search

astral-sh / uv

An extremely fast Python package installer and resolver, written in Rust.
https://astral.sh/
Apache License 2.0
14.62k stars 413 forks source link

Git references are not normalized in lockfile #4417

Open ibraheemdev opened 2 weeks ago

ibraheemdev commented 2 weeks ago

The lockfile currently differentiates between identical Git references depending on how they are declared. For example:

[project]
name = "project"
version = "0.1.0"
requires-python = ">=3.12"
dependencies = [
    "uv-public-pypackage @ git+https://github.com/astral-test/uv-public-pypackage@0.0.1"
]
version = 1
requires-python = ">=3.12"

[[distribution]]
name = "project"
version = "0.1.0"
source = "editable+."
sdist = { path = "." }

[[distribution.dependencies]]
name = "uv-public-pypackage"
version = "0.1.0"
source = "git+https://github.com/astral-test/uv-public-pypackage?rev=0.0.1#0dacfd662c64cb4ceb16e6cf65a157a8b715b979"

[[distribution]]
name = "uv-public-pypackage"
version = "0.1.0"
source = "git+https://github.com/astral-test/uv-public-pypackage?rev=0.0.1#0dacfd662c64cb4ceb16e6cf65a157a8b715b979"
sdist = { url = "https://github.com/astral-test/uv-public-pypackage?rev=0.0.1#0dacfd662c64cb4ceb16e6cf65a157a8b715b979" }

Versus:

[project]
name = "project"
version = "0.1.0"
requires-python = ">=3.12"
dependencies = [
    "uv-public-pypackage",
]

[tool.uv.sources]
uv-public-pypackage = { git = "https://github.com/astral-test/uv-public-pypackage", tag = "0.0.1" }
version = 1
requires-python = ">=3.12"

[[distribution]]
name = "project"
version = "0.1.0"
source = "editable+."
sdist = { path = "." }

[[distribution.dependencies]]
name = "uv-public-pypackage"
version = "0.1.0"
- source = "git+https://github.com/astral-test/uv-public-pypackage?rev=0.0.1#0dacfd662c64cb4ceb16e6cf65a157a8b715b979"
+ source = "git+https://github.com/astral-test/uv-public-pypackage?tag=0.0.1#0dacfd662c64cb4ceb16e6cf65a157a8b715b979"

[[distribution]]
name = "uv-public-pypackage"
version = "0.1.0"
- source = "git+https://github.com/astral-test/uv-public-pypackage?rev=0.0.1#0dacfd662c64cb4ceb16e6cf65a157a8b715b979"
+ source = "git+https://github.com/astral-test/uv-public-pypackage?tag=0.0.1#0dacfd662c64cb4ceb16e6cf65a157a8b715b979"
- sdist = { url = "https://github.com/astral-test/uv-public-pypackage?rev=0.0.1#0dacfd662c64cb4ceb16e6cf65a157a8b715b979" }
+ sdist = { url = "https://github.com/astral-test/uv-public-pypackage?tag=0.0.1#0dacfd662c64cb4ceb16e6cf65a157a8b715b979" }

I'm not sure if we can normalize to the revision because the commit pointed to by a tag/branch can change, but we could disambiguate between references before locking.

charliermarsh commented 1 week ago

I think it's correct that we write different values here. Is it getting in your way somewhere?

ibraheemdev commented 3 days ago

Not getting in the way, @konstin pointed it out in https://github.com/astral-sh/uv/pull/4406.