Avatar for the astral-sh user
astral-sh
uv
BlogDocsChangelog

Performance History

Latest Results

fix(distribution): validate cached wheel archives against corruption A power outage or hard crash during `uv tool install` can interrupt wheel extraction into the `archive-v0/` cache. While `Cache::persist()` uses `rename_with_retry` to atomically move the temp directory into place, the individual files inside may not be fully synced to disk. On retry, `Archive::exists()` only checked `path.is_dir()` — it found the directory intact and tried to install from it. Reading a 0-byte METADATA file then produced the cryptic error: error: Failed to install: <wheel> Caused by: The wheel is invalid: Metadata field Name not found This commit adds a lightweight content validation to `Archive::exists()` that verifies the archive contains a non-empty `.dist-info/METADATA` file. When a corrupted archive is detected, `exists()` returns `false`, and callers in `stream_wheel()` and `download_wheel()` fall through to re-download/re-extract the wheel — the existing "heal-by-refetch" pattern already used for HTTP cache corruption. Fixes: astral-sh/uv#16841 Added 5 unit tests covering: - Valid archive with non-empty METADATA -> true - Empty METADATA file (the exact bug scenario) -> false - Missing .dist-info entirely -> false - No .dist-info, just random files -> false - .dist-info exists but METADATA missing -> false All 26 uv-distribution tests pass. Clippy clean.
lmello:fix-validate-corrupted-archive-cache
5 hours ago
fix(distribution): validate cached wheel archives against corruption A power outage or hard crash during `uv tool install` can interrupt wheel extraction into the `archive-v0/` cache. While `Cache::persist()` uses `rename_with_retry` to atomically move the temp directory into place, the individual files inside may not be fully synced to disk. On retry, `Archive::exists()` only checked `path.is_dir()` — it found the directory intact and tried to install from it. Reading a 0-byte METADATA file then produced the cryptic error: error: Failed to install: <wheel> Caused by: The wheel is invalid: Metadata field Name not found This commit adds a lightweight content validation to `Archive::exists()` that verifies the archive contains a non-empty `.dist-info/METADATA` file. When a corrupted archive is detected, `exists()` returns `false`, and callers in `stream_wheel()` and `download_wheel()` fall through to re-download/re-extract the wheel — the existing "heal-by-refetch" pattern already used for HTTP cache corruption. Fixes: astral-sh/uv#16841 ## Test Plan Added 5 unit tests covering: - Valid archive with non-empty METADATA -> true - Empty METADATA file (the exact bug scenario) -> false - Missing .dist-info entirely -> false - No .dist-info, just random files -> false - .dist-info exists but METADATA missing -> false All 26 uv-distribution tests pass. Clippy clean.
lmello:fix-validate-corrupted-archive-cache
6 hours ago
feat: add --env-file-override flag to uv run and uv tool run When --env-file-override is set (or UV_ENV_FILE_OVERRIDE=true), values from .env files take precedence over existing environment variables. By default, uv preserves existing process environment variables when loading .env files. This means that if a parent process has already set a variable, the .env file value is silently ignored. The new flag reverses this precedence, allowing .env file values to override the process environment. This is useful in scenarios where a wrapper or launcher loads env vars at startup, but those values may become stale (e.g., port reassignment) while the .env file is updated during the session. Closes #9465
faroukBakari:env-file-override
10 hours ago
Update zizmorcore/zizmor-action action to v0.5.6 (#19555) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [zizmorcore/zizmor-action](https://redirect.github.com/zizmorcore/zizmor-action) | action | patch | `v0.5.3` → `v0.5.6` | --- ### Release Notes <details> <summary>zizmorcore/zizmor-action (zizmorcore/zizmor-action)</summary> ### [`v0.5.6`](https://redirect.github.com/zizmorcore/zizmor-action/releases/tag/v0.5.6) [Compare Source](https://redirect.github.com/zizmorcore/zizmor-action/compare/v0.5.5...v0.5.6) - 1.25.2 is now available via the action - 1.25.2 is now the default version of zizmor used by the action ### [`v0.5.5`](https://redirect.github.com/zizmorcore/zizmor-action/releases/tag/v0.5.5) [Compare Source](https://redirect.github.com/zizmorcore/zizmor-action/compare/v0.5.4...v0.5.5) This is a no-op release. ### [`v0.5.4`](https://redirect.github.com/zizmorcore/zizmor-action/releases/tag/v0.5.4) [Compare Source](https://redirect.github.com/zizmorcore/zizmor-action/compare/v0.5.3...v0.5.4) - 1.25.0 is now available via the action - 1.25.0 is now the default version of zizmor used by the action </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Between 12:00 AM and 03:59 AM, only on Monday (`* 0-3 * * 1`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/astral-sh/uv). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTQuMCIsInVwZGF0ZWRJblZlciI6IjQzLjE5NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJidWlsZDpza2lwLWRvY2tlciIsImJ1aWxkOnNraXAtcmVsZWFzZSIsImludGVybmFsIl19--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
main
13 hours ago
Update taiki-e/install-action action to v2.79.1
renovate/taiki-e-install-action-2.x
14 hours ago
Update Rust crate nix to v0.31.3
renovate/nix-0.x-lockfile
1 day ago
Update taiki-e/install-action action to v2.79.0
renovate/taiki-e-install-action-2.x
1 day ago
Update Rust crate dashmap to v6.2.1
renovate/dashmap-6.x-lockfile
1 day ago

Latest Branches

CodSpeed Performance Gauge
-2%
fix(distribution): validate cached wheel archives against corruption#19562
7 hours ago
94bd91b
lmello:fix-validate-corrupted-archive-cache
CodSpeed Performance Gauge
-1%
feat: add `--env-file-override` flag to `uv run` and `uv tool run`#19561
11 hours ago
e1f8403
faroukBakari:env-file-override
CodSpeed Performance Gauge
+6%
Update taiki-e/install-action action to v2.79.1#19557
14 hours ago
288a913
renovate/taiki-e-install-action-2.x
© 2026 CodSpeed Technology
Home Terms Privacy Docs