Releases: astral-sh/uv
0.11.2
Release Notes
Released on 2026-03-26.
Enhancements
- Add a dedicated Windows PE editing error (#18710)
- Make
uv self updatefetch the manifest from the mirror first (#18679) - Use uv reqwest client for self update (#17982)
- Show
uv self updatesuccess and failure messages with--quiet(#18645)
Preview features
- Evaluate extras and groups when determining auditable packages (#18511)
Bug fixes
- Skip redundant project configuration parsing for
uv run(#17890)
Install uv 0.11.2
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.2/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.2/uv-installer.ps1 | iex"Download uv 0.11.2
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.11.1
Release Notes
Released on 2026-03-24.
Bug fixes
- Add missing hash verification for
riscv64gc-unknown-linux-musl(#18686) - Fallback to direct download when direct URL streaming is unsupported (#18688)
- Revert treating 'Dynamic' values as case-insensitive (#18692)
- Remove torchdata from list of packages to source from the PyTorch index (#18703)
- Special-case
==Python version request ranges (#9697)
Documentation
- Cover
--python <dir>in "Using arbitrary Python environments" (#6457) - Fix version annotations for
PS_MODULE_PATHandUV_WORKING_DIR(#18691)
Install uv 0.11.1
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.1/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.1/uv-installer.ps1 | iex"Download uv 0.11.1
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.11.0
Release Notes
Released on 2026-03-23.
Breaking changes
This release includes changes to the networking stack used by uv. While we think that breakage will be rare, it is possible that these changes will result in the rejection of certificates previously trusted by uv so we have marked the change as breaking out of an abundance of caution.
The changes are largely driven by the upgrade of reqwest, which powers uv's HTTP clients, to v0.13 which included some breaking changes to TLS certificate verification.
The following changes are included:
-
rustls-platform-verifieris used instead ofrustls-native-certsandwebpkifor certificate verificationThis change should have no effect unless you are using the
native-tlsoption to enable reading system certificates.rustls-platform-verifierdelegates to the system for certificate validation (e.g.,Security.frameworkon macOS) instead of eagerly loading certificates from the system and verifying them viawebpki. The effects of this change will vary based on the operating system. In general, uv's certificate validation should now be more consistent with browsers and other native applications. However, this is the most likely cause of breaking changes in this release. Some previously failing certificate chains may succeed, and some previously accepted certificate chains may fail. In either case, we expect the validation to be more correct and welcome reports of regressions.In particular, because more responsibility for validating the certificate is transferred to your system's security library, some features like CA constraints or revocation of certificates via OCSP and CRLs may now be used.
This change should improve performance when using system certificate on macOS, as uv no longer needs to load all certificates from the keychain at startup.
-
aws-lcis used instead ofringfor a cryptography backendThere should not be breaking changes from this change. We expect this to expand support for certificate signature algorithms.
-
--native-tlsis deprecated in favor of a new--system-certsflagThe
--native-tlsflag is still usable and has identical behavior to--system-certs.This change was made to reduce confusion about the TLS implementation uv uses. uv always uses
rustlsnotnative-tls. -
Building uv on x86-64 and i686 Windows requires NASM
NASM is required by
aws-lc. If not found on the system, a prebuilt blob provided byaws-lc-syswill be used.If you are not building uv from source, this change has no effect.
See the CONTRIBUTING guide for details.
-
Empty
SSL_CERT_FILEvalues are ignored (for consistency withSSL_CERT_DIR)
See #18550 for details.
Python
- Enable frame pointers for improved profiling on Linux x86-64 and aarch64
See the python-build-standalone release notes for details.
Enhancements
- Treat 'Dynamic' values as case-insensitive (#18669)
- Use a dedicated error for invalid cache control headers (#18657)
- Enable checksum verification in the generated installer script (#18625)
Preview features
- Add
--service-formatand--service-urltouv audit(#18571)
Performance
- Avoid holding flat index lock across indexes (#18659)
Bug fixes
- Find the dynamic linker on the file system when sniffing binaries fails (#18457)
- Fix export of conflicting workspace members with dependencies (#18666)
- Respect installed settings in
uv tool list --outdated(#18586) - Treat paths originating as PEP 508 URLs which contain expanded variables as relative (#18680)
- Fix
uv exportfor workspace member packages with conflicts (#18635) - Continue to alternative authentication providers when the pyx store has no token (#18425)
- Use redacted URLs for log messages in cached client (#18599)
Documentation
- Add details on Linux versions to the platform policy (#18574)
- Clarify
FLASH_ATTENTION_SKIP_CUDA_BUILDguidance forflash-attninstalls (#18473) - Split the dependency bots page into two separate pages (#18597)
- Split the alternative indexes page into separate pages (#18607)
Install uv 0.11.0
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.0/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.0/uv-installer.ps1 | iex"Download uv 0.11.0
| File | Platform | Checksum |
|---|---|---|
| uv-aarch64-apple-darwin.tar.gz | Apple Silicon macOS | checksum |
| uv-x86_64-apple-darwin.tar.gz | Intel macOS | checksum |
| uv-aarch64-pc-windows-msvc.zip | ARM64 Windows | checksum |
| uv-i686-pc-windows-msvc.zip | x86 Windows | checksum |
| uv-x86_64-pc-windows-msvc.zip | x64 Windows | checksum |
| uv-aarch64-unknown-linux-gnu.tar.gz | ARM64 Linux | checksum |
| uv-i686-unknown-linux-gnu.tar.gz | x86 Linux | checksum |
| uv-powerpc64-unknown-linux-gnu.tar.gz | PPC64 Linux | checksum |
| uv-powerpc64le-unknown-linux-gnu.tar.gz | PPC64LE Linux | checksum |
| uv-riscv64gc-unknown-linux-gnu.tar.gz | RISCV Linux | checksum |
| uv-s390x-unknown-linux-gnu.tar.gz | S390x Linux | checksum |
| uv-x86_64-unknown-linux-gnu.tar.gz | x64 Linux | checksum |
| uv-armv7-unknown-linux-gnueabihf.tar.gz | ARMv7 Linux | checksum |
| uv-aarch64-unknown-linux-musl.tar.gz | ARM64 MUSL Linux | checksum |
| uv-i686-unknown-linux-musl.tar.gz | x86 MUSL Linux | checksum |
| [uv-x86_64-unknown-linux... |
0.10.12
Release Notes
Released on 2026-03-19.
Python
Enhancements
- Include uv's target triple in version report (#18520)
- Allow comma separated values in
--no-emit-package(#18565)
Preview features
- Show
uv auditin the CLI help (#18540)
Bug fixes
- Improve reporting of managed interpreter symlinks in
uv python list(#18459) - Preserve end-of-line comments on previous entries when removing dependencies (#18557)
- Treat abi3 wheel Python version as a lower bound (#18536)
- Detect hard-float support on aarch64 kernels running armv7 userspace (#18530)
Documentation
- Add Python 3.15 to supported versions (#18552)
- Adjust the PyPy note (#18548)
- Move Pyodide to Tier 2 in the Python support policy (#18561)
- Move Rust and Python version support out of the Platform support policy (#18535)
- Update Docker guide with changes from
uv-docker-example(#18558) - Update the Python version policy (#18559)
Install uv 0.10.12
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.10.12/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.10.12/uv-installer.ps1 | iex"Download uv 0.10.12
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.10.11
Release Notes
Released on 2026-03-16.
Enhancements
- Fetch Ruff release metadata from an Astral mirror (#18358)
- Use PEP 639 license metadata for uv itself (#16477)
Performance
- Improve distribution id performance (#18486)
Bug fixes
- Allow
--projectto refer to apyproject.tomldirectly and reduce to a warning on other files (#18513) - Disable
SYSTEM_VERSION_COMPATwhen querying interpreters on macOS (#18452) - Enforce available distributions for supported environments (#18451)
- Fix
uv sync --activerecreating active environments whenUV_PYTHON_INSTALL_DIRis relative (#18398)
Documentation
- Add missing
-o requirements.txtinuv pip compileexample (#12308) - Link to organization security policy (#18449)
- Link to the AI policy in the contributing guide (#18448)
Install uv 0.10.11
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.10.11/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.10.11/uv-installer.ps1 | iex"Download uv 0.10.11
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.10.10
Release Notes
Released on 2026-03-13.
Python
- Add CPython 3.15.0a7 (#18403)
Enhancements
- Add
--outdatedflag touv tool list(#18318) - Add riscv64 musl target to build-release-binaries workflow (#18228)
- Fetch Ruff from an Astral mirror (#18286)
- Improve error handling for platform detection in Python downloads (#18453)
- Warn if
--projectdirectory does not exist (#17714) - Warn when workspace member scripts are skipped due to missing build system (#18389)
- Update build backend versions used in
uv init(#18417) - Log explicit config file path in verbose output (#18353)
- Make
uv cache clearan alias ofuv cache clean(#18420) - Reject invalid classifiers, warn on license classifiers in
uv_build(#18419)
Preview features
- Add links to
uv auditoutput (#18392) - Output/report formatting for
uv audit(#18193) - Switch to batched OSV queries for
uv audit(#18394)
Bug fixes
- Avoid sharing version metadata across indexes (#18373)
- Bump zlib-rs to 0.6.2 to fix panic on decompression of large wheels on Windows (#18362)
- Filter out unsupported environment wheels (#18445)
- Preserve absolute/relative paths in lockfiles (#18176)
- Recreate Python environments under
uv tool install --force(#18399) - Respect timestamp and other cache keys in cached environments (#18396)
- Simplify selected extra markers in
uv export(#18433) - Send pyx mint-token requests with a proper
Content-Type(#18334) - Fix Windows operating system and version reporting (#18383)
Documentation
- Update the platform support policy with a tier 3 section including freebsd and 32-bit windows (#18345)
Install uv 0.10.10
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.10.10/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.10.10/uv-installer.ps1 | iex"Download uv 0.10.10
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.10.9
Release Notes
Released on 2026-03-06.
Enhancements
- Add
fbgemm-gpu,fbgemm-gpu-genai,torchrec, andtorchtuneto the PyTorch list (#18338) - Add torchcodec to PyTorch List (#18336)
- Log the duration we took before erroring (#18231)
- Warn when using
uv_buildsettings withoutuv_build(#15750) - Add fallback to
/usr/lib/os-releaseon Linux system lookup failure (#18349) - Use
cargo auditableto include SBOM in uv builds (#18276)
Configuration
- Add an environment variable for
UV_VENV_RELOCATABLE(#18331)
Performance
Bug fixes
- Continue on trampoline job assignment failures (#18291)
- Handle the hard link limit gracefully instead of failing (#17699)
- Respect build constraints for workspace members (#18350)
- Revalidate editables and other dependencies in scripts (#18328)
- Support Python 3.13+ on Android (#18301)
- Support
cp3-none-any(#17064) - Skip tool environments with broken links to Python on Windows (#17176)
Documentation
- Add documentation for common marker values (#18327)
- Improve documentation on virtual dependencies (#18346)
Install uv 0.10.9
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.10.9/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.10.9/uv-installer.ps1 | iex"Download uv 0.10.9
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.10.8
Release Notes
Released on 2026-03-03.
Python
- Add CPython 3.10.20
- Add CPython 3.11.15
- Add CPython 3.12.13
Enhancements
- Add Docker images based on Docker Hardened Images (#18247)
- Add resolver hint when
--exclude-newerfilters out all versions of a package (#18217) - Configure a real retry minimum delay of 1s (#18201)
- Expand
uv_builddirect build compatibility (#17902) - Fetch CPython from an Astral mirror by default (#18207)
- Download uv releases from an Astral mirror in installers by default (#18191)
- Add SBOM attestations to Docker images (#18252)
- Improve hint for installing meson-python when missing as build backend (#15826)
Configuration
- Add
UV_INIT_BAREenvironment variable foruv init(#18210)
Bug fixes
- Prevent
uv tool upgradefrom installing excluded dependencies (#18022) - Promote authentication policy when saving tool receipts (#18246)
- Respect exclusions in scripts (#18269)
- Retain default-branch Git SHAs in
pylock.tomlfiles (#18227) - Skip installed Python check for URL dependencies (#18211)
- Respect constraints during
--upgrade(#18226) - Fix
uv treeorphaned roots and premature deduplication (#17212)
Documentation
- Mention cooldown and tweak inline script metadata in dependency bots documentation (#18230)
- Move cache prune in GitLab to
after_script(#18206)
Install uv 0.10.8
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.10.8/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.10.8/uv-installer.ps1 | iex"Download uv 0.10.8
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.10.7
Release Notes
Released on 2026-02-27.
Bug fixes
- Fix handling of junctions in Windows Containers on Windows (#18192)
Enhancements
Install uv 0.10.7
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.10.7/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.10.7/uv-installer.ps1 | iex"Download uv 0.10.7
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>0.10.6
Release Notes
Released on 2026-02-24.
Bug fixes
- Apply lockfile marker normalization for fork markers (#18116)
- Fix Python version selection for scripts with a
requires-pythonconflicting with.python-version(#18097) - Preserve file permissions when using reflinks on Linux (#18187)
Documentation
- Remove verbose documentation from optional dependencies help text (#18180)
Install uv 0.10.6
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.10.6/uv-installer.sh | shInstall prebuilt binaries via powershell script
powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.10.6/uv-installer.ps1 | iex"Download uv 0.10.6
Verifying GitHub Artifact Attestations
The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:
gh attestation verify <file-path of downloaded artifact> --repo astral-sh/uvYou can also download the attestation from GitHub and verify against that directly:
gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation>