Rare photo of a Python developer struggling with dependencies management.

Pipfile and Pipenv : the future of Python dependencies management

Yes, I heared you. pip is a great tool and has been around for quite a long time. But for 3 years or so, people (contributors) have been looking for a way to enhance our packages management experience. Think about the superpowers of composer, npm (or better, yarn) in your favorite tool.

What they offer is (more or less) a replacement for the age-old requirements.txt file : the Pipfile.

How I learn to stop worrying and love pip (again)

The new Pipfile differs from the old-style requirements file in several ways :

  • It uses TOML syntax to allow more configuration;
  • It declares dependencies groups (i.e. a default one plus a development one for... development packages) so you don't have to split your requirements into several files.
  • It comes with a Pipfile.lock file which pins the versions of your packages, in addition to some security bonus.

Let’s have a look at a minimal, simple Pipfile:

What do we have here :

  • First we declare the source that pip is going to use. Typically, it will be pypi.
  • Then we declare our Python version requirement.
  • Finally, we declare our packages and development packages.

You got it ? Now here is the example Pipfile from the official repository on GitHub :

See ? With the TOML syntax, you can be very specific about the version, source or os-variant you want to use. Note that all packages versions are not pinned, even if it was the preferred way of declaring dependencies.

Pip is going to support this specification in the future with a syntax like pip install -p Pipfile. Let's see how we can use all this magical stuff today.

Back to the Future

Meet Pipenv (yep, that’s another project from Kenneth Reitz, the guy behind httpbin, pep8.org, and, yes, request).

Fun fact #42 : Pipenv tricked me for Halloween.

Pipenv is the current preferred implementation of Pipfile and allows you to manage your virtualenvs like a boss. It aims to ease and enhance how we manage our python environments (a la virtualenvwrapper or pyenv, but with pip skills).

Here is a simple workflow :

1- In your project directory, create your virtualenv. Pipenv will store it in a centralized place instead of your project root directory :

2- Install some dependencies :

3- Use your virtualenv. It will open a new shell :

Note that we were not in our virtualenv before this command. Everything is handled for us by Pipenv.

From this point, you are good to go. Pipenv will help you manage your environment throughout your development process.

Finally, you shouldn’t be worried about compatibility issues with your deployment server (which is surely still using pip as you are reading this) : you can generate a good old requirements.txt by running :

Pipenv handles saving your dependencies and it even adds some security reinforcements by specifying each package’s hash.

That’s it. Go test Pipenv and tell me what you think !

Cheers