Managing Python Dependencies Transcripts
Chapter: Setting Up Reproducible Environments & Application Deploys
Lecture: Capturing Project Dependencies
Login or
purchase this course
to watch this video and the rest of the course contents.
0:01
Now how do you create one of those requirements files?
0:04
One way to do it would be to just create a text file,
0:07
and type your dependencies into it.
0:09
And that might be a pretty good way to do it.
0:12
On the other hand, it becomes very difficult to actually
0:15
capture all of the dependencies,
0:17
including the secondary or transitive dependencies for you application.
0:22
Luckily, pip can help you with that.
0:25
So what I am going to do now is I am going to show you
0:28
the pip freeze command you can use to create requirements files very easily.
0:32
I am in my terminal here and I've got a virtual environment activated.
0:36
So to show you that this is a completely new virtual environment
0:40
where I haven't installed any third party dependencies,
0:43
I am going to run the pip list command.
0:46
You can see here that this just contains the internals for pip
0:51
and there are no third party packages here.
0:54
pip freeze is the magic incantation for creating these requirements files.
0:59
Now watch what happens when I run pip freeze on a virtual environment
1:02
without third party packages. That is right, nothing happens.
1:07
Because there is nothing for pip to freeze.
1:10
So now I am going to install a couple of third party packages
1:13
so we can actually start creating a requirements file.
1:17
Alright, I just installed the latest version of Requests and now,
1:24
when I run pip list again, you can see here that Requests shows up in this list,
1:30
now we could just take that and type it out into a separate requirements.txt file
1:36
but really this is what the pip freeze command is made for.
1:39
So when I run the pip freeze command now, I get a different result,
1:42
it actually captured the Requests library as a third party dependency,
1:47
so the output of the pip freeze command is
1:50
all we need to create our requirements.txt file.
1:53
We can actually just take that output and pipe it into a requirements.txt file,
1:59
and we don't even need to copy paste it
2:03
and go through a separate editor, let me show you how that works.
2:07
So this is the command I would run here, and once that finished,
2:11
it created a new requirements.txt file.
2:14
So when I take a look at this file you can see that it contains
2:17
exactly the output of the pip freeze command,
2:20
and that is a very quick way to capture the dependencies
2:23
that are installed in your virtual environment
2:26
or in any Python environment for that matter.
2:28
Now before we move on, I want to show you how pip freeze,
2:32
not only captures the top level dependencies,
2:36
but it actually is smart enough to go and capture all of the secondary
2:40
or so called transitive dependencies,
2:43
to include them in its output which we could then put into requirements.txt file.
2:48
So Requests doesn't actually have any third party dependencies,
2:51
so it doesn't really make a great example here,
2:53
so now I am going to install the Flask module, as another third party dependency
2:58
because Flask actually contains a bunch of secondary dependencies
3:02
that I can then use to demo how pip freeze deals with them.
3:10
Okay, so I just installed Flask here and you can already see
3:13
that it came with a bunch of third party dependencies,
3:18
and now these should actually show up if I run pip freeze again,
3:22
as secondary or transitive dependencies,
3:27
alright, so there we go, when I run pip freeze again, with Flask installed,
3:31
it's also listing the other dependencies or the secondary dependencies
3:37
that Flask brought with it, because really all I did here initially
3:40
was run pip install Flask and then Flask itself brought in
3:44
all of these other secondary dependencies.
3:47
Capturing these secondary dependencies is super important
3:50
to make an environment reproducible.
3:53
As you can see here, pip freeze does exactly that,
3:55
so if I regenerate my requirements file,
4:03
you can see that this captures all of the dependencies,
4:07
so with this requirements file, we're in a pretty good shape
4:10
to completely reproduce this exact environment
4:14
on another machine including the exact version specifiers
4:18
and including all of the dependencies and secondary dependencies
4:21
that our application might need.
4:25
Here is a quick recap on capturing dependencies
4:27
using the pip freeze command, basically you'll run the pip freeze command
4:31
and then take its output to create your requirements.txt file,
4:36
and then you would include the requirements file with your project
4:39
so that another developer can recreate the exact same environment
4:43
that you were using at the time when you created the pip freeze file.
4:47
Please note that the requirements file only specifies third party packages
4:53
and their version numbers, so this is not going to specify
4:56
exactly which version of the Python interpreter to use for example.
5:01
pip freeze is the most important ingredient for achieving repeatability,
5:06
so with pip freeze you can capture all dependencies of your programs
5:10
including secondary dependencies and their exact version numbers.
5:14
So it's really important to capture the secondary dependencies
5:18
also because if you only specify the first level or top level dependencies,
5:24
what could happen is there might be a silent update for a secondary dependency
5:28
and this could then cause trouble down the line
5:31
when someone tries to install your program at a later point in time.
5:35
To avoid surprises, it's a good idea to always provide a requirements file
5:40
that includes all of the secondary dependencies
5:42
and their exact version numbers with your program.