Harden uv version parser to reject non-numeric version components

[karthiknadig]

Summary

parse_version_from_uv_dir_name in crates/pet-uv/src/lib.rs validates that a directory name has the right structure (impl-version-platform with a dotted version) but doesn't validate that version components are actually numeric. A directory like cpython-3.abc.def-linux would pass the check.

Details

At line 365-376, the parser:

1. Splits on - to get [impl, version, platform]
2. Checks the first char of version is a digit
3. Checks there are ≥2 dot-separated components

But it never validates that subsequent components (abc, def) are numeric.

Impact

Low — uv only produces numeric version directories in practice. However, if a user has non-Python directories in the uv install path, they could be misidentified as Python installations.

Proposed Fix

Add a numeric check: parts.iter().all(|p| p.chars().all(|c| c.is_ascii_digit())) for the dot-separated components.

Introduced By

PR #380 (dd11802 — feat: discover uv-managed global Python installations)