Use keyring authentication when retrieving tool@latest version
#17448
+77
−13
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
c3fa155 to
a492619
Compare
…stral-sh#17436) When using `uv tool run package@latest` or `uv tool install package@latest` with a private index that requires keyring-based authentication, the @latest version lookup would fail with 401 Unauthorized because the RegistryClient was not receiving the keyring provider settings. This fix passes the keyring provider to the client builder when creating the RegistryClient for the @latest version lookup, matching the pattern used in other parts of the codebase (e.g., `project/mod.rs`). Fixes astral-sh#17436
a492619 to
2c43e6e
Compare
CodSpeed Performance ReportMerging this PR will not alter performanceComparing Summary
|
charliermarsh
approved these changes
Jan 13, 2026
zaniebot
pushed a commit
to zaniebot/uv
that referenced
this pull request
Jan 13, 2026
Following astral-sh#17448, this change ensures keyring authentication is configured on the client builder early in tool commands, so all subsequent registry operations benefit from it. Previously, the client builder was used without keyring settings in various places (resolve_names, RequirementsSpecification::from_sources, CachedEnvironment::from_spec), which could fail for private indexes requiring keyring-based authentication. Now, keyring is configured once on the client builder right after initializing shared state, and this configured builder is reused throughout the function. This follows the same pattern used in pip/compile.rs and avoids the class of bug where forgetting to configure keyring for a specific operation causes auth failures.
Merged
1 task
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this pull request
Jan 17, 2026
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [astral-sh/uv](https://github.com/astral-sh/uv) | patch | `0.9.24` → `0.9.26` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>astral-sh/uv (astral-sh/uv)</summary> ### [`v0.9.26`](https://github.com/astral-sh/uv/blob/HEAD/CHANGELOG.md#0926) [Compare Source](astral-sh/uv@0.9.25...0.9.26) Released on 2026-01-15. ##### Python - Add CPython 3.15.0a5 ##### Enhancements - Add a hint to update uv when a managed Python download is not found ([#​17461](astral-sh/uv#17461)) - Improve cache initialization failure error message ([#​17469](astral-sh/uv#17469)) - Improve error message for abi3 wheels on free-threaded Python ([#​17442](astral-sh/uv#17442)) - Add support for `--no-sources-package` ([#​14910](astral-sh/uv#14910)) ##### Preview features - Add `METADATA.json` and `WHEEL.json` in uv build backend ([#​15510](astral-sh/uv#15510)) - Add support for GCS request signing ([#​17474](astral-sh/uv#17474)) - Adjust the process ulimit to the maximum allowed on startup ([#​17464](astral-sh/uv#17464)) ##### Bug fixes - Lock to avoid concurrent refresh of pyx tokens ([#​17479](astral-sh/uv#17479)) ##### Documentation - Add linting and formatting instructions to the CONTRIBUTING guide ([#​17470](astral-sh/uv#17470)) - Avoid rendering `pyproject.toml` examples for more system-level settings ([#​17462](astral-sh/uv#17462)) ### [`v0.9.25`](https://github.com/astral-sh/uv/blob/HEAD/CHANGELOG.md#0925) [Compare Source](astral-sh/uv@0.9.24...0.9.25) Released on 2026-01-13. ##### Python - Add CPython 3.15.0a4 - Upgrade Tcl/Tk used by CPython to 9.0 ##### Enhancements - Add `--compile-bytecode` to `uv python install` and `uv python upgrade` to compile the standard library ([#​17088](astral-sh/uv#17088)) - Allow disabling `exclude-newer` per package ([#​16854](astral-sh/uv#16854)) - Broadcast `WM_SETTINGCHANGE` on `uv tool update-shell` ([#​17404](astral-sh/uv#17404)) ##### Preview features - Detect workspace from `uv run` target ([#​17423](astral-sh/uv#17423)) ##### Bug fixes - Avoid unwrapping size for file responses ([#​17434](astral-sh/uv#17434)) - Use keyring authentication when retrieving `tool@latest` version ([#​17448](astral-sh/uv#17448)) - Use latest Pyodide version for each python version ([#​17372](astral-sh/uv#17372)) - Improve trampoline file handle closing ([#​17374](astral-sh/uv#17374)) - Fix error message when installing musl python on armv7 ([#​17213](astral-sh/uv#17213)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi44MC4xIiwidXBkYXRlZEluVmVyIjoiNDIuODEuOCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiUmVub3ZhdGUgQm90IiwiYXV0b21hdGlvbjpib3QtYXV0aG9yZWQiLCJkZXBlbmRlbmN5LXR5cGU6OnBhdGNoIl19-->
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #17436