Avoid warning users for missing self-extra lower bounds (#5518)

## Summary Closes https://github.com/astral-sh/uv/issues/5227.
2025-08-03 02:22:19 +00:00 · 2024-07-28 14:35:18 -04:00 · 2024-07-28 14:35:18 -04:00 · caf01735fa
commit caf01735fa
parent 88340fbd0d
3 changed files with 36 additions and 2 deletions
--- a/crates/uv-resolver/src/pubgrub/dependencies.rs
+++ b/crates/uv-resolver/src/pubgrub/dependencies.rs
@ -79,7 +79,7 @@ impl PubGrubDependency {
                            package: package.clone(),
                            version: version.clone(),
                            specifier,
-                            url: None,
+                            url,
                        })
                    }
                    _ => None,
--- a/crates/uv-resolver/src/resolver/mod.rs
+++ b/crates/uv-resolver/src/resolver/mod.rs
@ -2135,7 +2135,7 @@ impl ForkState {
                // A dependency from the root package or requirements.txt.
                debug!("Adding direct dependency: {package}{version}");

-                // Warn the user if the direct dependency lacks a lower bound in lowest resolution.
+                // Warn the user if a direct dependency lacks a lower bound in `--lowest` resolution.
                let missing_lower_bound = version
                    .bounding_range()
                    .map(|(lowest, _highest)| lowest == Bound::Unbounded)
--- a/crates/uv/tests/lock.rs
+++ b/crates/uv/tests/lock.rs
@ -4105,3 +4105,37 @@ fn lock_same_version_multiple_urls() -> Result<()> {

    Ok(())
 }
+
+/// When locking with `--resolution-mode=lowest`, we shouldn't warn on unbounded direct
+/// dependencies.
+#[test]
+fn lock_unsafe_lowest() -> Result<()> {
+    let context = TestContext::new("3.12");
+
+    let pyproject_toml = context.temp_dir.child("pyproject.toml");
+    pyproject_toml.write_str(
+        r#"
+        [project]
+        name = "project"
+        version = "0.1.0"
+        requires-python = ">=3.12"
+        dependencies = []
+
+        [project.optional-dependencies]
+        dev = ["iniconfig"]
+        all = ["project[dev]"]
+        "#,
+    )?;
+
+    uv_snapshot!(context.filters(), context.lock().arg("--resolution").arg("lowest-direct"), @r###"
+    success: true
+    exit_code: 0
+    ----- stdout -----
+
+    ----- stderr -----
+    warning: `uv lock` is experimental and may change without warning
+    Resolved 2 packages in [TIME]
+    "###);
+
+    Ok(())
+}