Pipenv

Python Dev Workflow for Humans

Alex Riviere

  • Web Developer
  • Primarily uses Django and Vue
  • https://alex.party

How do you manage dependencies?

python setup.py install
easy_install NameOfPackage
pip install NameOfPackage

How do you manage environment?

virtualenv nameOfDirectory
python3 -m venv nameOfDirectory
mkvirtualenv nameOfEnvironment

Enter Pipenv

pip install --user pipenv

What can it do?

  • Automatically creates a virtual environment for projects
  • Automatically adds dependencies to a Pipfile when installed
  • Creates a Pipfile.lock lockfile to pin libraries at a specific version

Who Made it?

Kenneth Reitz

 Creator of

Requests: HTTP for Humans

 

How do I use it?

pipenv install requests
  • Checks for a virtual environment
  • Creates one if needed
  • Adds requests to Pipfile
  • Pins requests version in Pipfile.lock

You mentioned development dependencies...

pipenv install --dev pytest
  • Checks for a virtual environment
  • Creates one if needed
  • Adds pytest to Dev section of Pipfile
  • Pins pytest version in Pipfile.lock

Help a friend set up their environment

pipenv install
  • Checks for a virtual environment
  • Creates one if needed
  • looks at the Pipfile and installs the dependencies
  • Updates the Pipfile.lock with minor version bumps

How do I install for deployment?

pipenv sync
  • Checks for a virtual environment
  • Creates one if needed
  • looks at the Pipfile.lock and installs the pinned versions

But Alex! I already have a project using requirements.txt!

pipenv install -r requirements.txt
  • Checks for a virtual environment
  • Creates one if needed
  • adds everything from requirements.txt to your Pipfile and installs them

How do I run things in my virtual environment?

pipenv run python name_of_script.py

That seems like a lot to type just to run a command...

pipenv shell

Drops you into your virtual environment.

I heard that there was a security vulnerability in a library I use, and I want to know if I'm affected!

pipenv check

Uses the Pyup.io safety package to check all dependencies in your tree for vulnerabilities.

12-Factor Apps and Environment Variables

Pipenv will use a .env file to update your virtual environment.

So... you know... don't commit your .env file.

What does a Pipfile look like?

[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true
name = "pypi"

[packages]
requests = "*"


[dev-packages]
pytest = "*"

Let's talk about Node.js and npm for a few seconds...

// package.json
{
//...
    "scripts": {
        "dev": "node build/dev-server.js",
        "start": "node build/dev-server.js",
        "build": "node build/build.js"
    },
//...
}
npm run dev

Well, Pipenv does that too.

[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true
name = "pypi"

[packages]
requests = "*"

[dev-packages]
pytest = "*"

[scripts]
printspam = "python -c \"print('I am a silly example, no one would need to do this')\""
pipenv run printspam

What it is for

  • New Applications
  • Existing Applications
  • Managing dependencies for reproducible environments

What it isn't for

  • Not a build tool for modules/libraries
  • Might be overkill for a one liner
  • Not as useful if you are using only builtin libraries

Pipenv

  • Enables truly deterministic builds, while easily specifying only what you want.
  • Generates and checks file hashes for locked dependencies.
  • Automatically finds your project home, recursively, by looking for a Pipfile.
  • Automatically generates a Pipfile, if one doesn’t exist.
  • Automatically creates a virtualenv in a standard location.
  • Automatically adds/removes packages to a Pipfile when they are un/installed.
  • Automatically loads .env files, if they exist.

Questions?

This talk:

https://slides.com/fimion/pipenv-pyatl-december-2018/

 

Pipenv Docs:

https://pipenv.readthedocs.io/en/latest/

pipenv

By Alex Riviere

pipenv

  • 654

More from Alex Riviere