Update ghcr.io/astral-sh/uv Docker tag to v0.11.23

[renovate]

This PR contains the following updates:

Package	Type	Change
ghcr.io/astral-sh/uv	stage	0.11.16 → 0.11.23

---

Release Notes

astral-sh/uv (ghcr.io/astral-sh/uv)

v0.11.23

Compare Source

Released on 2026-06-19.

Bug fixes

• Revert "Fix transparent Python upgrades in project environments" to mitigate unintended breakage in pre-commit-uv (#​19925)
• Restore old behavior where workspace members "hidden" by an intermediate pyproject.toml would be treated as standalone projects (#​19926)

v0.11.22

Compare Source

Released on 2026-06-18.

Enhancements

• Publish wheels before sdists in uv publish (#​19831)
• Add TY and RUFF env vars for providing paths for binaries used by uv format and uv check (#​19821)

Preview features

• Allow configuring preview features in uv.toml and pyproject.toml (#​18437)
• Update the lockfile during uv check --no-sync (#​19909)
• Add --script to uv check and uv metadata (#​19860)
• Report workspace-exclusive dependency groups in workspace metadata (#​19862)
• Support SARIF as a uv audit output (#​19872)

Performance

• Use a more deadlock-resistant concurrent hashmap in the resolver (#​19532)

Bug fixes

• Update string marker ordering semantics to match upstream clarified rules (#​19808)
• Reject extras that have the same normalized name (#​19871)
• Reject dependency group include-group entries that have additional fields (#​19866)
• Reject invalid UTF-8 URL credentials (#​19814)
• Validate that PEP 517 backend-paths exist when building sdists (#​19834)
• Validate that pylock.toml files do not have an unsupported a lock-version (#​19869)
• Validate that the environment satisfies the packages.requires-python of a pylock.toml (#​19868)
• Allow uv to be recursively invoked by PEP 517 build hooks (#​19879)
• Allow empty credentials.toml files (#​19815)
• Fix transparent Python upgrades in project environments (#​19890)
• Handle non-file editable URLs in uv pip list (#​19867)
• Fix incorrect output from uv tree --invert (#​19910)
• Fix environment locking of uv venv in a project (#​19837)
• Fix handling of workspace-exclusive dependency groups in uv tree (#​19905)

Documentation

• Archive the 0.10.x changelog (#​19813)

Other changes

• Mark more tests as requiring network for vendors that need to run tests offline (#​19819)

v0.11.21

Compare Source

Released on 2026-06-11.

Python

• Add CPython 3.13.14 and 3.14.6 (#​19787)

Preview features

• Add environment.root to uv workspace metadata --sync (#​19760)
• Allow uv upgrade to update a single dependency constraint (#​19738)
• Compute and pass uv workspace metadata payload in ty check (#​19763)
• Make packaged applications the default for uv init (#​17841)

Performance

• Add parallel discovery of Python versions for uv python list (#​18684)
• Avoid normalizing source distribution names twice (#​19784)

Bug fixes

• Improve cache robustness and pruning behavior
  • Allow CI cache pruning without an sdist bucket (#​19802)
  • Avoid overflow when reading malformed cache entries (#​19799)
  • Preserve cached Python downloads during cache pruning (#​19795)
  • Reject running inside the cache (#​19659)
• Fix Python discovery and version request edge cases
  • Avoid panics for Unicode Python version requests (#​19797)
  • Fix handling of non-critical errors in uv python list with path requests (#​19774)
  • Fix stop-discovery-at regression (#​19769)
• Harden parsing and validation for package metadata, requirements, markers, URLs, and conflict sets
  • Allow trailing commas in version specifiers (#​19806)
  • Avoid panics for invalid UTF-8 URL credentials (#​19800)
  • Avoid panics for malformed source distribution filenames (#​19776)
  • Avoid panics for trailing extra separators (#​19779)
  • Avoid stack overflow for recursive requirements path aliases (#​19777)
  • Ignore reversed string compatible-release markers (#​19782)
  • Reject duplicate entries in conflict sets (#​19801)
  • Reject malformed hash options in requirements files (#​19783)
  • Reject source distribution filenames without a separator (#​19803)
  • Use UTF-8 lengths for requirement errors (#​19781)
  • Use UTF-8 lengths for trailing marker errors (#​19796)
  • Use byte offsets when peeking over requirements (#​19780)
  • Validate GraalPy ABI suffixes (#​19805)
• Improve wheel entry-point error handling and virtual environment activation quoting
  • Propagate errors when reading wheel entry points (#​19794)
  • Quote virtual environment activation paths with shell metacharacters (#​19798)

v0.11.20

Compare Source

Released on 2026-06-10.

Enhancements

• Add --emit-index-url and --emit-find-links to uv export (#​18370)
• Add --find-links support for uv pip list (#​16103)
• Group executable install errors during uv python install (#​19691)
• Use ICF in macOS release builds to reduce binary sizes (#​19615)

Preview features

• Add initial hidden uv upgrade command (#​19678)
• Reject Git revisions in uv upgrade (#​19742)

Configuration

• Recognize UV_NO_INSTALL_PROJECT, UV_NO_INSTALL_WORKSPACE, UV_NO_INSTALL_LOCAL (#​19323)

Performance

• Speed up discovery of large workspaces (#​18311)

Bug fixes

• Allow unknown preview flags with a warning again (#​19669)
• Apply dependency exclusions to direct requirements (#​19699)
• Avoid following external symlinks during cache clean (#​19682)
• Avoid following symlinks during cache prune (#​19543)
• Fix Git cache keys for worktrees and packed refs (#​19706)
• Make resolver error handling iterative to avoid stack overflows (#​19695)
• Pass VIRTUAL_ENV through cygpath inside fish on Windows (#​19703)
• Rebuild explicit local directory tool installs (#​19591)
• Validate egg top-level entries as identifiers (#​19679)

Documentation

• Document --find-links caching behavior (#​19585)
• Add a small section for malware checks (#​19680)

v0.11.19

Compare Source

Released on 2026-06-03.

Python

• Add CPython 3.15.0b2 (#​19531)

Enhancements

• Always compute SHA256 for remote distributions (#​19662)
• Add PyEmscripten platform (PEP 783) (#​19629)
• Add Pyodide 2025 target triple (#​19653)

Preview features

• Make preview features for commands have names that aren't ambiguous with the command (#​19645)
• Respect --isolated in uv check (#​19666)

Bug fixes

• Continue tool uninstall after dangling receipts (#​19623)
• Skip Unix-specific installation steps when cross-installing Windows Python distributions (#​19424)

v0.11.18

Compare Source

Released on 2026-06-01.

Performance

• Fix performance regression in unzip of local wheels (#​19637)

Preview

• Add uv check to run ty from uv (#​19605)

Bug fixes

• Update activation scripts with upstream fixes (#​19628)

Other changes

• Bump MSRV to 1.94 (#​19600)

v0.11.17

Compare Source

Released on 2026-05-28.

Enhancements

• Add a diagnostic for uv add with standard library modules (#​19572)
• Expose uv workspace and its list subcommand in help output (#​19533)
• Improve the "403 forbidden" hint to suggest ignore-error-codes when applicable (#​19521)
• Skip direct URL lock freshness checks while offline (#​19596)
• Add import-names and import-namespaces support to uv-build (PEP 794) (#​19380)
• Add a --no-editable-package flag to various commands (#​19584)
• Infer Python version requests from source trees in uv tool invocations (#​19577)

Preview features

• Add module owners to uv workspace metadata (#​19122)
• Do not allow uv venv --clear to remove non-virtual environments (#​19595)

Bug fixes

• Improve the performance of large entries in tool.uv.conflicts (#​19538)
• Avoid modifying the parent process' env with --env-file in uv run (#​19567)
• Fix script environment creation for scripts with long filenames (#​19539)
• Fix transitive Git archive dependencies in lockfiles (#​19589)
• Preserve Git repository URLs in direct URL metadata (#​19590)
• Support redirects in --check-url (#​19594)
• Accept case-insensitive HTML tags in --find-links parsing (#​19537)
• Reject duplicate script metadata blocks (#​19544)
• Ban names like "python3" as script entry points (#​19535, #​19536)
• Validate Git LFS artifacts for Git archives (#​19592)
• Use a relative path when creating symlinks in cache to improve relocatability (#​19033)

Documentation

• Fix malformed positional anchors in the CLI reference (#​19575)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

GitLab Pipeline Action

General information

Link to pipeline: https://gitlab.com/code0-tech/development/reticulum/-/pipelines/2615098588

Status: Failed
Duration: 16 minutes

Job summaries

generate-environment

RETICULUM_CONTAINER_VERSION=0.0.0-experimental-2615098588-57353e62ed67328eede5a2cb88fbc29f5b5c606c