Re: [Distutils] Parsing requirements, pip has no API ...
On Feb 13, 2015, at 4:44 PM, Ian Cordasco graffatcolmin...@gmail.com wrote:
pip is a command-line tool. The fact that you can import it doesn't
make it a library. If it documents no public API then it has none and
you shouldn't be relying on things that you can import from pip. You
can import requests from pip but you shouldn't do that either.
There seems to be a need for a separate library for this use case but
there isn't at the moment. In general, requirements.txt seems to be an
anti-pattern. You either have to use likely to break tooling or you'll
have to reinvent that from scratch. You're better off putting it
directly in setup.py and using setup.py to install dependencies in a
virtualenv instead of requirements.txt
On Fri, Feb 13, 2015 at 3:27 PM, Thomas Güttler
guettl...@thomas-guettler.de wrote:
I was told:
{{{
Pip does not have a public API and because of that there is no backwards
compatibility contract. It's impossible to fully parse every type of
requirements.txt without a session so either parse_requirements needs to
create one if it doesn't (which means if we forget to pass in a session
somewhere it'll use the wrong one) or it needs one passed in.
}}}
From https://github.com/pypa/pip/issues/2422#issuecomment-74271718
Up to now we used parse_requirements() of pip, but in new versions you need
to pass in a
session.
If I see changes like this:
setup.py
- install_requires=[str(req.req) for req in
parse_requirements(requirements.txt)],
+ install_requires=[str(req.req) for req in
parse_requirements(requirements.txt, session=uuid.uuid1())],
... I think something is wrong.
I am not an expert in python packaging details. I just want it to work.
What is wrong here?
- You should not use parse_requirements() in setup.py
- pip should not change its API.
- you should not use pip at all, you should use ...?
Regards,
Thomas
--
http://www.thomas-guettler.de/
___
Distutils-SIG maillist - Distutils-SIG@python.org
https://mail.python.org/mailman/listinfo/distutils-sig
___
Distutils-SIG maillist - Distutils-SIG@python.org
https://mail.python.org/mailman/listinfo/distutils-sig
requirements.txt and setup.py serve different purposes, requirements.txt is for
an environment, setup.py is for a package. It doesn't make sense for a setup.py
to read from a requirement.txt just like it wouldn't make sense for a deb
package to read from a Chef cookbook.
Often the reason people do this is they want to support people installing their
thing with ``pip install -r requirements.txt`` from within a check out without
needing to list their dependencies twice. That's a reasonable thing to want
which is why the requirements file format has a construct that enables it,
simply make a requirements.txt file that contains . or -e . and pip will
automatically install the project and all of it's dependencies.
For more information, see https://caremad.io/2013/07/setup-vs-requirement/.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Distutils-SIG maillist - Distutils-SIG@python.org
https://mail.python.org/mailman/listinfo/distutils-sig
Re: [Distutils] Parsing requirements, pip has no API ...
pip is a command-line tool. The fact that you can import it doesn't
make it a library. If it documents no public API then it has none and
you shouldn't be relying on things that you can import from pip. You
can import requests from pip but you shouldn't do that either.
There seems to be a need for a separate library for this use case but
there isn't at the moment. In general, requirements.txt seems to be an
anti-pattern. You either have to use likely to break tooling or you'll
have to reinvent that from scratch. You're better off putting it
directly in setup.py and using setup.py to install dependencies in a
virtualenv instead of requirements.txt
On Fri, Feb 13, 2015 at 3:27 PM, Thomas Güttler
guettl...@thomas-guettler.de wrote:
I was told:
{{{
Pip does not have a public API and because of that there is no backwards
compatibility contract. It's impossible to fully parse every type of
requirements.txt without a session so either parse_requirements needs to
create one if it doesn't (which means if we forget to pass in a session
somewhere it'll use the wrong one) or it needs one passed in.
}}}
From https://github.com/pypa/pip/issues/2422#issuecomment-74271718
Up to now we used parse_requirements() of pip, but in new versions you need
to pass in a
session.
If I see changes like this:
setup.py
- install_requires=[str(req.req) for req in
parse_requirements(requirements.txt)],
+ install_requires=[str(req.req) for req in
parse_requirements(requirements.txt, session=uuid.uuid1())],
... I think something is wrong.
I am not an expert in python packaging details. I just want it to work.
What is wrong here?
- You should not use parse_requirements() in setup.py
- pip should not change its API.
- you should not use pip at all, you should use ...?
Regards,
Thomas
--
http://www.thomas-guettler.de/
___
Distutils-SIG maillist - Distutils-SIG@python.org
https://mail.python.org/mailman/listinfo/distutils-sig
___
Distutils-SIG maillist - Distutils-SIG@python.org
https://mail.python.org/mailman/listinfo/distutils-sig
[Distutils] Parsing requirements, pip has no API ...
I was told:
{{{
Pip does not have a public API and because of that there is no backwards
compatibility contract. It's impossible to fully parse every type of
requirements.txt without a session so either parse_requirements needs to create
one if it doesn't (which means if we forget to pass in a session somewhere
it'll use the wrong one) or it needs one passed in.
}}}
From https://github.com/pypa/pip/issues/2422#issuecomment-74271718
Up to now we used parse_requirements() of pip, but in new versions you need to
pass in a
session.
If I see changes like this:
setup.py
- install_requires=[str(req.req) for req in
parse_requirements(requirements.txt)],
+ install_requires=[str(req.req) for req in
parse_requirements(requirements.txt, session=uuid.uuid1())],
... I think something is wrong.
I am not an expert in python packaging details. I just want it to work.
What is wrong here?
- You should not use parse_requirements() in setup.py
- pip should not change its API.
- you should not use pip at all, you should use ...?
Regards,
Thomas
--
http://www.thomas-guettler.de/
___
Distutils-SIG maillist - Distutils-SIG@python.org
https://mail.python.org/mailman/listinfo/distutils-sig
Re: [Distutils] Parsing requirements, pip has no API ...
On Fri, Feb 13, 2015 at 3:59 PM, Marcus Smith qwc...@gmail.com wrote: In general, requirements.txt seems to be an anti-pattern. You either have to use likely to break tooling or you'll have to reinvent that from scratch. You're better off putting it directly in setup.py and using setup.py to install dependencies in a virtualenv instead of requirements.txt I don't know your context for calling it an anti-pattern, but there are valid use cases for requirements.txt vs install_requires. here's what the Python Packaging User Guide has on the distinction https://packaging.python.org/en/latest/requirements.html skipping to the distinctions, it lists four: Whereas install_requires defines the dependencies for a single project, Requirements Files are often used to define the requirements for a complete python environment. Whereas install_requires requirements are minimal, requirements files often contain an exhaustive listing of pinned versions for the purpose of achieving repeatable installations of a complete environment. Whereas install_requires requirements are “Abstract”, requirements files often contain pip options like --index-url or --find-links to make requirements “Concrete”. [1] Whereas install_requires metadata is automatically analyzed by pip during an install, requirements files are not, and only are used when a user specifically installs them using pip install -r. In 90% of the cases I see, requirements.txt are used to define the requirements for the project to function which typically are the exact same requirements necessary when installing the project. People also will then write a test-requirements.txt (or dev-requirements.txt) file to have a complete development environment. In this case, Thomas seems to be using requirements.txt to define the requirements necessary when installing the software they're developing. If requirements.txt were used solely for a development environment, they would look more like | . | dev-requirement-1=0.1 | # etc. Instead they seem to be used more to define the same requirements someone would define in install_requires. This is the anti-pattern I'm talking about. ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
Re: [Distutils] Parsing requirements, pip has no API ...
In general, requirements.txt seems to be an anti-pattern. You either have to use likely to break tooling or you'll have to reinvent that from scratch. You're better off putting it directly in setup.py and using setup.py to install dependencies in a virtualenv instead of requirements.txt I don't know your context for calling it an anti-pattern, but there are valid use cases for requirements.txt vs install_requires. here's what the Python Packaging User Guide has on the distinction https://packaging.python.org/en/latest/requirements.html skipping to the distinctions, it lists four: Whereas install_requires defines the dependencies for a single project, *Requirements Files* https://pip.pypa.io/en/latest/user_guide.html#requirements-files are often used to define the requirements for a complete python environment. Whereas install_requires requirements are minimal, requirements files often contain an exhaustive listing of pinned versions for the purpose of achieving *repeatable installations* https://pip.pypa.io/en/latest/user_guide.html#repeatability of a complete environment. Whereas install_requires requirements are “Abstract”, requirements files often contain pip options like --index-url or --find-links to make requirements “Concrete”. [1] https://packaging.python.org/en/latest/requirements.html#id4 Whereas install_requires metadata is automatically analyzed by pip during an install, requirements files are not, and only are used when a user specifically installs them using pip install -r. ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
Re: [Distutils] Parsing requirements, pip has no API ...
In 90% of the cases I see, requirements.txt are used to define the requirements for the project to function which typically are the exact same requirements necessary when installing the project. People also will then write a test-requirements.txt (or dev-requirements.txt) file to have a complete development environment. In this case, Thomas seems to be using requirements.txt to define the requirements necessary when installing the software they're developing. If requirements.txt were used solely for a development environment, they would look more like | . | dev-requirement-1=0.1 | # etc. Instead they seem to be used more to define the same requirements someone would define in install_requires. This is the anti-pattern I'm talking about. understood, I hear you, but for a breakdown of some valid use cases, the pip docs covers 4 good use cases https://pip.pypa.io/en/latest/user_guide.html#requirements-files ___ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
