Skip to content

core: bump astral-sh/uv from 0.9.14 to 0.9.15#18555

Merged
rissson merged 1 commit intomainfrom
dependabot/docker/astral-sh/uv-0.9.15
Dec 3, 2025
Merged

core: bump astral-sh/uv from 0.9.14 to 0.9.15#18555
rissson merged 1 commit intomainfrom
dependabot/docker/astral-sh/uv-0.9.15

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 3, 2025

Bumps astral-sh/uv from 0.9.14 to 0.9.15.

Release notes

Sourced from astral-sh/uv's releases.

0.9.15

Release Notes

Released on 2025-12-02.

Continuing the unfortunate chain of disrupted releases, this release failed due to an error publishing new PEP 740 attestations to PyPI. The release workflow was re-run after removing the PEP 740 attestations (see #16944) and our GitHub and PyPI artifacts were published as normal, but the crates.io publish completed in the first run and does not match the 0.9.15 tag — instead, the crates were published at commit astral-sh/uv@e7af583. The only difference is the inclusion of astral-sh/uv#16885.

Python

  • Add CPython 3.14.1
  • Add CPython 3.13.10

Enhancements

  • Add ROCm 6.4 to --torch-backend=auto (#16919)
  • Add a Windows manifest to uv binaries (#16894)
  • Add LFS toggle to Git sources (#16143)
  • Cache source reads during resolution (#16888)
  • Allow reading requirements from scripts without an extension (#16923)
  • Allow reading requirements from scripts with HTTP(S) paths (#16891)

Configuration

  • Add UV_HIDE_BUILD_OUTPUT to omit build logs (#16885)

Bug fixes

  • Fix uv-trampoline-builder builds from crates.io by moving bundled executables (#16922)
  • Respect NO_COLOR and always show the command as a header when paging uv help output (#16908)
  • Use 0o666 permissions for flock files instead of 0o777 (#16845)
  • Revert "Bump astral-tl to v0.7.10 (#16887)" to narrow down a regression causing hangs in metadata retrieval (#16938)

Documentation

  • Link to the uv version in crates.io member READMEs (#16939)

Install uv 0.9.15

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.9.15/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.9.15/uv-installer.ps1 | iex"

... (truncated)

Changelog

Sourced from astral-sh/uv's changelog.

0.9.15

Released on 2025-12-02.

Python

  • Add CPython 3.14.1
  • Add CPython 3.13.10

Enhancements

  • Add ROCm 6.4 to --torch-backend=auto (#16919)
  • Add a Windows manifest to uv binaries (#16894)
  • Add LFS toggle to Git sources (#16143)
  • Cache source reads during resolution (#16888)
  • Allow reading requirements from scripts without an extension (#16923)
  • Allow reading requirements from scripts with HTTP(S) paths (#16891)

Configuration

  • Add UV_HIDE_BUILD_OUTPUT to omit build logs (#16885)

Bug fixes

  • Fix uv-trampoline-builder builds from crates.io by moving bundled executables (#16922)
  • Respect NO_COLOR and always show the command as a header when paging uv help output (#16908)
  • Use 0o666 permissions for flock files instead of 0o777 (#16845)
  • Revert "Bump astral-tl to v0.7.10 (#16887)" to narrow down a regression causing hangs in metadata retrieval (#16938)

Documentation

  • Link to the uv version in crates.io member READMEs (#16939)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
core: bump astral-sh/uv from 0.9.14 to 0.9.15
108f036 
Bumps [astral-sh/uv](https://github.com/astral-sh/uv) from 0.9.14 to 0.9.15.
- [Release notes](https://github.com/astral-sh/uv/releases)
- [Changelog](https://github.com/astral-sh/uv/blob/main/CHANGELOG.md)
- [Commits](astral-sh/uv@0.9.14...0.9.15)

---
updated-dependencies:
- dependency-name: astral-sh/uv
  dependency-version: 0.9.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 3, 2025
@dependabot dependabot bot requested a review from a team as a code owner December 3, 2025 04:25
@netlify
Copy link

netlify bot commented Dec 3, 2025
edited
Loading

Deploy Preview for authentik-docs ready!

Name Link
🔨 Latest commit 108f036
🔍 Latest deploy log https://app.netlify.com/projects/authentik-docs/deploys/692fbba5105d0f0008366b9c
😎 Deploy Preview https://deploy-preview-18555--authentik-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@netlify
Copy link

netlify bot commented Dec 3, 2025
edited
Loading

Deploy Preview for authentik-storybook canceled.

Name Link
🔨 Latest commit 108f036
🔍 Latest deploy log https://app.netlify.com/projects/authentik-storybook/deploys/692fbba59ff9d200084e383c

@netlify
Copy link

netlify bot commented Dec 3, 2025
edited
Loading

Deploy Preview for authentik-integrations canceled.

Name Link
🔨 Latest commit 108f036
🔍 Latest deploy log https://app.netlify.com/projects/authentik-integrations/deploys/692fbba5d6ae600008d6826c

@codecov
Copy link

codecov bot commented Dec 3, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.16%. Comparing base (96eb8dd) to head (108f036).
⚠️ Report is 10 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #18555      +/-   ##
==========================================
+ Coverage   83.52%   93.16%   +9.63%     
==========================================
  Files         932      932              
  Lines       51044    51044              
==========================================
+ Hits        42637    47553    +4916     
+ Misses       8407     3491    -4916
Flag Coverage Δ
e2e 44.81% <ø> (+0.65%) ⬆️
integration 22.75% <ø> (-0.06%) ⬇️
unit 91.42% <ø> (+10.27%) ⬆️
unit-migrate 91.47% <ø> (+24.85%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@rissson rissson enabled auto-merge (squash) December 3, 2025 13:41
@rissson rissson merged commit ea19094 into main Dec 3, 2025
135 of 137 checks passed
@rissson rissson deleted the dependabot/docker/astral-sh/uv-0.9.15 branch December 3, 2025 13:59
kensternberg-authentik added a commit that referenced this pull request Dec 11, 2025
@kensternberg-authentik
Merge branch 'main' into dev
9fbc760 
* main: (44 commits)
  build(deps): bump django from 5.2.8 to 5.2.9 (#18566)
  web: Adjust colors (#18427)
  admin/files: delete applications cache on migration (#18565)
  core: bump astral-sh/uv from 0.9.14 to 0.9.15 (#18555)
  core: bump goauthentik.io/api/v3 from 3.2025120.11 to 3.2025120.15 (#18551)
  core: bump goauthentik/fips-debian from `c718f60` to `cf233be` (#18553)
  ci: bump actions/checkout from 6.0.0 to 6.0.1 (#18554)
  ci: bump actions/stale from 10.1.0 to 10.1.1 (#18556)
  ci: bump golangci/golangci-lint-action from 9.1.0 to 9.2.0 (#18557)
  ci: bump actions/setup-node from 6.0.0 to 6.1.0 in /.github/actions/setup (#18559)
  core: bump library/golang from 1.25.4-trixie to 1.25.5-trixie (#18558)
  providers/scim: cache ServiceProviderConfig (#18047)
  web/i18n: Locale Context Merge Branch (#18426)
  website: Glossary (#16007)
  endpoints/stage: v2, better error handling, more settings (#18545)
  website: Docusaurus 3.9.2 (#18506)
  website/integrations: add hoop.dev (#17868)
  web/flows: update default background image (#18540)
  endpoints: implement endpoint stage (#18468)
  website/integrations: add salesforce (#18516)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rissson rissson rissson approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rissson