Skip to content

chore(deps): bump astral-sh/uv from 0.11.7-python3.11-trixie-slim to 0.11.16-python3.11-trixie-slim in /jans-cedarling/flask-sidecar#14136

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/docker/jans-cedarling/flask-sidecar/astral-sh/uv-0.11.16-python3.11-trixie-slim
Closed

chore(deps): bump astral-sh/uv from 0.11.7-python3.11-trixie-slim to 0.11.16-python3.11-trixie-slim in /jans-cedarling/flask-sidecar#14136
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/docker/jans-cedarling/flask-sidecar/astral-sh/uv-0.11.16-python3.11-trixie-slim

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 22, 2026
edited
Loading

Bumps astral-sh/uv from 0.11.7-python3.11-trixie-slim to 0.11.16-python3.11-trixie-slim.

Release notes

Sourced from astral-sh/uv's releases.

0.11.16

Release Notes

Released on 2026-05-21.

Enhancements

  • Add support for direct archive dependencies in Git (#10072)
  • Adjust hint rendering (#18090)

Preview features

  • uv audit: specialize malformed OSV error (#19515)
  • Reject locked malware installations (#18936)

Configuration

  • Allow disabling reading the system config with UV_NO_SYSTEM_CONFIG (#19476)

Bug fixes

  • Allow environment variables that take a list to be empty (#19503)
  • Ensure that incompatible wheel hints do not leak secrets (#19504)
  • Reject unsafe entry points in uv-build (#19495)
  • Restrict delimiters in entry point parsing (#19471)
  • uv-netrc: fix multi-word no-space comment lines causing parse errors (#19494)

Documentation

  • Document and test relative exclude-newer support for uv pip (#19475)

Install uv 0.11.16

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.16/uv-installer.ps1 | iex"

Download uv 0.11.16

File Platform Checksum
uv-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum

... (truncated)

Changelog

Sourced from astral-sh/uv's changelog.

Changelog

0.11.16

Released on 2026-05-21.

Enhancements

  • Add support for direct archive dependencies in Git (#10072)
  • Adjust hint rendering (#18090)

Preview features

  • uv audit: specialize malformed OSV error (#19515)
  • Reject locked malware installations (#18936)

Configuration

  • Allow disabling reading the system config with UV_NO_SYSTEM_CONFIG (#19476)

Bug fixes

  • Allow environment variables that take a list to be empty (#19503)
  • Ensure that incompatible wheel hints do not leak secrets (#19504)
  • Reject unsafe entry points in uv-build (#19495)
  • Restrict delimiters in entry point parsing (#19471)
  • uv-netrc: fix multi-word no-space comment lines causing parse errors (#19494)

Documentation

  • Document and test relative exclude-newer support for uv pip (#19475)

0.11.15

Released on 2026-05-18.

Security

Enhancements

  • Add TOML v1.1 -> v1.0 backwards compatibility for source distributions (#18741)
  • Add support for Azure request signing (#19421)
  • Apply stricter validation to all wheel filename segments (#19364)
  • Reject empty strings as an invalid package name (#19435)

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file docker Pull requests that update Docker code labels May 22, 2026
@dependabot dependabot Bot mentioned this pull request May 22, 2026
Closed
@mo-auto
Copy link
Copy Markdown
Member

mo-auto commented May 22, 2026
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@dependabot
chore(deps): bump astral-sh/uv in /jans-cedarling/flask-sidecar
fbb8e81 
Bumps [astral-sh/uv](https://github.com/astral-sh/uv) from 0.11.7-python3.11-trixie-slim to 0.11.16-python3.11-trixie-slim.
- [Release notes](https://github.com/astral-sh/uv/releases)
- [Changelog](https://github.com/astral-sh/uv/blob/main/CHANGELOG.md)
- [Commits](astral-sh/uv@0.11.7...0.11.16)

---
updated-dependencies:
- dependency-name: astral-sh/uv
  dependency-version: 0.11.16-python3.11-trixie-slim
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/docker/jans-cedarling/flask-sidecar/astral-sh/uv-0.11.16-python3.11-trixie-slim branch from d4b35d1 to fbb8e81 Compare May 28, 2026 07:25
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 29, 2026

Superseded by #14177.

@dependabot dependabot Bot closed this May 29, 2026
@dependabot dependabot Bot deleted the dependabot/docker/jans-cedarling/flask-sidecar/astral-sh/uv-0.11.16-python3.11-trixie-slim branch May 29, 2026 11:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file docker Pull requests that update Docker code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mo-auto