search

juftin / hatch-pip-compile

hatch plugin to use pip-compile (or uv) to manage project dependencies and lockfiles
http://juftin.com/hatch-pip-compile/
MIT License
76 stars 3 forks source link

🐛 constraint lockfile tracking #23

Closed juftin closed 10 months ago

juftin commented 10 months ago

Summary

Lockfiles can be out of date without knowing it with the pip-compile-restraints feature

Steps to Reproduce

  1. You create the default lockfile
  2. You create the test lockfile with the default lockfile as its constraint
  3. You update the default lockfile without actually changing the requirements specified in your pyproject.toml
  4. You run the test environment and it thinks it's up to date but remains pinned on the old versions
juftin commented 10 months ago

My idea on this is to get a hash of the file and commit it to the header and use that as part of the piptools_validate_lock check

juftin commented 10 months ago

:tada: This issue has been resolved in version 1.3.0 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: