6

If you work on a project that uses both setup.py and Pipfile you often find the same values in: Pipfile/[packages] and setup.py/install_requires.

Does anyone know how I can tell Pipfile to use values from setup.py/install_requires for [packages]?

Rotareti
  • 49,483
  • 23
  • 112
  • 108

1 Answers1

7

Within your setup.py:

  1. Define a function to read a section:

    def locked_requirements(section):
"""Look through the 'Pipfile.lock' to fetch requirements by section."""
    with open('Pipfile.lock') as pip_file:
        pipfile_json = json.load(pip_file)

    if section not in pipfile_json:
        print("{0} section missing from Pipfile.lock".format(section))
        return []

    return [package + detail.get('version', "")
            for package, detail in pipfile_json[section].items()]

  2. Within the setup function return the list from the default section:

    setup(
    # ...snip...
    install_requires=locked_requirements('default'),
    # ...snip...
)

IMPORTANT NOTE: include Pipfile.lock within the MANIFEST.in like:

include Pipfile.lock
Scott Robert Schreckengaust
  • 369
  • 2
  • 5
  • 3
    Thank you for the solution. One question: why should we include a `MANIFEST.in`? We tried without it and `Pipfile.lock` still is shipped in the Python wheel. – ivankeller Nov 19 '19 at 15:05
  • https://stackoverflow.com/questions/24727709/do-python-projects-need-a-manifest-in-and-what-should-be-in-it https://docs.python.org/3/distutils/configfile.html https://docs.python.org/3/distutils/sourcedist.html – Scott Robert Schreckengaust Dec 05 '19 at 23:58
  • Why we should use Pipfile.lock? I was inspired by your answer but my function in setup.py reads only [packages] section from Pipfile (and ignore [dev-packages]). It skips packages which are not needed for runtime. Is there some drawback which I do not see now? – eNca Aug 05 '21 at 06:43
  • The `Pipfile.lock` will not drift with updated packages, using the `Pipfile` may have breaking results due to downstream dependencies or breaking version changes. – Scott Robert Schreckengaust Mar 14 '22 at 21:05