-1

I would like to get a list of all dependencies required by a set of requirements. Not from what is installed but from what is required (in example setup.py).

If there are conflicts, I would like to get them as well. The closest tool I found is pip-compile, the problem is that he fails when it finds the first conflict.

All other tools I found (pip freeze, pydeptree, pipenv) reflects what is installed and not what is required.

My incentive is to programmatically get all the requirements, try to solve the conflicts (for example, allow high minor version), create requirement.txt and install it.

Lior Cohen
  • 5,570
  • 2
  • 14
  • 30
  • Try this [pipreqs](https://stackoverflow.com/questions/42237072/list-dependencies-in-python) – Albin Paul Oct 15 '18 at 14:17
  • will try it. But from superficial reading I am afraid it will output requirements.txt or will fail while I am looking for the intermediate result of what conflicts my dependency tree has. I believe this is information that tools like pip-compile holds internally, and try to resolve by themselves with their own internal logic. – Lior Cohen Oct 15 '18 at 21:02
  • Tried pipreqs and as I was afraid it did not work. It analyzed the working folder but did not traverse to sub-dependencies at all. – Lior Cohen Oct 23 '18 at 16:11

1 Answers1

0

pip-compile from pip-tools does this:

Suppose you have a Flask project, and want to pin it for production. If you have a setup.py with install_requires=['Flask'], then run pip-compile without any arguments:

$ pip-compile
#
# This file is autogenerated by pip-compile
# To update, run:
#
#    pip-compile --output-file requirements.txt setup.py
#
click==6.7                # via flask
flask==0.12.2
itsdangerous==0.24        # via flask
jinja2==2.9.6             # via flask
markupsafe==1.0           # via jinja2
werkzeug==0.12.2          # via flask

pip-compile will produce your requirements.txt, with all the Flask dependencies (and all underlying dependencies) pinned. You should put requirements.txt under version control.

pip-compile can also take requirements files as input.

pip-sync, from the same package, syncs a virtualenv with what's in the requirements files. This includes removing packages from the virtualenv that aren't in the provided requirements files.

Community
  • 1
  • 1
ChrisGPT was on strike
  • 127,765
  • 105
  • 273
  • 257
  • Chris, thanks but this is not what i asked. It fails with conflicts – Lior Cohen Oct 15 '18 at 14:08
  • Isn't it? The contents of the generated file include the entire dependency tree. – ChrisGPT was on strike Oct 15 '18 at 14:08
  • Ah, now I see your note about conflicts. – ChrisGPT was on strike Oct 15 '18 at 14:10
  • No. It stops on req coflicts. – Lior Cohen Oct 15 '18 at 14:10
  • @LiorCohen, I think it _has to_ stop on conflicts. Without knowing how you choose to resolve the conflicts there's no way to reliably populate the rest of the dependency tree. – ChrisGPT was on strike Oct 15 '18 at 14:27
  • I understand, but I want to resolve with my own logic. Need a tool/function that will analyze what need to be resolved. For example tool that will output, you need: foo=1.2.0 , bar=1.1.1, bar=1.1.2, baz=3.0.0. Now I will decide how to build requirements file from it or decide to fail. – Lior Cohen Oct 15 '18 at 20:56
  • to be more concrete. In my company R&D has a lot of internal packages which are backward in their minor/release versions but break api in major. I want to resolve conflicts that takes the highest minor/release (not the latest) and otherwise fail CI. – Lior Cohen Oct 15 '18 at 21:09