uv: An extremely fast Python package and project manager, written in Rust

(github.com)

741 points chirau | 1 comments | 23 Jun 25 16:27 UTC | HN request time: 0s | source

Show context

incognito124 ◴[23 Jun 25 18:17 UTC] No.44358514[source]▶

uv is almost perfect. my only pet peeve is updating dependencies. sometimes I just want to go "uv, bump all my dependencies to the as latest version as possible while respecting their constraints". I still haven't found an elegant way to do this, but I have written a script that parses pyproject.toml, removes the deps, and invokes `uv add --upgrade` with them.

other than that, it's invaluable to me, with the best features being uvx and PEP 723

replies(4): >>44358537 #>>44358636 #>>44358716 #>>44374060 #

jmtulloss ◴[23 Jun 25 18:19 UTC] No.44358537[source]▶

>>44358514 #

Does `uv lock —upgrade` not do what you want?

replies(1): >>44358602 #

incognito124 ◴[23 Jun 25 18:27 UTC] No.44358602[source]▶

>>44358537 #

Unfortunately, no. Only `uv.lock` gets updated, but the dependencies in `pyproject.toml` are frozen at their original constraints.

What I want is, if my project depends on `package1==0.4.0` and there are new versions of package1, for uv to try install the newer version. and to do that for a) all the deps, simultaneously, b) without me explicitly stating the dependencies in the command line since they're already written in the pyproject.toml. an `uv refresh` of sorts

replies(5): >>44358700 #>>44358709 #>>44358807 #>>44358867 #>>44358896 #

Eridrus ◴[23 Jun 25 18:39 UTC] No.44358709[source]▶

>>44358602 #

Why not depend on package1>=0.4.0 rather than specifying an explicit version? Then uv will upgrade it to the latest version.

pyproject.toml is meant to encode the actual constraints for when your app will function correctly, not hardcode exact versions, which is what the lockfile is for.

replies(1): >>44360531 #

IshKebab ◴[23 Jun 25 21:51 UTC] No.44360531[source]▶

>>44358709 #

Because then you don't get to use the new features in 0.5.0.

Though I do think with Python in particular it's probably better to manually upgrade when needed, rather than opportunistically require the latest, because Python can't handle two versions of the same package in one venv.

replies(1): >>44365231 #

lucky_cloud ◴[24 Jun 25 12:03 UTC] No.44365231[source]▶

>>44360531 #

Then make your dependency package1>=0.4

https://packaging.python.org/en/latest/specifications/depend...

replies(1): >>44368230 #

IshKebab ◴[24 Jun 25 16:52 UTC] No.44368230[source]▶

>>44365231 #

> then you don't get to use the new features in 0.5.0.

replies(1): >>44380255 #

1. lucky_cloud ◴[25 Jun 25 18:12 UTC] No.44380255[source]▶

>>44368230 #

Yes you do

package1>=0.4.0 means 0.4.0, 0.4.1, 0.4.100, 0.4.100.1 and so on

package1>=0.4 includes the above plus 0.5.0, 0.5.1, 0.6.0, 0.100.0 and so on

↑