Technology moves fast! ⚡ Don't get left behind.🚶 Subscribe to our mailing list to keep up with latest and greatest in open source projects! 🏆


Subscribe to our mailing list

pip-tools

A set of tools to keep your pinned Python dependencies fresh.

Subscribe to updates I use pip-tools


Statistics on pip-tools

Number of watchers on Github 2626
Number of open issues 83
Average time to close an issue 24 days
Main language Python
Average time to merge a PR 10 days
Open pull requests 41+
Closed pull requests 30+
Last commit over 1 year ago
Repo Created almost 7 years ago
Repo Last Updated over 1 year ago
Size 854 KB
Organization / Authorjazzband
Latest Release1.11.0
Contributors57
Page Updated
Do you use pip-tools? Leave a review!
View open issues (83)
View on github
Fresh, new opensource launches 🚀🚀🚀
Trendy new open source projects in your inbox! View examples

Subscribe to our mailing list

Evaluating pip-tools for your project? Score Explanation
Commits Score (?)
Issues & PR Score (?)

|buildstatus-travis| |buildstatus-appveyor| |jazzband| |pypi|

==================================

pip-tools = pip-compile + pip-sync

A set of command line tools to help you keep your pip-based packages fresh, even when you've pinned them. You do pin them, right?_

.. image:: https://github.com/jazzband/pip-tools/raw/master/img/pip-tools-overview.png :alt: pip-tools overview for phase II

.. |buildstatus-travis| image:: https://img.shields.io/travis/jazzband/pip-tools/master.svg :alt: Travis-CI build status :target: https://travis-ci.org/jazzband/pip-tools .. |buildstatus-appveyor| image:: https://img.shields.io/appveyor/ci/jazzband/pip-tools/master.svg :alt: Appveyor build status :target: https://ci.appveyor.com/project/jazzband/pip-tools .. |jazzband| image:: https://jazzband.co/static/img/badge.svg :alt: Jazzband :target: https://jazzband.co/ .. |pypi| image:: https://img.shields.io/pypi/v/pip-tools.svg :alt: PyPI :target: https://pypi.python.org/pypi/pip-tools/ .. _You do pin them, right?: http://nvie.com/posts/pin-your-packages/

Installation

As part of a Python project's environment tooling (similar to pip), it's recommended to install pip-tools in each project's virtual environment_:

.. code-block:: bash

$ source /path/to/venv/bin/activate
(venv)$ pip install --upgrade pip  # pip-tools needs pip==8.0 or higher (!)
(venv)$ pip install pip-tools

Note: all of the remaining example commands assume you've activated your project's virtual environment.

.. _virtual environment: https://packaging.python.org/tutorials/installing-packages/#creating-virtual-environments

Example usage for pip-compile

Requirements from setup.py

Suppose you have a Flask project, and want to pin it for production. If you have a setup.py with install_requires=['Flask'], then run pip-compile without any arguments:

.. code-block:: bash

$ pip-compile
#
# This file is autogenerated by pip-compile
# To update, run:
#
#    pip-compile --output-file requirements.txt setup.py
#
click==6.7                # via flask
flask==0.12.2
itsdangerous==0.24        # via flask
jinja2==2.9.6             # via flask
markupsafe==1.0           # via jinja2
werkzeug==0.12.2          # via flask

pip-compile will produce your requirements.txt, with all the Flask dependencies (and all underlying dependencies) pinned. You should put requirements.txt under version control.

Without setup.py

If you don't use setup.py (it's easy to write one_), you can create a requirements.in file to declare the Flask dependency:

.. code-block:: ini

# requirements.in
Flask

Now, run pip-compile requirements.in:

.. code-block:: bash

$ pip-compile requirements.in
#
# This file is autogenerated by pip-compile
# To update, run:
#
#    pip-compile --output-file requirements.txt requirements.in
#
click==6.7                # via flask
flask==0.12.2
itsdangerous==0.24        # via flask
jinja2==2.9.6             # via flask
markupsafe==1.0           # via jinja2
werkzeug==0.12.2          # via flask

And it will produce your requirements.txt, with all the Flask dependencies (and all underlying dependencies) pinned. You should put both requirements.in and requirements.txt under version control.

.. _it's easy to write one: https://packaging.python.org/distributing/#configuring-your-project

Using hashes

If you would like to use Hash-Checking Mode available in pip since version 8.0, pip-compile offers --generate-hashes flag:

.. code-block:: bash

$ pip-compile --generate-hashes requirements.in
#
# This file is autogenerated by pip-compile
# To update, run:
#
#    pip-compile --generate-hashes --output-file requirements.txt requirements.in
#
click==6.7 \
    --hash=sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d \
    --hash=sha256:f15516df478d5a56180fbf80e68f206010e6d160fc39fa508b65e035fd75130b \
    # via flask
flask==0.12.2 \
    --hash=sha256:0749df235e3ff61ac108f69ac178c9770caeaccad2509cb762ce1f65570a8856 \
    --hash=sha256:49f44461237b69ecd901cc7ce66feea0319b9158743dd27a2899962ab214dac1
itsdangerous==0.24 \
    --hash=sha256:cbb3fcf8d3e33df861709ecaf89d9e6629cff0a217bc2848f1b41cd30d360519 \
    # via flask
jinja2==2.9.6 \
    --hash=sha256:2231bace0dfd8d2bf1e5d7e41239c06c9e0ded46e70cc1094a0aa64b0afeb054 \
    --hash=sha256:ddaa01a212cd6d641401cb01b605f4a4d9f37bfc93043d7f760ec70fb99ff9ff \
    # via flask
markupsafe==1.0 \
    --hash=sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665 \
    # via jinja2
werkzeug==0.12.2 \
    --hash=sha256:903a7b87b74635244548b30d30db4c8947fe64c5198f58899ddcd3a13c23bb26 \
    --hash=sha256:e8549c143af3ce6559699a01e26fa4174f4c591dbee0a499f3cd4c3781cdec3d \
    # via flask

Updating requirements

To update all packages, periodically re-run pip-compile --upgrade.

To update a specific package to the latest or a specific version use the --upgrade-package or -P flag:

.. code-block:: bash

$ pip-compile --upgrade-package flask  # only update the flask package
$ pip-compile --upgrade-package flask --upgrade-package requests  # update both the flask and requests packages
$ pip-compile -P flask -P requests==2.0.0  # update the flask package to the latest, and requests to v2.0.0

If you use multiple Python versions, you can run pip-compile as py -X.Y -m piptools compile ... on Windows and pythonX.Y -m piptools compile ... on other systems.

Configuration

You might be wrapping the pip-compile command in another script. To avoid confusing consumers of your custom script you can override the update command generated at the top of requirements files by setting the CUSTOM_COMPILE_COMMAND environment variable.

.. code-block:: bash

$ CUSTOM_COMPILE_COMMAND="./pipcompilewrapper" pip-compile requirements.in
#
# This file is autogenerated by pip-compile
# To update, run:
#
#    ./pipcompilewrapper
#
flask==0.10.1
itsdangerous==0.24        # via flask
jinja2==2.7.3             # via flask
markupsafe==0.23          # via jinja2
werkzeug==0.10.4          # via flask

Example usage for pip-sync

Now that you have a requirements.txt, you can use pip-sync to update your virtual environment to reflect exactly what's in there. This will install/upgrade/uninstall everything necessary to match the requirements.txt contents.

Be careful: pip-sync is meant to be used only with a requirements.txt generated by pip-compile.

.. code-block:: bash

$ pip-sync
Uninstalling flake8-2.4.1:
  Successfully uninstalled flake8-2.4.1
Collecting click==4.1
  Downloading click-4.1-py2.py3-none-any.whl (62kB)
    100% || 65kB 1.8MB/s
  Found existing installation: click 4.0
    Uninstalling click-4.0:
      Successfully uninstalled click-4.0
Successfully installed click-4.1

To sync multiple *.txt dependency lists, just pass them in via command line arguments, e.g.

.. code-block:: bash

$ pip-sync dev-requirements.txt requirements.txt

Passing in empty arguments would cause it to default to requirements.txt.

If you use multiple Python versions, you can run pip-sync as py -X.Y -m piptools sync ... on Windows and pythonX.Y -m piptools sync ... on other systems.

Note: pip-sync will not upgrade or uninstall packaging tools like setuptools, pip, or pip-tools itself. Use pip install --upgrade to upgrade those packages.

Other useful tools

  • pipdeptree_ to print the dependency tree of the installed packages.

.. _pipdeptree: https://github.com/naiquevin/pipdeptree

pip-tools open issues Ask a question     (View All Issues)
  • over 2 years Second-level requirements for editable reqs disappear after round 1
  • over 2 years freature request: version range shorthand
  • over 2 years Version 1.8.1 and 1.9
  • over 2 years Update a specific package does not work.
  • over 2 years Project Status Update?
  • over 2 years pip-sync uninstalls packages from root conda environment
  • over 2 years pip-compile adding appdirs, packaging etc. setuptools deps
  • over 2 years Show whether the "latest" pip version is supported
  • over 2 years pip-compile exception UnicodeDecodeError
  • over 2 years pip-compile --generate-hashes fails on sphinx
  • over 2 years pip-compile does not support python_version limits
  • over 2 years UnicodeDecodeError in posixpath on ipython==5.1.0
  • over 2 years Pip compile breaks with scandir==1.4
  • over 2 years pip-compile breaks because of missing option values in pip
  • over 2 years Requirements of vcs url requirement are not commented in the output of pip-compile
  • over 2 years pip-sync uninstalls pkg-resources, breaks psycopg2
pip-tools open pull requests (View All Pulls)
  • Fix doctests and run them with tox
  • remove duplicate index urls
  • Add most recent Python versions in Travis CI
  • sync: Use options from the txt file
  • Add support for running as Python module
  • #206: Preserve environment markers from requirements.in
  • Write relative find-links opts to output file
  • Fix UnicodeDecodeError in Py2.7
  • Enhance the option lines in output
  • Catch CalledProcessError when pip install/uninstall is run
  • Exclude packages required only by unsafe packages
  • Ignore pkg-resources Fixes #389
  • Add trusted host option to pip-sync
  • Allow editable dependencies with hashes
  • Build requirements from setup.py
  • pip-compile includes irrelevant constraints from pip contraints file
  • Handle local relative paths
  • Phased install
  • Remove the restriction on package urls because it is unnecessary
  • Use download_dir=None for editable PyPI dependencies
  • support pinned vcs dependencies [#355]
  • Add -markerlib and pkg-resources to the list of PACKAGES_TO_IGNORE
  • Add ability to process CA Bundles
  • Write error message to the stderr.
  • Improve pip-compile with regard to stdout
  • Use ignore_installed=True with PyPIRepository.get_dependencies
  • Attempt to fix #349
  • Allow wheel as requirements source
  • Pip sync quiet
  • Fix allow unsafe false pinning bug
  • Make editable requirements use relative paths where appropriate.
  • Improve setup.py parsing
  • specifiy which wheels to download
  • add requirement for minimal version of setuptools
  • Add requirements.txt file to install packages for testing
  • --exclude support
  • support URLs as packages, fix #272
  • Support directories as input to pip-compile (fixes #207)
  • Replace custom logging with built-in version.
  • Add pip-sync option to restrict attention to user-local directory.
  • Cache hashes for `--generate-hashes`
pip-tools questions on Stackoverflow (View All Questions)
  • pip doesn't work after upgrading with pip-tools
pip-tools list of languages used
pip-tools latest release notes
1.11.0 1.11.0

Features:

  • Allow editable packages in requirements.in with pip-compile --generate-hashes (#524). Thanks @jdufresne
  • Allow for CA bundles with pip-compile --cert (#612). Thanks @khwilson
  • Improved pip-compile duration with large locally available editable requirement by skipping a copy to the cache (#583). Thanks @costypetrisor
  • Slightly improved the NoCandidateFound error message on potential causes (#614). Thanks @vphilippon

Bug Fixes:

  • Add -markerlib to the list of PACKAGES_TO_IGNORE of pip-sync (#613).
1.10.2 1.10.2

Bug Fixes:

  • Fixed bug causing dependencies from invalid wheels for the current platform to be included (#571).
  • pip-sync will respect environment markers in the requirements.txt (#600). Thanks @hazmat345
  • Converted the ReadMe to have a nice description rendering on PyPi. Thanks @bittner
1.10.1 1.10.1

Bug Fixes:

  • Fixed bug breaking pip-sync on Python 3, raising TypeError: '<' not supported between instances of 'InstallRequirement' and 'InstallRequirement' (#570).
Other projects in Python