Followup from #10040 - Support uv compiled requirements files

python/helpers/requirements.txt

@@ -7,6 +7,7 @@ plette==2.1.0
 poetry==1.8.3
 # TODO: Replace 3p package `toml` with 3.11's new stdlib `tomllib` once we drop support for Python 3.10.
 toml==0.10.2
+uv==0.4.9
 
 # Some dependencies will only install if Cython is present
 Cython==3.0.10

python/lib/dependabot/python/file_updater/pip_compile_file_updater.rb

@@ -96,13 +96,14 @@ def compile_new_requirement_files
         def compile_file(filename)
           # Shell out to pip-compile, generate a new set of requirements.
           # This is slow, as pip-compile needs to do installs.
-          options = pip_compile_options(filename)
+
+          options, command = pip_compile_options(filename)
           options_fingerprint = pip_compile_options_fingerprint(options)
 
-          name_part = "pyenv exec pip-compile " \
+          name_part = "#{command} " \
                       "#{options} -P " \
                       "#{dependency.name}"
-          fingerprint_name_part = "pyenv exec pip-compile " \
+          fingerprint_name_part = "#{command} " \
                                   "#{options_fingerprint} -P " \
                                   "<dependency_name>"
 
@@ -453,10 +454,16 @@ def pip_compile_options(filename)
           options += pip_compile_index_options
 
           if (requirements_file = compiled_file_for_filename(filename))
-            options += pip_compile_options_from_compiled_file(requirements_file)
+            if requirements_file.content.include?("uv pip compile")
+              options += uv_pip_compile_options_from_compiled_file(requirements_file)
+              command = "pyenv exec uv pip compile"
+            else
+              options += pip_compile_options_from_compiled_file(requirements_file)
+              command = "pyenv exec pip-compile"
+            end
           end
 
-          options.join(" ")
+          [options.join(" "), command]
         end
 
         def pip_compile_options_from_compiled_file(requirements_file)
@@ -483,6 +490,30 @@ def pip_compile_options_from_compiled_file(requirements_file)
           options
         end
 
+        def uv_pip_compile_options_from_compiled_file(requirements_file)
+          options = ["--output-file=#{requirements_file.name}"]
+
+          options << "--no-emit-index-url" if requirements_file.content.include?("index-url http")
+
+          options << "--generate-hashes" if requirements_file.content.include?("--hash=sha")
+
+          options << "--no-annotate" unless requirements_file.content.include?("# via ")
+
+          options << "--pre" if requirements_file.content.include?("--pre")
+
+          options << "--no-strip-extras" if requirements_file.content.include?("--no-strip-extras")
+
+          if requirements_file.content.include?("--no-binary") || requirements_file.content.include?("--only-binary")
+            options << "--emit-build-options"
+          end
+
+          # options skips the resolver option, as it has no effect for uv.
+
+          options << "--universal" if requirements_file.content.include?("--universal")
+
+          options
+        end
+
         def pip_compile_index_options
           credentials
             .select { |cred| cred["type"] == "python_index" }

python/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb

@@ -32,6 +32,7 @@ class PipCompileVersionResolver
         PYTHON_PACKAGE_NAME_REGEX = /[A-Za-z0-9_\-]+/
         RESOLUTION_IMPOSSIBLE_ERROR = "ResolutionImpossible"
         ERROR_REGEX = /(?<=ERROR\:\W).*$/
+        RESOLVER_REGEX = /(?<=--resolver=)(\w+)/
 
         attr_reader :dependency
         attr_reader :dependency_files
@@ -91,12 +92,12 @@ def fetch_latest_resolvable_version_string(requirement:)
         def compile_file(filename)
           # Shell out to pip-compile.
           # This is slow, as pip-compile needs to do installs.
-          options = pip_compile_options(filename)
+          options, command = pip_compile_options(filename)
           options_fingerprint = pip_compile_options_fingerprint(options)
 
           run_pip_compile_command(
-            "pyenv exec pip-compile -v #{options} -P #{dependency.name} #{filename}",
-            fingerprint: "pyenv exec pip-compile -v #{options_fingerprint} -P <dependency_name> <filename>"
+            "#{command} -v #{options} -P #{dependency.name} #{filename}",
+            fingerprint: "#{command} -v #{options_fingerprint} -P <dependency_name> <filename>"
           )
 
           return true if dependency.top_level?
@@ -110,8 +111,8 @@ def compile_file(filename)
           # update_not_possible.
           write_original_manifest_files
           run_pip_compile_command(
-            "pyenv exec pip-compile #{options} #{filename}",
-            fingerprint: "pyenv exec pip-compile #{options_fingerprint} <filename>"
+            "#{command} #{options} #{filename}",
+            fingerprint: "#{command} #{options_fingerprint} <filename>"
           )
 
           true
@@ -201,12 +202,12 @@ def check_original_requirements_resolvable
               write_temporary_dependency_files(update_requirement: false)
 
               filenames_to_compile.each do |filename|
-                options = pip_compile_options(filename)
+                options, command = pip_compile_options(filename)
                 options_fingerprint = pip_compile_options_fingerprint(options)
 
                 run_pip_compile_command(
-                  "pyenv exec pip-compile #{options} #{filename}",
-                  fingerprint: "pyenv exec pip-compile #{options_fingerprint} <filename>"
+                  "#{command} #{options} #{filename}",
+                  fingerprint: "#{command} #{options_fingerprint} <filename>"
                 )
               end
 
@@ -251,7 +252,16 @@ def pip_compile_options(filename)
             options << "--output-file=#{requirements_file.name}"
           end
 
-          options.join(" ")
+          if (requirements_file = compiled_file_for_filename(filename))
+            if requirements_file.content.include?("uv pip compile")
+              options += uv_pip_compile_options_from_compiled_file(requirements_file)
+              command = "pyenv exec uv pip compile"
+            else
+              command = "pyenv exec pip-compile"
+            end
+          end
+
+          [options.join(" "), command]
         end
 
         def pip_compile_index_options
@@ -277,6 +287,32 @@ def run_pip_compile_command(command, fingerprint:)
           run_command(command, fingerprint: fingerprint)
         end
 
+        def uv_pip_compile_options_from_compiled_file(requirements_file)
+          options = ["--output-file=#{requirements_file.name}"]
+
+          options << "--no-emit-index-url" unless requirements_file.content.include?("index-url http")
+
+          options << "--generate-hashes" if requirements_file.content.include?("--hash=sha")
+
+          options << "--no-annotate" unless requirements_file.content.include?("# via ")
+
+          options << "--pre" if requirements_file.content.include?("--pre")
+
+          options << "--no-strip-extras" if requirements_file.content.include?("--no-strip-extras")
+
+          if requirements_file.content.include?("--no-binary") || requirements_file.content.include?("--only-binary")
+            options << "--emit-build-options"
+          end
+
+          if (resolver = RESOLVER_REGEX.match(requirements_file.content))
+            options << "--resolver=#{resolver}"
+          end
+
+          options << "--universal" if requirements_file.content.include?("--universal")
+
+          options
+        end
+
         def python_env
           env = {}