chore(deps): bump uv from 0.9.30 to 0.11.15 in /examples/example-ai-crewai

[dependabot]

Bumps uv from 0.9.30 to 0.11.15.

Release notes

Sourced from uv's releases.

0.11.15

Release Notes

Released on 2026-05-18.

Security

• Fix a TAR parser differential, see GHSA-3cv2-h65g-fgmm (#19463)
• Enforce that entry points cannot escape in the scripts directory, see GHSA-4gg8-gxpx-9rph (#19464)

Enhancements

• Add TOML v1.1 -> v1.0 backwards compatibility for source distributions (#18741)
• Add support for Azure request signing (#19421)
• Apply stricter validation to all wheel filename segments (#19364)
• Reject empty strings as an invalid package name (#19435)
• Use structured errors for signing authentication failures (#19422)

Preview

• uv audit: Add JSON output (#19305)

Configuration

• Respect required-environments in uv pip compile (#19378)

Performance

• Avoid parsing JSON manifest when local Python is available (#19398)
• Avoid walking nested directories in linker conflict registration (#19382)
• Optimize async wheel ZIP writing (#19383)
• Fix dead "already trimmed" fast-path in Version::only_release_trimmed (#19425)

Bug fixes

• Apply workspace-member [tool.uv.sources] credentials under uv sync --frozen (#19423)
• Skip empty directories in uv build outputs (#19437)
• Fix Git submodule handling when using relative paths (#12156)
• Fix line number reporting in netrc parsing (#19452)

Documentation

• Move Bazel auth helper setup into integration guide (#19392)

Install uv 0.11.15

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.15/uv-installer.sh | sh
</tr></table> 

... (truncated)

Changelog

Sourced from uv's changelog.

0.11.15

Released on 2026-05-18.

Security

• Fix a TAR parser differential, see GHSA-3cv2-h65g-fgmm (#19463)
• Enforce that entry points cannot escape in the scripts directory, see GHSA-4gg8-gxpx-9rph (#19464)

Enhancements

• Add TOML v1.1 -> v1.0 backwards compatibility for source distributions (#18741)
• Add support for Azure request signing (#19421)
• Apply stricter validation to all wheel filename segments (#19364)
• Reject empty strings as an invalid package name (#19435)
• Use structured errors for signing authentication failures (#19422)

Preview

• uv audit: Add JSON output (#19305)

Configuration

• Respect required-environments in uv pip compile (#19378)

Performance

• Avoid parsing JSON manifest when local Python is available (#19398)
• Avoid walking nested directories in linker conflict registration (#19382)
• Optimize async wheel ZIP writing (#19383)
• Fix dead "already trimmed" fast-path in Version::only_release_trimmed (#19425)

Bug fixes

• Apply workspace-member [tool.uv.sources] credentials under uv sync --frozen (#19423)
• Skip empty directories in uv build outputs (#19437)
• Fix Git submodule handling when using relative paths (#12156)
• Fix line number reporting in netrc parsing (#19452)

Documentation

• Move Bazel auth helper setup into integration guide (#19392)

0.11.14

Released on 2026-05-12.

Enhancements

• Add Astral mirror URL override (#19206)

... (truncated)

Commits

• 3cffe97 Fix crates.io publish script lockfile (#19473)
• de16a7b Bump version to 0.11.15 (#19472)
• cf826cc Disable test_simultaneous_create_set_then_move on Linux (#19469)
• 2d566bc Allow retry of custom-publish-crates separately from announce (#19470)
• 0588b8f Run release builds on maturin version bumps in CI (#19466)
• 9a65753 Enforce that entry points cannot escape in the scripts directory (#19464)
• d77d849 Revert "Update maturin to v1.13.2 (#19445)" (#19465)
• 5373e96 Update Rust crate rustls to v0.23.40 (#19250)
• fb8d3d4 Update Rust crate rustls-pki-types to v1.14.1 (#19251)
• 078480d Configure maturin and uv so uv run can be used to work on uv itself (#19461)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[github-actions]

posthog-python Compliance Report

Date: 2026-05-29 21:44:12 UTC
Duration: 176021ms

✅ All Tests Passed!

45/45 tests passed

---

Capture Tests

✅ 29/29 tests passed

View Details

Test	Status	Duration
Format Validation.Event Has Required Fields	✅	514ms
Format Validation.Event Has Uuid	✅	1506ms
Format Validation.Event Has Lib Properties	✅	1506ms
Format Validation.Distinct Id Is String	✅	1506ms
Format Validation.Token Is Present	✅	1506ms
Format Validation.Custom Properties Preserved	✅	1506ms
Format Validation.Event Has Timestamp	✅	1506ms
Retry Behavior.Retries On 503	✅	9518ms
Retry Behavior.Does Not Retry On 400	✅	3504ms
Retry Behavior.Does Not Retry On 401	✅	3507ms
Retry Behavior.Respects Retry After Header	✅	9512ms
Retry Behavior.Implements Backoff	✅	23528ms
Retry Behavior.Retries On 500	✅	7503ms
Retry Behavior.Retries On 502	✅	7510ms
Retry Behavior.Retries On 504	✅	7506ms
Retry Behavior.Max Retries Respected	✅	23529ms
Deduplication.Generates Unique Uuids	✅	1497ms
Deduplication.Preserves Uuid On Retry	✅	7513ms
Deduplication.Preserves Uuid And Timestamp On Retry	✅	14512ms
Deduplication.Preserves Uuid And Timestamp On Batch Retry	✅	7510ms
Deduplication.No Duplicate Events In Batch	✅	1507ms
Deduplication.Different Events Have Different Uuids	✅	1506ms
Compression.Sends Gzip When Enabled	✅	1506ms
Batch Format.Uses Proper Batch Structure	✅	1506ms
Batch Format.Flush With No Events Sends Nothing	✅	1004ms
Batch Format.Multiple Events Batched Together	✅	1505ms
Error Handling.Does Not Retry On 403	✅	3508ms
Error Handling.Does Not Retry On 413	✅	3507ms
Error Handling.Retries On 408	✅	7512ms

Feature_Flags Tests

✅ 16/16 tests passed

View Details

Test	Status	Duration
Request Payload.Request With Person Properties Device Id	✅	1002ms
Request Payload.Flags Request Uses V2 Query Param	✅	1006ms
Request Payload.Flags Request Hits Flags Path Not Decide	✅	1006ms
Request Payload.Flags Request Omits Authorization Header	✅	1006ms
Request Payload.Token In Flags Body Matches Init	✅	1006ms
Request Payload.Groups Round Trip	✅	1005ms
Request Payload.Groups Default To Empty Object	✅	1006ms
Request Payload.Person Properties Distinct Id Auto Populated When Caller Omits It	✅	1006ms
Request Payload.Disable Geoip False Propagates As Geoip Disable False	✅	1006ms
Request Payload.Disable Geoip Omitted Defaults To False	✅	1005ms
Request Payload.Flag Keys To Evaluate Contains Only Requested Key	✅	1006ms
Request Lifecycle.No Flags Request On Init Alone	✅	503ms
Request Lifecycle.No Flags Request On Normal Capture	✅	1506ms
Request Lifecycle.Two Flag Calls Produce Two Remote Requests	✅	1009ms
Request Lifecycle.Mock Response Value Is Returned To Caller	✅	1002ms
Side Effect Events.Get Feature Flag Captures Feature Flag Called Event	✅	1508ms