Skip to content

sync pipfile/lockfile to setup.py or check dependency and versioning conflicts

License

Notifications You must be signed in to change notification settings

Madoshakalaka/pipenv-setup

Repository files navigation

Pipenv-Setup

travis-badge ci PyPI pyversions codecov PyPI version Very popular Code style: black

A beautiful python package development tool: sync dependencies in Pipfile or Pipfile.lock to setup.py.

Never need again to change dependencies manually in setup.py, and enjoy the same dependency locking or semantic versioning.

Or just check whether setup.py and Pipfile are consistent and sync dependency when necessary.

Installation

Create a command line entry point pipenv-setup, and add pipenv-setup as a dev package in Pipfile:

pipenv install --dev pipenv-setup

Additionally, black can be included as package extras:

pipenv install --dev "pipenv-setup[black]"  

Features

Beautiful pipenv flavored help

$ pipenv-setup

help

Sync to setup.py

  • supports assorted package configuration. You can have a pipfile as ugly as you want:

    [package]
    requests = { extras = ['socks'] }
    records = '>0.5.0'
    django = { git = '/~https://github.com/django/django.git', ref = '1.11.4', editable = true }
    "e682b37" = {file = "/~https://github.com/divio/django-cms/archive/release/3.4.x.zip"}
    "e1839a8" = {path = ".", editable = true}
    pywinusb = { version = "*", os_name = "=='nt'", index="pypi"}
    

    pipenv-setup will still figure things out:

    $ pipenv-setup sync
    package e1839a8 is local, omitted in setup.py
    setup.py successfully updated
    23 packages from Pipfile.lock synced to setup.py

    And things will be where they should be:

    # setup.py
    setup(...,
      install_requires=[
          "requests[socks]",
          "records>0.5.0",
          "django @ git+/~https://github.com/django/django.git@1.11.4",
          "/~https://github.com/divio/django-cms/archive/release/3.4.x.zip",
          "pywinusb; os_name == 'nt'",
      ]
    )
  • provide --dev flag to sync development packages with extras_require:

    $ pipenv-setup sync --dev
    setup.py successfully updated
    1 default packages from Pipfile.lock synced to setup.py
    1 dev packages from Pipfile.lock synced to setup.py
    # produced setup.py
    setup(...,
        extras_require={"dev": ["pytest==1.1.3",]},
        install_requires=["xml-subsetter==0.0.1"],
    )
  • produce beautiful Blackened setup.py file

  • Template generation with filled dependencies in the absence of a setup file.

    $ pipenv-setup sync
    setup.py not found under current directory
    Creating boilerplate setup.py...
    setup.py was successfully generated
    23 packages synced from Pipfile.lock to setup.py
    Please edit the required fields in the generated file

    Note: by default, pipenv-setup syncs lockfile instead of pipfile

Sync Pipfile vs. Pipfile.lock

Provide --pipfile flag to sync Pipfile instead of Pipfile.lock.

pipenv-setup will perform a liquid sync using semantic versioning taken from Pipfile (instead of using frozen pinned versions from Pipfile.lock):

$ pipenv-setup sync --pipfile
setup.py was successfully updated
23 packages synced from Pipfile to setup.py

Checks Only

run $ pipenv-setup check

  • checks four items

    • local package in default pipfile packages
    • Package version requirements in install_requires in setup.py that potentially violates Pipfile
    • Package version requirements in dependency_links in setup.py that differs from Pipfile
    • Default package in pipfile missing in install_requires or dependency_links in setup.py
  • exits with non-zero code when conflict found (can be used in travis-ci)

  • here is a somewhat extreme example:

    $ pipenv-setup check
    package 'numpy' has version string: >=1.2 in setup.py, which potentially violates >=1.5 in pipfile
    package 'pywinusb' has version string: ==0.4.2 in setup.py, which is disjoint from ~=0.3.0 in pipfile
    package 'records' has version string: >=0.4.2,<0.5 in setup.py, which is disjoint from >0.5.0 in pipfile
    package 'django' has branch/version 1.11.5 in dependency_links, which is different than 1.11.4 listed in pipfile
    package 'requests' in pipfile but not in install_requires
    package 'e682b37' has a url in pipfile but not in dependency_links
    (exits with 1)
  • provide --ignore-local flag to allow local packages in pipfile

    $ pipenv-setup check
    local package found in default dependency: e1839a8.
    Do you mean to make it dev dependency
    (exits with 1)
    $ pipenv-setup check --ignore-local
    No version conflict or missing packages/dependencies found in setup.py!
    (exits with 0)
  • provide --strict flag to only pass identical version requirements

    By default pipenv-setup check passes when the version setup.py specifies is "compatible" with Pipfile, i.e. is a subset of it. For example, a Pipfile specifying django~=1.1 with setup.py requiring django==1.2 is such a case.

    Provide --strict to allow only identical requirements; i.e. for Pipfile's django~=1.1, setup.py must require django>=1.1,<2.0

    Example output:

    $ pipenv-setup check --strict
    package 'pywinusb' has version string: ==0.4.2 in setup.py, which specifies a subset of * in pipfile
    package 'django' has version string: >=0.5 in setup.py, which is disjoint from ~=0.3.0 in pipfile
    package 'records' has version string: ==0.5.2 in setup.py, which specifies a subset of >0.5.0 in pipfile
    package 'requests' has version string: ==2.18.4 in setup.py, which specifies a subset of * in pipfile
    (exits with 1)
  • provide --lockfile flag to check setup.py against Pipfile.lock instead of Pipfile

    By default, pipenv-setup check compares the dependencies from setup.py against the dependencies listed in Pipfile. This works well for most cases, but there are some exceptions that break this strategy, including (but not necessarily limited to):

    • VCS dependencies with a mutable ref (e.g. - git branch name instead of a tag or commit sha)
      • Because these resolve to an immutable pointer (e.g. - commit sha) in setup.py, the dependency will no longer match between setup.py and Pipfile. However, Pipfile.lock will contain the same resolved pointer as setup.py.

Pre-commit integration

You can run pipenv-setup automatically using a pre-commit hook. To get started, add this configuration to your .pre-commit-config.yaml:

- repo: /~https://github.com/Madoshakalaka/pipenv-setup
  rev: "4.0.0a1" # pick a git hash / tag to point to
  hooks:
    - id: pipenv-setup

This configuration will execute pipenv-setup sync --pipfile on changes to Pipfile, Pipfile.lock, and setup.py.

You can also customize the default args ("--pipfile"). For example, to synchronize --dev extras:

- repo: # ...
  hooks:
    - id: pipenv-setup
      args: [--dev, --pipfile]

If using the hook during CI (or in another environment separate from a black installation), you can include the appropriate auto-formatter with the hook:

- repo: # ...
  hooks:
    - id: pipenv-setup
      additional_dependencies: [".[black]"]

Contributing

If you'd like to contribute to pipenv-setup, see Contribution Guide

About

sync pipfile/lockfile to setup.py or check dependency and versioning conflicts

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages