Skip to content
Snippets Groups Projects
Select Git revision
  • try-ci
  • ardc-main
  • ardc-389-de-regex-filetypes
  • ardc-279-require-organization-name-on-application
  • ardc-281-require-review-expertise-field-on-draft
  • ots-main
  • smex-production
  • ardc-deploy-20250204-hotfixes
  • main default protected
  • request-review-workflow
  • lfc-main
  • smex-main
  • extension-ots-wagtail-email-configuration
  • enhancement/gh-3288-change-help-to-rich-text
  • new-workflow
  • smex-2-fix-reviewers
  • email-test
  • 224-project-report-forms-work-with-basic-fields
  • ardc-255-prefill-determination-msg
  • 224-project-report-forms-work-in-progress
  • ardc-deploy-20250204
  • v5.23.0
  • ardc-deploy-20250107
  • v5.22.0
  • ardc-deploy-20241220
  • v5.21.1
  • v5.21.0
  • v5.20.0
  • v5.19.0
  • ardc-deploy-20241210
  • ardc-deploy-20241122
  • ardc-deploy-20241107
  • v5.18.0
  • ardc-deploy-20241029
  • ardc-deploy-20241022
  • v5.17.0
  • lfc-deploy-20241017
  • smex-deploy-20241017
  • ardc-deploy-20241015
  • v5.16.0
40 results
Blame Permalink
  • Saurabh Kumar's avatar
    d62fca02
    Use uv to manage and generate dependencies (#4232) · d62fca02
    Saurabh Kumar authored 
    - Use frozen dependencies with hashes to ensure reproducible dependency
installation in a secure way.
- Uses `uv` and pre-commit to automatically generate the locked
requirements files from pyproject.toml.
- While the translation dependencies can be installed directly with
`uv`, uv doesn’t seem to be able to add `--find-link=…` to the exported
`requirements/translate.txt`, for that reason the translation
dependencies are left as they are and won’t be automatically exported
via pre-commit.
- So whenever `uv lock —upgrade` is run, it will freeze the latest patch
versions.
- The production dependencies are specified with a `~` which means `>=`
at the last digit of requirements.
- The dev dependencies have `>=` to make them easy to update, if
something breaks in dev either fix it or go back to the old frozen
dependencies.
- Moved generated dependencies in requirements/ folder.
- Use `--no-deps` where applicable while installing these generated
requirements as the sub-dependencies are already resolved.
    Unverified
    d62fca02
    History
    Use uv to manage and generate dependencies (#4232)
    Saurabh Kumar authored 
    - Use frozen dependencies with hashes to ensure reproducible dependency
installation in a secure way.
- Uses `uv` and pre-commit to automatically generate the locked
requirements files from pyproject.toml.
- While the translation dependencies can be installed directly with
`uv`, uv doesn’t seem to be able to add `--find-link=…` to the exported
`requirements/translate.txt`, for that reason the translation
dependencies are left as they are and won’t be automatically exported
via pre-commit.
- So whenever `uv lock —upgrade` is run, it will freeze the latest patch
versions.
- The production dependencies are specified with a `~` which means `>=`
at the last digit of requirements.
- The dev dependencies have `>=` to make them easy to update, if
something breaks in dev either fix it or go back to the old frozen
dependencies.
- Moved generated dependencies in requirements/ folder.
- Use `--no-deps` where applicable while installing these generated
requirements as the sub-dependencies are already resolved.