chore(deps): update uv to v0.10.8

[enechange-renovate]

This PR contains the following updates:

Package	Type	Update	Change
astral-sh/uv		patch	0.10.7 → 0.10.8
ghcr.io/astral-sh/uv	stage	patch	0.10.7 → 0.10.8
uv		patch	0.10.7 → 0.10.8

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

astral-sh/uv (astral-sh/uv)

v0.10.8

Compare Source

Released on 2026-03-03.

Python

• Add CPython 3.10.20
• Add CPython 3.11.15
• Add CPython 3.12.13

Enhancements

• Add Docker images based on Docker Hardened Images (#​18247)
• Add resolver hint when --exclude-newer filters out all versions of a package (#​18217)
• Configure a real retry minimum delay of 1s (#​18201)
• Expand uv_build direct build compatibility (#​17902)
• Fetch CPython from an Astral mirror by default (#​18207)
• Download uv releases from an Astral mirror in installers by default (#​18191)
• Add SBOM attestations to Docker images (#​18252)
• Improve hint for installing meson-python when missing as build backend (#​15826)

Configuration

• Add UV_INIT_BARE environment variable for uv init (#​18210)

Bug fixes

• Prevent uv tool upgrade from installing excluded dependencies (#​18022)
• Promote authentication policy when saving tool receipts (#​18246)
• Respect exclusions in scripts (#​18269)
• Retain default-branch Git SHAs in pylock.toml files (#​18227)
• Skip installed Python check for URL dependencies (#​18211)
• Respect constraints during --upgrade (#​18226)
• Fix uv tree orphaned roots and premature deduplication (#​17212)

Documentation

• Mention cooldown and tweak inline script metadata in dependency bots documentation (#​18230)
• Move cache prune in GitLab to after_script (#​18206)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[github-actions]

Auto approved automated PR

[github-actions]

Dependency Review

✅ No vulnerabilities found.

Scanned Files

None

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 50.96%. Comparing base (a3510c7) to head (9a84188).
⚠️ Report is 6 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #968   +/-   ##
=======================================
  Coverage   50.96%   50.96%           
=======================================
  Files          26       26           
  Lines        1242     1242           
  Branches      178      178           
=======================================
  Hits          633      633           
  Misses        605      605           
  Partials        4        4           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.