-
Notifications
You must be signed in to change notification settings - Fork 624
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for named and explicit indexes #7481
base: charlie/multi-sources
Are you sure you want to change the base?
Conversation
This still needs docs (beyond the inline documentation), but I'd like to align on the semantics described in the PR summary first. |
4561e5d
to
c6d7a92
Compare
// /// structured as a flat list of distributions (e.g., `--find-links`). In both cases, indexes | ||
// /// can point to either local or remote resources. | ||
// #[serde(default)] | ||
// pub r#type: IndexKind, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I left this in for now but can remove before merging. Eventually I want this to support --find-links
.
98c909f
to
e6f9d9a
Compare
Yeah this seems wrong. Why is it this way? Do we need an explicit Do we set the explicit tag during a How does index pinning work for transitive dependencies? How can we teach the PyPI fallback behavior? Are there any bad user experiences where we could suggest adding |
Well... we could just invert the priority, if that's what you mean (such that the new index stuff comes last, and the legacy arguments come first). Then the CLI arguments would work as expected. As-is, though, we don't have a way to differentiate between indexes passed on the command line (with
Yeah roughly this.
We don't as of this PR... We can though. I think we probably should? I guess by default we add the index, and make it explicit for that package? The unfortunate thing is that we need a name for the index in that case (as we discussed on Discord). Alternatively, we could just add a
It doesn't have any effect on transitive dependencies. I don't know that it can or should, honestly, because transitive dependencies can be required from multiple different first-party dependencies that could come from different indexes. I think this would be extremely hard to implement correctly and could lead to confusing behavior. |
I prefer to make |
Did you consider allowing pinning packages to indexes using glob-patterns as mentioned here? AFAIK that is the only solution for pinning transitive dependencies that is straightforward enough but still useful for a set of real use-cases. |
There's nothing stopping us from supporting that in addition to the schema described above. It strikes me as somewhat backwards but I understand why it's useful. My only concern is that we're complicating the schema and creating two ways to assign a package to an index. |
@charliermarsh I know it's painful/stupid/messy, but the regex assignment is still really useful for handling transitive dependencies in corporate environments. I don't think there are easy alternatives given the default assumption that python wants to make about indices being equivalent. |
I wonder if we should have a separate schema for pinning transitive packages to a defined index? It could allow globs as well. I'm not sure what all the trade-offs are. |
@zanieb -- That's a good call. Instead of putting this on the index schema, we could have a separate table for assigning packages to named indexes. |
e6f9d9a
to
d404df8
Compare
I'll probably be pushing to this branch a lot over the next few days, so you may want to unsubscribe if the notifications are annoying! |
3208ab0
to
518f3b3
Compare
518f3b3
to
9992f13
Compare
Ok @zanieb -- I think this is ready for review. It now includes docs too. |
While playing with this, I found an issue that the lockfile is always ignored due to missing remote index: DEBUG Ignoring existing lockfile due to missing remote index: `idna` `3.4` from `https://download.pytorch.org/whl/cu121` A reproduction: $ cat pyproject.toml
[project]
name = "foo"
version = "0.1.0"
requires-python = ">=3.12"
dependencies = [
"idna>=3.4",
]
[[tool.uv.index]]
name = "pytorch"
url = "https://download.pytorch.org/whl/cu121"
explicit = true
[tool.uv.sources]
idna = { index = "pytorch" }
$ cargo run -- lock
$ cargo run -- lock Seems like uv/crates/uv-resolver/src/lock/mod.rs Lines 1046 to 1067 in 805f1bd
|
Thanks, good catch. |
e331d72
to
2a8d89e
Compare
e5c0b1e
to
f5aa096
Compare
f5aa096
to
c2f8019
Compare
Summary
This PR adds a first-class API for defining registry indexes, beyond our existing
--index-url
and--extra-index-url
setup.Specifically, you now define indexes like so in a
uv.toml
orpyproject.toml
file:You can also provide indexes via
--index
andUV_INDEX
, and override the default index with--default-index
andUV_DEFAULT_INDEX
.Index priority
Indexes are prioritized in the order in which they're defined, such that the first-defined index has highest priority.
Indexes are also inherited from parent configuration (e.g., the user-level
uv.toml
), but are placed after any indexes in the current project, matching our semantics for other array-based configuration values.You can mix
--index
and--default-index
with the legacy--index-url
and--extra-index-url
settings; the latter two are merely treated as unnamed[[tool.uv.index]]
entries.Index pinning
If an index includes a name (which is optional), it can then be referenced via
tool.uv.sources
:If an index is marked as
explicit = true
, it can only be used via such references, and will never be searched implicitly:Indexes defined outside of the current project (e.g., in the user-level
uv.toml
) can not be explicitly selected.(As of now, we only support using a single index for a given
tool.uv.sources
definition.)Default index
By default, we include PyPI as the default index. This remains true even if the user defines a
[[tool.uv.index]]
-- PyPI is still used as a fallback. You can mark an index asdefault = true
to (1) disable the use of PyPI, and (2) bump it to the bottom of the prioritized list, such that it's used only if a package does not exist on a prior index:Name reuse
If a name is reused, the higher-priority index with that name is used, while the lower-priority indexes are ignored entirely.
For example, given:
The
https://test.pypi.org/simple
index would be ignored entirely, since it's lower-priority thanhttps://download.pytorch.org/whl/cu121
but shares the same name.Closes #171.
Future work
uv add
should automatically write--index
entries to thepyproject.toml
file.