chore(deps-dev): Update uv requirement from 0.9.13 to 0.9.15

[dependabot]

Updates the requirements on uv to permit the latest version.

Release notes

Sourced from uv's releases.

0.9.15

Release Notes

Released on 2025-12-02.

Continuing the unfortunate chain of disrupted releases, this release failed due to an error publishing new PEP 740 attestations to PyPI. The release workflow was re-run after removing the PEP 740 attestations (see #16944) and our GitHub and PyPI artifacts were published as normal, but the crates.io publish completed in the first run and does not match the 0.9.15 tag — instead, the crates were published at commit astral-sh/uv@e7af583. The only difference is the inclusion of astral-sh/uv#16885.

Python

• Add CPython 3.14.1
• Add CPython 3.13.10

Enhancements

• Add ROCm 6.4 to --torch-backend=auto (#16919)
• Add a Windows manifest to uv binaries (#16894)
• Add LFS toggle to Git sources (#16143)
• Cache source reads during resolution (#16888)
• Allow reading requirements from scripts without an extension (#16923)
• Allow reading requirements from scripts with HTTP(S) paths (#16891)

Configuration

• Add UV_HIDE_BUILD_OUTPUT to omit build logs (#16885)

Bug fixes

• Fix uv-trampoline-builder builds from crates.io by moving bundled executables (#16922)
• Respect NO_COLOR and always show the command as a header when paging uv help output (#16908)
• Use 0o666 permissions for flock files instead of 0o777 (#16845)
• Revert "Bump astral-tl to v0.7.10 (#16887)" to narrow down a regression causing hangs in metadata retrieval (#16938)

Documentation

• Link to the uv version in crates.io member READMEs (#16939)

Install uv 0.9.15

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.9.15/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://github.com/astral-sh/uv/releases/download/0.9.15/uv-installer.ps1 | iex"

... (truncated)

Changelog

Sourced from uv's changelog.

0.9.15

Released on 2025-12-02.

Python

• Add CPython 3.14.1
• Add CPython 3.13.10

Enhancements

• Add ROCm 6.4 to --torch-backend=auto (#16919)
• Add a Windows manifest to uv binaries (#16894)
• Add LFS toggle to Git sources (#16143)
• Cache source reads during resolution (#16888)
• Allow reading requirements from scripts without an extension (#16923)
• Allow reading requirements from scripts with HTTP(S) paths (#16891)

Configuration

• Add UV_HIDE_BUILD_OUTPUT to omit build logs (#16885)

Bug fixes

• Fix uv-trampoline-builder builds from crates.io by moving bundled executables (#16922)
• Respect NO_COLOR and always show the command as a header when paging uv help output (#16908)
• Use 0o666 permissions for flock files instead of 0o777 (#16845)
• Revert "Bump astral-tl to v0.7.10 (#16887)" to narrow down a regression causing hangs in metadata retrieval (#16938)

Documentation

• Link to the uv version in crates.io member READMEs (#16939)

0.9.14

Released on 2025-12-01.

Performance

• Bump astral-tl to v0.7.10 to enable SIMD for HTML parsing (#16887)

Bug fixes

• Allow earlier post releases with exclusive ordering (#16881)
• Prefer updating existing .zshenv over creating a new one in tool update-shell (#16866)
• Respect -e flags in uv add (#16882)

Enhancements

• Attach subcommand to User-Agent string (#16837)

... (truncated)

Commits

• 5eafae3 Amend the 0.9.15 changelog (#16946)
• 89c411f Temporarily drop crates-publish from the release for 0.9.15 re-run (#16945)
• 18a3652 Disable PEP 740 attestations for PyPI publishing (#16944)
• eb65f9f Add UV_HIDE_BUILD_OUTPUT to omit build logs (#16885)
• e7af583 Bump version to 0.9.15 (#16942)
• 87adf14 Allow reading requirements from scripts with HTTP(S) paths (#16891)
• 9fc07c8 Add CPython 3.14.1 and 3.13.10 (#16941)
• d2162e2 Revert "Bump astral-tl to v0.7.10 (#16887)" (#16938)
• 99c40f7 Link to the uv version in crates.io member READMEs (#16939)
• e38cab6 Use our org-wide Renovate preset (#16935)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)