Using uv.lock file to define package requirements?

[TARHiS]

When building package with uv build, is it possible to use uv.lock file as a requirements of a package instead of using pyproject.toml dependencies? Use case for this is to create application package that is used to deploy web servers by using private PyPI as a distribution channel.

[zanieb]

This would be cool 👍

[tfsingh]

I've been doing a good amount of digging on this issue and wanted to check if I'm thinking about this correctly.

My current understanding is that uv itself does not handle dependencies specified in pyproject.toml files during the build process (pyproject.toml files are only scraped for package names/roots during uv build, afaict).

Instead, uv defers to setup_tools as the build backend via the execution of an intermediary Python script. My understanding is that from here, setup_tools uses the given path, scrapes the dependencies from the corresponding pyproject.toml, and builds the package.

I'll be candid in that my understanding of Python packaging (while improving) is limited, but if the above is true then I think this issue might require either:

1. Injecting some custom logic into setup tools via extensions (looks promising but requires more diligence, haven't verified this would work)
2. Custom uv build backend :)

Let me know if I'm thinking about this correctly and if so, I'll do some more digging into the first potential solution.

[tfsingh]

cc'ing @charliermarsh for your thoughts on the above