fix: upgrade uv.lock to resolve 9 Dependabot security alerts

Browse Source

Packages upgraded:
- filelock 3.20.0 -> 3.29.3 (TOCTOU symlink vulnerabilities)
- pip 25.3 -> 26.1.2 (path traversal, untrusted control sphere)
- pytest 9.0.2 -> 9.0.3 (vulnerable tmpdir handling)
- uv 0.11.6 -> 0.11.20 (arbitrary file write via entry points)
- virtualenv 20.35.4 -> 21.4.2 (TOCTOU in directory creation)
- wheel 0.45.1 -> 0.47.0 (arbitrary file permission modification)

...

This commit is contained in:

Walter Boring

2026-06-11 10:24:10 -04:00

parent 4f6824f671

commit 77201f1e3d

1 changed files with 727 additions and 609 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

uv.lock

Generated

+727 -609

File diff suppressed because it is too large Load Diff