Speedup discovery of large workspaces#18311
Conversation
| /// Collect the workspace member projects from the `members` and `excludes` entries. | ||
| async fn collect_members( | ||
| /// Collect the workspace member projects and build the workspace object. | ||
| async fn build( |
There was a problem hiding this comment.
I think I might still prefer "collect"? or just "new"? I think "build" is overloaded
555d801 to
a17a664
Compare
b9b1c55 to
bdab9cb
Compare
bdab9cb to
ed8c4f6
Compare
EliteTK
left a comment
There was a problem hiding this comment.
Looks good overall, not sure about the update_project stuff. Will need to give it a second look later before I'm confident I've understood it enough to mark it as approved.
| let slf = Arc::try_unwrap(slf).unwrap_or_else(|slf| { | ||
| if cfg!(debug_assertions) { | ||
| panic!( | ||
| "Cannot modify workspace still in use with {} references", | ||
| Arc::strong_count(&slf) | ||
| ); | ||
| } else { | ||
| (*slf).clone() | ||
| } | ||
| }); |
There was a problem hiding this comment.
It feels somewhat like it should be the caller's responsibility to pull the workspace out of the Arc.
There was a problem hiding this comment.
Also, it's a bit worrying that we're just ignoring the potential for a split-brained situation here when debug_assertions are off.
I think if we can shift responsibility to callers this might end up unnecessary anyway?
There was a problem hiding this comment.
I improved the comment a bit.
The idea is that the caller shouldn't be aware of the Arc at all, it should be an implementation detail. OTOH, you shouldn't change the workspace if there's other parts of uv holding on to the cache, editing should always be an exclusive operation (this is the case, but it musn't regress). Then finally, we want uv to never panic, so it's a debug assertion check only. I'm not particularly attached to it, this is just about how this nesting came to be.
There was a problem hiding this comment.
I mean the caller cannot call if the Arc has more than one reference. This seems like an abstraction leak in that case. Unless I missed something and it's impossible to call this from such a context. But this makes me wonder if there should be a "we're building this Workspace" kind of type which doesn't use Arc, and then a second "we've built this Workspace" kind of type which holds onto an Arc...?
I'll need to read a bit further into the surrounding context before I can give a more concrete sounding explanation of what I mean.
There was a problem hiding this comment.
Our current approach is that a workspace-modifying command reads the workspace the normal way, then applies a list of changes, then syncs. These are not performance critical in the cases I looked at, so I'm willing to do whatever is easiest to ensure correctness for.
There was a problem hiding this comment.
I think fundamentally what this code looks like it wants is some kind of RwLock rather than an Arc.
To make that work with #18311 (comment) then you would make the cache store:
enum Slot {
Loading(watch::Receiver<Option<Arc<RwLock<Workspace>>>>),
Ready(Arc<RwLock<Workspace>>),
}
And I think it should more or less handle all the cases?
There was a problem hiding this comment.
TBH I think this fine, it looks worse than it is, the cases that calls call this (uv add/uv remove/uv version) are flat and sequential, so I'm fine with the verbose debug assert and Arc` operation here.
cefa8f6 to
010f996
Compare
Gankra
left a comment
There was a problem hiding this comment.
The general approach is good but I'm worried about the maintainability of the implementation.
| /// The cache makes assumptions about [`DiscoveryOptions`]: | ||
| /// * For a given discovery path, `stop_discovery_at` either always or never sits between a project | ||
| /// and a workspace root. This means that we don't need to key discovery on `stop_discovery_at`. | ||
| /// * TODO(konsti): Support caching for [`MemberDiscovery`] modes that aren't `All`. |
There was a problem hiding this comment.
Do those actually come up much?
| let slf = Arc::try_unwrap(self).unwrap_or_else(|slf| { | ||
| if cfg!(debug_assertions) { | ||
| panic!( | ||
| "Cannot modify workspace still in use with {} references", | ||
| Arc::strong_count(&slf) | ||
| ); | ||
| } else { |
There was a problem hiding this comment.
A very interesting assertion to include only in debug, what's the concern of multiple outstanding references?
There was a problem hiding this comment.
You'd have some other type around that references the workspace you're just editing, which risks using the incorrect cached state later. This is trivially true atm, the Arc::try_unwrap only makes it explicit.
| let project_root = uv_fs::normalize_path(&project_root); | ||
| // Trim trailing slashes. | ||
| let project_root = project_root.components().collect::<PathBuf>(); |
There was a problem hiding this comment.
damn, uv_fs::normalize_path really failing to live up to its name
There was a problem hiding this comment.
More seriously this is copy-pasted in a lot of places and it would be really bad for anyone to not do exactly this so maybe this should be factored into a function?
| let workspace = Arc::new(workspace); | ||
| cache.insert(workspace.clone()); |
There was a problem hiding this comment.
Hmm I'm not a huge fan of "check cache" and "insert into cache" being in separate functions, this seems highly likely to cause errors. Ideally cache code is always shaped like
cache.get(x).or_insert(|| make_new(x))
There was a problem hiding this comment.
Per other comments about races it is hopefully fine that two threads could race on inserting into the cache when they're only doing get_or_insert. The only weirdness about it is they will not end up agreeing on the Arc, but both Arcs should hold the same contents unless someone is concurrently modifying the pyproject.toml or something, in which case uv can't really defend against that.
There was a problem hiding this comment.
Not really sure what a better implementation here is, given that workspace discovery is a slow operation that runs in parallel.
There was a problem hiding this comment.
But when it's running in parallel, I assume it's not useful if two parallel processes are discovering the same workspace simultaneously right?
So I think an option would be to have data structure such that:
getis an asynchronous operation. If someone else is currently discovering the workspace for that entry, it blocks until completion.getreturns some "entry" type which keeps that specific keyed entry locked until it is dropped. Such that,or_insertcan be an operation which carries that lock until the entry is actually written.
The alternative is that two parallel processes try to discover the same workspace ~simultaneously. Which at best is just wasted cycles, and at worst could slow down both operations.
There was a problem hiding this comment.
That's the question I had in the very beginning of the implementation too, and I'm still not entirely sure about:
The problem is that if you discover /foo/a and /foo/b, you can't know whether they'll belong to the same workspace or not until you read the current pyproject.toml and traverse up and (potentially) read the workspace root pyproject.toml. Potentially, all the paths you're trying to look at are part of the workspace defined by /pyproject.toml, or they could all be individual projects.
This leads to those options:
- Make workspace discovery sequential, so each discovery operation is sure that it uses the cache if one exists
- Discover the current project and the workspace root, then lock on discovering the rest of the workspace
- If we skip the current project and workspace root discovery if it's in the cache, we have a (smaller) race still
- If we always perform the current project and workspace root discovery for each new path, it gets noticeably slower. (I think it would undo the speed of this PR?)
To be more clear about the expensive work we have to do, the work to discover a workspace from a project is:
- Discover the current project
pyproject.toml - Traverse upwards and read the workspace root
pyproject.toml - Discover all the other members by reading their
pyproject.toml
Previously, we only cached (3), this PR adds caching for (1) and (2).
There was a problem hiding this comment.
I guess I have a few questions:
- Is there a situation where for a specific workspace, uv would initiate a discovery for more than one member before reading the workspace
pyproject.toml? - If all we need to cache is the
pyproject.tomlcontents, why isn't the cache explicitly designed around that? I don't see a problem with caching the workspaces too, but it seems like we'd get most of the way here by just cachingpyproject.tomlkeyed by path and having an invalidation mechanism? - If two discovery "threads" try to discover
/foo/aand/foo/bin parallel. Isn't the current design such that both of them will still discover the root of the workspace in parallel, then discover the other member in parallel, and only then write the cache entry at the end?
There was a problem hiding this comment.
Is there a situation where for a specific workspace, uv would initiate a discovery for more than one member before reading the workspace pyproject.toml?
Yes, e.g. bar depends on foo-a and foo-b, which are not in its own workspace.
If all we need to cache is the pyproject.toml contents, why isn't the cache explicitly designed around that? I don't see a problem with caching the workspaces too, but it seems like we'd get most of the way here by just caching pyproject.toml keyed by path and having an invalidation mechanism?
Yeah we can try doing that, this could handle a large fraction of what we're currently doing.
If two discovery "threads" try to discover
/foo/aand/foo/bin parallel. Isn't the current design such that both of them will still discover the root of the workspace in parallel, then discover the other member in parallel, and only then write the cache entry at the end?
Yes, changing that would be this option:
Discover the current project and the workspace root, then lock on discovering the rest of the workspace
If we skip the current project and workspace root discovery if it's in the cache, we have a (smaller) race still
There was a problem hiding this comment.
If you think the pyproject.toml cache will work, it'll probably be a simpler approach than trying to implement the "Discover the current project and the workspace root, then lock on discovering the rest of the workspace" approach.
If we skip the current project and workspace root discovery if it's in the cache, we have a (smaller) race still
You mean that foo-a's and foo-b's pyproject.tomls would be both read first by the initial parallel discovery tasks, and then one of the tasks would grab the workspace lock which would mean that the second task would wait, meaning the first task would still have to read the other pyproject.toml twice?
This seems like it is a good example of the kind of problem which would be implicitly avoided if we maintained a pyproject.toml cache. It could mean that foo-a's discovery task, which found the workspace root first, has to wait for foo-b's discovery task to parse the pyproject.toml. But this shouldn't slow anything down because foo-b's discovery task should normally be done parsing sooner than foo-a's discovery task would have if it had also simultaneously tried to parse the file at that point.
|
|
||
| // Update the `pypackage.toml` in-memory. | ||
| target = target.update(&content)?; | ||
| target = target.update(&content, &WorkspaceCache::default())?; |
There was a problem hiding this comment.
Do we really need to make two workspace caches in this function?
There was a problem hiding this comment.
It seems easier to not cache here than to try getting all subtlety correct here (unlike uv run where this performance matters).
| .workspaces | ||
| .lock() | ||
| .expect("there was a panic in another thread"); | ||
| cache.insert(workspace.install_path.clone(), workspace); |
There was a problem hiding this comment.
Notable here that this makes clear kinda redundant since you can just insert over a workspace and we don't care if it was already defined. And removing the workspace before inserting it again just gives another thread permission to go "oh shoot that's not in the cache, I gotta insert that workspace myself" only for this thread to come back around and overwrite it anyway.
Depending on the workloads you expect here it might be correct/necessary to hold the lock between clear and insert so no one gets confused.
There was a problem hiding this comment.
Which clear/insert pair do you mean?
9798dfa to
8b6d5ea
Compare
EliteTK
left a comment
There was a problem hiding this comment.
I think this code should work as is but I've left/expanded on some of the suggestions.
This time I feel pretty confident I understand all of it.
| let workspace = Arc::new(workspace); | ||
| cache.insert(workspace.clone()); |
There was a problem hiding this comment.
But when it's running in parallel, I assume it's not useful if two parallel processes are discovering the same workspace simultaneously right?
So I think an option would be to have data structure such that:
getis an asynchronous operation. If someone else is currently discovering the workspace for that entry, it blocks until completion.getreturns some "entry" type which keeps that specific keyed entry locked until it is dropped. Such that,or_insertcan be an operation which carries that lock until the entry is actually written.
The alternative is that two parallel processes try to discover the same workspace ~simultaneously. Which at best is just wasted cycles, and at worst could slow down both operations.
| let slf = Arc::try_unwrap(slf).unwrap_or_else(|slf| { | ||
| if cfg!(debug_assertions) { | ||
| panic!( | ||
| "Cannot modify workspace still in use with {} references", | ||
| Arc::strong_count(&slf) | ||
| ); | ||
| } else { | ||
| (*slf).clone() | ||
| } | ||
| }); |
There was a problem hiding this comment.
I think fundamentally what this code looks like it wants is some kind of RwLock rather than an Arc.
To make that work with #18311 (comment) then you would make the cache store:
enum Slot {
Loading(watch::Receiver<Option<Arc<RwLock<Workspace>>>>),
Ready(Arc<RwLock<Workspace>>),
}
And I think it should more or less handle all the cases?
7dd1cc5 to
e126ea3
Compare
933e0c5 to
69f8e0b
Compare
uv test inventory changesThis PR changes the tests when compared with the latest
|
50418f3 to
037debf
Compare
9ae5855 to
e5ede0a
Compare
Released on 2026-06-10. ### Enhancements - Add `--emit-index-url` and `--emit-find-links` to `uv export` ([#18370](#18370)) - Add `--find-links` support for `uv pip list` ([#16103](#16103)) - Group executable install errors during `uv python install` ([#19691](#19691)) - Use ICF in macOS release builds to reduce binary sizes ([#19615](#19615)) ### Preview features - Add initial hidden `uv upgrade` command ([#19678](#19678)) - Reject Git revisions in `uv upgrade` ([#19742](#19742)) ### Configuration - Recognize `UV_NO_INSTALL_PROJECT`, `UV_NO_INSTALL_WORKSPACE`, `UV_NO_INSTALL_LOCAL` ([#19323](#19323)) ### Performance - Speed up discovery of large workspaces ([#18311](#18311)) ### Bug fixes - Allow unknown preview flags with a warning again ([#19669](#19669)) - Apply dependency exclusions to direct requirements ([#19699](#19699)) - Avoid following external symlinks during cache clean ([#19682](#19682)) - Avoid following symlinks during cache prune ([#19543](#19543)) - Fix Git cache keys for worktrees and packed refs ([#19706](#19706)) - Make resolver error handling iterative to avoid stack overflows ([#19695](#19695)) - Pass `VIRTUAL_ENV` through `cygpath` inside `fish` on Windows ([#19703](#19703)) - Rebuild explicit local directory tool installs ([#19591](#19591)) - Validate egg top-level entries as identifiers ([#19679](#19679)) ### Documentation - Document `--find-links` caching behavior ([#19585](#19585)) - Add a small section for malware checks ([#19680](#19680))
Adding the `stop_discovery_at.is_none()` at https://github.com/astral-sh/uv/blob/53d3f5443441ff5ef17b66a0d68cf7091dd5a091/crates/uv-workspace/src/workspace.rs#L1734-L1754 in #18311 inadvertently caused a regression when `stop_discovery_at` was missing during workspace discovery. This PR fixes that.
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [ghcr.io/astral-sh/uv](https://github.com/astral-sh/uv) | stage | patch | `0.11.19` → `0.11.20` | --- ### Release Notes <details> <summary>astral-sh/uv (ghcr.io/astral-sh/uv)</summary> ### [`v0.11.20`](https://github.com/astral-sh/uv/blob/HEAD/CHANGELOG.md#01120) Released on 2026-06-10. ##### Enhancements - Add `--emit-index-url` and `--emit-find-links` to `uv export` ([#​18370](astral-sh/uv#18370)) - Add `--find-links` support for `uv pip list` ([#​16103](astral-sh/uv#16103)) - Group executable install errors during `uv python install` ([#​19691](astral-sh/uv#19691)) - Use ICF in macOS release builds to reduce binary sizes ([#​19615](astral-sh/uv#19615)) ##### Preview features - Add initial hidden `uv upgrade` command ([#​19678](astral-sh/uv#19678)) - Reject Git revisions in `uv upgrade` ([#​19742](astral-sh/uv#19742)) ##### Configuration - Recognize `UV_NO_INSTALL_PROJECT`, `UV_NO_INSTALL_WORKSPACE`, `UV_NO_INSTALL_LOCAL` ([#​19323](astral-sh/uv#19323)) ##### Performance - Speed up discovery of large workspaces ([#​18311](astral-sh/uv#18311)) ##### Bug fixes - Allow unknown preview flags with a warning again ([#​19669](astral-sh/uv#19669)) - Apply dependency exclusions to direct requirements ([#​19699](astral-sh/uv#19699)) - Avoid following external symlinks during cache clean ([#​19682](astral-sh/uv#19682)) - Avoid following symlinks during cache prune ([#​19543](astral-sh/uv#19543)) - Fix Git cache keys for worktrees and packed refs ([#​19706](astral-sh/uv#19706)) - Make resolver error handling iterative to avoid stack overflows ([#​19695](astral-sh/uv#19695)) - Pass `VIRTUAL_ENV` through `cygpath` inside `fish` on Windows ([#​19703](astral-sh/uv#19703)) - Rebuild explicit local directory tool installs ([#​19591](astral-sh/uv#19591)) - Validate egg top-level entries as identifiers ([#​19679](astral-sh/uv#19679)) ##### Documentation - Document `--find-links` caching behavior ([#​19585](astral-sh/uv#19585)) - Add a small section for malware checks ([#​19680](astral-sh/uv#19680)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMjAuMCIsInVwZGF0ZWRJblZlciI6IjQzLjIyMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: Renovate Bot <renovate@bhamm-lab.com> Reviewed-on: https://codeberg.org/blake-hamm/bhamm-lab/pulls/186
Adding the `stop_discovery_at.is_none()` at https://github.com/astral-sh/uv/blob/53d3f5443441ff5ef17b66a0d68cf7091dd5a091/crates/uv-workspace/src/workspace.rs#L1734-L1754 in #18311 inadvertently caused a regression when `stop_discovery_at` was missing during workspace discovery. This PR fixes that by always passing in `stop_discovery_at` when discovering workspaces in the cache. --------- Co-authored-by: Tomasz Kramkowski <tom@astral.sh>
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [uv](https://github.com/astral-sh/uv) | patch | `0.11.19` → `0.11.21` | --- ### Release Notes <details> <summary>astral-sh/uv (uv)</summary> ### [`v0.11.21`](https://github.com/astral-sh/uv/blob/HEAD/CHANGELOG.md#01121) [Compare Source](astral-sh/uv@0.11.20...0.11.21) Released on 2026-06-11. ##### Python - Add CPython 3.13.14 and 3.14.6 ([#​19787](astral-sh/uv#19787)) ##### Preview features - Add `environment.root` to `uv workspace metadata --sync` ([#​19760](astral-sh/uv#19760)) - Allow `uv upgrade` to update a single dependency constraint ([#​19738](astral-sh/uv#19738)) - Compute and pass `uv workspace metadata` payload in `ty check` ([#​19763](astral-sh/uv#19763)) - Make packaged applications the default for `uv init` ([#​17841](astral-sh/uv#17841)) ##### Performance - Add parallel discovery of Python versions for `uv python list` ([#​18684](astral-sh/uv#18684)) - Avoid normalizing source distribution names twice ([#​19784](astral-sh/uv#19784)) ##### Bug fixes - Improve cache robustness and pruning behavior - Allow CI cache pruning without an sdist bucket ([#​19802](astral-sh/uv#19802)) - Avoid overflow when reading malformed cache entries ([#​19799](astral-sh/uv#19799)) - Preserve cached Python downloads during cache pruning ([#​19795](astral-sh/uv#19795)) - Reject running inside the cache ([#​19659](astral-sh/uv#19659)) - Fix Python discovery and version request edge cases - Avoid panics for Unicode Python version requests ([#​19797](astral-sh/uv#19797)) - Fix handling of non-critical errors in `uv python list` with path requests ([#​19774](astral-sh/uv#19774)) - Fix stop-discovery-at regression ([#​19769](astral-sh/uv#19769)) - Harden parsing and validation for package metadata, requirements, markers, URLs, and conflict sets - Allow trailing commas in version specifiers ([#​19806](astral-sh/uv#19806)) - Avoid panics for invalid UTF-8 URL credentials ([#​19800](astral-sh/uv#19800)) - Avoid panics for malformed source distribution filenames ([#​19776](astral-sh/uv#19776)) - Avoid panics for trailing extra separators ([#​19779](astral-sh/uv#19779)) - Avoid stack overflow for recursive requirements path aliases ([#​19777](astral-sh/uv#19777)) - Ignore reversed string compatible-release markers ([#​19782](astral-sh/uv#19782)) - Reject duplicate entries in conflict sets ([#​19801](astral-sh/uv#19801)) - Reject malformed hash options in requirements files ([#​19783](astral-sh/uv#19783)) - Reject source distribution filenames without a separator ([#​19803](astral-sh/uv#19803)) - Use UTF-8 lengths for requirement errors ([#​19781](astral-sh/uv#19781)) - Use UTF-8 lengths for trailing marker errors ([#​19796](astral-sh/uv#19796)) - Use byte offsets when peeking over requirements ([#​19780](astral-sh/uv#19780)) - Validate GraalPy ABI suffixes ([#​19805](astral-sh/uv#19805)) - Improve wheel entry-point error handling and virtual environment activation quoting - Propagate errors when reading wheel entry points ([#​19794](astral-sh/uv#19794)) - Quote virtual environment activation paths with shell metacharacters ([#​19798](astral-sh/uv#19798)) ### [`v0.11.20`](https://github.com/astral-sh/uv/blob/HEAD/CHANGELOG.md#01120) [Compare Source](astral-sh/uv@0.11.19...0.11.20) Released on 2026-06-10. ##### Enhancements - Add `--emit-index-url` and `--emit-find-links` to `uv export` ([#​18370](astral-sh/uv#18370)) - Add `--find-links` support for `uv pip list` ([#​16103](astral-sh/uv#16103)) - Group executable install errors during `uv python install` ([#​19691](astral-sh/uv#19691)) - Use ICF in macOS release builds to reduce binary sizes ([#​19615](astral-sh/uv#19615)) ##### Preview features - Add initial hidden `uv upgrade` command ([#​19678](astral-sh/uv#19678)) - Reject Git revisions in `uv upgrade` ([#​19742](astral-sh/uv#19742)) ##### Configuration - Recognize `UV_NO_INSTALL_PROJECT`, `UV_NO_INSTALL_WORKSPACE`, `UV_NO_INSTALL_LOCAL` ([#​19323](astral-sh/uv#19323)) ##### Performance - Speed up discovery of large workspaces ([#​18311](astral-sh/uv#18311)) ##### Bug fixes - Allow unknown preview flags with a warning again ([#​19669](astral-sh/uv#19669)) - Apply dependency exclusions to direct requirements ([#​19699](astral-sh/uv#19699)) - Avoid following external symlinks during cache clean ([#​19682](astral-sh/uv#19682)) - Avoid following symlinks during cache prune ([#​19543](astral-sh/uv#19543)) - Fix Git cache keys for worktrees and packed refs ([#​19706](astral-sh/uv#19706)) - Make resolver error handling iterative to avoid stack overflows ([#​19695](astral-sh/uv#19695)) - Pass `VIRTUAL_ENV` through `cygpath` inside `fish` on Windows ([#​19703](astral-sh/uv#19703)) - Rebuild explicit local directory tool installs ([#​19591](astral-sh/uv#19591)) - Validate egg top-level entries as identifiers ([#​19679](astral-sh/uv#19679)) ##### Documentation - Document `--find-links` caching behavior ([#​19585](astral-sh/uv#19585)) - Add a small section for malware checks ([#​19680](astral-sh/uv#19680)) </details> --- ### Configuration 📅 **Schedule**: (in timezone Europe/London) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMTkuMCIsInVwZGF0ZWRJblZlciI6IjQzLjIxOS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJyZW5vdmF0ZS9naXRodWItcmVsZWFzZSIsInR5cGUvcGF0Y2giXX0=--> Reviewed-on: https://forgejo.hayden.moe/hayden/phoebe/pulls/92
Automated mise tool upgrades from local config. Updated tools: - `uv` Command: `mise upgrade --bump --local uv` <details> <summary>Version changelog (uv)</summary> | Tool | Requested | Installed | |------|-----------|-----------| | `uv` | `0.11.0` → `0.11.28` | `0.11.0` → `0.11.28` | </details> <details> <summary>Release notes (1 tools)</summary> <details> <summary>uv: `0.11.0` → `0.11.28` (astral-sh/uv)</summary> ### 0.11.19 ## Release Notes Released on 2026-06-03. ### Python - Add CPython 3.15.0b2 ([#19531](astral-sh/uv#19531)) ### Enhancements - Always compute SHA256 for remote distributions ([#19662](astral-sh/uv#19662)) - Add PyEmscripten platform (PEP 783) ([#19629](astral-sh/uv#19629)) - Add Pyodide 2025 target triple ([#19653](astral-sh/uv#19653)) ### Preview features - Make preview features for commands have names that aren't ambiguous with the command ([#19645](astral-sh/uv#19645)) - Respect `--isolated` in `uv check` ([#19666](astral-sh/uv#19666)) ### Bug fixes - Continue tool uninstall after dangling receipts ([#19623](astral-sh/uv#19623)) - Skip Unix-specific installation steps when cross-installing Windows Python distributions ([#19424](astral-sh/uv#19424)) ## Install uv 0.11.19 ### Install prebuilt binaries via shell script ```sh curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-installer.sh | sh ``` ### Install prebuilt binaries via powershell script ```sh powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-installer.ps1 | iex" ``` ## Download uv 0.11.19 | File | Platform | Checksum | |--------|----------|----------| | [uv-aarch64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-aarch64-apple-darwin.tar.gz) | Apple Silicon macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-aarch64-apple-darwin.tar.gz.sha256) | | [uv-x86_64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-x86_64-apple-darwin.tar.gz) | Intel macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-x86_64-apple-darwin.tar.gz.sha256) | | [uv-aarc… (truncated) ### 0.11.20 ## Release Notes Released on 2026-06-10. ### Enhancements - Add `--emit-index-url` and `--emit-find-links` to `uv export` ([#18370](astral-sh/uv#18370)) - Add `--find-links` support for `uv pip list` ([#16103](astral-sh/uv#16103)) - Group executable install errors during `uv python install` ([#19691](astral-sh/uv#19691)) - Use ICF in macOS release builds to reduce binary sizes ([#19615](astral-sh/uv#19615)) ### Preview features - Add initial hidden `uv upgrade` command ([#19678](astral-sh/uv#19678)) - Reject Git revisions in `uv upgrade` ([#19742](astral-sh/uv#19742)) ### Configuration - Recognize `UV_NO_INSTALL_PROJECT`, `UV_NO_INSTALL_WORKSPACE`, `UV_NO_INSTALL_LOCAL` ([#19323](astral-sh/uv#19323)) ### Performance - Speed up discovery of large workspaces ([#18311](astral-sh/uv#18311)) ### Bug fixes - Allow unknown preview flags with a warning again ([#19669](astral-sh/uv#19669)) - Apply dependency exclusions to direct requirements ([#19699](astral-sh/uv#19699)) - Avoid following external symlinks during cache clean ([#19682](astral-sh/uv#19682)) - Avoid following symlinks during cache prune ([#19543](astral-sh/uv#19543)) - Fix Git cache keys for worktrees and packed refs ([#19706](astral-sh/uv#19706)) - Make resolver error handling iterative to avoid stack overflows ([#19695](astral-sh/uv#19695)) - Pass `VIRTUAL_ENV` through `cygpath` inside `fish` on Windows ([#19703](astral-sh/uv#19703)) - Rebuild explicit local directory tool installs ([#19591](astral-sh/uv#19591)) - Validate egg top-level entries as identifiers ([#19679](https://github.com/astral-sh/uv/pull/19… (truncated) ### 0.11.21 ## Release Notes Released on 2026-06-11. ### Python - Add CPython 3.13.14 and 3.14.6 ([#19787](astral-sh/uv#19787)) ### Preview features - Add `environment.root` to `uv workspace metadata --sync` ([#19760](astral-sh/uv#19760)) - Allow `uv upgrade` to update a single dependency constraint ([#19738](astral-sh/uv#19738)) - Compute and pass `uv workspace metadata` payload in `ty check` ([#19763](astral-sh/uv#19763)) - Make packaged applications the default for `uv init` ([#17841](astral-sh/uv#17841)) ### Performance - Add parallel discovery of Python versions for `uv python list` ([#18684](astral-sh/uv#18684)) - Avoid normalizing source distribution names twice ([#19784](astral-sh/uv#19784)) ### Bug fixes - Improve cache robustness and pruning behavior - Allow CI cache pruning without an sdist bucket ([#19802](astral-sh/uv#19802)) - Avoid overflow when reading malformed cache entries ([#19799](astral-sh/uv#19799)) - Preserve cached Python downloads during cache pruning ([#19795](astral-sh/uv#19795)) - Reject running inside the cache ([#19659](astral-sh/uv#19659)) - Fix Python discovery and version request edge cases - Avoid panics for Unicode Python version requests ([#19797](astral-sh/uv#19797)) - Fix handling of non-critical errors in `uv python list` with path requests ([#19774](astral-sh/uv#19774)) - Fix stop-discovery-at regression ([#19769](astral-sh/uv#19769)) - Harden parsing and validation for package metadata, requirements, markers, URLs, and conflict sets - Allow trailing commas in version specifiers ([#19806](astral-sh/uv#19806)) - Avoid panics for invalid UTF-8 URL… (truncated) ### 0.11.22 ## Release Notes Released on 2026-06-18. ### Enhancements - Publish wheels before sdists in `uv publish` ([#19831](astral-sh/uv#19831)) - Add `TY` and `RUFF` env vars for providing paths for binaries used by `uv format` and `uv check` ([#19821](astral-sh/uv#19821)) ### Preview features - Allow configuring preview features in `uv.toml` and `pyproject.toml` ([#18437](astral-sh/uv#18437)) - Update the lockfile during `uv check --no-sync` ([#19909](astral-sh/uv#19909)) - Add `--script` to `uv check` and `uv metadata` ([#19860](astral-sh/uv#19860)) - Report workspace-exclusive dependency groups in `workspace metadata` ([#19862](astral-sh/uv#19862)) - Support SARIF as a `uv audit` output ([#19872](astral-sh/uv#19872)) ### Performance - Use a more deadlock-resistant concurrent hashmap in the resolver ([#19532](astral-sh/uv#19532)) ### Bug fixes - Update string marker ordering semantics to match [upstream clarified rules](pypa/packaging.python.org#1988) ([#19808](astral-sh/uv#19808)) - Reject extras that have the same normalized name ([#19871](astral-sh/uv#19871)) - Reject dependency group `include-group` entries that have additional fields ([#19866](astral-sh/uv#19866)) - Reject invalid UTF-8 URL credentials ([#19814](astral-sh/uv#19814)) - Validate that PEP 517 `backend-path`s exist when building sdists ([#19834](astral-sh/uv#19834)) - Validate that `pylock.toml` files do not have an unsupported a `lock-version` ([#19869](astral-sh/uv#19869)) - Validate that the environment satisfies the `packages.requires-python` of a `pylock.toml` ([#19868](astral-sh/uv#19868)) - Allow `u… (truncated) ### 0.11.23 ## Release Notes Released on 2026-06-19. ### Bug fixes - Revert "Fix transparent Python upgrades in project environments" to mitigate unintended breakage in `pre-commit-uv` ([#19925](astral-sh/uv#19925)) - Restore old behavior where workspace members "hidden" by an intermediate `pyproject.toml` would be treated as standalone projects ([#19926](astral-sh/uv#19926)) ## Install uv 0.11.23 ### Install prebuilt binaries via shell script ```sh curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-installer.sh | sh ``` ### Install prebuilt binaries via powershell script ```sh powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-installer.ps1 | iex" ``` ## Download uv 0.11.23 | File | Platform | Checksum | |--------|----------|----------| | [uv-aarch64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-aarch64-apple-darwin.tar.gz) | Apple Silicon macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-aarch64-apple-darwin.tar.gz.sha256) | | [uv-x86_64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-x86_64-apple-darwin.tar.gz) | Intel macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-x86_64-apple-darwin.tar.gz.sha256) | | [uv-aarch64-pc-windows-msvc.zip](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-aarch64-pc-windows-msvc.zip) | ARM64 Windows | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-aarch64-pc-windows-msvc.zip.sha256) | | [uv-i686-pc-windows-msvc.zip](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-i686-pc-windows-msvc.zip) | x86 Windows | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-i686-pc-windows-msvc.zip.sha256) | | [uv-x86_64-pc-windows-msvc.zip](http… (truncated) ### 0.11.24 ## Release Notes Released on 2026-06-23. ### Python - Add CPython 3.15.0b3 ([#19964](astral-sh/uv#19964)) ### Preview features - Make project environments relocatable under preview ([#19965](astral-sh/uv#19965)) ### Performance - Use a compact index for lazy version maps ([#19959](astral-sh/uv#19959)) ### Bug fixes - Allow disabling `exclude-newer` ([#19934](astral-sh/uv#19934)) - Avoid archive id collisions ([#19949](astral-sh/uv#19949)) - Reapply "Fix transparent Python upgrades in project environments" ([#19928](astral-sh/uv#19928)) - Clean up partial tool entrypoint installs ([#19966](astral-sh/uv#19966)) - Fix relocatable `activate.fish` and broaden Fish version support ([#19856](astral-sh/uv#19856)) ## Install uv 0.11.24 ### Install prebuilt binaries via shell script ```sh curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.24/uv-installer.sh | sh ``` ### Install prebuilt binaries via powershell script ```sh powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.24/uv-installer.ps1 | iex" ``` ## Download uv 0.11.24 | File | Platform | Checksum | |--------|----------|----------| | [uv-aarch64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.24/uv-aarch64-apple-darwin.tar.gz) | Apple Silicon macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.24/uv-aarch64-apple-darwin.tar.gz.sha256) | | [uv-x86_64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.24/uv-x86_64-apple-darwin.tar.gz) | Intel macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.24/uv-x86_64-apple-darwin.tar.gz.sha256) | | [uv-aarch64-pc-windows-msvc.zip](https://releases.ast… (truncated) ### 0.11.25 ## Release Notes Released on 2026-06-26. ### Security This release updates our tar library, [astral-tokio-tar](https://github.com/astral-sh/tokio-tar), to v0.6.3, which includes over 20 changes that harden our tar handling against [parser differentials](https://www.brainonfire.net/blog/2022/04/11/what-is-parser-mismatch/). uv may reject source distributions with malformed or ambiguous content that were previously accepted. See the [upstream commits](astral-sh/tokio-tar@v0.6.2...v0.6.3) for a full list of changes. ### Enhancements - Add a full "lockfile" to tool receipts ([#18937](astral-sh/uv#18937)) - Allow scoped overrides to add dependencies ([#19974](astral-sh/uv#19974)) - Avoid writing redundant lockfile markers with `tool.uv.environments` ([#19933](astral-sh/uv#19933)) - Factor supported environments out of lockfile markers ([#19969](astral-sh/uv#19969)) - Recommend our own build backend in the build frontend ([#19994](astral-sh/uv#19994)) - Reject wheels with multiple .dist-info directories ([#19986](astral-sh/uv#19986)) - Simplify dependency markers under parent reachability ([#19971](astral-sh/uv#19971)) - Support scoped dependency exclusions ([#19977](astral-sh/uv#19977)) - Support scoped dependency overrides ([#19970](astral-sh/uv#19970)) - Explain why files are skipped in registry index parsing ([#19983](astral-sh/uv#19983)) ### Preview features - Add `uv workspace list --scripts` ([#20009](astral-sh/uv#20009)) - Support centralised environments in `uv venv` ([#19912](astral-sh/uv#19912)) - Use locked ty versions in `uv check` ([#19884](astral-sh/uv#19884)) - Add centralized storage of project environ… (truncated) ### 0.11.26 ## Release Notes Released on 2026-06-30. ### Performance - Adapt uv to IDs-only PubGrub dependencies ([#20048](astral-sh/uv#20048)) - Avoid allocations in `ForkMap::contains` ([#20023](astral-sh/uv#20023)) - Reuse resolver work across PubGrub iterations ([#20020](astral-sh/uv#20020)) - Speed up candidate selection for disjoint ranges ([#20026](astral-sh/uv#20026)) ### Bug fixes - Warn when the build cache is inside the source directory ([#20056](astral-sh/uv#20056)) ## Install uv 0.11.26 ### Install prebuilt binaries via shell script ```sh curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-installer.sh | sh ``` ### Install prebuilt binaries via powershell script ```sh powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-installer.ps1 | iex" ``` ## Download uv 0.11.26 | File | Platform | Checksum | |--------|----------|----------| | [uv-aarch64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-aarch64-apple-darwin.tar.gz) | Apple Silicon macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-aarch64-apple-darwin.tar.gz.sha256) | | [uv-x86_64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-x86_64-apple-darwin.tar.gz) | Intel macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-x86_64-apple-darwin.tar.gz.sha256) | | [uv-aarch64-pc-windows-msvc.zip](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-aarch64-pc-windows-msvc.zip) | ARM64 Windows | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-aarch64-pc-windows-msvc.zip.sha256) | | [uv-i686-pc-windows-msvc.zip](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-i686-pc-window… (truncated) ### 0.11.27 ## Release Notes Released on 2026-07-06. ### Enhancements - Continue on ignored errors when fetching wheel metadata ([#12255](astral-sh/uv#12255)) - Use caching for `--python-downloads-json-url` ([#16749](astral-sh/uv#16749)) ### Preview features - Discover extensionless shebang scripts in `uv workspace list --scripts` ([#20099](astral-sh/uv#20099)) ### Performance - Avoid full site-packages scans for direct reinstalls ([#20119](astral-sh/uv#20119)) - Avoid redundant pyproject parsing ([#20076](astral-sh/uv#20076)) - Cache default dependency markers when reading locks ([#20125](astral-sh/uv#20125)) - Enable SIMD-accelerated TOML parsing ([#20079](astral-sh/uv#20079)) - Intern `requires-python` specifiers in Simple API parsing ([#20104](astral-sh/uv#20104)) - Read cache entries into exact-sized buffers ([#20120](astral-sh/uv#20120)) - Reduce VersionSpecifiers parsing allocations ([#20105](astral-sh/uv#20105)) - Reduce site-packages scan allocation overhead ([#20087](astral-sh/uv#20087)) - Reuse package names when parsing wheel filenames ([#20110](astral-sh/uv#20110)) - Sort Simple API files after grouping ([#20112](astral-sh/uv#20112)) ### Bug fixes - Always emit `packages` table for pylock.toml ([#20145](astral-sh/uv#20145)) - Avoid blank line for empty `uv pip tree` ([#20062](astral-sh/uv#20062)) - Encode hashes in file paths ([#19807](astral-sh/uv#19807)) - Error on a registry uv.lock package without a version instead of panicking ([#19855](astral-sh/uv#19855)) - Preserve conditional extra markers in exports ([#20148](https://github.com/astra… (truncated) ### 0.11.28 ## Release Notes Released on 2026-07-07. ### Security This release updates our ZIP library, [astral-async-zip](https://github.com/astral-sh/rs-async-zip), to v0.0.20, which includes 15 changes that harden our ZIP handling against [parser differentials](https://www.brainonfire.net/blog/2022/04/11/what-is-parser-mismatch/). uv may reject ZIP archives with malformed or ambiguous content that were previously accepted. See the [upstream commits](astral-sh/rs-async-zip@v0.0.18...v0.0.20) for a full list of changes. ### Python - Upgrade GraalPy to 25.1.3 ([#20069](astral-sh/uv#20069)) ### Enhancements - Improve trace logs for unexpected error chains ([#20220](astral-sh/uv#20220)) - Move lockfile update guidance to a hint ([#20219](astral-sh/uv#20219)) - Preserve indentation for multiline error causes ([#20156](astral-sh/uv#20156)) - Render user errors with their cause chains ([#20217](astral-sh/uv#20217)) - Route final command errors through the printer to respect `-q` and `-qq` ([#20163](astral-sh/uv#20163)) - Use standard rendering for `uv build` errors ([#20159](astral-sh/uv#20159)) - Use standard rendering for tool requirement errors ([#20160](astral-sh/uv#20160)) ### Performance - Only compile bytecode for installed distributions in `uv pip install` ([#19914](astral-sh/uv#19914)) - Avoid allocating URL-safe Git revisions ([#20194](astral-sh/uv#20194)) - Avoid allocating canonical Python request strings ([#20193](astral-sh/uv#20193)) - Avoid allocating custom Astral mirror URLs ([#20204](astral-sh/uv#20204)) - Avoid allocating expanded compatibility tags ([#20190](astral-sh/uv#20190)) - Avoid allocating shell stri… (truncated) _Omitted 18 older releases._ </details> </details> Modified files: - `.mise.toml`
Automated mise tool upgrades from local config. Updated tools: - `uv` Command: `mise upgrade --bump --local uv` <details> <summary>Version changelog (uv)</summary> | Tool | Requested | Installed | |------|-----------|-----------| | `uv` | `0.11.0` → `0.11.28` | `0.11.0` → `0.11.28` | </details> <details> <summary>Release notes (1 tools)</summary> <details> <summary>uv: `0.11.0` → `0.11.28` (astral-sh/uv)</summary> ### 0.11.19 ## Release Notes Released on 2026-06-03. ### Python - Add CPython 3.15.0b2 ([#19531](astral-sh/uv#19531)) ### Enhancements - Always compute SHA256 for remote distributions ([#19662](astral-sh/uv#19662)) - Add PyEmscripten platform (PEP 783) ([#19629](astral-sh/uv#19629)) - Add Pyodide 2025 target triple ([#19653](astral-sh/uv#19653)) ### Preview features - Make preview features for commands have names that aren't ambiguous with the command ([#19645](astral-sh/uv#19645)) - Respect `--isolated` in `uv check` ([#19666](astral-sh/uv#19666)) ### Bug fixes - Continue tool uninstall after dangling receipts ([#19623](astral-sh/uv#19623)) - Skip Unix-specific installation steps when cross-installing Windows Python distributions ([#19424](astral-sh/uv#19424)) ## Install uv 0.11.19 ### Install prebuilt binaries via shell script ```sh curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-installer.sh | sh ``` ### Install prebuilt binaries via powershell script ```sh powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-installer.ps1 | iex" ``` ## Download uv 0.11.19 | File | Platform | Checksum | |--------|----------|----------| | [uv-aarch64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-aarch64-apple-darwin.tar.gz) | Apple Silicon macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-aarch64-apple-darwin.tar.gz.sha256) | | [uv-x86_64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-x86_64-apple-darwin.tar.gz) | Intel macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-x86_64-apple-darwin.tar.gz.sha256) | | [uv-aarc… (truncated) ### 0.11.20 ## Release Notes Released on 2026-06-10. ### Enhancements - Add `--emit-index-url` and `--emit-find-links` to `uv export` ([#18370](astral-sh/uv#18370)) - Add `--find-links` support for `uv pip list` ([#16103](astral-sh/uv#16103)) - Group executable install errors during `uv python install` ([#19691](astral-sh/uv#19691)) - Use ICF in macOS release builds to reduce binary sizes ([#19615](astral-sh/uv#19615)) ### Preview features - Add initial hidden `uv upgrade` command ([#19678](astral-sh/uv#19678)) - Reject Git revisions in `uv upgrade` ([#19742](astral-sh/uv#19742)) ### Configuration - Recognize `UV_NO_INSTALL_PROJECT`, `UV_NO_INSTALL_WORKSPACE`, `UV_NO_INSTALL_LOCAL` ([#19323](astral-sh/uv#19323)) ### Performance - Speed up discovery of large workspaces ([#18311](astral-sh/uv#18311)) ### Bug fixes - Allow unknown preview flags with a warning again ([#19669](astral-sh/uv#19669)) - Apply dependency exclusions to direct requirements ([#19699](astral-sh/uv#19699)) - Avoid following external symlinks during cache clean ([#19682](astral-sh/uv#19682)) - Avoid following symlinks during cache prune ([#19543](astral-sh/uv#19543)) - Fix Git cache keys for worktrees and packed refs ([#19706](astral-sh/uv#19706)) - Make resolver error handling iterative to avoid stack overflows ([#19695](astral-sh/uv#19695)) - Pass `VIRTUAL_ENV` through `cygpath` inside `fish` on Windows ([#19703](astral-sh/uv#19703)) - Rebuild explicit local directory tool installs ([#19591](astral-sh/uv#19591)) - Validate egg top-level entries as identifiers ([#19679](https://github.com/astral-sh/uv/pull/19… (truncated) ### 0.11.21 ## Release Notes Released on 2026-06-11. ### Python - Add CPython 3.13.14 and 3.14.6 ([#19787](astral-sh/uv#19787)) ### Preview features - Add `environment.root` to `uv workspace metadata --sync` ([#19760](astral-sh/uv#19760)) - Allow `uv upgrade` to update a single dependency constraint ([#19738](astral-sh/uv#19738)) - Compute and pass `uv workspace metadata` payload in `ty check` ([#19763](astral-sh/uv#19763)) - Make packaged applications the default for `uv init` ([#17841](astral-sh/uv#17841)) ### Performance - Add parallel discovery of Python versions for `uv python list` ([#18684](astral-sh/uv#18684)) - Avoid normalizing source distribution names twice ([#19784](astral-sh/uv#19784)) ### Bug fixes - Improve cache robustness and pruning behavior - Allow CI cache pruning without an sdist bucket ([#19802](astral-sh/uv#19802)) - Avoid overflow when reading malformed cache entries ([#19799](astral-sh/uv#19799)) - Preserve cached Python downloads during cache pruning ([#19795](astral-sh/uv#19795)) - Reject running inside the cache ([#19659](astral-sh/uv#19659)) - Fix Python discovery and version request edge cases - Avoid panics for Unicode Python version requests ([#19797](astral-sh/uv#19797)) - Fix handling of non-critical errors in `uv python list` with path requests ([#19774](astral-sh/uv#19774)) - Fix stop-discovery-at regression ([#19769](astral-sh/uv#19769)) - Harden parsing and validation for package metadata, requirements, markers, URLs, and conflict sets - Allow trailing commas in version specifiers ([#19806](astral-sh/uv#19806)) - Avoid panics for invalid UTF-8 URL… (truncated) ### 0.11.22 ## Release Notes Released on 2026-06-18. ### Enhancements - Publish wheels before sdists in `uv publish` ([#19831](astral-sh/uv#19831)) - Add `TY` and `RUFF` env vars for providing paths for binaries used by `uv format` and `uv check` ([#19821](astral-sh/uv#19821)) ### Preview features - Allow configuring preview features in `uv.toml` and `pyproject.toml` ([#18437](astral-sh/uv#18437)) - Update the lockfile during `uv check --no-sync` ([#19909](astral-sh/uv#19909)) - Add `--script` to `uv check` and `uv metadata` ([#19860](astral-sh/uv#19860)) - Report workspace-exclusive dependency groups in `workspace metadata` ([#19862](astral-sh/uv#19862)) - Support SARIF as a `uv audit` output ([#19872](astral-sh/uv#19872)) ### Performance - Use a more deadlock-resistant concurrent hashmap in the resolver ([#19532](astral-sh/uv#19532)) ### Bug fixes - Update string marker ordering semantics to match [upstream clarified rules](pypa/packaging.python.org#1988) ([#19808](astral-sh/uv#19808)) - Reject extras that have the same normalized name ([#19871](astral-sh/uv#19871)) - Reject dependency group `include-group` entries that have additional fields ([#19866](astral-sh/uv#19866)) - Reject invalid UTF-8 URL credentials ([#19814](astral-sh/uv#19814)) - Validate that PEP 517 `backend-path`s exist when building sdists ([#19834](astral-sh/uv#19834)) - Validate that `pylock.toml` files do not have an unsupported a `lock-version` ([#19869](astral-sh/uv#19869)) - Validate that the environment satisfies the `packages.requires-python` of a `pylock.toml` ([#19868](astral-sh/uv#19868)) - Allow `u… (truncated) ### 0.11.23 ## Release Notes Released on 2026-06-19. ### Bug fixes - Revert "Fix transparent Python upgrades in project environments" to mitigate unintended breakage in `pre-commit-uv` ([#19925](astral-sh/uv#19925)) - Restore old behavior where workspace members "hidden" by an intermediate `pyproject.toml` would be treated as standalone projects ([#19926](astral-sh/uv#19926)) ## Install uv 0.11.23 ### Install prebuilt binaries via shell script ```sh curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-installer.sh | sh ``` ### Install prebuilt binaries via powershell script ```sh powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-installer.ps1 | iex" ``` ## Download uv 0.11.23 | File | Platform | Checksum | |--------|----------|----------| | [uv-aarch64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-aarch64-apple-darwin.tar.gz) | Apple Silicon macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-aarch64-apple-darwin.tar.gz.sha256) | | [uv-x86_64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-x86_64-apple-darwin.tar.gz) | Intel macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-x86_64-apple-darwin.tar.gz.sha256) | | [uv-aarch64-pc-windows-msvc.zip](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-aarch64-pc-windows-msvc.zip) | ARM64 Windows | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-aarch64-pc-windows-msvc.zip.sha256) | | [uv-i686-pc-windows-msvc.zip](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-i686-pc-windows-msvc.zip) | x86 Windows | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-i686-pc-windows-msvc.zip.sha256) | | [uv-x86_64-pc-windows-msvc.zip](http… (truncated) ### 0.11.24 ## Release Notes Released on 2026-06-23. ### Python - Add CPython 3.15.0b3 ([#19964](astral-sh/uv#19964)) ### Preview features - Make project environments relocatable under preview ([#19965](astral-sh/uv#19965)) ### Performance - Use a compact index for lazy version maps ([#19959](astral-sh/uv#19959)) ### Bug fixes - Allow disabling `exclude-newer` ([#19934](astral-sh/uv#19934)) - Avoid archive id collisions ([#19949](astral-sh/uv#19949)) - Reapply "Fix transparent Python upgrades in project environments" ([#19928](astral-sh/uv#19928)) - Clean up partial tool entrypoint installs ([#19966](astral-sh/uv#19966)) - Fix relocatable `activate.fish` and broaden Fish version support ([#19856](astral-sh/uv#19856)) ## Install uv 0.11.24 ### Install prebuilt binaries via shell script ```sh curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.24/uv-installer.sh | sh ``` ### Install prebuilt binaries via powershell script ```sh powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.24/uv-installer.ps1 | iex" ``` ## Download uv 0.11.24 | File | Platform | Checksum | |--------|----------|----------| | [uv-aarch64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.24/uv-aarch64-apple-darwin.tar.gz) | Apple Silicon macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.24/uv-aarch64-apple-darwin.tar.gz.sha256) | | [uv-x86_64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.24/uv-x86_64-apple-darwin.tar.gz) | Intel macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.24/uv-x86_64-apple-darwin.tar.gz.sha256) | | [uv-aarch64-pc-windows-msvc.zip](https://releases.ast… (truncated) ### 0.11.25 ## Release Notes Released on 2026-06-26. ### Security This release updates our tar library, [astral-tokio-tar](https://github.com/astral-sh/tokio-tar), to v0.6.3, which includes over 20 changes that harden our tar handling against [parser differentials](https://www.brainonfire.net/blog/2022/04/11/what-is-parser-mismatch/). uv may reject source distributions with malformed or ambiguous content that were previously accepted. See the [upstream commits](astral-sh/tokio-tar@v0.6.2...v0.6.3) for a full list of changes. ### Enhancements - Add a full "lockfile" to tool receipts ([#18937](astral-sh/uv#18937)) - Allow scoped overrides to add dependencies ([#19974](astral-sh/uv#19974)) - Avoid writing redundant lockfile markers with `tool.uv.environments` ([#19933](astral-sh/uv#19933)) - Factor supported environments out of lockfile markers ([#19969](astral-sh/uv#19969)) - Recommend our own build backend in the build frontend ([#19994](astral-sh/uv#19994)) - Reject wheels with multiple .dist-info directories ([#19986](astral-sh/uv#19986)) - Simplify dependency markers under parent reachability ([#19971](astral-sh/uv#19971)) - Support scoped dependency exclusions ([#19977](astral-sh/uv#19977)) - Support scoped dependency overrides ([#19970](astral-sh/uv#19970)) - Explain why files are skipped in registry index parsing ([#19983](astral-sh/uv#19983)) ### Preview features - Add `uv workspace list --scripts` ([#20009](astral-sh/uv#20009)) - Support centralised environments in `uv venv` ([#19912](astral-sh/uv#19912)) - Use locked ty versions in `uv check` ([#19884](astral-sh/uv#19884)) - Add centralized storage of project environ… (truncated) ### 0.11.26 ## Release Notes Released on 2026-06-30. ### Performance - Adapt uv to IDs-only PubGrub dependencies ([#20048](astral-sh/uv#20048)) - Avoid allocations in `ForkMap::contains` ([#20023](astral-sh/uv#20023)) - Reuse resolver work across PubGrub iterations ([#20020](astral-sh/uv#20020)) - Speed up candidate selection for disjoint ranges ([#20026](astral-sh/uv#20026)) ### Bug fixes - Warn when the build cache is inside the source directory ([#20056](astral-sh/uv#20056)) ## Install uv 0.11.26 ### Install prebuilt binaries via shell script ```sh curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-installer.sh | sh ``` ### Install prebuilt binaries via powershell script ```sh powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-installer.ps1 | iex" ``` ## Download uv 0.11.26 | File | Platform | Checksum | |--------|----------|----------| | [uv-aarch64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-aarch64-apple-darwin.tar.gz) | Apple Silicon macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-aarch64-apple-darwin.tar.gz.sha256) | | [uv-x86_64-apple-darwin.tar.gz](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-x86_64-apple-darwin.tar.gz) | Intel macOS | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-x86_64-apple-darwin.tar.gz.sha256) | | [uv-aarch64-pc-windows-msvc.zip](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-aarch64-pc-windows-msvc.zip) | ARM64 Windows | [checksum](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-aarch64-pc-windows-msvc.zip.sha256) | | [uv-i686-pc-windows-msvc.zip](https://releases.astral.sh/github/uv/releases/download/0.11.26/uv-i686-pc-window… (truncated) ### 0.11.27 ## Release Notes Released on 2026-07-06. ### Enhancements - Continue on ignored errors when fetching wheel metadata ([#12255](astral-sh/uv#12255)) - Use caching for `--python-downloads-json-url` ([#16749](astral-sh/uv#16749)) ### Preview features - Discover extensionless shebang scripts in `uv workspace list --scripts` ([#20099](astral-sh/uv#20099)) ### Performance - Avoid full site-packages scans for direct reinstalls ([#20119](astral-sh/uv#20119)) - Avoid redundant pyproject parsing ([#20076](astral-sh/uv#20076)) - Cache default dependency markers when reading locks ([#20125](astral-sh/uv#20125)) - Enable SIMD-accelerated TOML parsing ([#20079](astral-sh/uv#20079)) - Intern `requires-python` specifiers in Simple API parsing ([#20104](astral-sh/uv#20104)) - Read cache entries into exact-sized buffers ([#20120](astral-sh/uv#20120)) - Reduce VersionSpecifiers parsing allocations ([#20105](astral-sh/uv#20105)) - Reduce site-packages scan allocation overhead ([#20087](astral-sh/uv#20087)) - Reuse package names when parsing wheel filenames ([#20110](astral-sh/uv#20110)) - Sort Simple API files after grouping ([#20112](astral-sh/uv#20112)) ### Bug fixes - Always emit `packages` table for pylock.toml ([#20145](astral-sh/uv#20145)) - Avoid blank line for empty `uv pip tree` ([#20062](astral-sh/uv#20062)) - Encode hashes in file paths ([#19807](astral-sh/uv#19807)) - Error on a registry uv.lock package without a version instead of panicking ([#19855](astral-sh/uv#19855)) - Preserve conditional extra markers in exports ([#20148](https://github.com/astra… (truncated) ### 0.11.28 ## Release Notes Released on 2026-07-07. ### Security This release updates our ZIP library, [astral-async-zip](https://github.com/astral-sh/rs-async-zip), to v0.0.20, which includes 15 changes that harden our ZIP handling against [parser differentials](https://www.brainonfire.net/blog/2022/04/11/what-is-parser-mismatch/). uv may reject ZIP archives with malformed or ambiguous content that were previously accepted. See the [upstream commits](astral-sh/rs-async-zip@v0.0.18...v0.0.20) for a full list of changes. ### Python - Upgrade GraalPy to 25.1.3 ([#20069](astral-sh/uv#20069)) ### Enhancements - Improve trace logs for unexpected error chains ([#20220](astral-sh/uv#20220)) - Move lockfile update guidance to a hint ([#20219](astral-sh/uv#20219)) - Preserve indentation for multiline error causes ([#20156](astral-sh/uv#20156)) - Render user errors with their cause chains ([#20217](astral-sh/uv#20217)) - Route final command errors through the printer to respect `-q` and `-qq` ([#20163](astral-sh/uv#20163)) - Use standard rendering for `uv build` errors ([#20159](astral-sh/uv#20159)) - Use standard rendering for tool requirement errors ([#20160](astral-sh/uv#20160)) ### Performance - Only compile bytecode for installed distributions in `uv pip install` ([#19914](astral-sh/uv#19914)) - Avoid allocating URL-safe Git revisions ([#20194](astral-sh/uv#20194)) - Avoid allocating canonical Python request strings ([#20193](astral-sh/uv#20193)) - Avoid allocating custom Astral mirror URLs ([#20204](astral-sh/uv#20204)) - Avoid allocating expanded compatibility tags ([#20190](astral-sh/uv#20190)) - Avoid allocating shell stri… (truncated) _Omitted 18 older releases._ </details> </details> Modified files: - `.mise.toml` Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This change avoids reading workspace root and member
pyproject.tomlmultiple times for the same information. It remove all duplicate reading except for cache keys.With the whole stack merged, it's ~1.8x faster for
uv run python -Vin airflow (ignoring the one uncacheable wheel with--offline):hyperfine --warmup 5 --runs 50on airflow:When analyzing the spans, reading the root
airflow/pyproject.tomlgoes from 130 times to 2 times (regular read and cache keys), while for each workspace member, it goes from 4 to 2 reads (regular read and cache keys), removing 2 full reads each.Before
After