python · brettcannon · Nov 4, 2024 · Nov 4, 2024
@@ -158,9 +158,9 @@ specified for the same reason.
 - Table
 - Record of the tool that generated the lock file.
 - Enough details SHOULD be provided such that the lock
-  file from the details in this table (provided the same I/O data is available,
-  e.g., Dependabot if only files from a repository is necessary to run the
-  command).
+  file from the details in this table can be reproduced (provided the same I/O
+  data is available, e.g., Dependabot if only files from a repository is
+  necessary to run the command).
 
 
 ``locker.name``
@@ -358,7 +358,10 @@ specified for the same reason.
 - Array of tables
 - A record of the dependency requirements of the package and version.
 - The values MUST semantically match what's provided by the package version via
-  :ref:`packaging:core-metadata-requires-dist`.
+  :ref:`packaging:core-metadata-requires-dist` for all dependencies referenced
+  in the lock file (i.e all base dependencies plus all dependencies for extras
+  referenced in the lock file); lock files MAY list all dependencies for unused
+  extras if desired.
 - Values in the array SHOULD be written as inline tables, sorted
   lexicographically by ``name``, then by ``feature`` with the lack of that key
   sorting first.
@@ -783,8 +786,9 @@ Expectations for Installers
 - Installers MUST error out if a package version lacks a way to install into the
   chosen environment.
 - Installers MUST support installing into an empty environment
-- Installers SHOULD support syncing a pre-existing environment to match the lock
-  file.
+- Installers SHOULD support uninstalling all packages in a pre-existing
+  environment and then installing into it (sometimes referred to as *syncing*
+  an environment to the lock file).
 - Installers MAY support a way to install into a pre-existing environment that
   tries to keep packages not listed in the lock file working.