chore(deps): update ghcr.io/astral-sh/uv docker tag to v0.5.29

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
ghcr.io/astral-sh/uv	final	patch	0.5.22 -> 0.5.29

---

Release Notes

astral-sh/uv (ghcr.io/astral-sh/uv)

v0.5.29

Compare Source

Enhancements

• Add --bare option to uv init (#​11192)
• Add support for respecting VIRTUAL_ENV in project commands via --active (#​11189)
• Allow the project VIRTUAL_ENV warning to be silenced with --no-active (#​11251)

Python

The managed Python distributions have been updated, including:

• CPython 3.12.9
• CPython 3.13.2
• pkg-config files are now relocatable

See the python-build-standalone release notes for more details.

Bug fixes

• Always use base Python discovery logic for cached environments (#​11254)
• Use a flock to avoid concurrent initialization of project environments (#​11259)
• Fix handling of --all-groups and --no-default-groups flags (#​11224)

Documentation

• Minor touchups to the Docker provenance docs (#​11252)
• Move content from the mkdocs.public.yml into the template (#​11246)

v0.5.28

Compare Source

Bug fixes

• Allow discovering virtual environments from the first interpreter found on the PATH (#​11218)
• Clear ephemeral overlays when running tools (#​11141)
• Disable SSL in Git commands for --allow-insecure-host (#​11210)
• Fix hardlinks in tar unpacking (#​11221)
• Set base executable when returning virtual environment (#​11209)
• Use base Python for cached environments (#​11208)

Documentation

• Add documentation on verifying Docker image attestations (#​11140)
• Add last updated to documentation (#​11164)

v0.5.27

Compare Source

Enhancements

• Avoid setting permissions during tar extraction (#​11191)
• Remove warnings for missing lower bounds (#​11195)
• Update PubGrub to set-based outdated priority tracking (#​11169)
• Improve error messages for uv pip install with --extra or --all-extras and invalid sources (#​11193)
• Sign Docker images using GitHub attestations (#​8685)

Preview features

• Don't expand self-referential extras in the build backend (#​11142)

Performance

• Filter discovered Python executables by source before querying (#​11143)
• Optimize exclusion computation for markers (#​11158)
• Use Astral-maintained tokio-tar fork (#​11174)
• Remove unneeded .clone() (#​11127)

Bug fixes

• Fix relative paths in bytecode compilation (#​11177)
• Percent-decode URLs in canonical comparisons (#​11088)
• Respect concurrency limits in parallel index fetch (#​11182)
• Use wire JSON schema for conflict items (#​11196)
• Use explicit _GLibCVersion tuple in uv-python crate (#​11122)

Documentation

• Add Git SHA locking behavior to docs (#​11125)
• Add best-practice flags to pip install example in troubleshooting guide (#​11194)
• Set VIRTUAL_ENV in Jupyter kernels (#​11155)
• Add instructions for deactivating an environment (#​11200)

v0.5.26

Compare Source

Enhancements

• Add support for uvx python (#​11076)
• Allow --no-dev --invert in uv tree (#​11068)
• Update uv python install --reinstall to reinstall all previous versions (#​11072)
• Consistently write log messages with capitalized first word (#​11111)
• Suggest --build-backend when --backend is passed to uv init (#​10958)
• Improve retry trace message (#​11108)

Performance

• Remove unnecessary UTF-8 conversion in hash parsing (#​11110)

Bug fixes

• Ignore non-hash fragments in HTML API responses (#​11107)
• Avoid resolving symbolic links when querying Python interpreters (#​11083)
• Avoid sharing state between universal and non-universal resolves (#​11051)
• Error when --script is passing a non-PEP 723 script (#​11118)
• Make metadata deserialization failures non-fatal in the cache (#​11105)
• Mark metadata as dynamic when reading from built wheel cache (#​11046)
• Propagate credentials for <index>/simple to <index>/... endpoints (#​11074)
• Fix conflicting extra bug during uv sync (#​11075)

Documentation

• Add PyTorch XPU instructions to the PyTorch guide (#​11109)
• Add docs for signal handling (#​11041)
• Explain build frontend vs. build backend (#​11094)
• Fix formatting of RUST_LOG documentation (#​10053)
• Fix typo in --no-deps description (#​11073)
• Reflow CLI documentation comments (#​11040)
• Shorten "Using existing Python versions" nav item so it fits on one line (#​11077)
• Some minor touch-ups to the Python install guide (#​11116)
• Update Dependabot tracking issue link (#​11054)
• Update documentation for running in a container (#​11052)
• Upgrade PyTorch version in documentation (#​11114)
• Use sys_platform in lieu of platform_system in PyTorch docs (#​11113)
• Use positive (rather than negative) markers in PyTorch examples (#​11112)
• Fix unnecessary backslashes in brackets (#​11059)
• Suggest setting copy link mode in GitLab integration guide (#​11067)

v0.5.25

Compare Source

Enhancements

• Allow installation of manylinux wheels on loongarch64 (#​10927)
• Allow optional = for editables in requirements.txt (#​10954)
• Add Windows aarch64 to the release binaries (#​10885)

Bug fixes

• Use spec-compliant (128+n) exit codes for uv run and uv tool run on Unix (#​10781)
• Fix best-interpreter lookups when there is an invalid interpreter in the PATH (#​11030)
• Guard against concurrent cache writes on Windows (#​11007)
• Prioritize package preferences with greater package versions (#​10963)
• Reject --editable flag on non-directory requirements (#​10994)
• Respect --no-sources for uv pip install workspace discovery (#​11003)
• Set JEMALLOC_SYS_WITH_LG_PAGE=16 in ARM Docker builds (#​10943)
• Update riscv64 Python downloads to allow install on riscv64gc (#​10937)
• Fix file persist retries on Windows (#​11008)
• Fix incorrect error message when specifying tool.uv.sources.(package).workspace with other options (#​11013)
• Improve SIGINT handling in uv run (#​11009)

Documentation

• Add SECURITY policy (#​11035)
• Add Requires-Python upper bound behavior to the docs (#​10964)
• Add a troubleshooting section and reproducible example guide (#​10947)
• Add documentation for uv add -r (#​10926)
• Amend requires-python rules in resolver documentation (#​10993)
• Reference workspaces in --no-sources documentation (#​10995)
• Update documentation for activating virtual environments in different shell (#​11000)
• Add Docker SHA pinning tip (#​10955)

v0.5.24

Compare Source

Enhancements

• Improve determinism of resolution by always setting package priorities (#​10853)
• Upgrade to cargo-dist 0.28.0; improves several installer behaviors (#​10884)

Performance

• Remove dependencies clone in resolver (#​10880)
• Use Hashbrown's raw entry API to reduce hashes and clone in resolver priority determination (#​10881)

Bug fixes

• Allow fallback to Python download on non-critical discovery errors (#​10908)

Preview features

• Register managed Python version with the Windows Registry (PEP 514) (#​10634)

Documentation

• Improve documentation for some environment variables (#​10887)
• Add git subdirectory example (#​10894)

v0.5.23

Compare Source

Enhancements

• Add --refresh to uv venv (#​10834)
• Add --no-default-groups command-line flag (#​10618)

Bug fixes

• Sort extras and groups when comparing lockfile requirements (#​10856)
• Include commit_id and requested_revision in direct_url.json (#​10862)
• Invalidate lockfile when static versions change (#​10858)
• Make GitHub fast path errors non-fatal (#​10859)
• Remove warnings for --frozen and --locked in uv run --script (#​10840)
• Resolve find-links paths relative to the configuration file (#​10827)
• Respect visitation order for proxy packages (#​10833)
• Treat version mismatch errors as non-fatal in fast paths (#​10860)
• Mark --locked and --upgrade are conflicting (#​10836)
• Relax error checking around unconditional enabling of conflicting extras (#​10875)

Documentation

• Reduce ambiguity in conflicting extras example (#​10877)
• Update pre-commit documentation (#​10756)

Error messages

• Error when workspace contains conflicting Python requirements (#​10841)
• Improve uvx error message when uv is missing (#​9745)

---

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 93.65%. Comparing base (5ea036b) to head (9c0f6e1).

✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #362   +/-   ##
=======================================
  Coverage   93.65%   93.65%           
=======================================
  Files          41       41           
  Lines        2268     2268           
=======================================
  Hits         2124     2124           
  Misses        144      144           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.