chore(deps): update dependency astral-sh/uv to v0.5.17

[uniget-bot]

This PR contains the following updates:

Package	Update	Change
astral-sh/uv	patch	0.5.16 -> 0.5.17

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

astral-sh/uv (astral-sh/uv)

v0.5.17

Compare Source

This release includes support for generating lockfiles from scripts based on inline metadata, as defined in PEP 723.

By default, scripts remain unlocked, and must be locked explicitly with uv lock --script /path/to/script.py, which
will generate a lockfile adjacent to the script (e.g., script.py.lock). Once generated, the lockfile will be
respected (and updated, if necessary) across uv run --script, uv add --script, and uv remove --script invocations.

This release also includes support for uv export --script and uv tree --script. Both commands support PEP 723
scripts with and without accompanying lockfiles.

Enhancements

• Add support for locking PEP 723 scripts (#​10135)
• Respect PEP 723 script lockfiles in uv run (#​10136)
• Update PEP 723 lockfile in uv add --script (#​10145)
• Update PEP 723 lockfile in uv remove --script (#​10162)
• Add --script support to uv export for PEP 723 scripts (#​10160)
• Add --script support to uv tree for PEP 723 scripts (#​10159)
• Add ls alias to uv {tool, python, pip} list (#​10240)
• Allow reading --with-requirements from stdin in uv add and uv run (#​10447)
• Warn-and-ignore for unsupported requirements.txt options (#​10420)

Preview features

• Add remaining Python type annotations to build backend (#​10434)

Performance

• Avoid allocating for names in the PEP 508 parser (#​10476)
• Fetch concurrently for non-first-match index strategies (#​10432)
• Remove unnecessary .to_string() call (#​10419)
• Respect sentinels in package prioritization (#​10443)
• Use ArcStr for marker values (#​10453)
• Use ArcStr for package, extra, and group names (#​10475)
• Use matches! rather than contains in requirements.txt parsing (#​10423)
• Use faster disjointness check for markers (#​10439)
• Pre-compute PEP 508 markers from universal markers (#​10472)

Bug fixes

• Fix UV_FIND_LINKS delimiter to split on commas (#​10477)
• Improve uv tool list output when tool environment is broken (#​10409)
• Only track markers for compatible versions (#​10457)
• Respect requires-python when installing tools (#​10401)
• Visit proxy packages eagerly (#​10441)
• Improve shell compatibility of venv activate scripts (#​10397)
• Read publish username from URL (#​10469)

Documentation

• Add Lambda layer instructions to AWS Lambda guide (#​10411)
• Add uv lock --script to the docs (#​10414)
• Use Windows-specific instructions in Jupyter guide (#​10446)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[nicholasdille-bot]

Auto-approved because label type/renovate is present.

[github-actions]

🔍 Vulnerabilities of ghcr.io/uniget-org/tools/uv:0.5.17

📦 Image Reference ghcr.io/uniget-org/tools/uv:0.5.17

digest	sha256:2b6e64fd5e44f60bd9372712e68e95e0c7fabb1c502a1e0515adea8abd9abf45
vulnerabilities
platform	linux/amd64
size	16 MB
packages	0

[github-actions]

Attempting automerge. See https://github.com/uniget-org/tools/actions/runs/12720130980.

[github-actions]

PR is clean and can be merged. See https://github.com/uniget-org/tools/actions/runs/12720130980.