You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When pipx or uv go to install the tool, they determine the version of dependencies to install based on the project.dependencies section in pyproject.toml/the generic packaging metdata. At the moment we only specify lower bounds there for most packages. This should be okay in general, and when we know there's an issue with a particular package, we can add upper bounds or pin to a specific version.
But we develop and test mostly against the specific versions pinned in uv.lock, it might be nice if we could lock down the installs to these versions to avoid surprises.
One approach might be to run uv export --format requirements-txt --no-dev --no-editable --output-file cli-requirements.txt on package/lockfile updates.
If then fetched, for pipx could then maybe pipx inject nava-platform-cli -r cli-requirements.txt.
Or we could use that cli-requirements.txt to then update the project.dependencies section in pyproject.toml? Which is sub-optimal and makes updating more of a pain.
The text was updated successfully, but these errors were encountered:
When pipx or uv go to install the tool, they determine the version of dependencies to install based on the
project.dependenciessection inpyproject.toml/the generic packaging metdata. At the moment we only specify lower bounds there for most packages. This should be okay in general, and when we know there's an issue with a particular package, we can add upper bounds or pin to a specific version.But we develop and test mostly against the specific versions pinned in
uv.lock, it might be nice if we could lock down the installs to these versions to avoid surprises.Direct solutions
For uv, maybe astral-sh/uv#8729 (or something like the mentioned build plugin there).
Indirect solutions
One approach might be to run
uv export --format requirements-txt --no-dev --no-editable --output-file cli-requirements.txton package/lockfile updates.If then fetched, for pipx could then maybe
pipx inject nava-platform-cli -r cli-requirements.txt.Or we could use that
cli-requirements.txtto then update theproject.dependenciessection inpyproject.toml? Which is sub-optimal and makes updating more of a pain.The text was updated successfully, but these errors were encountered: