5

I've read an article on Pipenv to understand some concepts like the purpose of a lock file and I think that I'm having some misconceptions.

It discusses that having a Pipfile.lock insures us that we can reproduce the same exact working environment when deploying the application into the production environment without any surprises.

In other words:

it provides a deterministic builds for your Python project without gaining the responsibility of updating versions of sub-dependencies.

My conception is that with a Pipfile, I can update all packages while being certain that I can always bring my working environment back using the Pipfile.lock. And if after update everything was working fine I can lock the environment using pipenv lock. However I can't seem to find a way to update the packages without re-generating the Pipfile.lock and loosing the last working state of the project.

Am I missing something here? Is this workflow wrong?

Ravexina
  • 2,406
  • 2
  • 25
  • 41
  • How about you use git for that? – Bojan Kogoj Mar 23 '21 at 10:50
  • @BojanKogoj Sure... But what I'm actually trying to understand is why the `lock file` does not work as intended; Or if there is something that I'm missing about how `pipenv` does work. – Ravexina Mar 23 '21 at 11:06
  • Lock file works as intended. It's purpose is to prevent server from having different version than user. We had this situation, in "patch" they (library) made a breaking change, and server updated and stopped working. Took me hours to find out what was wrong because it was working locally. – Bojan Kogoj Mar 23 '21 at 11:10

0 Answers0