With UV_FROZEN=1, the uv-lock hook can pass even when the lockfile is outdated.
This caused problems for us in CI, where UV_FROZEN=1 is commonly set: a change that should have required a lockfile update was not caught.
Expected: Hook fails when lockfile is outdated.
Actual: Hook does not update the lockfile and does not fail, so lockfile drift can pass unnoticed.
Workaround: Set UV_FROZEN=0 for uv-lock hook execution only.
With UV_FROZEN=1, the uv-lock hook can pass even when the lockfile is outdated.
This caused problems for us in CI, where UV_FROZEN=1 is commonly set: a change that should have required a lockfile update was not caught.
Expected: Hook fails when lockfile is outdated.
Actual: Hook does not update the lockfile and does not fail, so lockfile drift can pass unnoticed.
Workaround: Set UV_FROZEN=0 for uv-lock hook execution only.