Skip to content

Bump the uv-updates group with 2 updates#1712

Merged
danyeaw merged 1 commit intomainfrom
dependabot/uv/uv-updates-eb6965f061
Feb 2, 2026
Merged

Bump the uv-updates group with 2 updates#1712
danyeaw merged 1 commit intomainfrom
dependabot/uv/uv-updates-eb6965f061

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 2, 2026

Bumps the uv-updates group with 2 updates: pip and prek.

Updates pip from 25.3 to 26.0

Changelog

Sourced from pip's changelog.

26.0 (2026-01-30)

Deprecations and Removals

  • Remove support for non-bare project names in egg fragments. Affected users should use the Direct URL requirement syntax <https://packaging.python.org/en/latest/specifications/version-specifiers/#direct-references>. ([#13157](https://github.com/pypa/pip/issues/13157) <https://github.com/pypa/pip/issues/13157>)

Features

  • Display pip's command-line help in colour, if possible. ([#12134](https://github.com/pypa/pip/issues/12134) <https://github.com/pypa/pip/issues/12134>_)

  • Support installing dependencies declared with inline script metadata (:pep:723) with --requirements-from-script. ([#12891](https://github.com/pypa/pip/issues/12891) <https://github.com/pypa/pip/issues/12891>_)

  • Add --all-releases and --only-final options to control pre-release and final release selection during package installation. ([#13221](https://github.com/pypa/pip/issues/13221) <https://github.com/pypa/pip/issues/13221>_)

  • Add --uploaded-prior-to option to only consider packages uploaded prior to a given datetime when the upload-time field is available from a remote index. ([#13625](https://github.com/pypa/pip/issues/13625) <https://github.com/pypa/pip/issues/13625>_)

  • Add --use-feature inprocess-build-deps to request that build dependencies are installed within the same pip install process. This new mechanism is faster, supports --no-clean and --no-cache-dir reliably, and supports prompting for authentication.

    Enabling this feature will also enable --use-feature build-constraints. This feature will become the default in a future pip version. ([#9081](https://github.com/pypa/pip/issues/9081) <https://github.com/pypa/pip/issues/9081>_)

  • pip cache purge and pip cache remove now clean up empty directories and legacy files left by older pip versions. ([#9058](https://github.com/pypa/pip/issues/9058) <https://github.com/pypa/pip/issues/9058>_)

Bug Fixes

  • Fix selecting pre-release versions when only pre-releases match. For example, package>1.0 with versions 1.0, 2.0rc1 now installs 2.0rc1 instead of failing. ([#13746](https://github.com/pypa/pip/issues/13746) <https://github.com/pypa/pip/issues/13746>_)
  • Revisions in version control URLs now must be percent-encoded. For example, use git+https://example.com/repo.git@issue%231 to specify the branch issue#1. If you previously used a branch name containing a % character in a version control URL, you now need to replace it with %25 to ensure correct percent-encoding. ([#13407](https://github.com/pypa/pip/issues/13407) <https://github.com/pypa/pip/issues/13407>_)
  • Preserve original casing when a path is displayed. ([#6823](https://github.com/pypa/pip/issues/6823) <https://github.com/pypa/pip/issues/6823>_)
  • Fix bash completion when the $IFS variable has been modified from its default. ([#13555](https://github.com/pypa/pip/issues/13555) <https://github.com/pypa/pip/issues/13555>_)
  • Precompute Python requirements on each candidate, reducing time of long resolutions. ([#13656](https://github.com/pypa/pip/issues/13656) <https://github.com/pypa/pip/issues/13656>_)
  • Skip redundant work converting version objects to strings when using the importlib.metadata backend. ([#13660](https://github.com/pypa/pip/issues/13660) <https://github.com/pypa/pip/issues/13660>_)
  • Fix pip index versions to honor only-binary/no-binary options. ([#13682](https://github.com/pypa/pip/issues/13682) <https://github.com/pypa/pip/issues/13682>_)
  • Fix fallthrough logic for options, allowing overriding global options with defaults from user config. ([#13703](https://github.com/pypa/pip/issues/13703) <https://github.com/pypa/pip/issues/13703>_)
  • Use a path-segment prefix comparison, not char-by-char. ([#13777](https://github.com/pypa/pip/issues/13777) <https://github.com/pypa/pip/issues/13777>_)

Vendored Libraries

... (truncated)

Commits

Updates prek from 0.3.0 to 0.3.1

Release notes

Sourced from prek's releases.

0.3.1

Release Notes

Released on 2026-01-31.

Enhancements

  • Add language: swift support (#1463)
  • Add language: haskell support (#1484)
  • Extract go version constraint from go.mod (#1457)
  • Warn when config file exists but fails to parse (#1487)
  • Add GitHub artifact attestations to release and build-docker workflow (#1494, #1497)
  • Allow GIT_CONFIG_PARAMETERS for private repository authentication (#1472)
  • Show progress bar when running builtin hooks (#1504)

Bug fixes

  • Cap ARG_MAX at 1<<19 for safety (#1506)
  • Don't check Python executable path in health check (#1496)

Documentation

  • Include CocoIndex as a project using prek (#1477)
  • Add commands for artifact verification using GitHub Attestations (#1500)

Contributors

Install prek 0.3.1

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/j178/prek/releases/download/v0.3.1/prek-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/j178/prek/releases/download/v0.3.1/prek-installer.ps1 | iex"

Install prebuilt binaries via Homebrew

... (truncated)

Changelog

Sourced from prek's changelog.

0.3.1

Released on 2026-01-31.

Enhancements

  • Add language: swift support (#1463)
  • Add language: haskell support (#1484)
  • Extract go version constraint from go.mod (#1457)
  • Warn when config file exists but fails to parse (#1487)
  • Add GitHub artifact attestations to release and build-docker workflow (#1494, #1497)
  • Allow GIT_CONFIG_PARAMETERS for private repository authentication (#1472)
  • Show progress bar when running builtin hooks (#1504)

Bug fixes

  • Cap ARG_MAX at 1<<19 for safety (#1506)
  • Don't check Python executable path in health check (#1496)

Documentation

  • Include CocoIndex as a project using prek (#1477)
  • Add commands for artifact verification using GitHub Attestations (#1500)

Contributors

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the uv-updates group with 2 updates
4e27062 
Bumps the uv-updates group with 2 updates: [pip](https://github.com/pypa/pip) and [prek](https://github.com/j178/prek).


Updates `pip` from 25.3 to 26.0
- [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst)
- [Commits](pypa/pip@25.3...26.0)

Updates `prek` from 0.3.0 to 0.3.1
- [Release notes](https://github.com/j178/prek/releases)
- [Changelog](https://github.com/j178/prek/blob/master/CHANGELOG.md)
- [Commits](j178/prek@v0.3.0...v0.3.1)

---
updated-dependencies:
- dependency-name: pip
  dependency-version: '26.0'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: uv-updates
- dependency-name: prek
  dependency-version: 0.3.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: uv-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@danyeaw danyeaw merged commit de9232c into main Feb 2, 2026
8 checks passed
@danyeaw danyeaw deleted the dependabot/uv/uv-updates-eb6965f061 branch February 2, 2026 12:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@danyeaw danyeaw danyeaw approved these changes

Assignees

No one assigned

Labels

skip-changelog

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@danyeaw