Open hynek opened 1 day ago
@hynek have you seen tool.uv.cache-keys
?
I have while searching this bug tracker, but I couldn't find a way for it to affect uv.lock
? Changing the value to cache-keys = [{ git = true }, { file = "pyproject.toml" }]
at least doesn't do anything when running uv.lock
.
From the documentation (and its name 🤓) I've gathered it's mostly about how caching, not about locking? And TBH it sounds to me as if adding git as a git key, I'm actually adding cache busting.
I think you could pass --upgrade-package attrs
to ensure that attrs
is rebuilt and that the lockfile is updated. Or even set it in your configuration:
[tool.uv]
upgrade-package = ["attrs"]
But there's sort of an infinite loop here, right? Since every time you commit the lockfile, it will be outdated. So you then re-lock, and commit again, etc. I don't know how to solve this holistically. We could omit versions for editables, maybe? Or even, write "dynamic" or something for the version, for packages that have dynamic versions?
But there's sort of an infinite loop here, right? Since every time you commit the lockfile, it will be outdated. So you then re-lock, and commit again, etc. We could omit versions for editables, maybe? Or even, write "dynamic" or something for the version, for packages that have dynamic versions?
Yeah that's what I meant in my last sentence, but I'm always assuming Chesterton's Fence. :) Setting it to dynamic
seems the best way since it maps nicely to project.dynamic
. Just dunno if it would be a problem that there's a case where there's an invalid version "number" in the field which would speak for omitting.
Since tox-uv just shipped lock files, I took a stab at moving attrs to a fully-locked dev environment.
Here's the experiment PR: https://github.com/python-attrs/attrs/pull/1349
A problem I've run into is that packages often use dynamic packaging data that is based on git metadata (setuptools-scm, hatch-vcs, etc). As such, attrs's package version changes after every commit, which allows us to upload to test PyPI and continually verify our package. See, for example, https://test.pypi.org/project/attrs/24.2.1.dev19/
Unfortunately the current project gets locked like this:
Which means it's outdated after each commit, because every commit increments the number behind
dev
.Is there a way around this that I've missed? If not, could there be built one? 😇 AFAICT, this is currently the biggest blocker for FOSS use from uv's side. I'm also not sure what the point of that version lock is in the first place for the current, editable project? But that's a topic for another day. :)