pypi uv 0.11.29

5 hours ago

Release Notes

Released on 2026-07-15.

Python

  • Use gzip-compressed artifacts for PyPy downloads (#20265)

Enhancements

  • Add JSON output to uv tree (#19978)
  • Add CUDA 13.2 as a supported PyTorch backend (#20267)
  • Prefer local artifacts over URLs when installing from pylock.toml (#20393)
  • Clarify diagnostics for unsatisfiable direct requirement ranges (#20227)
  • Include the selected project name in missing-extra errors (#20358)

Preview features

  • Preserve extras and dependency-group conflict context when selecting locked project tools (#20078)
  • Split OSV audit queries that exceed the service's 1,000-package limit (#20398)
  • Apply OSV fixed-version information only to the matching package and ecosystem (#20399)
  • Skip the virtualenv distutils monkeypatch on Python 3.10 and later (#20222)
  • Report invalid uv audit --service-url values instead of panicking (#20374)
  • Include preview settings in the published SchemaStore schema (#20304)

Performance

  • Reduce resolver work by widening selected versions across ranges without other known candidates (#20115)
  • Defer client and build setup for no-op uv sync operations (#20364)
  • Reuse workspace discovery during frozen syncs (#20363)
  • Reuse workspace discovery after resolving settings (#20356)
  • Reuse workspace discovery in uv tree, uv export, uv format, and uv audit (#20359)
  • Avoid cache and interpreter setup when reading a project version (#20360)

Bug fixes

  • Reject duplicate active package entries in pylock.toml (#20391)
  • Preserve direct-archive hashes in uv pip freeze output (#20395)
  • Explain conflicting root requirements instead of displaying an empty version range (#20228)
  • Prevent build-backend data paths from escaping the project or bypassing wheel exclusions (#20397)
  • Reject PEP 517 backend paths outside the source tree, including paths that escape through symlinks (#20387)
  • Redact credentials from failed Git fetch commands (#20401)
  • Fix exclusive post-release range ordering to match PEP 440 (#20268)
  • Canonicalize equivalent PEP 440 ranges during dependency resolution (#20182)
  • Honor Python version pins when initializing scripts (#20404)
  • Respect package-scoped source filtering for scripts (#20389)
  • Report existing environment incompatibilities when uv pip install --strict has nothing to install (#20388)
  • Continue scanning platlib when purelib is missing (#20405)
  • Handle versionless .egg-info files as legacy package metadata (#20403)
  • Make repeated locking idempotent for impossible cross-variable platform markers (#20369)
  • Report invalid cloud credential endpoint URLs instead of panicking (#20372)
  • Report invalid pylock.toml artifact URLs instead of panicking (#20373)
  • Report non-UTF-8 virtual environment paths instead of panicking while generating activation scripts (#20375)
  • Return an unsupported-operation error from unimplemented build-backend requirement hooks (#20376)

Documentation

  • Clarify --no-build behavior for editable requirements (#20234)
  • Document uv's threat model (#20236)
  • Reduce the number of badges in the README (#11257)

Install uv 0.11.29

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.29/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.29/uv-installer.ps1 | iex"

Download uv 0.11.29

File Platform Checksum
uv-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
uv-x86_64-apple-darwin.tar.gz Intel macOS checksum
uv-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
uv-i686-pc-windows-msvc.zip x86 Windows checksum
uv-x86_64-pc-windows-msvc.zip x64 Windows checksum
uv-aarch64-unknown-linux-gnu.tar.gz ARM64 Linux checksum
uv-i686-unknown-linux-gnu.tar.gz x86 Linux checksum
uv-powerpc64le-unknown-linux-gnu.tar.gz PPC64LE Linux checksum
uv-riscv64gc-unknown-linux-gnu.tar.gz RISCV Linux checksum
uv-s390x-unknown-linux-gnu.tar.gz S390x Linux checksum
uv-x86_64-unknown-linux-gnu.tar.gz x64 Linux checksum
uv-armv7-unknown-linux-gnueabihf.tar.gz ARMv7 Linux checksum
uv-aarch64-unknown-linux-musl.tar.gz ARM64 MUSL Linux checksum
uv-i686-unknown-linux-musl.tar.gz x86 MUSL Linux checksum
uv-riscv64gc-unknown-linux-musl.tar.gz RISCV MUSL Linux checksum
uv-x86_64-unknown-linux-musl.tar.gz x64 MUSL Linux checksum
uv-arm-unknown-linux-musleabihf.tar.gz ARMv6 MUSL Linux (Hardfloat) checksum
uv-armv7-unknown-linux-musleabihf.tar.gz ARMv7 MUSL Linux checksum

Verifying GitHub Artifact Attestations

The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:

gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uv

You can also download the attestation from GitHub and verify against that directly:

gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>

Don't miss a new uv release

NewReleases is sending notifications on new releases.