Dependencies.lock File

The dependencies.lock file is generated by the version solver and contains the exact versions of the components selected during dependency resolution. This file ensures reproducible builds by locking component versions so that future builds use the same versions.

If your project includes only ESP Component Registry Dependencies or Git Dependencies, it is recommended to check in the dependencies.lock file to version control. This ensures that all developers use consistent component versions when building the project locally.

If your project includes Kconfig Options, the dependencies.lock file should not be checked into version control. This is because it may contain local paths specific to your environment, which will not be available to other developers.

Warning

The dependencies.lock file should not be manually edited. It must only be modified by the version solver.

Root Attributes

`dependencies`

The dependencies attribute is a dictionary that includes all flattened dependencies of the project. Each key represents the dependency name, and the corresponding value contains attributes described in the Dependency Attributes section.

`direct_dependencies`

The direct_dependencies attribute is a list of the project's direct dependencies—those specified directly in the project's manifest files. This list is used to ensure that the build system is re-triggered when a component is moved from ESP Component Registry Dependencies to Kconfig Options.

`manifest_hash`

The manifest_hash attribute is a hash of all the manifest files tracked in the project. This hash ensures that the dependencies.lock file is generated based on the latest manifest files.

`target`

The target attribute specifies the target for which the lock file was generated. It helps resolve Conditional Dependencies correctly depending on the selected target.

`version`

The version attribute indicates the version of the dependencies.lock file. It ensures that this version matches the version of the IDF Component Manager.

For example, IDF Component Manager 1.x uses version 1.0.0 for the dependencies.lock file, while IDF Component Manager 2.x uses version 2.0.0.

Dependency Attributes

Each entry in the dependencies dictionary includes the following attributes:

`component_hash`

The component_hash attribute is a hash of the component, used to verify component's integrity and ensure that the component hasn't changed since the dependencies.lock file was generated.

`dependencies`

The dependencies attribute is a dictionary containing the direct dependencies of the component.

`source`

The source attribute specifies the type of the component. For more details, see the Component Dependencies section.

`version`

The version attribute indicates the version of the component selected by the Version Solver.

`targets`

The targets attribute lists the targets compatible with the component. This field can be omitted if the component is compatible with all targets.

Dependencies.lock File

Root Attributes

dependencies

direct_dependencies

manifest_hash

target

version

Dependency Attributes

component_hash

dependencies

source

version

targets

`dependencies`

`direct_dependencies`

`manifest_hash`

`target`

`version`

`component_hash`

`dependencies`

`source`

`version`

`targets`