willingc
commented
5 months ago Thanks for the feedback @rmartine-ias. You have found a legitimate discrepancy that we should address.
I think a good next action would be to determine if the Pipenv recommendation is still the best option (pip-compile and uv would be other options) to recommend in "Managing Application Dependencies".
As for working with Hatch and hatchling, their docs mention third party tools to create the lockfiles.
Hi! Thank you for writing all of this documentation so clearly, it has been extremely helpful.
"Managing Application Dependencies" suggests Pipenv. "Packaging Python Projects" defaults to hatchling. I assumed that you could follow the two tutorials, in-order, and end up with a working python project, but I had to write a shim to teach hatchling to read a
Pipfile.lock. Pipenv doesn't seem to interact withpyproject.toml, and Hatch seems to only read dependencies from there.I don't know enough about python packaging to suggest a solution. I think you should be able to follow the tutorials as-written and have them be compatible.
`Pipenv.lock` hook
`pyproject.toml`: ```toml [build-system] requires = ["hatchling"] build-backend = "hatchling.build" [tool.hatch.metadata.hooks.custom] path = ".ci/dependencies.py" ``` `.ci/dependencies.py`: ```python """Dynamically update the dependencies metadata based on the Pipfile.lock file.""" # noqa: INP001 import json from typing import Any from hatchling.metadata.plugin.interface import MetadataHookInterface class PipfileLockedDependencies(MetadataHookInterface): def update(self, metadata: dict[Any, Any]) -> None: with open("Pipfile.lock") as f: pipfile_lock_data = json.load(f) metadata["dependencies"] = [ f"{pkg}{data['version']}" for pkg, data in pipfile_lock_data["default"].items() ] ```I feel somewhat bad about suggesting new projects all include this, but at my organization we really want to make locking dependencies the norm. I hope I am missing something obvious.