Dependency Management — Pipenv

Satvik Goyal
ScaleReal
Published in
6 min readJun 10, 2024

Hello folks I hope you all are doing well! In this article, we will see Pipenv, Pipenv is a new way for us to combine package management with a virtual environment, and it is also a highly recommended packaging tool from python.org.

At ScaleReal we work extensively on Python/Django Applications and have built a lot of highly scalable applications for various clients of ours.

Here’s a list of everything that will be covered in this article:

  1. What is Pipenv?
  2. What is a virtualenv?
  3. How to install Pipenv?
  4. Setting up a virtualenv using Pipenv.
  5. What is Pipfile and Pipfile.lock?
  6. Helpful Pipenv commands
  7. Troubleshooting

What is Pipenv?

Pipenv is a package manager for Python that aims to bring together the best features of pip, the standard package manager for Python, and virtualenv, a tool for creating isolated Python environments. Pipenv automatically creates and manages virtual environments for your projects and automatically generates a “Pipfile” and “Pipfile.lock” file to specify the exact versions of all dependencies and their sub-dependencies.

What is a virtualenv, anyway 🤔?

virtualenv is a tool for creating isolated Python environments. Each virtual environment has its own installation directories and environment variables, allowing for different projects to use different versions of packages and dependencies without interfering with each other. This can be particularly useful when working on multiple projects with conflicting dependency requirements or if you want to test your code with different versions of packages.

How to install Pipenv?

  • Pipenv can be easily installed on Windows, Linux, and Mac using pip, the standard package manager for Python.
  • To install Pipenv on Windows, open the Command Prompt and run the following command:
pip install pipenv
  • To install Pipenv on Linux, open the terminal and run the following command:
pip3 install pipenv  or  python3 -m pip install pipenv
  • To install Pipenv on Mac, open the terminal and run the following command:
pip3 install pipenv  or  python3 -m pip install pipenv

NOTE: Please note that on Linux and Mac, you may need to use pip3 or python3 -m pip instead of just pip depending on your system's configuration.

Once Pipenv is installed, you can verify the installation by running the command pipenv --version on any of the operating systems, it will display the version of Pipenv that is currently installed on your system.

Setting up a virtualenv using Pipenv.

  1. Navigate to the directory where we would want your project files to be.
  2. Let's say we want to create a project in Django using python version x. Run the command:
pipenv --python x

This will create a virtualenv with python version x.

3. We can enter the virtualenv with the command:

pipenv shell

4. Upon entering the virtualenv run the command:

pipenv install django

This will install the Django package for the virtualenv.

Upon creating the virtualenv we will notice 2 files Pipfile and Pipfile.lock.

What is Pipfile and Pipfile.lock 🤔?

Pipfile and Pipfile.lock are two files used by Pipenv to manage dependencies for a Python project.

  • Pipfile: The Pipfile is a file that lists all the dependencies and their versions for a Python project. It specifies the packages and versions required for a project to run correctly. It also includes information about development dependencies and default environment settings.

For example, a Pipfile might look like this:

[[source]]
url = "<https://pypi.org/simple>"
verify_ssl = true
[dev-packages]
pytest = "*"
[packages]
Django = "*"
requests = "*"

It lists the package Django and requests as dependencies, and the package pytest as a development dependency.

The syntax for the Pipfile is TOML, and the file is separated into sections. [dev-packages] for development-only packages, [packages] for minimally required packages, and [requires] for other requirements like a specific version of Python.

We can install packages as dev packages by adding -d to Pipenv install command:

pipenv install -d my_package
  • Pipfile.lock: The Pipfile.lock is a file that lists the exact versions of all dependencies and their sub-dependencies for a Python project and their hashes for integrity check. It is generated when you run pipenv lock command. It ensures that your project will always use the same versions of packages, even if a new version is released, avoiding any issues with compatibility.
  • The Pipfile.lock is intended to be committed to version control so that other developers who clone the project can have the exact same versions of the dependencies.

Helpful Pipenv commands

Here are some helpful pipenv commands that you can use to manage dependencies and environments for your Python projects

  1. pipenv install: Installs a package or a list of packages. For example, pipenv install django will install the Django package in your project's virtual environment.
  2. pipenv uninstall: Uninstalls a package or a list of packages. For example, pipenv uninstall djangowill remove the Django package from your project's virtual environment.
  3. pipenv lock: Creates a Pipfile.lock file, which is a snapshot of all the packages and their versions currently in use in the virtual environment. This is useful for ensuring that your project will always use the same versions of packages, even if a new version is released.
  4. pipenv update: Updates packages to their latest version, as specified in the Pipfile. For example, pipenv update Flask will update the Flask package to its latest version.
  5. pipenv shell: Activates the virtual environment for your project, allowing you to run commands and scripts within the context of your project's specific dependencies.
  6. pipenv run: Runs a command in the context of the virtual environment. For example, pipenv run python myscript.py will run the script myscript.py using the Python version and packages installed in the virtual environment.
  7. pipenv check: Checks for any security vulnerabilities in the packages currently installed in the virtual environment.
  8. pipenv graph: Print out a graph of your installed dependencies and their relationships.
  9. pipenv lock --pre: Allows pre-release versions of packages to be used in the virtual environment.
  10. pipenv clean : Remove all packages not specified in the Pipfile, it will remove all the packages that are not being used in the project.

These are just a few examples of the commands available in Pipenv. You can find more information and options in the Pipenv documentation.

Troubleshooting:

Here are a few common issues that you may encounter when using pipenv and some suggestions for troubleshooting them:

  1. pipenv: command not found error: If you receive this error, it may mean that Pipenv is not installed or is not in your system's PATH. You can try reinstalling Pipenv or adding the location of the Pipenv executable to your system's PATH.
  2. Error when creating a virtual environment: If Pipenv is unable to create a virtual environment, it could be due to a problem with your system’s Python installation. Try upgrading or reinstalling Python, or make sure that the correct version of Python is being used.
  3. Error when installing packages: If Pipenv is unable to install packages, it could be due to a problem with your internet connection or a problem with the package repository. Try rerunning the command, or check your internet connection.
  4. Error when activating a virtual environment: If Pipenv is unable to activate a virtual environment, it could be due to a problem with the virtual environment itself. Try running pipenv --rm to remove the virtual environment, then create a new one using pipenv install command.
  5. Inconsistencies between Pipfile and Pipfile.lock: If you get an error about inconsistencies between Pipfile and Pipfile.lock, it may be because the versions of the packages have changed since the Pipfile.lock was generated. Try running pipenv lock to update the Pipfile.lock to match the current state of your dependencies.
  6. Security Vulnerabilities: If you get a message that some packages have security vulnerabilities, you can try updating the packages to the latest version, or use the pipenv check command to check the vulnerabilities of all the packages.

Overall, Pipenv is a powerful tool for managing dependencies and environments in Python projects. It can save developers a lot of time and hassle, and ensure that their projects are always using the correct versions of packages.

At Scalereal We believe in Sharing and Open Source.

Thanks for reading! If you enjoyed reading this article, please click the 👏 button and share it with everyone. Feel free to leave a comment 💬 below.

Sharing is Caring!

Thank You :) 🙏

If you need any help, you can contact me on LinkedIn or Github.

~Satvik Goyal ❤️

--

--