←back to thread

Switching Pip to Uv in a Dockerized Flask / Django App

(nickjanetakis.com)
264 points tosh | 3 comments | 24 Jun 25 09:46 UTC | HN request time: 0s | source
Show context
gchamonlive ◴[24 Jun 25 10:48 UTC] No.44364747[source]

  # Ensure we always have an up to date lock file.
  if ! test -f uv.lock || ! uv lock --check 2>/dev/null; then
    uv lock
  fi
Doesn't this defeat the purpose of having a lock file? If it doesn't exist or if it's invalid something catastrophic happened to the lock file and it should be handled by someone familiar with the project. Otherwise, why have a lock file at all? The CI will silently replace the lock file and cause potential confusion.
replies(5): >>44364785 #>>44364880 #>>44365348 #>>44368840 #>>44370311 #
1. remram ◴[24 Jun 25 17:50 UTC] No.44368840[source]
Yes this is a major bug in the process. I came to the comments to say this as well.

They say this but do the exact opposite as you point out:

> The --frozen flag ensures the lock file doesn’t get updated. That’s exactly what we want because we expect the lock file to have a complete list of exact versions we want to use for all dependencies that get installed.

replies(1): >>44370429 #
2. nickjj ◴[24 Jun 25 20:02 UTC] No.44370429[source]
It's not a major bug, check my reply in: https://news.ycombinator.com/item?id=44370311
replies(1): >>44371222 #
3. remram ◴[24 Jun 25 21:24 UTC] No.44371222[source]
You changed the code in the article to fix the problem. So there is no bug anymore is what you mean.