New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Generate requirements.txt from Pipfile.lock #3493
Comments
Pipenv doesn't provide a way for this, you can seek for other pipfile utility libraries such as pipfile-requirements |
you can run
|
That's what I mentioned as a workaround in the first post. But it works only if you have your pipenv environment synchronized (all packages are installed). jq -r '.default
| to_entries[]
| .key + .value.version' \
Pipfile.lock > requirements.txt |
LOL, I have already mentioned that library. |
I, personally, dislike to have a dedicated library for that. Also, there is a higher chance that a team member already has |
you can even run
|
It will not work as you expect, because, as I wrote:
In other words, it performs an update, which potentially can destroy a distribution. Imagine, you generate If you don't want to use |
@Zebradil your However, after a few git commits I noticed the difference between what
|
Hi @ye, nice comparison of the methods. It might help people choosing proper solution for their particular situation and avoid caveats. Yes, as you said, the proposed approach with To avoid having differences in generated requirements.txt one should consider using the same approach every time. In a similar way, using different code formatting tools might lead to inconsistent results. So, I don't see a problem here. |
Hi, Thanks for your solution. I ran into the same problem but I also need the definition of sources created by @Zebradil I think you mentioned that. So I created yet another minimal no-dependencies script in python that includes that functionality. It also expands env vars in case that you have your sources defined that way in your Pipfile. If anybody wants to take a look I'll leave it here: https://gist.github.com/rcastill/dab85c234dd10fa7af56755116c75aee |
In case it helps anyone else, here's how to include the hashes in the results:
This creates entries like
Which makes If you want to include only the requirements which were in the original requirements file (provided they were already locked to a specific version with
|
Here's a small python script in case you want to turn the import configparser
def main():
parser = configparser.ConfigParser()
parser.read("Pipfile")
packages = "packages"
with open("requirements.txt", "w") as f:
for key in parser[packages]:
value = parser[packages][key]
f.write(key + value.replace("\"", "") + "\n")
if __name__ == "__main__":
main() |
@frostming Hi, I found https://github.com/frostming/pipfile-requirements useful but why it didn't get integrated into pipenv? |
@linusguan The tool exists for those who don't want to install the big pipenv library, when you have installed pipenv, you can use |
@frostming I find it quite useful for use with other tools that do not support pipfile.lock. |
Here is yet another python script to generate requirements.txt from Pipfile.lock file with hashes: import os
import json
__dir__ = os.path.dirname(os.path.realpath(__file__))
def read_json_file(path):
with open(path) as f:
return json.load(f)
def main():
root = read_json_file(os.path.join(__dir__, 'Pipfile.lock'))
for name, pkg in root["default"].items():
version = pkg["version"]
sep = lambda i: "" if i == len(pkg["hashes"]) - 1 else " \\"
hashes = [f'--hash={t}{sep(i)}' for i, t in enumerate(pkg["hashes"])]
tail = '' if len(hashes) == 0 else f' {hashes[0]}'
print(f'{name} {version}{tail}')
for h in hashes[1:]:
print(f' {h}')
if __name__ == "__main__":
main() |
@Zebradil Thanks! Your solution really worked for me.
|
It looks like this can be solved with the
P.S. that's an annoyingly verbose flag to solve this |
Unfortunately @jacobisaliveandwell the --keep-outdated flag appears to update subdependencies: #3975 |
@paytonrules That's a bug, but the spirit of the flag is still the answer to this issue. P.S. No need to thumbs down for that :-( |
Just want to mention that from stated workarounds, there are differences: |
Pure bash, just packages, nothing else, in case someone cannot or does not want to install jq, just in case it helps someone,
Updated to handles extras as per @vincentlepage comment below #3493 (comment) |
Is there anything that also copies the hashes from the Pipfile to requirements.txt (e.g. given something like a platform str) so that
|
You can use micropipenv that can convert Pipenv.lock (also poetry.lock) files to requirements.txt (raw requirements.txt or pip-tools compatible). See https://github.com/thoth-station/micropipenv/#micropipenv-requirements--micropipenv-req |
As mentioned in the blog post mentioned above, but not in this thread yet, for development dependencies you need another one-liner if you're going the
|
Works almost perfectly, though I had an issue with some "extras". cat Pipfile.lock |
I just saw this issue in my e-mail and it made me wonder: Seriously? Couldn't you use a part of pipenv via Python to read in the lock file and get some kind of data structure, which contains the version numbers you are looking for and then write them to a simple requirements file? That seems like a much more robust approach to me, than the script posted. However, I am not even sure Pipenv allows for such a way, so it might just be a fantasy on my part. |
I'm using poetry instead of pipenv whenever I can — that solves the problem. Not sure if there are any reasons to use pipenv nowadays, except maybe in older projects, where the team is against that. |
To be fair, both tools have their share of issues. For a long time Poetry seemed to only use a single core for all installation of packages into an environment, while Pipenv already used multiple cores. Then there are problems installing some packages on either of the two tools. Something always comes up when working with either one of them. I see regressions in issues of both tools. Simple things like parsing version numbers of packages fails. I think both tools are already valuable, as I have used both in real projects, but still have a some way to go in terms of code quality and testing. I appreciate, that people are working on both tools and I guess only time will tell, which one will be more used. |
|
@glensc it was replaced by the standalone requirements command. |
ok, found this:
|
Thanks |
Actually |
How to generate
requirements.txt
file from existingPipfile.lock
without locking?When I run
pipenv lock -r
it ignores existingPipfile.lock
and does locking process again.There is a workaround for this:
In my particular situation I'm building docker image and using
requirements.txt
inDockerfile
. I'd like to avoid creating virtual environment on the host machine just to be able to createrequirements.txt
.The text was updated successfully, but these errors were encountered: