Tracking branch for 0.10

.github/workflows/build-docker.yml

@@ -170,19 +170,16 @@ jobs:
         # Mapping of base image followed by a comma followed by one or more base tags (comma separated)
         # Note, org.opencontainers.image.version label will use the first base tag (use the most specific tag first)
         image-mapping:
-          - alpine:3.22,alpine3.22,alpine
-          - alpine:3.21,alpine3.21
+          - alpine:3.23,alpine3.23,alpine
+          - alpine:3.22,alpine3.22
           - debian:trixie-slim,trixie-slim,debian-slim
           - buildpack-deps:trixie,trixie,debian
-          - debian:bookworm-slim,bookworm-slim
-          - buildpack-deps:bookworm,bookworm
           - python:3.14-alpine3.23,python3.14-alpine3.23,python3.14-alpine
           - python:3.13-alpine3.23,python3.13-alpine3.23,python3.13-alpine
           - python:3.12-alpine3.23,python3.12-alpine3.23,python3.12-alpine
           - python:3.11-alpine3.23,python3.11-alpine3.23,python3.11-alpine
           - python:3.10-alpine3.23,python3.10-alpine3.23,python3.10-alpine
           - python:3.9-alpine3.22,python3.9-alpine3.22,python3.9-alpine
-          - python:3.8-alpine3.20,python3.8-alpine3.20,python3.8-alpine
           - python:3.14-trixie,python3.14-trixie
           - python:3.13-trixie,python3.13-trixie
           - python:3.12-trixie,python3.12-trixie
@@ -195,20 +192,6 @@ jobs:
           - python:3.11-slim-trixie,python3.11-trixie-slim
           - python:3.10-slim-trixie,python3.10-trixie-slim
           - python:3.9-slim-trixie,python3.9-trixie-slim
-          - python:3.14-bookworm,python3.14-bookworm
-          - python:3.13-bookworm,python3.13-bookworm
-          - python:3.12-bookworm,python3.12-bookworm
-          - python:3.11-bookworm,python3.11-bookworm
-          - python:3.10-bookworm,python3.10-bookworm
-          - python:3.9-bookworm,python3.9-bookworm
-          - python:3.8-bookworm,python3.8-bookworm
-          - python:3.14-slim-bookworm,python3.14-bookworm-slim
-          - python:3.13-slim-bookworm,python3.13-bookworm-slim
-          - python:3.12-slim-bookworm,python3.12-bookworm-slim
-          - python:3.11-slim-bookworm,python3.11-bookworm-slim
-          - python:3.10-slim-bookworm,python3.10-bookworm-slim
-          - python:3.9-slim-bookworm,python3.9-bookworm-slim
-          - python:3.8-slim-bookworm,python3.8-bookworm-slim
     steps:
       # Login to DockerHub (when not pushing, it's to avoid rate-limiting)
       - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0

.github/workflows/build-release-binaries.yml

@@ -555,7 +555,6 @@ jobs:
           args: --release --locked --out dist --features self-update --compatibility pypi
           rust-toolchain: ${{ matrix.platform.toolchain || null }}
       - uses: uraimo/run-on-arch-action@d94c13912ea685de38fccc1109385b83fd79427d # v3.0.1
-        if: matrix.platform.arch != 'ppc64'
         name: "Test wheel"
         with:
           arch: ${{ matrix.platform.arch }}
@@ -609,7 +608,6 @@ jobs:
           docker-options: ${{ matrix.platform.maturin_docker_options }}
           args: --profile minimal-size --locked --out crates/uv-build/dist -m crates/uv-build/Cargo.toml --compatibility pypi
       - uses: uraimo/run-on-arch-action@d94c13912ea685de38fccc1109385b83fd79427d # v3.0.1
-        if: matrix.platform.arch != 'ppc64'
         name: "Test wheel uv-build"
         with:
           arch: ${{ matrix.platform.arch }}
@@ -643,10 +641,6 @@ jobs:
             arch: ppc64le
             # see https://github.com/astral-sh/uv/issues/6528
             maturin_docker_options: -e JEMALLOC_SYS_WITH_LG_PAGE=16
-          - target: powerpc64-unknown-linux-gnu
-            arch: ppc64
-            # see https://github.com/astral-sh/uv/issues/6528
-            maturin_docker_options: -e JEMALLOC_SYS_WITH_LG_PAGE=16
 
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -677,7 +671,6 @@ jobs:
             fi
       # TODO(charlie): Re-enable testing for PPC wheels.
       # - uses: uraimo/run-on-arch-action@d94c13912ea685de38fccc1109385b83fd79427d # v3.0.1
-      #   if: matrix.platform.arch != 'ppc64'
       #   name: "Test wheel"
       #   with:
       #     arch: ${{ matrix.platform.arch }}

.github/workflows/test.yml

@@ -73,7 +73,7 @@ jobs:
         run: |
           cargo nextest run \
             --cargo-profile fast-build \
-            --features python-patch,native-auth,secret-service \
+            --features test-python-patch,native-auth,secret-service \
             --workspace \
             --profile ci-linux
 
@@ -118,7 +118,7 @@ jobs:
           cargo nextest run \
             --cargo-profile fast-build \
             --no-default-features \
-            --features python,python-managed,pypi,git,git-lfs,performance,crates-io,native-auth,apple-native \
+            --features test-python,test-python-managed,test-pypi,test-git,test-git-lfs,performance,test-crates-io,native-auth,apple-native \
             --workspace \
             --profile ci-macos
 
@@ -180,7 +180,7 @@ jobs:
           cargo nextest run \
             --cargo-profile fast-build \
             --no-default-features \
-            --features python,pypi,python-managed,native-auth,windows-native \
+            --features test-python,test-pypi,test-python-managed,native-auth,windows-native \
             --workspace \
             --profile ci-windows \
             --partition hash:${{ matrix.partition }}/3

crates/uv-auth/src/middleware.rs

@@ -803,14 +803,18 @@ impl AuthMiddleware {
         // Text credential store support.
         } else if let Some(credentials) = self.text_store.get().await.and_then(|text_store| {
             debug!("Checking text store for credentials for {url}");
-            text_store
-                .get_credentials(
-                    url,
-                    credentials
-                        .as_ref()
-                        .and_then(|credentials| credentials.username()),
-                )
-                .cloned()
+            match text_store.get_credentials(
+                url,
+                credentials
+                    .as_ref()
+                    .and_then(|credentials| credentials.username()),
+            ) {
+                Ok(credentials) => credentials.cloned(),
+                Err(err) => {
+                    debug!("Failed to get credentials from text store: {err}");
+                    None
+                }
+            }
         }) {
             debug!("Found credentials in plaintext store for {url}");
             Some(credentials)

crates/uv-auth/src/store.rs

@@ -122,6 +122,12 @@ pub enum BearerAuthError {
     UnexpectedPassword,
 }
 
+#[derive(Debug, Error, PartialEq)]
+pub enum LookupError {
+    #[error("Multiple credentials found for URL '{0}', specify which username to use")]
+    AmbiguousUsername(DisplaySafeUrl),
+}
+
 /// A single credential entry in a TOML credentials file.
 #[derive(Debug, Clone, Serialize, Deserialize)]
 #[serde(try_from = "TomlCredentialWire", into = "TomlCredentialWire")]
@@ -334,7 +340,7 @@ impl TextCredentialStore {
         &self,
         url: &DisplaySafeUrl,
         username: Option<&str>,
-    ) -> Option<&Credentials> {
+    ) -> Result<Option<&Credentials>, LookupError> {
         let request_realm = Realm::from(url);
 
         // Perform an exact lookup first
@@ -345,7 +351,7 @@ impl TextCredentialStore {
                 url_service.clone(),
                 Username::from(username.map(str::to_string)),
             )) {
-                return Some(credential);
+                return Ok(Some(credential));
             }
         }
 
@@ -376,15 +382,17 @@ impl TextCredentialStore {
             let specificity = service.url().path().len();
             if best.is_none_or(|(best_specificity, _, _)| specificity > best_specificity) {
                 best = Some((specificity, service, credential));
+            } else if best.is_some_and(|(best_specificity, _, _)| specificity == best_specificity) {
+                return Err(LookupError::AmbiguousUsername(url.clone()));
             }
         }
 
         // Return the most specific match
         if let Some((_, _, credential)) = best {
-            return Some(credential);
+            return Ok(Some(credential));
         }
 
-        None
+        Ok(None)
     }
 
     /// Store credentials for a given service.
@@ -455,10 +463,10 @@ mod tests {
         let service = Service::from_str("https://example.com").unwrap();
         store.insert(service.clone(), credentials.clone());
         let url = DisplaySafeUrl::parse("https://example.com/").unwrap();
-        assert!(store.get_credentials(&url, None).is_some());
+        assert!(store.get_credentials(&url, None).unwrap().is_some());
 
         let url = DisplaySafeUrl::parse("https://example.com/path").unwrap();
-        let retrieved = store.get_credentials(&url, None).unwrap();
+        let retrieved = store.get_credentials(&url, None).unwrap().unwrap();
         assert_eq!(retrieved.username(), Some("user"));
         assert_eq!(retrieved.password(), Some("pass"));
 
@@ -468,7 +476,7 @@ mod tests {
                 .is_some()
         );
         let url = DisplaySafeUrl::parse("https://example.com/").unwrap();
-        assert!(store.get_credentials(&url, None).is_none());
+        assert!(store.get_credentials(&url, None).unwrap().is_none());
     }
 
     #[tokio::test]
@@ -494,12 +502,12 @@ password = "pass2"
         let store = TextCredentialStore::from_file(temp_file.path()).unwrap();
 
         let url = DisplaySafeUrl::parse("https://example.com/").unwrap();
-        assert!(store.get_credentials(&url, None).is_some());
+        assert!(store.get_credentials(&url, None).unwrap().is_some());
         let url = DisplaySafeUrl::parse("https://test.org/").unwrap();
-        assert!(store.get_credentials(&url, None).is_some());
+        assert!(store.get_credentials(&url, None).unwrap().is_some());
 
         let url = DisplaySafeUrl::parse("https://example.com").unwrap();
-        let cred = store.get_credentials(&url, None).unwrap();
+        let cred = store.get_credentials(&url, None).unwrap().unwrap();
         assert_eq!(cred.username(), Some("testuser"));
         assert_eq!(cred.password(), Some("testpass"));
 
@@ -535,7 +543,7 @@ password = "pass2"
 
         for url_str in matching_urls {
             let url = DisplaySafeUrl::parse(url_str).unwrap();
-            let cred = store.get_credentials(&url, None);
+            let cred = store.get_credentials(&url, None).unwrap();
             assert!(cred.is_some(), "Failed to match URL with prefix: {url_str}");
         }
 
@@ -548,7 +556,7 @@ password = "pass2"
 
         for url_str in non_matching_urls {
             let url = DisplaySafeUrl::parse(url_str).unwrap();
-            let cred = store.get_credentials(&url, None);
+            let cred = store.get_credentials(&url, None).unwrap();
             assert!(cred.is_none(), "Should not match non-prefix URL: {url_str}");
         }
     }
@@ -572,7 +580,7 @@ password = "pass2"
 
         for url_str in matching_urls {
             let url = DisplaySafeUrl::parse(url_str).unwrap();
-            let cred = store.get_credentials(&url, None);
+            let cred = store.get_credentials(&url, None).unwrap();
             assert!(
                 cred.is_some(),
                 "Failed to match URL in same realm: {url_str}"
@@ -588,7 +596,7 @@ password = "pass2"
 
         for url_str in non_matching_urls {
             let url = DisplaySafeUrl::parse(url_str).unwrap();
-            let cred = store.get_credentials(&url, None);
+            let cred = store.get_credentials(&url, None).unwrap();
             assert!(
                 cred.is_none(),
                 "Should not match URL in different realm: {url_str}"
@@ -612,12 +620,12 @@ password = "pass2"
 
         // Should match the most specific prefix
         let url = DisplaySafeUrl::parse("https://example.com/api/v1/users").unwrap();
-        let cred = store.get_credentials(&url, None).unwrap();
+        let cred = store.get_credentials(&url, None).unwrap().unwrap();
         assert_eq!(cred.username(), Some("specific"));
 
         // Should match the general prefix for non-specific paths
         let url = DisplaySafeUrl::parse("https://example.com/api/v2").unwrap();
-        let cred = store.get_credentials(&url, None).unwrap();
+        let cred = store.get_credentials(&url, None).unwrap().unwrap();
         assert_eq!(cred.username(), Some("general"));
     }
 
@@ -630,17 +638,17 @@ password = "pass2"
         store.insert(service.clone(), user1_creds.clone());
 
         // Should return credentials when username matches
-        let result = store.get_credentials(&url, Some("user1"));
+        let result = store.get_credentials(&url, Some("user1")).unwrap();
         assert!(result.is_some());
         assert_eq!(result.unwrap().username(), Some("user1"));
         assert_eq!(result.unwrap().password(), Some("pass1"));
 
         // Should not return credentials when username doesn't match
-        let result = store.get_credentials(&url, Some("user2"));
+        let result = store.get_credentials(&url, Some("user2")).unwrap();
         assert!(result.is_none());
 
         // Should return credentials when no username is specified
-        let result = store.get_credentials(&url, None);
+        let result = store.get_credentials(&url, None).unwrap();
         assert!(result.is_some());
         assert_eq!(result.unwrap().username(), Some("user1"));
     }
@@ -668,21 +676,50 @@ password = "pass2"
         let url = DisplaySafeUrl::parse("https://example.com/api/v1/users").unwrap();
 
         // Should match specific credentials when username matches
-        let result = store.get_credentials(&url, Some("specific_user"));
+        let result = store.get_credentials(&url, Some("specific_user")).unwrap();
         assert!(result.is_some());
         assert_eq!(result.unwrap().username(), Some("specific_user"));
 
         // Should match the general credentials when requesting general_user (falls back to less specific prefix)
-        let result = store.get_credentials(&url, Some("general_user"));
+        let result = store.get_credentials(&url, Some("general_user")).unwrap();
         assert!(
             result.is_some(),
             "Should match general_user from less specific prefix"
         );
         assert_eq!(result.unwrap().username(), Some("general_user"));
 
         // Should match most specific when no username specified
-        let result = store.get_credentials(&url, None);
+        let result = store.get_credentials(&url, None).unwrap();
         assert!(result.is_some());
         assert_eq!(result.unwrap().username(), Some("specific_user"));
     }
+
+    #[test]
+    fn test_ambiguous_username_error() {
+        let mut store = TextCredentialStore::default();
+
+        // Add two credentials for the same service with different usernames
+        let service = Service::from_str("https://example.com/api").unwrap();
+        let user1_creds = Credentials::basic(Some("user1".to_string()), Some("pass1".to_string()));
+        let user2_creds = Credentials::basic(Some("user2".to_string()), Some("pass2".to_string()));
+
+        store.insert(service.clone(), user1_creds);
+        store.insert(service.clone(), user2_creds);
+
+        let url = DisplaySafeUrl::parse("https://example.com/api/v1").unwrap();
+
+        // When no username is specified, should return an error because there are multiple matches with same specificity
+        let result = store.get_credentials(&url, None);
+        assert!(result.is_err());
+        assert_eq!(result, Err(LookupError::AmbiguousUsername(url.clone())));
+
+        // When a specific username is provided, should return the correct credentials
+        let result = store.get_credentials(&url, Some("user1")).unwrap();
+        assert!(result.is_some());
+        assert_eq!(result.unwrap().username(), Some("user1"));
+
+        let result = store.get_credentials(&url, Some("user2")).unwrap();
+        assert!(result.is_some());
+        assert_eq!(result.unwrap().username(), Some("user2"));
+    }
 }

crates/uv-bin-install/src/lib.rs

@@ -34,7 +34,7 @@ impl Binary {
     pub fn default_version(&self) -> Version {
         match self {
             // TODO(zanieb): Figure out a nice way to automate updating this
-            Self::Ruff => Version::new([0, 12, 5]),
+            Self::Ruff => Version::new([0, 15, 0]),
         }
     }