This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Latest Version Dependencies status unknown Test status unknown Test coverage unknown
Project Description


This is a safeguard against typos when running pip install -r requirements-dev.txt. If you leave out the -r by accident, this package will cause your installation to abort.

$ pip install requirements-dev.txt
Collecting requirements-dev.txt
Installing collected packages: requirements-dev.txt
  Running install for requirements-dev.txt ... error
    Complete output from command:
    running install
    It looks like you meant to type `pip install -r requirements-dev.txt`,
    but you left out the `-r` by accident. Aborting installation.


If we had no such package on PyPI, you could accidentally install a package installed with the name of your requirements file. A malicious user could register a package that would mimic proper installation process and also launch anny arbitrary code.

PyPI (fortunately) does not allow requirements.txt as a package name, so that case is handled already. All forbidden package names that are hardcoded in PyPI source code are:

  • requirements.txt
  • rrequirements.txt
  • requirements-txt
  • rrequirements-txt

But it obviously does not cover all popular cases. This is why this sources are distributed on PyPI under few popular names that are not forbidden by PyPI:

  • requirements-dev.txt
  • requirements-dev
  • requirements-test.txt
  • requirements-test

Did it ever happen?

Yeah. Typo squatting happens on PyPI from time to time. This project is the best example of that. Previous version of requirements.txt actually did something more than aborting its installation. It provided a specially crafted script that could:

  • look on your filesystem to find a requirements file you intended to install
  • install all packages in another pip subprocess
  • display output that would mimick normal installation process

Newer versions of pip completely swallow all output of package installation script but thih behavior can be easily bypassed - at least on OS X and Linux. Also runtime version switch (to 0.0.0) allowed to install this package over and over becasue there was always newer version available on PyPI. If something went wrong (especially on Windows) it resulted in crypting and rude error message.

Nothing harmful. Actually useful sometimes. At least in my personal opinion. Anyway my sense of usability and humour was contested by some people. This is why requirements.txt will longer install other packages and always exit with error code during installation. This is mostly thanks to pull-request from @aanand and his points. I may not agree with all of them but I respect people’s PRs.

Nevertheless, some additional messages may be displayed during installation attempt. You know… It was made for fun.

If you are interested in hacks included in previous version of this package refer to contested-sense-of-humour branch or end-of-fun tag in this project’s repository.

Release History

Release History


This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

TODO: Brief introduction on what you do with files - including link to relevant help section.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
requirements-tests-1.0.0.tar.gz (3.5 kB) Copy SHA256 Checksum SHA256 Source Apr 27, 2016

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting