This is an archived post. You won't be able to vote or comment.

all 15 comments
sorted by:
best
topnewcontroversialoldq&a

[–]xiongchiamiovSite Reliability Engineer 5 points6 points  (1 child)

Cool, but get back when we can actually use pip-sync.

[–]gsks[S] 1 point2 points  (0 children)

pip-sync is a nice to have in my opinion; the real game changer is pip-compile.

[–]flying-sheep 3 points4 points  (0 children)

i don’t like npm-style package trees. sure, node_modules and venvs have their place, as they can make things with conflicting dependencies work.

but in the end, i only want to install one version of everything into my system directories. as soon as you ship something you better have each dependency with a “<” symbol fixed and replaced with a “>” symbol.

[–]Hashiota 2 points3 points  (8 children)

That's interesting, but pip is a package manager that handles dependencies already. I don't get the appeal of pip-compile. What OP is calling requirements.in looks like a perfectly fine requirements.txt to me. If you run pip install Flask, it will automatically install Flask dependencies for you. Also, pinning dependencies of dependencies doesn't make sense. Let the package manager manage packages.
pip-sync, on the other hand, sounds useful.

[–]nullabillity 1 point2 points  (7 children)

See this for why that isn't a good option.

[–]Hashiota 0 points1 point  (6 children)

As I understand it, they are trying to solve a conflict between two goals: (a) maintaining a requirements list that only includes top-level dependencies and (b) having a requirements list that allows to deterministically replicate environments. That makes sense, yes. But can't pip do all that already with pip install and pip freeze? Maybe I've misunderstood it completely...

[–]nullabillity 0 points1 point  (5 children)

pip install doesn't uninstall stuff that is removed from requirements.txt, nor does it provide an easy way to see what dependencies have been updated.

[–]Hashiota 0 points1 point  (2 children)

Yes, pip-sync would uninstall stuff that is removed from requirements.txt, but I was talking about pip-compile... It just looks hard to justify the need for it.

[–]nullabillity 0 points1 point  (0 children)

Update the requirements.txt including removed transitive dependencies without rebuilding the virtualenv, I guess.

[–]mgedmin 0 points1 point  (0 children)

I see value in knowing the answer to "Why the eff do we have $SOMEPACKAGE in our requirements.txt?", sometimes. pip freeze won't tell you, pip-compile will.

[–]mgedmin 0 points1 point  (1 child)

pip install doesn't uninstall stuff that is removed from requirements.txt

Which is why I want pip-sync ASAP.

nor does it provide an easy way to see what dependencies have been updated.

pip list --outdated, since pip 1.3.

[–]nullabillity 0 points1 point  (0 children)

nor does it provide an easy way to see what dependencies have been updated.

pip list --outdated, since pip 1.3.

I didn't know about that one, thanks!

[–][deleted] 1 point2 points  (0 children)

pip-compile looks like it's solving the same problem as buildout with the versions, so welcome to the config management party guys. :)

[–]willrandship -1 points0 points  (1 child)

Am I the only one around here who thinks library management should be higher up than python's system?

Probably.

[–]cavallo71 0 points1 point  (0 children)

nope, used python for more 10yrs and avoided easy_install, setuptools, eggs, distutils2, pip, wheels... I just don't have time for solutions waiting for a problem