Skip to main content

Check for differences between requirements.txt files and your environment.

Project description

https://img.shields.io/pypi/v/pip-lock.svg https://img.shields.io/travis/adamchainz/pip-lock/master.svg

Check for differences between requirements.txt files and your environment.

At YPlan, we automatically call check_requirements() during development and testing to provide developers instant feedback if their environment is out of sync with the current requirements.txt. This ensures that developers do not experience unexpected behaviour or errors related to out of sync requirements.

Installation

Install with pip:

pip install pip-lock

Example usage

from pip_lock import check_requirements

# Check requirements and if there are any mismatches, print a message and die with exit code 1
check_requirements('requirements.txt')
from pip_lock import get_mismatches

# Get mismatches as a dictionary of package names to tuples (expected_version, actual_version)
# e.g. {'django': ('1.10.2', None), 'requests': ('2.11.1', '2.9.2')}
mismatches = get_mismatches('requirements.txt')

At YPlan, we call check_requirements() within our Django manage.py which checks the requirements every time Django starts or tests are run. We recommend checking the environment to ensure it is not run in a production environment, to avoid slowing down application startup.

API

check_requirements(requirements_file_path, post_text='')

Exit with exit code 1 and output to stderr if there are mismatches between the environment and requirements file.

requirements_file_path is the path to the requirements.txt file - we recommend using an absolute file path.

post_text is optional text which is displayed after the stderr message. This can be used to display instructions on how to update the requirements.

Example:

check_requirements(
    'requirements.txt',
    post_text='\nRun the following on your host machine: \n\n    vagrant provision\n'
)
There are requirement mismatches with requirements.txt:
    * Package Django has version 1.9.10 but you have version 1.9.0 installed.
    * Package requests has version 2.11.1 but you have version 2.11.0 installed.
    * Package requests-oauthlib is in requirements.txt but not in virtualenv

Run the following on your host machine:

    vagrant provision

get_mismatches(requirements_file_path, post_text='')

Return a dictionary of package names to tuples of (expected_version, actual_version) for mismatched packages.

requirements_file_path is the path to the requirements.txt file - we recommend using an absolute file path.

Example:

>>> get_mismatches('requirements.txt')
{'django': ('1.10.2', '1.9.0'), 'requests': ('2.11.1', '2.9.2'), 'request-oauthlib': ('0.7.0', None)}

History

1.2.0 (2018-07-25)

  • Ignore installed external (-e) packages.

1.1.1 (2018-04-15)

  • Fix for pip 10 move of import to pip._internal

1.1.0 (2016-08-18)

  • Remove logic that made relative file paths relative to the path of the calling code’s file. It’s now the standard behaviour of relative to the current working directory. Passing an absolute path is recommended.

  • Make comparison of package names case-insensitive to work with requirements.txt files that use a different case to the canoncial package name. This can happen with pip-compile that always outputs lowercase names.

  • Fix ‘mismatches’ typo

  • Only indent mismatch list by 4 spaces in error message

1.0.2 (2016-10-28)

  • Fix relative paths for all environments

1.0.1 (2016-10-28)

  • Support relative requirements.txt paths

1.0.0 (2016-10-27)

  • First release on PyPI.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pip-lock-1.2.0.tar.gz (6.0 kB view details)

Uploaded Source

Built Distribution

pip_lock-1.2.0-py2.py3-none-any.whl (4.7 kB view details)

Uploaded Python 2Python 3

File details

Details for the file pip-lock-1.2.0.tar.gz.

File metadata

  • Download URL: pip-lock-1.2.0.tar.gz
  • Upload date:
  • Size: 6.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for pip-lock-1.2.0.tar.gz
Algorithm Hash digest
SHA256 67894778aff0076f4a60625912f59db01f104a8af5eaed47dbe57320e13c01d0
MD5 5b1a893eddcb4d7ff1d9c3e1e92229b8
BLAKE2b-256 1a4adac61f37e2458b7a165a8f455f6b20fcad8166220bd2499eaedcd0365d32

See more details on using hashes here.

File details

Details for the file pip_lock-1.2.0-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for pip_lock-1.2.0-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 1157557a0a5541bd79354b2bb71c3b6de20c54085b64e7f1da561b6c1a52f8a8
MD5 418abaa5d9ddd21d5cca19f82122855a
BLAKE2b-256 d098c59fbff8b856d2eb521a3846e9b84d2e42bd0e5c714c5a775beb34875516

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page