From 1fae8dbf1789717f45e82ea290c1c99642d05139 Mon Sep 17 00:00:00 2001 From: Charlie Marsh Date: Fri, 31 Jan 2025 13:11:04 -0500 Subject: [PATCH] Add Git SHA locking behavior to docs (#11125) ## Summary Closes https://github.com/astral-sh/uv/issues/11090. --- docs/concepts/projects/sync.md | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/docs/concepts/projects/sync.md b/docs/concepts/projects/sync.md index bb1bc0fdd..46c66696c 100644 --- a/docs/concepts/projects/sync.md +++ b/docs/concepts/projects/sync.md @@ -37,9 +37,9 @@ This is equivalent to the `--locked` flag for other commands. ### Upgrading locked package versions -By default, uv will prefer the locked versions of packages when running `uv sync` and `uv lock`. -Package versions will only change if the project's dependency constraints exclude the previous, -locked version. +By default, uv will prefer the locked versions of packages when running `uv sync` and `uv lock` with +an existing `uv.lock` file. Package versions will only change if the project's dependency +constraints exclude the previous, locked version. To upgrade all packages: @@ -60,7 +60,12 @@ To upgrade a single package to a specific version: $ uv lock --upgrade-package == ``` +In all cases, upgrades are limited to the project's dependency constraints. For example, if the +project defines an upper bound for a package then an upgrade will not go beyond that version. + !!! note - In all cases, upgrades are limited to the project's dependency constraints. For example, if the - project defines an upper bound for a package then an upgrade will not go beyond that version. + uv applies similar logic to Git dependencies. For example, if a Git dependency references + the `main` branch, uv will prefer the locked commit SHA in an existing `uv.lock` file over + the latest commit on the `main` branch, unless the `--upgrade` or `--upgrade-package` flags + are used.