From eef44cc9c0c79148f89aa0c8c545a18d3e7fd979 Mon Sep 17 00:00:00 2001
From: Lukas Puehringer <lukas.puehringer@eclipse-foundation.org>
Date: Thu, 28 May 2026 14:05:50 +0200
Subject: [PATCH] Fail CI if uv.lock is out of sync with pyproject.toml (#25)

Add `--locked` to the existing `uv sync` install step. The flag asserts
that `uv.lock` would remain unchanged by the sync; if pyproject.toml has
been modified without a corresponding lock regeneration, the step exits
non-zero before any other `uv` command runs, so nothing can silently
auto-sync the lock and mask the drift.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Signed-off-by: Lukas Puehringer <lukas.puehringer@eclipse-foundation.org>
---
 .github/workflows/ci.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index a56990e..5a641ea 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -26,8 +26,8 @@ jobs:
     - name: Install uv
       uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867
 
-    - name: Install dependencies
-      run: uv sync --all-extras
+    - name: Install dependencies (fails if uv.lock is out of sync)
+      run: uv sync --locked --all-extras
 
     - name: Run linter
       run: make lint