Support pylock.toml in --with-requirements in uv run and uvx#19127
Open
Support pylock.toml in --with-requirements in uv run and uvx#19127
pylock.toml in --with-requirements in uv run and uvx#19127Conversation
zanieb
force-pushed
the
claude/investigate-feature-support-5S51M
branch
from
b8b402e to
82e123f
Compare
zanieb
commented
Apr 23, 2026
zanieb
commented
Apr 23, 2026
Merging this PR will not alter performance
Comparing 
|
`uv tool run` / `uvx` accepted `--with-requirements pylock.toml` (and the spec layer classified the file as a `PylockToml` source) but the pylock field was silently dropped when `CachedEnvironment::from_spec` destructured the `RequirementsSpecification`, so the locked packages never made it into the tool environment. Mirror `pip install`'s behavior by deriving the `Resolution` from the pylock directly when present, bypassing the resolver; this also benefits `uv run --with-requirements pylock.toml`. Closes #19117.
The prior commit wired `pylock.toml` through `CachedEnvironment::from_spec`, but `uv run` has an additional gate: `can_skip_ephemeral` inspects only `spec.requirements`, which is empty when a `pylock.toml` is the sole source. That caused `uv run` to bypass `CachedEnvironment::from_spec` entirely and silently skip installing the pylock's packages. Opt out of the skip when `spec.pylock` is set, and cover the path with an integration test.
Extract the previously-duplicated `pylock.toml` reading, Python-compat check, and `to_resolution` logic from `pip install` and `pip sync` into `commands::pylock` (`read_pylock_toml` + `resolve_pylock_toml`), and reuse it from `CachedEnvironment::from_spec` so that `uvx --with-requirements pylock.toml` and `uv run --with-requirements pylock.toml` now also hash-verify downloads against the pylock, matching `pip install` / `pip sync` behavior. Thread the pylock-derived `HashStrategy` through a new optional `hasher` parameter on `sync_environment`. `pip sync` also gains HTTP(S) `pylock.toml` support as a natural consequence of sharing the reader with `pip install`.
Extract the previously-duplicated `pylock.toml` reading, Python-compat check, and `to_resolution` logic from `pip install` and `pip sync` into `commands::pylock` (`read_pylock_toml` + `resolve_pylock_toml`), and reuse it from `CachedEnvironment::from_spec` so that `uvx --with-requirements pylock.toml` and `uv run --with-requirements pylock.toml` now also hash-verify downloads against the pylock, matching `pip install` / `pip sync` behavior. Thread the pylock-derived `HashStrategy` through a new optional `hasher` parameter on `sync_environment`. `pip sync` also gains HTTP(S) `pylock.toml` support as a natural consequence of sharing the reader with `pip install`.
zanieb
force-pushed
the
claude/investigate-feature-support-5S51M
branch
from
34a0037 to
5e4df21
Compare
Member
Author
|
This might be intentionally unsupported, as it doesn't merge with the tool resolution. It's just layered on top. We might need constraint support for this to work as users expect? ref #13031 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #19117
They silently ignores the option when provided today.