ci: enforce uv.lock consistency with --locked flag#119
Conversation
Add --locked flag to uv sync commands to fail if uv.lock is out of sync with pyproject.toml. This ensures lockfile consistency across CI and local development. - Add --locked to setup-nix action - Add --locked to flake.nix shellHook
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
Pull request overview
This PR adds the --locked flag to uv sync commands in CI and local development environments to ensure lockfile consistency with pyproject.toml, preventing lockfile drift issues.
Changes:
- Add
--lockedflag touv syncin CI setup-nix action - Add
--lockedflag touv syncin flake.nix shellHook
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| .github/actions/setup-nix/action.yaml | Adds --locked flag to uv sync in CI to enforce lockfile consistency |
| flake.nix | Adds --locked flag to uv sync in dev shell initialization hook |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| if [ ! -d .venv ] || [ uv.lock -nt .venv ]; then | ||
| echo "📦 Installing Python dependencies..." | ||
| uv sync --all-extras | ||
| uv sync --all-extras --locked |
There was a problem hiding this comment.
The --locked flag in the shellHook may prevent developers from entering the development shell if uv.lock is out of sync with pyproject.toml. This creates a problematic scenario where developers cannot enter the shell to fix the lockfile issue.
Consider removing --locked from the shellHook while keeping it in CI (setup-nix action). The shellHook is meant to facilitate local development setup, not enforce strict validation. CI will catch lockfile drift issues, while local developers can still sync their dependencies even when the lockfile needs updating.
| uv sync --all-extras --locked | |
| uv sync --all-extras |
Summary
--lockedflag touv syncin setup-nix action--lockedflag touv syncin flake.nix shellHookThis ensures CI and local development fail early if
uv.lockis out of sync withpyproject.toml, catching lockfile drift before it causes issues.Test plan
Summary by cubic
Enforce uv.lock consistency by running uv sync with --locked in CI and the Nix dev shell. Builds and local setup now fail early if uv.lock and pyproject.toml drift.
uv lockand commit the updated uv.lock.Written for commit 1b4b4ad. Summary will update on new commits.