oprypin
commented
8 months ago Oh, I'm sad that Hatch broke several things 😞 But probably this env could override dependency_hash to read the lock file on the fly and also include its own checksum
Closed juftin closed 8 months ago
oprypin
commented
8 months ago Oh, I'm sad that Hatch broke several things 😞 But probably this env could override dependency_hash to read the lock file on the fly and also include its own checksum
oprypin
commented
8 months ago Yeah- combine a hash of read_requirements() with super().dependency_hash() - I think that would work
oprypin
commented
8 months ago Yeah it totally can get desynced right now - you can even delete the lock file and it doesn't care
juftin
commented
8 months ago Hmm... unfortunately read_requirements() won't work because hatch doesn't re-run dependency_hash() when it updates the stored hash. dependency_hash() will probably have to run run_pip_compile on its own.
dep_hash = environment.dependency_hash()
current_dep_hash = self.env_metadata.dependency_hash(environment)
if dep_hash != current_dep_hash:
with self.status('Checking dependencies'):
dependencies_in_sync = environment.dependencies_in_sync()
if not dependencies_in_sync:
with self.status('Syncing dependencies'):
environment.sync_dependencies()
self.env_metadata.update_dependency_hash(environment, dep_hash)
ofek
commented
8 months ago This will be fixed soon, sorry for the trouble!
juftin
commented
8 months ago :tada: This issue has been resolved in version 1.8.3 :tada:
The release is available on GitHub release
Your semantic-release bot :package::rocket:
ofek
commented
8 months ago juftin
commented
8 months ago Thank you @ofek !
I need to confirm but I believe the latest version of hatch is skipping checks with its new use of dependency_hash (https://hatch.pypa.io/latest/blog/2023/12/11/hatch-v180/#faster-environment-usage) - this allows lockfiles to be out of date (by hand editing at least)
https://github.com/pypa/hatch/blob/d3246e957584d292319e7b93301598cdf611e902/src/hatch/cli/application.py#L107-L117