build(deps): bump uv-build from 0.11.21 to 0.11.23

[dependabot]

Bumps uv-build from 0.11.21 to 0.11.23.

Release notes

Sourced from uv-build's releases.

0.11.23

Release Notes

Released on 2026-06-19.

Bug fixes

• Revert "Fix transparent Python upgrades in project environments" to mitigate unintended breakage in pre-commit-uv (#19925)
• Restore old behavior where workspace members "hidden" by an intermediate pyproject.toml would be treated as standalone projects (#19926)

Install uv 0.11.23

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.23/uv-installer.ps1 | iex"

Download uv 0.11.23

File	Platform	Checksum
uv-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
uv-x86_64-apple-darwin.tar.gz	Intel macOS	checksum
uv-aarch64-pc-windows-msvc.zip	ARM64 Windows	checksum
uv-i686-pc-windows-msvc.zip	x86 Windows	checksum
uv-x86_64-pc-windows-msvc.zip	x64 Windows	checksum
uv-aarch64-unknown-linux-gnu.tar.gz	ARM64 Linux	checksum
uv-i686-unknown-linux-gnu.tar.gz	x86 Linux	checksum
uv-powerpc64le-unknown-linux-gnu.tar.gz	PPC64LE Linux	checksum
uv-riscv64gc-unknown-linux-gnu.tar.gz	RISCV Linux	checksum
uv-s390x-unknown-linux-gnu.tar.gz	S390x Linux	checksum
uv-x86_64-unknown-linux-gnu.tar.gz	x64 Linux	checksum
uv-armv7-unknown-linux-gnueabihf.tar.gz	ARMv7 Linux	checksum
uv-aarch64-unknown-linux-musl.tar.gz	ARM64 MUSL Linux	checksum
uv-i686-unknown-linux-musl.tar.gz	x86 MUSL Linux	checksum
uv-riscv64gc-unknown-linux-musl.tar.gz	RISCV MUSL Linux	checksum
uv-x86_64-unknown-linux-musl.tar.gz	x64 MUSL Linux	checksum
uv-arm-unknown-linux-musleabihf.tar.gz	ARMv6 MUSL Linux (Hardfloat)	checksum
uv-armv7-unknown-linux-musleabihf.tar.gz	ARMv7 MUSL Linux	checksum

Verifying GitHub Artifact Attestations

The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the GitHub CLI:

... (truncated)

Changelog

Sourced from uv-build's changelog.

0.11.23

Released on 2026-06-19.

Bug fixes

• Revert "Fix transparent Python upgrades in project environments" to mitigate unintended breakage in pre-commit-uv (#19925)
• Restore old behavior where workspace members "hidden" by an intermediate pyproject.toml would be treated as standalone projects (#19926)

0.11.22

Released on 2026-06-18.

Enhancements

• Publish wheels before sdists in uv publish (#19831)
• Add TY and RUFF env vars for providing paths for binaries used by uv format and uv check (#19821)

Preview features

• Allow configuring preview features in uv.toml and pyproject.toml (#18437)
• Update the lockfile during uv check --no-sync (#19909)
• Add --script to uv check and uv metadata (#19860)
• Report workspace-exclusive dependency groups in workspace metadata (#19862)
• Support SARIF as a uv audit output (#19872)

Performance

• Use a more deadlock-resistant concurrent hashmap in the resolver (#19532)

Bug fixes

• Update string marker ordering semantics to match upstream clarified rules (#19808)
• Reject extras that have the same normalized name (#19871)
• Reject dependency group include-group entries that have additional fields (#19866)
• Reject invalid UTF-8 URL credentials (#19814)
• Validate that PEP 517 backend-paths exist when building sdists (#19834)
• Validate that pylock.toml files do not have an unsupported a lock-version (#19869)
• Validate that the environment satisfies the packages.requires-python of a pylock.toml (#19868)
• Allow uv to be recursively invoked by PEP 517 build hooks (#19879)
• Allow empty credentials.toml files (#19815)
• Fix transparent Python upgrades in project environments (#19890)
• Handle non-file editable URLs in uv pip list (#19867)
• Fix incorrect output from uv tree --invert (#19910)
• Fix environment locking of uv venv in a project (#19837)
• Fix handling of workspace-exclusive dependency groups in uv tree (#19905)

Documentation

• Archive the 0.10.x changelog (#19813)

... (truncated)

Commits

• 3cdf50e Bump version to 0.11.23 (#19927)
• 3723315 Treat workspace members with an intermediate pyproject.toml as standalone (...
• a058272 Revert "Fix transparent Python upgrades in project environments" (#19925)
• 16a9cec Pin rooster into a dev-dependency (#19923)
• 94988e5 Bump version to 0.11.22 (#19917)
• f98013e Add workspace-exclusive dependency groups to workspace metadata (#19862)
• 7f3ab04 Add --script to uv check and uv metadata (#19860)
• 3d7e2f9 Update the lockfile during uv check --no-sync (#19909)
• 4f7fd1c Preserve attribution in inverted dependency trees (#19910)
• 14855e0 use let chains in various crates (#19908)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)