0.12.2

What's Changed

• Support generic pinned requirements.txt by @owenlamont in #80

Full Changelog: 0.12.1...0.12.2

0.12.1

What's Changed

• chore: refresh uv.lock by @create-pr-workflow-auth[bot] in #76
• chore: refresh .pre-commit-config.yaml by @create-pr-workflow-auth[bot] in #77
• 68 uv secure make file reads robust by @owenlamont in #78
• Fix some error message formatting by @owenlamont in #79

Full Changelog: 0.12.0...0.12.1

0.12.0

What's Changed

• chore: refresh uv.lock by @create-pr-workflow-auth[bot] in #72
• chore: refresh .pre-commit-config.yaml by @create-pr-workflow-auth[bot] in #73
• 43 support for PEP751 pylock.toml files by @owenlamont in #74

Full Changelog: 0.11.1...0.12.0

0.11.1

What's Changed

• 70 Fix broken uv-secure --version argument by @owenlamont in #71

Full Changelog: 0.11.0...0.11.1

0.11.0

What's Changed

• chore: refresh uv.lock by @create-pr-workflow-auth in #66
• chore: refresh .pre-commit-config.yaml by @create-pr-workflow-auth in #67
• 36 Ignore packages by name / version specifiers by @owenlamont in #69

New Contributors

• @create-pr-workflow-auth made their first contribution in #66

Full Changelog: 0.10.1...0.11.0

Breaking Changes

• Dropped support for Python 3.9
• Renamed --ignore CLI option to --ignore-vulns and dropped the -i abbreviation
• Failed PyPi package metadata json downloads will now cause the uv-secure run to fail

0.10.1

What's Changed

• Fixing some hishel caching behaviour by @owenlamont in #65

Full Changelog: 0.10.0...0.10.1

0.10.0

What's Changed

• Bump astral-sh/setup-uv from 6.1.0 to 6.3.0 in the actions-dependencies group by @dependabot in #48
• chore: update dependencies and add uv.lock refresh workflow by @owenlamont in #49
• Bump astral-sh/setup-uv from 6.1.0 to 6.3.0 in the actions-dependencies group by @dependabot in #50
• Fix some bugs with the update dependencies workflow by @owenlamont in #51
• chore: update dependency workflows and add linters refresh job by @owenlamont in #52
• Allow auto-created PRs to run workflows by @owenlamont in #54
• chore: refresh uv.lock by @owenlamont in #55
• chore: refresh .pre-commit-config.yaml by @owenlamont in #56
• chore: rename refresh job in update linters workflow by @owenlamont in #57
• Bump astral-sh/setup-uv from 6.3.0 to 6.3.1 in the actions-dependencies group by @dependabot in #59
• chore: refresh .pre-commit-config.yaml by @owenlamont in #60
• 58 update workflow with GitHub app by @owenlamont in #61
• 62 consolidate hishel caches by @owenlamont in #63

Breaking Changes

The [cache_settings] subsection of the configuration toml files has been removed and two new command line options --cache-path and --cache-ttl-seconds have been added to replace the lost configuration.

Full Changelog: 0.9.2...0.10.0

0.9.2

What's Changed

• 45 request add uvloopwinloop to an extra by @owenlamont in #46
• Bump astral-sh/setup-uv from 6.0.1 to 6.1.0 in the actions-dependencies group by @dependabot in #47

New Contributors

• @dependabot made their first contribution in #47

Full Changelog: 0.9.1...0.9.2

0.9.1

What's Changed

• 37 dont flag vulnerabilities that are withdrawn by @owenlamont in #42

Full Changelog: 0.9.0...0.9.1

0.9.0

What's Changed

• Updated README to cover conda-forge installation by @owenlamont in #39
• Direct dependency filters by @owenlamont in #40

Breaking Changes

The follow config file options:

• ignore_vulnerabilities
• aliases
• desc

Have been moved down one level in the configuration hierarchy under the vulnerability_criteria section, so if you had a pyproject.toml file like this:

[tool.uv-secure]
ignore_vulnerabilities = ["VULN-123"]
aliases = true
desc = true

update it to this:

[tool.uv-secure.vulnerability_criteria]
ignore_vulnerabilities = ["VULN-123"]
aliases = true
desc = true

or if you have a .uv-secure.toml / uv-secure.toml file like this:

ignore_vulnerabilities = ["VULN-123"]
aliases = true # Defaults to false
desc = true # Defaults to false

update it to this:

[vulnerability_criteria]
ignore_vulnerabilities = ["VULN-123"]
aliases = true # Defaults to false
desc = true # Defaults to false

Full Changelog: 0.8.1...0.9.0