A dependency management tool for python projects

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for enorganic from gravatar.com enorganic

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author:
  • Tags dependencies, requirements
  • Requires: Python ~=3.9

Project description

dependence

test PyPI version

Dependence provides a Command Line Interface and library for aligning a python projects' declared dependencies with the package versions installed in the environment in which dependence is executed, and for "freezing" recursively resolved package dependencies (like pip freeze, but for a package, instead of the entire environment).

Installation

You can install dependence with pip:

pip3 install dependence

Example Usage

Listing Dependencies

The dependence freeze command, and the dependence.freeze.freeze function, print all requirements for one or more specified python project, requirements.txt, pyproject.toml, setup.cfg, or tox.ini files. The output format matches that of pip freeze, but only lists dependencies of indicated packages and/or editable project locations.

You may refer to the dependence freeze CLI reference and/or dependence.freeze API reference for details concerning this command/module, related options, and more complex use case examples.

We'll use this project, dependence, as a simple example. To start with, let's see what the currently installed dependencies for this package look like at the time of writing:

$ dependence freeze .
packaging==24.1
pip==24.3.0
setuptools==75.1.0
tomli==2.1.0
tomli_w==1.0.0

...now let's save this output for later comparison purposes:

dependence freeze . > requirements_before.txt

Now, we'll upgrade our dependencies and see what they look like after:

$ pip install -q --upgrade --upgrade-strategy eager . && dependence freeze .
packaging==24.2
pip==24.3.1
setuptools==75.3.0
tomli==2.2.1
tomli_w==1.0.0

...next let's dump them to a file and compare them with our previous dependencies:

$ dependence freeze . > dependence_after.txt
$ diff dependence_before.txt dependence_after.txt
1,5c1,5
< packaging==24.1
< pip==24.3.0
< setuptools==75.1.0
< tomli==2.1.0
< tomli_w==1.0.0
---
> packaging==24.2
> pip==24.3.1
> setuptools==75.3.0
> tomli==2.2.1
> tomli_w==1.0.1

As you can see above, all of our dependencies have been upgraded.

Updating Requirement Specifiers

To start with, let's take a look at our pyproject.toml file:

[project]
name = "dependence"
version = "1.0.0"
dependencies = [
    "packaging>23",
    "pip",
    "setuptools>63",
    "tomli-w~=1.0",
    "tomli~=2.1",
]

Now that we've upgraded our dependencies, we want to update our pyproject.toml file to align with our upgraded dependencies. This is desirable to ensure that dependence isn't installed alongside a version of one of its dependencies preceding functionality utilized by dependence.

dependence update pyproject.toml

Afterwards, our pyproject.toml file looks like this:

[project]
name = "dependence"
version = "1.0.0"
dependencies = [
    "packaging>23",
    "pip",
    "setuptools>63",
    "tomli-w~=1.0",
    "tomli~=2.2",
]

Here's the diff:

$ diff pyproject_before.toml pyproject_after.toml
9c9
<     "tomli~=2.1",
---
>     "tomli~=2.2",

As you can see, only the version specifier for tomli changed. We know that every dependency was upgraded, wo why was only the tomli version specifier updated? By design. Here are the rules dependence update adheres to:

  • We only update requirements versions when they have inclusive specifiers. For example, ~=, >=, and <= are inclusive, whereas !=, >, and < are exclusive. For this reason, nothing changed for "packaging" and "setuptools" in our above example.
  • We always retain the existing level of specificity. If your version specifier is ~=1.2, and the new version is 1.5.6, we're going to update your specifier to ~=1.5. If your requirement has a minor version level of specificity, and only a patch version upgrade is performed, nothing will change in your project dependency specifier. This is why you do not see any change in our above pyproject.toml file for the tomli-w dependency—both new and old share the same minor version.
  • If your requirement is unversioned, we don't touch it, of course. This is why you didn't see any change for "pip".

You may refer to the dependence update CLI reference and/or dependence.update API reference for details concerning this command/module, related options, and more complex use cases/examples.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page