Skip to content
Snippets Groups Projects
  • Saurabh Kumar's avatar
    d62fca02
    Use uv to manage and generate dependencies (#4232) · d62fca02
    Saurabh Kumar authored
    - Use frozen dependencies with hashes to ensure reproducible dependency
    installation in a secure way.
    - Uses `uv` and pre-commit to automatically generate the locked
    requirements files from pyproject.toml.
    - While the translation dependencies can be installed directly with
    `uv`, uv doesn’t seem to be able to add `--find-link=…` to the exported
    `requirements/translate.txt`, for that reason the translation
    dependencies are left as they are and won’t be automatically exported
    via pre-commit.
    - So whenever `uv lock —upgrade` is run, it will freeze the latest patch
    versions.
    - The production dependencies are specified with a `~` which means `>=`
    at the last digit of requirements.
    - The dev dependencies have `>=` to make them easy to update, if
    something breaks in dev either fix it or go back to the old frozen
    dependencies.
    - Moved generated dependencies in requirements/ folder.
    - Use `--no-deps` where applicable while installing these generated
    requirements as the sub-dependencies are already resolved.
    Use uv to manage and generate dependencies (#4232)
    Saurabh Kumar authored
    - Use frozen dependencies with hashes to ensure reproducible dependency
    installation in a secure way.
    - Uses `uv` and pre-commit to automatically generate the locked
    requirements files from pyproject.toml.
    - While the translation dependencies can be installed directly with
    `uv`, uv doesn’t seem to be able to add `--find-link=…` to the exported
    `requirements/translate.txt`, for that reason the translation
    dependencies are left as they are and won’t be automatically exported
    via pre-commit.
    - So whenever `uv lock —upgrade` is run, it will freeze the latest patch
    versions.
    - The production dependencies are specified with a `~` which means `>=`
    at the last digit of requirements.
    - The dev dependencies have `>=` to make them easy to update, if
    something breaks in dev either fix it or go back to the old frozen
    dependencies.
    - Moved generated dependencies in requirements/ folder.
    - Use `--no-deps` where applicable while installing these generated
    requirements as the sub-dependencies are already resolved.