You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, the Hatch plugin produces wheels with standard METADATA files whose Requires-Dist fields are copied directly from the project's pyproject.toml. That is, they don't include any version lock information from uv.lock.
I considered adding a version-lock: bool option and optionally adding the lock information to the wheel. However, afaik they don't support hash/file locking. It seems a pity for uv to do all this careful housekeeping and then to throw it away where it actually matters - in production.
You can't pip install foo.whl --constrain=constraints.lock (where the lockfile has hashes) because then it will expect a hash for the wheel itself as well.
So this is the usual workaround:
Build a wheel
Create a lockfile (NB: you need uv>=0.4.1 for this):
# uv will resolve the graph of transitive dependencies
uv export --format=requirements-txt --package=appname --no-dev > requirements.txt
Install the requirements before the wheel in your Dockerfile or wherever:
Currently, the Hatch plugin produces wheels with standard METADATA files whose Requires-Dist fields are copied directly from the project's pyproject.toml. That is, they don't include any version lock information from
uv.lock.I considered adding a
version-lock: booloption and optionally adding the lock information to the wheel. However, afaik they don't support hash/file locking. It seems a pity for uv to do all this careful housekeeping and then to throw it away where it actually matters - in production.You can't
pip install foo.whl --constrain=constraints.lock(where the lockfile has hashes) because then it will expect a hash for the wheel itself as well.So this is the usual workaround:
uv>=0.4.1for this):The text was updated successfully, but these errors were encountered: