does not exist for dependency groups 
+  * Infer check URL from publish URL when known 
+  * Support Gitlab CI/CD as a trusted publisher 
+  * Add GraalPy 25.0.0 with support for Python 3.12 
+  * Add --no-clear to uv venv to disable removal prompts 
+  * Add conflict detection between --only-group and --extra flags 
+  * Allow [project] to be missing from a pyproject.toml 
+  * Always treat conda environments named base and root as base environments 
+  * Improve log message when direct build for uv_build is skipped 
+  * Log when the cache is disabled 
+  * Show pyx organization name after authenticating 
+  * Use _CONDA_ROOT to detect Conda base environments 
+  * Include blake2b hash in uv publish upload form 
+  * Fix misleading debug message when removing environments in uv sync 
+ * Deprecations
+  * Deprecate tool.uv.dev-dependencies 
+ * Preview features
+  * Propagate preview flag to client for native-auth feature 
+  * Store native credentials for realms with the https scheme stripped 
+  * Use the root index URL when retrieving credentials from the native store 
+ * Bug fixes
+  * Fix uv sync --no-sources not switching from editable to registry installations 
+  * Avoid display of an empty string when a path is the working directory 
+  * Allow cached environment reuse with @latest 
+  * Allow escaping spaces in --env-file handling 
+  * Avoid ANSI codes in debug! messages 
+  * Improve BSD tag construction 
+  * Include SHA when listing lockfile changes 
+  * Invert the logic for determining if a path is a base conda environment 
+  * Load credentials for explicit members when lowering 
+  * Re-add triton as a torch backend package 
+  * Respect UV_INSECURE_NO_ZIP_VALIDATION=1 in duplicate header errors 
+ * Documentation
+  * Add GitHub Actions to PyPI trusted publishing example 
+  * Add Coiled integration documentation 
+  * Add verbose output to the getting help section 
+  * Document NO_PROXY support 
+  * Document cache-keys for native build backends 
+  * Add documentation for dependency group requires-python 
+
+-------------------------------------------------------------------
+Fri Sep 12 09:13:31 UTC 2025 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Update python-uv requirement for completion packages
+
+-------------------------------------------------------------------
+Thu Sep 12 05:39:40 UTC 2025 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Completion packages renamed as uv-bash-completion instead of having
+  one per flavor. bsc#1249345
+- Add uv-bash-completion, uv-fish-completion and uv-zsh-completion
+  packages as recommendations in the base package.
+
+-------------------------------------------------------------------
+Thu Sep 11 12:04:28 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to  0.8.17
+ * Enhancements
+  * Improve error message for HTTP validation in auth services 
+  * Respect PYX_API_URL when suggesting uv auth login on 401 
+  * Add pyx as a supported PyTorch index URL 
+ * Bug fixes
+  * Avoid initiating login flow for invalid API keys 
+  * Do not search for a password for requests with a token attached already 
+  * Filter pre-release Python versions in uv init --script 
+
+-------------------------------------------------------------------
+Wed Sep 10 11:03:40 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.8.16
+ * Enhancements
+  * Allow --editable to override editable = false annotations 
+  * Allow editable = false for workspace sources 
+  * Show a dedicated error for virtual environments in source trees on build 
+  * Support Android platform tags 
+  * Support iOS platform tags 
+  * Support scripts with inline metadata in --with-requirements and --requirements 
+ * Preview features
+  * Support --no-project in uv format 
+  * Allow uv format in unmanaged projects 
+ * Bug fixes
+  * Avoid erroring when match-runtime target is optional 
+  * Ban empty usernames and passwords in uv auth 
+  * Error early for parent path in build backend 
+  * Retry on IO errors during HTTP/2 streaming 
+  * Support recursive requirements and constraints inclusion 
+  * Use token store credentials for uv publish 
+  * Fix virtual environment activation script compatibility with latest nushell 
+  * Skip Python interpreters that cannot be queried with permission errors 
+ * Documentation
+  * Clarify that uv auth commands take a URL 
+  * Improve the CLI help for options that accept requirements files 
+  * Adds example for caching for managed Python downloads in Docker builds 
+
+-------------------------------------------------------------------
+Thu Sep  4 11:03:52 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.8.15
+ * Enhancements
+  * Add uv auth commands for credential management 
+  * Add pyx support to uv auth commands 
+  * Add uv tree --show-sizes to show package sizes 
+  * Add --python-platform riscv64-unknown-linux 
+  * Add --python-platform to uv run and uv tool 
+  * Add uv publish --dry-run 
+  * Add zstandard support for wheels 
+  * Allow registries to pre-provide core metadata 
+  * Retry streaming Python and binary download errors 
+ * Bug fixes
+  * Fix settings rendering for extra-build-dependencies 
+  * Skip non-existent directories in bytecode compilation 
+ * Error messages
+  * Add error trace to invalid package format 
+
+-------------------------------------------------------------------
+Tue Sep  2 14:56:39 UTC 2025 - Nico Krapp <nico.krapp@suse.com>
+
+- Update vendor tarball to fix CVE-2025-58160 (bsc#1249011) 
+
+-------------------------------------------------------------------
+Thu Aug 28 22:10:39 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.8.14
+ * Enhancements
+  * Add --python-platform to uv pip check 
+  * Add an environment variable for UV_ISOLATED 
+  * Add logging to the uv build backend 
+  * Allow more trailing null bytes in zip files 
+  * Allow pinning managed Python versions to specific build versions 
+  * Cache PyTorch wheels by default 
+  * Reject already-installed wheels that don't match the target platform 
+  * Add --no-install-local option to uv sync, uv add and uv export 
+  * Include cycle error message in uv pip CLI 
+ * Preview features
+  * Fix format of {version} on uv format failure 
+  * Lock during installs in uv format to prevent races 
+  * Respect --project in uv format 
+  * Run uv format in the project root 
+ * Configuration
+  * Add file-to-CLI overrides for build isolation configuration 
+  * Add file-to-CLI overrides for reinstall configuration 
+ * Performance
+  * Cache WHEEL and METADATA reads in installed distributions 
+ * Bug fixes
+  * Avoid erroring when creating venv in current working directory 
+  * Avoid introducing unnecessary system dependency on CUDA 
+  * Clear discovered site packages when creating virtual environment 
+  * Read index credentials from the environment during uv publish checks 
+  * Refuse to remove non-virtual environments in uv venv 
+  * Stop setting CLICOLOR_FORCE=1 when calling build backends 
+  * Support file or directory removal for Windows symlinks 
+ * Documentation
+  * Fix GitHub guide highlight lines 
+  * Move Resolver to new Internals section in the Reference 
+  * Split the "Authentication" page into sections 
+  * Update uninstall docs to mention uvw.exe needs to be removed 
+
+-------------------------------------------------------------------
+Fri Aug 22 13:54:55 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.8.13
+ * Enhancements
+  * Add --no-install-* arguments to uv add 
+  * Initialize Git prior to reading author in uv init 
+  * Add CUDA 129 to available torch backends 
+  * Update Pyodide to 0.28.2 
+ * Preview features
+  * Add an experimental uv format command 
+  * Allow version specifiers in extra-build-dependencies if match-runtime is explicitly false 
+ * Bug fixes
+  * Add triton to torch-backend manifest 
+  * Avoid panicking when resolver returns stale distributions 
+  * Fix uv_build wheel hashes 
+  * Treat --upgrade-package on the command-line as overriding upgrade = false in configuration 
+
+-------------------------------------------------------------------
+Wed Aug 20 09:03:55 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.8.12
+ * Enhancements
+  * Add an aarch64-pc-windows-msvc target for python-platform 
+  * Add fallback parent process detection to uv tool update-shell 
+  * Install non-build-isolation packages in a second phase 
+  * Add hint when virtual environments are included in source distributions 
+  * Add Docker images derived from buildpack-deps:trixie, debian:trixie-slim, alpine:3.22 
+ * Bug fixes
+  * Reject already-installed wheels built with outdated settings 
+  * Skip interpreters that are not found on query 
+  * Handle dotted package names in script path resolution 
+  * Reject match-runtime = true for dynamic packages 
+ * Documentation
+  * Document improvements to build-isolation setups 
+  * Fix reference documentation recommendation to use uv cache clean instead of clear 
+
+-------------------------------------------------------------------
+Fri Aug 15 17:37:36 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.8.11
+ * Enhancements
+  * Add extra-build-dependencies hint for any missing module on build failure 
+  * Make 'v' prefix cyan in overlap warnings 
+ * Bug fixes
+  * Fix missing uv version in extended Docker image tags 
+  * Persist cache info when re-installing cached wheels 
+ * Rust API
+  *Allow passing custom reqwest clients to RegistryClient
+
+-------------------------------------------------------------------
+Thu Aug 14 09:13:47 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>
+
+- update to 0.8.10 
+ * Enhancements
+  * Allow Python requests with missing segments, e.g., just aarch64 
+ * Preview
+  * Move warnings for conflicting modules into preview 
+
 -------------------------------------------------------------------
 Tue Aug 12 09:30:49 UTC 2025 - Ondřej Súkup <mimi.vx@gmail.com>

--- a/python-uv.spec
+++ b/python-uv.spec
@@ -2,6 +2,7 @@
 # spec file for package python-uv
 #
 # Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -33,7 +34,7 @@
 %bcond_without libalternatives
 %{?sle15_python_module_pythons}
 Name:           python-uv
-Version:        0.8.9
+Version:        0.9.17
 Release:        0
 Summary:        A Python package installer and resolver, written in Rust
 License:        Apache-2.0 OR MIT
@@ -44,7 +45,7 @@ BuildRequires:  %{python_module maturin}
 BuildRequires:  %{python_module pip}
 BuildRequires:  %{python_module tomli}
 BuildRequires:  alts
-BuildRequires:  cargo >= 1.86
+BuildRequires:  cargo >= 1.89
 BuildRequires:  cargo-packaging
 BuildRequires:  cmake
 BuildRequires:  fdupes
@@ -65,34 +66,37 @@ Provides:       uv = %{version}
 Requires:       alts
 Requires:       python3

-%package        fish-completion
+%package        -n uv-fish-completion
 Summary:        Fish Completion for %{name}
-Supplements:    (%{name} and fish)
-Requires:       %{name}
+Provides:       python-uv-fish-completion = %{version}
+Supplements:    (uv and fish)
 Requires:       fish
+Requires:       uv
 BuildArch:      noarch

-%description    fish-completion
+%description    -n uv-fish-completion
 Fish command-line completion support for %{name}.

-%package        zsh-completion
+%package        -n uv-zsh-completion
 Summary:        Zsh Completion for %{name}
-Supplements:    (%{name} and zsh)
-Requires:       %{name}
+Provides:       python-uv-zsh-completion = %{version}
+Supplements:    (uv and zsh)
+Requires:       uv
 Requires:       zsh
 BuildArch:      noarch

-%description    zsh-completion
+%description    -n uv-zsh-completion
 Zsh command-line completion support for %{name}.

-%package        bash-completion
+%package        -n uv-bash-completion
 Summary:        Bash Completion for %{name}
-Supplements:    (%{name} and bash-completion)
-Requires:       %{name}
+Provides:       python-uv-bash-completion = %{version}
+Supplements:    (uv and bash-completion)
 Requires:       bash-completion
+Requires:       uv
 BuildArch:      noarch

-%description    bash-completion
+%description    -n uv-bash-completion
 Bash command-line completion support for %{name}.

 %python_subpackages
@@ -156,12 +160,12 @@ export CARGO_PROFILE_RELEASE_STRIP=false
 %python_clone -a %{buildroot}%{_bindir}/uvx
 %python_group_libalternatives uvx

-%python_expand uv-%{$python_bin_suffix} --generate-shell-completion bash > %{buildroot}%{_datadir}/bash-completion/completions/uv-%{$python_bin_suffix}
-%python_expand uv-%{$python_bin_suffix} --generate-shell-completion fish > %{buildroot}%{_datadir}/fish/vendor_completions.d/uv-%{$python_bin_suffix}.fish
-%python_expand uv-%{$python_bin_suffix} --generate-shell-completion zsh  > %{buildroot}%{_datadir}/zsh/site-functions/_uv-%{$python_bin_suffix}
-%python_expand uv-%{$python_bin_suffix} tool uvx --generate-shell-completion bash > %{buildroot}%{_datadir}/bash-completion/completions/uvx-%{$python_bin_suffix}
-%python_expand uv-%{$python_bin_suffix} tool uvx --generate-shell-completion fish > %{buildroot}%{_datadir}/fish/vendor_completions.d/uvx-%{$python_bin_suffix}.fish
-%python_expand uv-%{$python_bin_suffix} tool uvx --generate-shell-completion zsh  > %{buildroot}%{_datadir}/zsh/site-functions/_uvx-%{$python_bin_suffix}
+%python_expand uv-%{$python_bin_suffix} --generate-shell-completion bash > %{buildroot}%{_datadir}/bash-completion/completions/uv
+%python_expand uv-%{$python_bin_suffix} --generate-shell-completion fish > %{buildroot}%{_datadir}/fish/vendor_completions.d/uv.fish
+%python_expand uv-%{$python_bin_suffix} --generate-shell-completion zsh  > %{buildroot}%{_datadir}/zsh/site-functions/_uv
+%python_expand uv-%{$python_bin_suffix} tool uvx --generate-shell-completion bash > %{buildroot}%{_datadir}/bash-completion/completions/uvx
+%python_expand uv-%{$python_bin_suffix} tool uvx --generate-shell-completion fish > %{buildroot}%{_datadir}/fish/vendor_completions.d/uvx.fish
+%python_expand uv-%{$python_bin_suffix} tool uvx --generate-shell-completion zsh  > %{buildroot}%{_datadir}/zsh/site-functions/_uvx

 %pre
 %python_libalternatives_reset_alternative uv
@@ -175,22 +179,22 @@ export CARGO_PROFILE_RELEASE_STRIP=false
 %{python_sitearch}/uv
 %{python_sitearch}/uv-%{version}.dist-info

-%files %{python_files bash-completion}
+%files -n uv-bash-completion
 %dir %{_datadir}/bash-completion
 %dir %{_datadir}/bash-completion/completions
-%{_datadir}/bash-completion/completions/uv-%{python_bin_suffix}
-%{_datadir}/bash-completion/completions/uvx-%{python_bin_suffix}
+%{_datadir}/bash-completion/completions/uv
+%{_datadir}/bash-completion/completions/uvx

-%files %{python_files fish-completion}
+%files -n uv-fish-completion
 %dir %{_datadir}/fish
 %dir %{_datadir}/fish/vendor_completions.d
-%{_datadir}/fish/vendor_completions.d/uv-%{python_bin_suffix}.fish
-%{_datadir}/fish/vendor_completions.d/uvx-%{python_bin_suffix}.fish
+%{_datadir}/fish/vendor_completions.d/uv.fish
+%{_datadir}/fish/vendor_completions.d/uvx.fish

-%files %{python_files zsh-completion}
+%files -n uv-zsh-completion
 %dir %{_datadir}/zsh
 %dir %{_datadir}/zsh/site-functions
-%{_datadir}/zsh/site-functions/_uv-%{python_bin_suffix}
-%{_datadir}/zsh/site-functions/_uvx-%{python_bin_suffix}
+%{_datadir}/zsh/site-functions/_uv
+%{_datadir}/zsh/site-functions/_uvx

 %changelog
--- a/vendor.tar.zst
+++ b/vendor.tar.zst
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:1899e84a48e0c45a8120149c6fd9155ac52e6220029b2ac41e29dec2807e6791
-size 58852134
+oid sha256:9c420f065e86da7df50db6a47e5980431731bd2b21bf36dbbb659b1c260653ea
+size 66638599