uv icon indicating copy to clipboard operation
uv copied to clipboard
verified publisher icon astral-sh

Updating pyproject.toml version during build results in incorrect version in uv.lock

Open david-waterworth opened this issue 1 year ago • 3 comments

This is more an observation rather than an issue.

I'm using a ci tool that parses commit history, generates the "next" version and updates the version in pyproject.toml (the tool is python-semantic-release).

What I just noticed was, since python-semantic-release updates pyproject.toml when it performs a build, once the build has finished uv.lock contains the "wrong" version for the project, i.e.

[[package]]
name = "my-package"
version = "0.2.1.dev0"
source = { virtual = "." }

Since python-semantic-release bumped the version to "0.2.1". To fix I added uv sync && build.sh && git add uv.lock - this updates the lock file and stages it (with the other files python-semantic-release modifies.

I'm not sure if this causes more problems than it fixes, but I thought I'd mention it - I think in general it's probably a better practice to generate tags based on the pyproject.toml->project.version rather than the other way around?

david-waterworth avatar Oct 08 '24 04:10 david-waterworth

Thanks for the report.

I think @charliermarsh has some context on this.

zanieb avatar Oct 08 '24 04:10 zanieb

Related: https://github.com/astral-sh/uv/issues/7533

my1e5 avatar Oct 08 '24 09:10 my1e5

@my1e5 yeah that's the same - shall I close this?

david-waterworth avatar Oct 08 '24 22:10 david-waterworth

All discussion is being moved to #7533. So this can be closed.

my1e5 avatar Nov 19 '24 16:11 my1e5

I was also experiencing the uv.lock going out of sync when python-semantic-release would bump the version in pyproject.toml. I fixed this by:

  • Adding a step after the semantic release that updates the version of my project in the uv.lock file by running: uv lock --upgrade-package <project_name> followed by committing and pushing the change.
    • Link to my GitHub workflow file: https://github.com/aqib-oss/sonar-qube-gh-action/blob/main/.github/workflows/main-workflow.yaml#L74
    • Thankfully, this does not trigger another run of the main branch workflow, however, if it did, it can easily be handled by adding a pre-check job that determines if the last commit was for syncing the project version in the uv.lock file, and the main job will run only if the output from the pre-check job is true.

aqib-bhat avatar Jun 15 '25 11:06 aqib-bhat