uv pip compile does not annotate direct dependencies e.g. via -r requirements.in
#1343
Comments
|
Especially while this tool is new it also makes it MUCH harder to compare output from pip-tools and uv, since there's lots of noise in the diff from this. |
|
Not removing it would also allow for something similar to ruff's ecosystem checks. Not sure if such checks exist atm (I found some issues related to them but no actual code)... |
charliermarsh
added
the
compatibility
|
The lack of the -r requirements.in in the output has been a blocker on using uv to replace pip-compile in some projects I work on. Glad to see this already on the radar. |
zanieb
changed the title
uv pip compile removes via -r requirements.inuv pip compile does not annotate direct dependencies e.g. via -r requirements.in
|
Hello @charliermarsh do you have an update on this issue ? Thanks a lot ! |
|
FYI, I'm (slowly) having a bit of of a poke at this one. @charliermarsh I'm assuming you'd be interested in PRs for this one right? |
|
Yeah happily. Let me know if you run into issues or have questions. |
|
@charliermarsh (and anyone else interested): #3269 is a first draft at this. It has the major redeeming feature that it works (i.e. does the requested item here), but there's a stack of unresolved questions in the PR that need figuring out. Also, it's needed some fairly chunky changes overall, and there's probably at least some stylistic changes that are wanted (although I tried to keep to the same style as the surrounding code)! |
## Summary Fixes #1343. This is kinda a first draft at the moment, but does at least mostly work locally (barring some bits of the test suite that seem to not work for me in general). ## Test Plan Mostly running the existing tests and checking the revised output is sane ## Outstanding issues Most of these come down to "AFAIK, the existing tools don't support these patterns, but `uv` does" and so I'm not sure there's an existing good answer here! Most of the answers so far are "whatever was easiest to build" - [x] ~~Is "-r pyproject.toml" correct? Should it show something else or get skipped entirely~~ No it wasn't. Fixed in 3044fa8 - [ ] If the requirements file is stdin, that just gets skipped. Should it be recorded? - [ ] Overrides get shown as "--override<override.txt>". Correct? - [x] ~~Some of the tests (e.g. `dependency_excludes_non_contiguous_range_of_compatible_versions`) make assumptions about the order of package versions being outputted, which this PR breaks. I'm not sure if the text is fairly arbitrary and can be replaced or whether the behaviour needs fixing?~~ - fixed by removing the custom pubgrub PartialEq/Hash - [ ] Are all the `TrackedFromStr` et al changes needed, or is there an easier way? I don't think so, I think it's necessary to track these sort of things fairly comprehensively to make this feature work, and this sort of invasive change feels necessary, but happy to be proved wrong there :) - [x] ~~If you have a requirement coming in from two or more different requirements files only one turns up. I've got a closed-source example for this (can go into more detail if needed), mostly consisting of a complicated set of common deps creating a larger set. It's a rarer case, but worth considering.~~ 042432b - [ ] Doesn't add annotations for `setup.py` yet - This is pretty hard, as the correct location to insert the path is `crates/pypi-types/src/metadata.rs`'s `parse_pkg_info`, which as it's based off a source distribution has entirely thrown away such matters as "where did this package requirement get built from". Could add "`built package name`" as a dep, but that's a little odd.
|
Will be supported in the next version thanks to @palfrey. |
|
Thank you @palfrey - this will make dependabot updates so much less annoying |
I found this kind pretty useful to immediately see which entries in
requirements.txtcome from direct dependencies, and to also see which ones are both direct and transitive ones.To reproduce:
requirements*files)uv pip compile requirements.in -o requirements.txtThe text was updated successfully, but these errors were encountered: