Managing Python Dependencies Transcripts
Chapter: Setting Up Reproducible Environments & Application Deploys
Lecture: Capturing Project Dependencies
Login or
purchase this course
to watch this video and the rest of the course contents.
0:01
Now how do you create one of those requirements files? One way to do it would be to just create a text file, and type your dependencies into it.
0:10
And that might be a pretty good way to do it. On the other hand, it becomes very difficult to actually capture all of the dependencies,
0:18
including the secondary or transitive dependencies for you application. Luckily, pip can help you with that.
0:26
So what I am going to do now is I am going to show you the pip freeze command you can use to create requirements files very easily.
0:33
I am in my terminal here and I've got a virtual environment activated. So to show you that this is a completely new virtual environment
0:41
where I haven't installed any third party dependencies, I am going to run the pip list command.
0:47
You can see here that this just contains the internals for pip and there are no third party packages here.
0:55
pip freeze is the magic incantation for creating these requirements files. Now watch what happens when I run pip freeze on a virtual environment
1:03
without third party packages. That is right, nothing happens. Because there is nothing for pip to freeze.
1:11
So now I am going to install a couple of third party packages so we can actually start creating a requirements file.
1:18
Alright, I just installed the latest version of Requests and now, when I run pip list again, you can see here that Requests shows up in this list,
1:31
now we could just take that and type it out into a separate requirements.txt file but really this is what the pip freeze command is made for.
1:40
So when I run the pip freeze command now, I get a different result, it actually captured the Requests library as a third party dependency,
1:48
so the output of the pip freeze command is all we need to create our requirements.txt file.
1:54
We can actually just take that output and pipe it into a requirements.txt file, and we don't even need to copy paste it
2:04
and go through a separate editor, let me show you how that works. So this is the command I would run here, and once that finished,
2:12
it created a new requirements.txt file. So when I take a look at this file you can see that it contains exactly the output of the pip freeze command,
2:21
and that is a very quick way to capture the dependencies that are installed in your virtual environment or in any Python environment for that matter.
2:29
Now before we move on, I want to show you how pip freeze, not only captures the top level dependencies,
2:37
but it actually is smart enough to go and capture all of the secondary or so called transitive dependencies,
2:44
to include them in its output which we could then put into requirements.txt file. So Requests doesn't actually have any third party dependencies,
2:52
so it doesn't really make a great example here, so now I am going to install the Flask module, as another third party dependency
2:59
because Flask actually contains a bunch of secondary dependencies that I can then use to demo how pip freeze deals with them.
3:11
Okay, so I just installed Flask here and you can already see that it came with a bunch of third party dependencies,
3:19
and now these should actually show up if I run pip freeze again, as secondary or transitive dependencies,
3:28
alright, so there we go, when I run pip freeze again, with Flask installed, it's also listing the other dependencies or the secondary dependencies
3:38
that Flask brought with it, because really all I did here initially was run pip install Flask and then Flask itself brought in
3:45
all of these other secondary dependencies. Capturing these secondary dependencies is super important to make an environment reproducible.
3:54
As you can see here, pip freeze does exactly that, so if I regenerate my requirements file, you can see that this captures all of the dependencies,
4:08
so with this requirements file, we're in a pretty good shape to completely reproduce this exact environment
4:15
on another machine including the exact version specifiers and including all of the dependencies and secondary dependencies
4:22
that our application might need. Here is a quick recap on capturing dependencies
4:28
using the pip freeze command, basically you'll run the pip freeze command and then take its output to create your requirements.txt file,
4:37
and then you would include the requirements file with your project so that another developer can recreate the exact same environment
4:44
that you were using at the time when you created the pip freeze file. Please note that the requirements file only specifies third party packages
4:54
and their version numbers, so this is not going to specify exactly which version of the Python interpreter to use for example.
5:02
pip freeze is the most important ingredient for achieving repeatability, so with pip freeze you can capture all dependencies of your programs
5:11
including secondary dependencies and their exact version numbers. So it's really important to capture the secondary dependencies
5:19
also because if you only specify the first level or top level dependencies,
5:25
what could happen is there might be a silent update for a secondary dependency and this could then cause trouble down the line
5:32
when someone tries to install your program at a later point in time. To avoid surprises, it's a good idea to always provide a requirements file
5:41
that includes all of the secondary dependencies and their exact version numbers with your program.