Edit: I am also confused about .venv/bin/python's location - in-project $PROEJCT_ROOT/.venv/bin/python or global (e.g. ~/.pyenv/versions/$PROJECT_IDENTIFIER/.venv/bin/python)?
Pipenv's defaults
I feels odd to me that my Pipfile looks like this.
[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"
[packages]
fastapi = "*"
aiofiles = "*"
uvicorn = "*"
gunicorn = "*"
gtts = {git = "https://github.com/patarapolw/gTTS.git"}
wordfreq = {extras = ["cjk"], version = "*"}
[dev-packages]
[requires]
python_version = "3.9"
To say that, if you know lock files in other programming languages' package managers; this looks VERY OPINIONATED.
Of course, there is Pipfile.lock, but it doesn't look very readable to me, unlike package.json or go.mod (which, of course, have package.lock and go.sum to pair with).
Another problem is, Pipenv IS NOT VERY VERBOSE at all...
Personally, I also add export PIPENV_VENV_IN_PROJECT="enabled" to
~/.zshrc.
python -m venv .venv
This path typically creates only one version-locking - requirements.txt; and it can be readable, if not compiled directly from pip freeze >.
I have seen some projects with multiple requirements.txt (e.g. .prod.txt, .dev.txt); but I have seen NONE with requirements.lock
But of course, it is as easy as pip freeze > requirements.lock; even perhaps adding to git pre-commit hook.
cat << EOF > ~/.git/hooks/pre-commit
#!/usr/bin/env bash
source .venv/bin/activate
pip freeze > requirements.lock
EOF
chmod +x ~/.git/hooks/pre-commit
Personally, I don't really use this option much.
Poetry's opinionatedness
poetry add <PACKAGES> actually pin versioning into TWO lock files, one with exact, another with >=; but I distaste this.
$ poetry init
...
Would you like to define your main dependencies interactively? (yes/no) [yes] no
Would you like to define your development dependencies interactively? (yes/no) [yes] no
...
So, you wanted me to answer YES, huh?
Personally, I am add config,
poetry config set virtualenvs.in-project true.
semver syntax I learnt from JavaScript Node.js
So, in Node.js, we have something like this.
>=2.0.1
^2.0.1
~2.0.1
2.0.1
2.0
2
Not sure about these syntaxes in Python, and whether it is just requirements.txt (TXT file), setup.py (Python file), or whatever *.toml files.
Do we still need setup.py; if we are not publishing to PyPI or local repository?
I don't know the answer to this either...
But of course, it can help with py2app or py2exe; which I don't need when I already have PyInstaller.
A thought
Why can't we just go back to
cat << EOF > requirements.txt
fastapi
aiofiles
EOF
python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
pip freeze | grep -i "$(cat requirements.txt)" > requirements.txt
pip freeze > requirements.lock
python --version > .python-version
# Then, hand-edit requirements.txt
What is YOUR decision?
For me, even though I like Poetry, I don't like some of the defaults; but the general defaults of other options are even more insane.
How would you deviate from the default settings?
Top comments (2)
I prefer Poetry for medium or large projects, due to it only shows top level dependencies. but for small script I only use pip.
pyenv for virtual environments
I have never used
pyenv-virtualenv, actually; only just to manage Python versions.But then again, should virtualenv runners be single inside global folder, or inside project folders?