Skip to main content

Detect unused and undeclared Python dependencies

Project description

reqdiff

Detect unused and undeclared Python dependencies.

CI PyPI Python

reqdiff scans your Python project and reports:

  • Unused dependencies — packages listed in your requirements that are never imported
  • Undeclared imports — packages imported in your code that are missing from requirements

Installation

pip install reqdiff

Usage

# Scan the current directory
reqdiff .

# Scan a specific project
reqdiff /path/to/project

# Point to a specific requirements file
reqdiff . --requirements requirements/prod.txt

# Include dev dependencies
reqdiff . --include-dev

# Suppress specific packages from the unused report
reqdiff . --ignore-package boto3

# Output as JSON (useful for CI tooling)
reqdiff . --json

Example output

Scanning: /my/project/**/*.py
Scanned 12 file(s) using 1 requirements source(s)

Unused dependencies (listed in requirements but never imported):
  • boto3

Undeclared imports (imported in code but not in requirements):
  • httpx

✗ Found 2 issues

Exit codes: 0 = clean, 1 = issues found, 2 = scan error.

Supported requirements formats

Format Support
requirements.txt ✓ Full (including -r includes)
pyproject.toml ✓ PEP 621 [project.dependencies] + Poetry
setup.cfg [options] install_requires

Configuration

Add a [tool.reqdiff] section to your pyproject.toml:

[tool.reqdiff]
exclude_dirs = [".venv", "venv", "docs"]
ignore_packages = ["boto3"]        # treat as always-used
ignore_imports = ["mypy_extensions"]  # ignore in undeclared report
include_dev = false

Use as a library

from reqdiff import run_check

result = run_check(".")
print(result.unused_deps)       # ["boto3"]
print(result.undeclared_imports)  # ["httpx"]
print(result.has_issues)          # True

Known limitations

  • Dynamic imports (importlib.import_module("name")) are not detected — only static import statements are analyzed.
  • setup.py (legacy format) is not supported; use pyproject.toml or setup.cfg instead.
  • Packages not installed in the current environment are resolved using a static mapping table. If a package is missing from the table, reqdiff falls back to treating the import name as the package name.

Contributing

Contributions welcome! Please open an issue or pull request on GitHub.

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

reqdiff-0.1.0.tar.gz (15.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

reqdiff-0.1.0-py3-none-any.whl (15.7 kB view details)

Uploaded Python 3

File details

Details for the file reqdiff-0.1.0.tar.gz.

File metadata

  • Download URL: reqdiff-0.1.0.tar.gz
  • Upload date:
  • Size: 15.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for reqdiff-0.1.0.tar.gz
Algorithm Hash digest
SHA256 7c9181d6858bd657c541d470c0c1295c7ea49e7ad7eb833ac238333c4f5b42f7
MD5 ae698cbe76f3d0e3d244b4f5615ef5f5
BLAKE2b-256 fd585af97550ab855a34996f4020bd1b6b7acb3b5bab427821d08cf8a97b409a

See more details on using hashes here.

Provenance

The following attestation bundles were made for reqdiff-0.1.0.tar.gz:

Publisher: publish.yml on Blues1998/reqcheck

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file reqdiff-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: reqdiff-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 15.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for reqdiff-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 a42a4d94bc357f602ed228f173424026ed9765d656bc521e5b87438d66e35e3d
MD5 62230728bdaff226c7bdad6f6c139bf0
BLAKE2b-256 4377f106e902436b72ec9b53c08934da8ca5bca7b300583b554523fc8f4cab76

See more details on using hashes here.

Provenance

The following attestation bundles were made for reqdiff-0.1.0-py3-none-any.whl:

Publisher: publish.yml on Blues1998/reqcheck

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page