Skip to main content

Dependency resolution for Python

Project description

DepHell

pypi MIT License Travis CI Powered by DepHell

DepHell -- project management for Python.

Why it is better than all other tools:

  1. Format agnostic. You can use DepHell with your favorite format: setup.py, requirements.txt, Pipfile, poetry. DepHell supports them all and much more.
  2. Use your favorite tool on any project. Want to install a poetry based project, but don't like poetry? Just tell DepHell to convert the project's meta information into a setup.py and install it with pip. Or directly work with the project from DepHell, because DepHell can do everything that you usually want to do with packages.
  3. DepHell doesn't try to replace your favorite tools. If you use poetry, you have to use poetry's file formats and commands. However, DepHell can be combined with any other tool or can even combine all these tools together by converting formats. You can use DepHell, poetry, and pip all at the same time.
  4. Easily extendable. DepHell has strong modularity and can be easily extended with new formats and commands.
  5. Developer friendly. We aren't going to place all of our modules into _internal. Also, DepHell has a large ecosystem with separated libraries so you can use only the parts of DepHell that you need.
  6. All-in-one-solution. DepHell can manage dependencies, virtual environments, tests, CLI tools, packages, generate configs, show licenses for dependencies, assist with security audits, get download statistics from PyPI, search packages and much more.
  7. Smart dependency resolution. Sometimes pip and pipenv fail to lock your dependencies. Try to execute pipenv install oslo.utils==1.4.0. Pipenv can't handle it, but DepHell can: dephell deps add --from=Pipfile oslo.utils==1.4.0 to add new dependency and dephell deps convert --from=Pipfile --to=Pipfile.lock to lock it.
  8. Asyncio based. DepHell doesn't support Python 2.7, and that allows us to use modern features to make network and filesystem requests as fast as possible.
  9. Multiple environments. You can have as many environments for project as you want. Separate sphinx dependencies from your main and dev environment. Other tools like pipenv and poetry don't support this.

Features:

See documentation for more details.

Follow @PythonDepHell on Twitter to get updates about new features and releases.

Installation

curl -L dephell.org/install | python3

See installation documentation for alternatives.

Supported formats

  1. Archives:
    1. *.egg-info (egginfo)
    2. *.tar.gz (sdist)
    3. *.whl (wheel)
  2. pip:
    1. requirements.txt (pip)
    2. requirements.lock (piplock)
  3. pipenv:
    1. Pipfile (pipfile)
    2. Pipfile.lock (pipfilelock)
  4. pоetry:
    1. pyproject.toml (poetry)
    2. poetry.lock (poetrylock)
  5. Environment:
    1. Imports in the package (imports).
    2. Installed packages (installed).
  6. Other:
    1. setup.py (setuppy)
    2. flit (flit)
    3. conda's environment.yml (conda)
    4. pyproject.toml build-system requires (pyproject)

Usage

First of all, install DepHell and activate autocomplete:

python3 -m pip install --user dephell[full]
dephell self autocomplete

Let's get sampleproject and make it better.

git clone https://github.com/pypa/sampleproject.git
cd sampleproject

This project uses setup.py for dependencies and metainfo. However, this format is over-complicated for most projects. Let's convert it into poetry:

dephell deps convert --from=setup.py --to=pyproject.toml

It will make next pyproject.toml:

[tool.poetry]
name = "sampleproject"
version = "1.2.0"
description = "A sample Python project"
authors = ["The Python Packaging Authority <pypa-dev@googlegroups.com>"]
readme = "README.md"

[tool.poetry.scripts]
sample = "sample:main"

[tool.poetry.dependencies]
python = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,<4,>=2.7"
coverage = {optional = true}
peppercorn = "*"

[tool.poetry.dev-dependencies]
check-manifest = "*"

[tool.poetry.extras]
test = ["coverage"]

Now, let's generate some useful files:

dephell generate authors

dephell generate license MIT

# https://editorconfig.org/
dephell generate editorconfig

Our users probably have not installed poetry, but they are likely to have pip and can install files from setup.py. Let's make it easier to generate setup.py from our pyproject.toml. Also, it points to DepHell as your default dependencies file. Add the following lines in the pyproject.toml:

[tool.dephell.main]
from = {format = "poetry", path = "pyproject.toml"}
to = {format = "setuppy", path = "setup.py"}

You can see a full, real-world example of a config in DepHell's own pyproject.toml.

Now we can call DepHell commands without explicitly specifying from and to:

dephell deps convert

It will make setup.py and README.rst from pyproject.toml and README.md.

Now let's test our code in a virtual environment:

$ dephell venv run pytest
WARNING venv does not exist, creating... (project=/home/gram/Documents/sampleproject, env=main, path=/home/gram/.local/share/dephell/venvs/sampleproject-Whg0/main)
INFO venv created (path=/home/gram/.local/share/dephell/venvs/sampleproject-Whg0/main)
WARNING executable does not found in venv, trying to install... (executable=pytest)
INFO build dependencies graph...
INFO installation...
# ... pip output
# ... pytest output

We can now activate the virtual environment for our project and run any commands inside:

dephell venv shell

Ugh, we have tests, but don't have pytest in our dependencies file. Let's add it:

dephell deps add --envs dev test -- pytest

Afer that our dev-dependencies looks like this:

[tool.poetry.dev-dependencies]
check-manifest = "*"
pytest = "*"

[tool.poetry.extras]
test = ["coverage", "pytest"]

Eventually we will have many more dependencies. Let's look at how many of them we have now:

$ dephell deps tree
- check-manifest [required: *, locked: 0.37, latest: 0.37]
- coverage [required: *, locked: 4.5.3, latest: 4.5.3]
- peppercorn [required: *, locked: 0.6, latest: 0.6]
- pytest [required: *, locked: 4.4.0, latest: 4.4.0]
  - atomicwrites [required: >=1.0, locked: 1.3.0, latest: 1.3.0]
  - attrs [required: >=17.4.0, locked: 19.1.0, latest: 19.1.0]
  - colorama [required: *, locked: 0.4.1, latest: 0.4.1]
  - funcsigs [required: >=1.0, locked: 1.0.2, latest: 1.0.2]
  - more-itertools [required: <6.0.0,>=4.0.0, locked: 5.0.0, latest: 7.0.0]
    - six [required: <2.0.0,>=1.0.0, locked: 1.12.0, latest: 1.12.0]
  - more-itertools [required: >=4.0.0, locked: 7.0.0, latest: 7.0.0]
  - pathlib2 [required: >=2.2.0, locked: 2.3.3, latest: 2.3.3]
    - scandir [required: *, locked: 1.10.0, latest: 1.10.0]
    - six [required: *, locked: 1.12.0, latest: 1.12.0]
  - pluggy [required: >=0.9, locked: 0.9.0, latest: 0.9.0]
  - py [required: >=1.5.0, locked: 1.8.0, latest: 1.8.0]
  - setuptools [required: *, locked: 41.0.0, latest: 41.0.0]
  - six [required: >=1.10.0, locked: 1.12.0, latest: 1.12.0]

Hm...Is it as many as it seems? Let's look at their size.

$ dephell inspect venv --filter=lib_size
11.96Mb

Ugh...Ok, it's Python. Are they actual?

$ dephell deps outdated
[
  {
    "description": "More routines for operating on iterables, beyond itertools",
    "installed": [
      "5.0.0"
    ],
    "latest": "7.0.0",
    "name": "more-itertools",
    "updated": "2019-03-28"
  },
]

Pytest requires old version of more-itertools. That happens.

If our tests and dependencies are OK, it's time to deploy. First of all, increment the project version:

$ dephell project bump minor
INFO generated new version (old=1.2.0, new=1.3.0)

And then build packages:

$ dephell project build
INFO dumping... (format=setuppy)
INFO dumping... (format=egginfo)
INFO dumping... (format=sdist)
INFO dumping... (format=wheel)
INFO builded

Now, we can upload these packages to PyPI:

dephell self auth upload.pypi.org my-username my-password
dephell project upload

These are some of the most useful commands. See documentation for more details.

Compatibility

DepHell is tested on Linux and Mac OS X with Python 3.5, 3.6, 3.7. And one of the coolest things is that DepHell is run by DepHell on Travis CI.

DepHell works on Windows but has no CI to keep in working yet.

How can I help

  1. Star project on Github. Developers believe in the stars.
  2. Tell your fellows that Gram has a made cool thing for you.
  3. Open an issue if you have thoughts on how to make DepHell better.
  4. Things that you can contribute in any project in DepHell ecosystem:
    1. Fix grammar and typos.
    2. Document new things.
    3. Tests, we always need more tests.
    4. Make READMEs more nice and friendly.
    5. View issues with the help wanted label to find things that you can fix.
    6. Anything what you want. If it is a new feature, please, open an issue before writing the code.

Thank you :heart:

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dephell-0.8.3.tar.gz (220.1 kB view details)

Uploaded Source

Built Distribution

dephell-0.8.3-py3-none-any.whl (204.2 kB view details)

Uploaded Python 3

File details

Details for the file dephell-0.8.3.tar.gz.

File metadata

  • Download URL: dephell-0.8.3.tar.gz
  • Upload date:
  • Size: 220.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: DepHell/0.8.3

File hashes

Hashes for dephell-0.8.3.tar.gz
Algorithm Hash digest
SHA256 a9fcc528a0c6f9f5d721292bdf846e5338e4dca7cd6fef1551fbe71564dfe61e
MD5 a6bd09b3859fd8fb704fa9f1a158220f
BLAKE2b-256 581935b7c9221deb49edfb1666dc140061990e62d5626473e3a381c6c71d3bb0

See more details on using hashes here.

File details

Details for the file dephell-0.8.3-py3-none-any.whl.

File metadata

  • Download URL: dephell-0.8.3-py3-none-any.whl
  • Upload date:
  • Size: 204.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: DepHell/0.8.3

File hashes

Hashes for dephell-0.8.3-py3-none-any.whl
Algorithm Hash digest
SHA256 3ca3661e2a353b5c67c77034b69b379e360d4c70ce562e8161db32d39064be5a
MD5 43c176c17d12c8c371519b670d2b788b
BLAKE2b-256 ed5c4c5bd2e67f445ba1b000ac87a77d9d759084cde90b36634fd79bedae01a0

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page