• Home
  • About
    • Harshad Ranganathan photo

      Harshad Ranganathan

      Multi-Cloud ☁ | Kubernetes Certified

    • Learn More
    • Email
    • LinkedIn
    • Github
    • StackOverflow
  • Posts
    • All Posts
    • All Tags
  • Projects

Pipenv: Python Packaging Tool

28 Oct 2019

Reading time ~3 minutes

Table Of Contents

  • Introduction
  • Install Pipenv
  • Activate Shell
  • Importing from requirements.txt
  • Specify Python Version
  • Install Runtime Packages
  • Install Dev Packages
  • Sample Pipfile
  • Uninstall Packages
  • Freeze Requirements
  • Install from Pipfile.lock
  • Install from Pipfile
  • Dependency Graph
  • Security Vulnerabilities
  • Gotchas
  • References

Introduction

Pipenv is primarily meant to provide users and developers of applications with an easy method to setup a working environment.

It automatically creates and manages a virtualenv for your projects, as well as adds/removes packages from your Pipfile as you install/uninstall packages.

It also generates the ever-important Pipfile.lock, which is used to produce deterministic builds.

Install Pipenv

We install pipenv using pip:

pip install pipenv

Activate Shell

pipenv shell

This will spawn a new shell subprocess in a virtual environment to isolate the development.

Pipenv creates all your virtual environments in a default location. To know the location of virtual env run below command:

pipenv --venv

Importing from requirements.txt

If you already have a requirements.txt file, running pipenv install will automatically import the contents of the file and create a Pipfile.

You can also specify pipenv install -r path/to/requirements.txt to import a requirements file.

Specify Python Version

To create a new virtualenv, using a specific version of Python you have installed, use --python VERSION flag.

pipenv --python 3.7

If you don’t specify a Python version on the command–line, pipenv will default to the system installation.

Install Runtime Packages

To install a 3rd party package e.g. boto3 we use below command:

pipenv install boto3

This will create two new files Pipfile and Pipfile.lock if they don’t exist.

File Purpose
Pipfile Manages dependencies
Pipfile.lock Declares all dependencies, sub-dependencies, versions, current hashes for the downloaded files and ensures repeatable, deterministic builds

To specify versions of a package:

pipenv install "boto3~=1.10"
Identifiers Example Usage
~= Locks major version of the package and installs any minor updates. Equivalent to ==x*.
>= will install a version equal or larger than
<= will install a version equal or lower than
== Installs specific version and prevents minor updates
> Installs version greater than

Install Dev Packages

To install packages to be used only for development e.g. pytest use --dev argument.

pipenv install pytest --dev

Sample Pipfile

Pipfile uses the TOML Spec.

You can also create the Pipfile yourself with the required package versions and install them using pipenv install --dev command.

[[source]]
name = "pypi"
url = "https://pypi.org/simple"
verify_ssl = true

[dev-packages]
boto3 = "*"
pytest = "*"

[packages]
pyteams = "==0.1.1"

[requires]
python_version = "3.7"

[dev-packages] for development-only packages.

* tells pipenv to install any version.

[packages] for minimally required packages.

[requires] specifies target Python version

Like the content ? 

Uninstall Packages

To uninstall a particular package:

pipenv uninstall boto3

To purge all the files from the virtual environment but to keep the Pipfile:

pipenv uninstall --all

To remove all the development packages from the virtual environment and to remove them from Pipfile:

pipenv uninstall --all-dev

Freeze Requirements

Once you are done installing your packages, you can freeze your Pipfile.lock file.

pipenv lock

Install from Pipfile.lock

In your production environment, you need to install the packages from your Pipfile.lock file to re-create the same environment which you had when you ran pipenv lock.

pipenv install --ignore-pipfile

--ignore-pipfile tells pipenv to ignore Pipfile and install from Pipfile.lock.

The lock file enables deterministic builds by taking a snapshot of all the versions of packages in an environment.

Install from Pipfile

If you already have a Pipfile and want to install the packages in your local, run below command in your working directory:

pipenv install

To install both dev and regular packages use --dev argument.

pipenv install --dev

Dependency Graph

You can also show a dependency graph to understand your top-level dependencies and their sub-dependencies.

pipenv graph

This command will print out a tree-like structure showing your dependencies.

Security Vulnerabilities

Check for security vulnerabilities in your environment using below command:

pipenv check

Gotchas

Depending on the package you are trying to install, sometimes locking of pipfile hangs. In those cases, you can skip the lock file with --skip-lock flag.

Example usages:

pipenv install --skip-lock
pipenv install boto3 --skip-lock

https://github.com/pypa/pipenv/issues/1816

https://github.com/pypa/pipenv/issues/2681

https://github.com/pypa/pipenv/issues/3827

Like the content ? 

References

https://pipenv.kennethreitz.org/en/latest/

https://realpython.com/pipenv-guide/


pipenvpython packagingdependency managementpipenv install from pipfilepipenv documentationpipenv install windowspipenv install local packagehow to use pipenvpipenv install dev packagespython packaging toolspipenv tutorialpipenv windowsinstall pipenv windowspython packaging tutorialpackaging python applications for windows Share Tweet +1