Add build-constraints support to uv lock etc. via pyproject.toml

[charliermarsh]

Can follow the way we manage constraint-dependencies.

See: #5561 (comment).

[menkotoglou]

I could have a look to this @charliermarsh.

[charliermarsh]

Go for it!

[charliermarsh]

@menkotoglou -- Just let me know if you're not able or don't plan to get to it (or need some pointers!), so we can prioritize accordingly.

[menkotoglou]

Hey @charliermarsh, sorry for not taking it on this week, some stuff came up and didn't have time to take it on. Was actually planning to start working on it this week, and of course revert back to you if any help needed.

Wdyt?

[inoa-jboliveira]

I am trying to understand if this is the feature I need. My problem:

1. I have my dependencies and dev dependencies in pyproject.toml
2. I have a constraint file constraints.txt
3. I build pip compile pyproject.toml -c constraints.txt -o requirements.txt
4. I build pip compile pyproject.toml --extra dev -c contraints.txt -c requirements.txt -o requirements-dev.txt

This is the most sane way I could find so both requirements.txt and requirements-dev.txt contain the same libs except for the dev ones and they respect the constraints file which are sub dependencies I need to limit but do not depend myself.

I want to move to uv lock with a uv export fallback for generating the same files as before.

From the docs:

uv supports constraints files (--constraint constraints.txt), like pip, which narrow the set of acceptable versions for the given packages.

It seems uv lock does not have the constraint mechanism described above.

I would like to perform 2 things:

1. Create a first uv.lock constrained by current requirements-dev.txt which will force all current versions on it
2. Have a workflow to run

   uv lock --constraint constrains.txt  # Preferably this being configured in pyproject.toml so it is guaranteed to be true
   uv export > requirements.txt
   uv export --extra dev > requirements-dev.txt
   

Eventually I will remove the exports, but for validating the process, I will need to make sure the output versions are identical to the original versions

Is this the correct issue?

[inoa-jboliveira]

Ok, I found a workaround. If I set

[project.optional-dependencies]
constraints = [
    "foo>=2.0"
]

UV will enforce the optional dependencies when resolving the lock.

It still does not solve my whole migration problem, but I think I can hack something together

Edit:
It does work. I temporarily added my whole requirementes-dev.txt to another "optional-dependencies" called "reqs", ran uv lock, removed the block, ran uv lock again, and the exports now match perfectly the original pip compiled requirements files.

I leave this here in case anyone else wants to migrate from pip compile to uv lock