Dependency version that doesn't match the uv.lock file being installed #188
Description
I am not sure if this is a tox-gh issue, a tox-uv issue, or something else. I have the following dependency group in my pyproject.toml:
[dependency-groups]
dev = [
"pytest>=8.3.5",
"pytest-httpserver>=1.0.10",
]
lint = [
"mypy>=1.15.0",
"ruff>=0.11.6",
"types-requests>=2.32.0.20250328",
]
The uv.lock file has ruff locked to 0.11.6. However, when tox run --skip-pkg-install is run, 0.12.0 is installed:
lint: aiohappyeyeballs==2.6.1,aiohttp==3.12.13,aiosignal==1.3.2,attrs==25.3.0,certifi==2025.6.15,charset-normalizer==3.4.2,dnspython==2.7.0,email-validator==2.2.0,frozenlist==1.7.0,geoip2==5.1.0,idna==3.10,iniconfig==2.1.0,markupsafe==3.0.2,maxminddb==2.7.0,minfraud @ file:///home/runner/work/minfraud-api-python/minfraud-api-python/.tox/.tmp/package/2/minfraud-3.1.0.tar.gz,multidict==6.5.0,mypy==1.16.1,mypy-extensions==1.1.0,packaging==25.0,pathspec==0.12.1,pluggy==1.6.0,propcache==0.3.2,pygments==2.19.1,pytest==8.4.0,pytest-httpserver==1.1.3,requests==2.32.4,ruff==0.12.0,types-requests==2.32.4.20250611,typing-extensions==4.14.0,urllib3==2.4.0,voluptuous==0.15.2,werkzeug==3.1.3,yarl==1.20.1
uv sync --all-groups does install version 0.11.6 of ruff as expected.
Links: