search

astral-sh / uv

An extremely fast Python package and project manager, written in Rust.
https://docs.astral.sh/uv
Apache License 2.0
23.28k stars 669 forks source link

Add an argument which makes `uv pip compile` consider installed packages #8004

Open antony-frolov opened 1 week ago

antony-frolov commented 1 week ago

Hi! I'm trying to use uv pip compile to lock my dependencies for a docker image build. I've got a package already installed in my base image which is not present in any package index, so I need the dependency resolver to consider installed packages.

An option which makes compile consider installed packages when resolving dependencies would solve that problem.

I've already tried to hack compile.rs to consider installed packages here and my lock worked just fine!

I've created a similar issue in jazzband/pip-tools a while ago but is seems like it's development is stale, so I'm happy to use uv instead.

P.S.: I'm very new to Rust so I'm afraid I won't be able to submit a ready to ship PR myself

notatallshaw-gts commented 1 week ago

What would be the difference between this and uv pip install --dry-run?

Which considers what is installed and gives you the output of what changed.

antony-frolov commented 1 week ago

What would be the difference between this and uv pip install --dry-run?

@notatallshaw-gts, it seems like indeed uv pip install --dry-run does about the thing I need. Though the output format of uv pip compile seem much more friendly.

Had to something like this to get a working requirements.txt:

uv pip install -c constraints.txt -r requirements.in --dry-run --system 2>&1 \
        | grep "+ " | sed "s/+ //g" > requirements.txt

Also no comments from uv pip install --dry-run about dependency resolution and no option to emit index-urls (which would be convenient).

I do think though that my case is not uncommon and uv pip compile is more convenient for such dependency locking use cases.

notatallshaw-gts commented 1 week ago

Yeah, pip has a --report option to make the output of --dry-run more parsable. I guess uv assumes you will use the "pip compile" option.

The only thing about a flag for "pip compile" that includes the current environment is it would, presumably, be incompatible with options that let you resolve things that aren't your environment, e.g. different Python version, different platform, universal resolution etc.

So to me it would make more sense to have --report options for install with --dry-run. But maybe uv team feel differently.

antony-frolov commented 1 week ago

Actually, it feels like with pip install I can't as well do a single package upgrade for a locked environment (which I can do with pip compile using --upgrade-package with an output-file already present). If there is a way that I'm missing please share!

notatallshaw-gts commented 1 week ago

It's a little involved, but you could use constraints:

uv pip freeze --exclude-editable | grep -v '{package_to_upgrade}=='  > locked_versions.txt
uv pip install --dry-run {package_to_upgrade} --upgrade -c locked_versions.txt