Adding UV package manager support for Python projects#4980
Adding UV package manager support for Python projects#4980GuillemSeCa wants to merge 1 commit intoaboutcode-org:developfrom
Conversation
pombredanne
left a comment
pombredanne
left a comment
There was a problem hiding this comment.
@GuillemSeCa Thank you++. This looks good overall. Do you mind to add a DCO signoff to your commit?
NB: this is timely as @AyanSinhaMahapatra is playing to switch to uv for ScanCode itself...
@AyanSinhaMahapatra do you mind to check the pinning issue on the doc CI action? And merge at your convenience.
Add support for parsing Python projects managed with the UV package manager (https://docs.astral.sh/uv/). Two new package data handlers are added in packagedcode.pypi: - UvPyprojectTomlHandler parses pyproject.toml files containing a [tool.uv] table. It collects the standard PEP 621 [project] metadata, optional-dependencies, and PEP 735 [dependency-groups] (with include-group references skipped as forward references). - UvLockHandler parses uv.lock files. Each [[package]] entry becomes a pinned, virtual resolved package; the editable root project entry is skipped since it is parsed independently from pyproject.toml. SHA-256 hashes and the exact sdist URL recorded in the lock file are preserved, and PyPI URLs are populated via get_pypi_urls. A shared BaseUvPythonLayout assembles the package by walking from either pyproject.toml or uv.lock to its sibling, mirroring the existing Poetry layout. PyprojectTomlHandler is updated to skip pyproject.toml files that belong to a UV project so that the dedicated handler runs. Test fixtures are derived from python-attrs/attrs 26.1.0 (https://github.com/python-attrs/attrs, MIT-licensed) and trimmed to the relevant parts for parser and end-to-end package-assembly coverage. Refs: aboutcode-org#4501 Signed-off-by: Guillem Serra Cazorla <[email protected]>
GuillemSeCa
force-pushed
the
feature/parse-uv_package
branch
from
19a432a to
c27f6ee
Compare
|
I have added the signoff @pombredanne! |
pombredanne
left a comment
pombredanne
left a comment
There was a problem hiding this comment.
All good for me on the code. We still some minimal doc for the thirdparty inclusion.
|
For https://github.com/aboutcode-org/scancode-toolkit/pull/4980/changes#diff-68efae3999818a948ae49f2a73f0f6e7b6c02f1e2d4c9f1438b80d547f6de9f5R408 We do not want to be the proverbial cobbler's son going barefoot! |
|
Ignore my previous comment at #4980 (comment) I thought incorrectly you had copied Python code from attrs. |
2 participants
Add support for parsing Python projects managed with the UV package manager (https://docs.astral.sh/uv/). Two new package data handlers are added in packagedcode.pypi:
A shared BaseUvPythonLayout assembles the package by walking from either pyproject.toml or uv.lock to its sibling, mirroring the existing Poetry layout. PyprojectTomlHandler is updated to skip pyproject.toml files that belong to a UV project so that the dedicated handler runs.
Test fixtures are derived from python-attrs/attrs 26.1.0 (https://github.com/python-attrs/attrs, MIT-licensed) and trimmed to the relevant parts for parser and end-to-end package-assembly coverage.
Refs: #4501
Tasks
Run tests locally to check for errors.
Signed-off-by: Guillem Serra Cazorla [email protected]