Question

How can I keep my uv.lock file in sync with my other files like pyproject.toml?

I reviewed #1097 but my situation is different in two important ways:

1. I'm not building using psr; I have my own custom logic for that which is handled after the release is cut.
2. We use the GitHub Action and my uv uses private indexes so I would need to find a way to pass numerous secrets / specially formatted env vars into the runtime using the prior approach.

Suggestion

When I update my uv.lock, the change looks something like this:

 [[package]]
 name = "example"
-version = "0.7.0"
+version = "0.10.0"

There's no need for any other complex locking behavior (hash pinning, etc.).

It seems like we could be able to specify this version update with a version_toml configuration or similar. However the problem is that we need to match on the [[package]] where name = "example" and then update the corresponding version field. I considered version_variables for this, which shows the potential to work but feels a bit hacky.

Configuration

[tool.semantic_release]
major_on_zero = false
version_toml = [
    "pyproject.toml:project.version",
]
version_variables = [
    "src/example/__init__.py:__version__",
]
changelog_file = "CHANGELOG.md"
commit_parser = "angular"
commit_author = "Example <Example@example.com>"
commit_message = "chore(release): example {version}"
tag_format = "example=={version}"

[tool.semantic_release.branches.release]
match = "main"

[tool.semantic_release.publish]
dist_glob_patterns = ["path_relative_to_root/example/dist/*"]
upload_to_vcs_release = true

[tool.semantic_release.remote]
name = "origin"
type = "github"
ignore_token_for_push = false
insecure = false