Skip to content

[pull] main from astral-sh:main#50

Merged
pull[bot] merged 3 commits into
Moshbbab:mainfrom
astral-sh:main
Jun 23, 2026
Merged

[pull] main from astral-sh:main#50
pull[bot] merged 3 commits into
Moshbbab:mainfrom
astral-sh:main

Conversation

@pull

@pull pull Bot commented Jun 23, 2026

Copy link
Copy Markdown

See Commits and Changes for more details.


Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

zsol and others added 3 commits June 23, 2026 10:39
`uv check` and `uv format` need to install the exact `ty` or `ruff`
package already selected in `uv.lock`, including its source and
transitive dependencies, without invoking the resolver again or
modifying the project environment. The immediate follow-up is #19884.

This adds `Lock::to_resolution`, which materializes a `Resolution` from
explicit locked `Package` identities. It preserves marker-selected
universal forks, requested extras and dependency groups, install
filtering, and shared dependencies across multiple roots, while
excluding unrelated lock-manifest requirements.

`CachedEnvironment::from_resolution` ensures an environment for an
existing `Resolution` and installs it without resolving again.
`from_spec` now delegates to this path after resolution. Callers must
supply the interpreter from which the resolution’s markers and tags were
derived.

Concrete roots establish a new conflict context: conflict items inside
the resulting subgraph are evaluated from the selected roots, extras,
and groups. Materialization fails instead when a reachable dependency
still depends on a conflict item outside that subgraph.

This change is a pure refactor, there should be no behavior change.
The registry integration and Python release synchronization workflows
execute PEP 723 scripts in credential-bearing jobs. Their direct
requirements were constrained, but uv still resolved direct and
transitive packages at runtime, allowing newly published code from
dependencies to run with cloud or registry credentials, access the
repository token, or persist state into the later repository-writing
step.

The workflows now sync those environments with `uv sync --locked` before
credentials are introduced, then execute the scripts with `uv run
--locked --no-build`. Keeping the locks adjacent preserves the scripts'
standalone PEP 723 usage while limiting each environment to its existing
dependencies.

Both registry authentication modes and the scheduled and manually
dispatched Python release update flow remain unchanged.

Co-authored-by: Zsolt Dollenstein <zsol@openai.com>
Replace live-PyPI dependencies in `uv check` project lock and sync tests
with existing Packse fixtures. The tests now pass the local index
explicitly and use deterministic package metadata instead of `anyio`,
`iniconfig`, and unnecessary CLI `--exclude-newer` cutoffs.

This also moves declared-dependency and isolated-project coverage into
the `test-r2` shard. The `TY` executable precedence test remains
`test-pypi` gated because it requires installing a real `ty` executable;
existing `TY` precedence and ty download tests are otherwise unchanged.
@pull pull Bot locked and limited conversation to collaborators Jun 23, 2026
@pull pull Bot added the ⤵️ pull label Jun 23, 2026
@pull
pull Bot merged commit 90fbc3a into Moshbbab:main Jun 23, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant