fix(policy): allow uv in pypi preset

[pandas-studio]

Summary

• Add /usr/local/bin/uv to the pypi preset's allowed binaries so sandboxes using the pypi network preset can run uv directly.
• Mirrors the existing entries for python3/pip under /usr/bin and /usr/local/bin and complements the /sandbox/.uv/... paths already present.

Motivation

The pypi preset already allows python3 and pip from /usr/local/bin, and references /sandbox/.uv/python/**/python*, but uv itself was missing. Sandboxes that install uv to /usr/local/bin/uv (per the uv_install operational note: symlinks into /root/ are unreachable, so the binary is copied to /usr/local/bin) were blocked from invoking it under this preset.

Test plan

• make check passes (policy YAML lint)
• Manual: enable the pypi preset in a sandbox, run uv --version and a uv pip install — both should be permitted

🤖 Generated with Claude Code

Summary by CodeRabbit

Release Notes

• Improvements
  • Updated PyPI network preset to support the uv package manager alongside existing Python tooling.

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 07af7b53-0c6d-488c-be15-4dbe7f1a94bf

📥 Commits

Reviewing files that changed from the base of the PR and between 2a83b53 and 0428737.

📒 Files selected for processing (1)

• nemoclaw-blueprint/policies/presets/pypi.yaml

---

📝 Walkthrough

Walkthrough

The PyPI network preset configuration is updated to authorize the uv binary (/usr/local/bin/uv) as an allowed binary path, extending the preset's policy to support the uv package manager alongside existing Python, pip, and virtualenv tooling.

Changes

PyPI Preset Update

Layer / File(s)	Summary
Binary Path Configuration nemoclaw-blueprint/policies/presets/pypi.yaml	/usr/local/bin/uv is added to the binaries allowlist in the PyPI preset configuration.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

A rabbit hops through configs neat,
Adding uv to paths so sweet,
The preset now knows where to find,
A package manager, perfectly aligned. 🐰✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically describes the main change: allowing the uv binary in the PyPI network preset configuration.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cv]

@pandas-studio can you add a DCO, please?

[cv]

Opened signed-off replacement PR #4569 with the same one-line policy change. This avoids rewriting the contributor branch to satisfy DCO.