Skip to content

chore: ignore root uv.lock#136

Merged
ganow merged 1 commit into
KamitaniLab:devfrom
KenyaOtsuka:chore/gitignore-uv-lock
Jun 17, 2026
Merged

chore: ignore root uv.lock#136
ganow merged 1 commit into
KamitaniLab:devfrom
KenyaOtsuka:chore/gitignore-uv-lock

Conversation

@KenyaOtsuka

Copy link
Copy Markdown

Summary

Ignore the root uv.lock file generated by local uv workflows.

BdPy currently does not use uv.lock as a source of truth: CI installs dependencies from pyproject.toml using pip, so a locally generated lockfile should not be accidentally committed.

If the project decides to follow uv's recommendation and track uv.lock, I will withdraw this PR.

bdpy does not track the uv lockfile (CI resolves from pyproject.toml via
pip), so ignore the locally generated uv.lock to keep `git status` clean
and avoid accidental commits. Anchor the pattern with a leading slash so
it only matches the repo-root lockfile, not any nested uv.lock.
@KenyaOtsuka KenyaOtsuka requested a review from Copilot June 17, 2026 02:00

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot wasn't able to review any files in this pull request.


💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@KenyaOtsuka KenyaOtsuka requested a review from ganow June 17, 2026 02:09
@KenyaOtsuka KenyaOtsuka marked this pull request as ready for review June 17, 2026 02:09

@ganow ganow left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for creating this PR! This PR is great, and it is consistent with the current operation of bdpy.

To be honest, I am still somewhat unsure whether uv.lock should be tracked in Git. Initially, I decided not to include it intentionally, based on my understanding that bdpy is a package intended to be installed via pip. However, I later learned that the official uv documentation generally recommends checking uv.lock into version control, because it records the exact resolved versions installed in the project environment and enables consistent, reproducible installations across machines.1 Since uv’s project model also explicitly includes library projects intended to be built and distributed, for example by uploading them to PyPI,2 I understand this recommendation as applying, at least in principle, to PyPI-distributed packages as well.

At the same time, I think there is still some rationale for the current operation. Users who install bdpy via ordinary pip install will not necessarily use the exact dependency versions recorded in our repository’s uv.lock. Therefore, it is possible that a bug is reproducible in a user’s environment but not reproducible in the development environment managed by uv. There is also a related discussion in the uv issue tracker where the traditional distinction between applications and libraries is raised: application projects should include a lock file, while library projects may not need to.3 This is not uv’s official recommendation, but it reflects a concern that is relevant to this case.

My current view is that, as long as we use uv to manage the development environment, some environment differences from users who use bdpy without uv are ultimately unavoidable. That said, since we do not yet fully understand which combinations of third-party dependency versions may cause breakage in bdpy (and fully understanding this may not be realistic), I think there is still a reasonable basis for continuing the current policy of not including a strict lock file in the Git repository for now.

We may change this decision in the future and include uv.lock in the repository, but if that happens, we can simply update .gitignore again. So I would like to merge this PR as it is.

Footnotes

  1. uv documentation, “Working on projects”: uv.lock contains the exact resolved versions installed in the project environment and “should be checked into version control.” See: https://docs.astral.sh/uv/guides/projects/#uvlock

  2. uv documentation, “Creating projects”: libraries are intended to be built and distributed, for example by uploading them to PyPI. See: https://docs.astral.sh/uv/concepts/projects/init/#libraries

  3. astral-sh/uv issue #10730: the issue author raises the application/library distinction for lock files. This is a discussion, not the official uv recommendation. See: https://github.com/astral-sh/uv/issues/10730

@ganow ganow merged commit 12b7c75 into KamitaniLab:dev Jun 17, 2026
4 of 6 checks passed
@KenyaOtsuka KenyaOtsuka deleted the chore/gitignore-uv-lock branch June 18, 2026 00:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants