Managing Python Dependencies Transcripts
Chapter: Setting Up Reproducible Environments & Application Deploys
Lecture: Requirements Files Best Practices

Login or purchase this course to watch this video and the rest of the course contents.
0:02 Now that you have a good idea about how requirements files work,
0:05 and how you can leverage them to organize your Python dependencies, p
0:09 let's talk about some best practices
0:11 for structuring and organizing your requirements files.
0:14 When it comes to version specifiers, it's a good idea to use
0:18 exact versioning most of the time, this is also called pinning
0:22 and it means that you lock down the exact version
0:25 of a package that will be installed, trust me,
0:28 this will help you avoid headaches in the long run.
0:31 It's also important that you include secondary dependencies
0:34 in their exact version numbers.
0:36 If you don't include secondary dependencies and pin them down to exact versions,
0:41 what can happen is that a secondary dependency gets silently upgraded
0:45 on the next deploy and that might break your application.
0:48 So my recommendation here would be to use exact versions
0:52 for all of your packages including secondary dependencies.
0:56 Now it may make sense to go without a version specifier
1:00 for some development dependencies,
1:02 for example, if you're using a third party debugger,
1:05 like ipdb or pdbpp it can make sense to leave that unpinned
1:10 so that you can always work with the latest version.
1:13 Personally, I am leaning towards pinning as many packages as possible.
1:17 From personal experience, I know that this can help avoid a lot of trouble.
1:21 When it comes to naming your requirements files
1:26 the most popular choice seems to be requirements.txt
1:30 and then also requirements-dev.txt file for those development dependencies.
1:36 Other popular choices for requirements files names,
1:39 include requirements.pip or requirements.lock but really,
1:44 this is just a naming convention and those files would function
1:47 exactly the same as the requirements.txt files you've seen before.
1:52 Whatever you name your file, typically they would be placed
1:55 in the root folder of your project, some projects also create
1:58 a separate requirements folder,
2:01 but services like Heroku typically expect that the requirements file
2:05 sits in the root folder of the project so if you go with this convention,
2:08 it usually makes things a little bit easier for you
2:11 because you won't have to overwrite config variables
2:14 and point them to a non standard location for your requirements files.
2:18 That is why I would recommend that you always
2:20 put them into the root folder of your project.
2:22 One more handy feature in requirements files is that they support comments,
2:27 you can see this in the example here, all you need to do is place a hash character,
2:32 serve like a Python comment and then all text behind that is going to be ignored.
2:37 It's a great idea to use comments in your requirements files,
2:42 for example, you could use them to explain the difference
2:45 between your requirements.txt file and the requirements-dev.txt file,
2:50 this will be helpful for any developer working with the project in the future.
2:55 Or you could leave a comment on a specific dependency
2:57 to explain your choice or to explain why a specific version is needed,
3:02 adding comments to your requirements files is a great idea.
3:06 There is a common question around
3:09 ordering dependencies inside requirements files,
3:12 so should you order them, what order should you put them in,
3:16 usually I start my requirements files with the direct dependencies,
3:20 so these would be the dependencies that
3:22 I initially installed using the pip install command,
3:25 this would include packages like requests, or Flask,
3:29 and I like to sort them alphabetically because that makes it easier
3:33 to find what I am looking for.
3:35 Then, after those direct dependencies I would put a section
3:38 with secondary dependencies and I usually use comments
3:41 to indicate the difference between the two.
3:44 So all of these secondary dependencies are dependencies
3:46 that I didn't install directly through pip install
3:49 but they were installed because a direct dependency required them.
3:53 For example here, if you pip install Flask it will bring in the
3:57 Jinja2 templating library and also the Werkzeug library.
4:01 So my typical workflow here would be to capture all dependencies
4:05 using the pip freeze command and then go through them
4:08 in an editor to split them into direct dependencies
4:11 and secondary dependencies and perform the ordering.
4:14 When you do a pip install using that requirements file
4:16 pip will figure out the right order to install your packages in
4:20 so you don't have to worry about breaking things by changing the order.
4:23 Another best practice that you already learned about
4:26 is the development and production environment split.
4:29 Pip allows you to link up requirements files so that when you install one,
4:32 pip will go out and actually also install the other,
4:35 there is a whole lesson for that in the course, so you might want to rewatch that,
4:39 as it's a highly recommended and very useful feature.
4:41 Let's do a quick recap here, those were the requirements files
4:44 best practices that you just learned,
4:47 first, you learned about the importance of version pinning,
4:50 second, we discussed naming schemes for requirements files,
4:52 after that, you learned how to use comments in requirements files
4:55 and then you learned how you can make your requirements files
4:58 easier to understand by splitting the dependencies into first order
5:02 and secondary dependencies.
5:04 And finally, we did a quick recap on the technique that allows you
5:07 to split up your development and production dependencies.
5:09 If you follow these conventions, and best practices,
5:12 it will make it easier for other developers to work with your Python projects.