Describe the bug

While trying out the new lockfile format, I noticed the top level key for dependency-groups would change after every invocation. Guessing it's caused by (at least) Project.iter_groups() using a set for deduplication.

To reproduce

Using a project with at least one entry under dependency-groups in its pyproject.toml, run pdm lock (or pdm update --update-all) multiple times. The value in the resulting pylock.toml file under dependency-groups can / will change over the multiple runs.

Expected Behavior

The contents of pylock.toml will not change (or at least: the dependency-groups key) over the multiple invocations.

Environment Information

PDM version:
  2.25.0
Python Interpreter:
  /home/akaidiot/Documents/Projects/confidence/.venv/bin/python (3.12)
Project Root:
  /home/akaidiot/Documents/Projects/confidence
Local Packages:
  
{
  "implementation_name": "cpython",
  "implementation_version": "3.12.3",
  "os_name": "posix",
  "platform_machine": "x86_64",
  "platform_release": "6.8.0-60-generic",
  "platform_system": "Linux",
  "platform_version": "#63-Ubuntu SMP PREEMPT_DYNAMIC Tue Apr 15 19:04:15 UTC 2025",
  "python_full_version": "3.12.3",
  "platform_python_implementation": "CPython",
  "python_version": "3.12",
  "sys_platform": "linux"
}

Verbose Command Output

No response

Additional Context

No response

Are you willing to submit a PR to fix this bug?

• Yes, I would like to submit a PR.