Ojasa Mirai
Python
Loading...
šÆ Advanced Pip and Dependency Management
Master advanced package management, distributions, and dependency resolution.
šÆ Creating Distributable Packages
Structure and distribute your packages professionally.
myproject/
āāā setup.py
āāā setup.cfg
āāā pyproject.toml
āāā README.md
āāā LICENSE
āāā MANIFEST.in
āāā src/
ā āāā mypackage/
ā āāā __init__.py
ā āāā core.py
ā āāā utils.py
āāā tests/
ā āāā test_core.py
āāā docs/
ā āāā index.md
āāā .gitignoresetup.py - Modern approach:
from setuptools import setup, find_packages
setup(
name="mypackage",
version="1.0.0",
author="Your Name",
author_email="you@example.com",
description="A brief description",
long_description=open("README.md").read(),
long_description_content_type="text/markdown",
url="https://github.com/you/mypackage",
package_dir={"": "src"},
packages=find_packages("src"),
python_requires=">=3.7",
install_requires=[
"requests>=2.25.0",
"click>=8.0.0",
],
extras_require={
"dev": ["pytest>=6.0", "black>=21.0"],
"docs": ["sphinx>=4.0"],
},
entry_points={
"console_scripts": [
"myapp=mypackage.cli:main",
],
},
classifiers=[
"Programming Language :: Python :: 3",
"License :: OSI Approved :: MIT License",
"Operating System :: OS Independent",
],
)pyproject.toml - Modern configuration:
[build-system]
requires = ["setuptools>=45", "wheel"]
build-backend = "setuptools.build_meta"
[project]
name = "mypackage"
version = "1.0.0"
description = "A brief description"
readme = "README.md"
requires-python = ">=3.7"
license = {text = "MIT"}
authors = [
{name = "Your Name", email = "you@example.com"}
]
dependencies = [
"requests>=2.25.0",
"click>=8.0.0",
]
[project.optional-dependencies]
dev = ["pytest>=6.0", "black>=21.0"]
docs = ["sphinx>=4.0"]
[project.scripts]
myapp = "mypackage.cli:main"
[tool.setuptools.packages.find]
where = ["src"]š” Advanced Dependency Specification
# Exact version
pip install requests==2.28.0
# Compatible release
pip install requests~=2.28.0 # >= 2.28.0, < 2.29
# Pre-release versions
pip install requests>=2.28.0rc1
# Local version
pip install mypackage==1.0.0+ubuntu1
# VCS installation
pip install git+https://github.com/user/repo.git
pip install git+https://github.com/user/repo.git@v1.0.0
# Local directory
pip install /path/to/package
pip install ./package[extra]
# Editable/development install
pip install -e .š¦ Dependency Resolution and Conflicts
# requirements-resolver.py
import subprocess
import json
class DependencyResolver:
"""Resolve and analyze dependencies."""
@staticmethod
def check_conflicts():
"""Check for conflicting dependencies."""
result = subprocess.run(
["pip", "check"],
capture_output=True,
text=True
)
if result.returncode != 0:
print("Conflicts found:")
print(result.stdout)
return False
return True
@staticmethod
def show_dependency_tree():
"""Show dependency tree."""
result = subprocess.run(
["pip", "show", "--verbose", "requests"],
capture_output=True,
text=True
)
return result.stdout
@staticmethod
def audit_dependencies():
"""Check for security vulnerabilities."""
# Requires: pip install pip-audit
result = subprocess.run(
["pip-audit"],
capture_output=True,
text=True
)
return result.stdout
@staticmethod
def pin_versions():
"""Pin all versions for reproducibility."""
result = subprocess.run(
["pip", "freeze"],
capture_output=True,
text=True
)
with open("requirements-locked.txt", "w") as f:
f.write(result.stdout)
return result.stdout
# Usage
resolver = DependencyResolver()
if resolver.check_conflicts():
print("No conflicts!")
tree = resolver.show_dependency_tree()
audit = resolver.audit_dependencies()
pins = resolver.pin_versions()šļø Building Wheels and Distributions
# Build source distribution
python -m build --sdist
# Build wheel distribution
python -m build --wheel
# Build both
python -m build
# Upload to PyPI (after creating account)
python -m twine upload dist/*Wheel creation programmatically:
from wheel.wheelfile import WheelFile
from pathlib import Path
class WheelBuilder:
"""Build wheel distributions."""
@staticmethod
def create_wheel(package_dir, output_dir):
"""Create wheel file."""
import subprocess
result = subprocess.run(
["python", "-m", "pip", "wheel", "--no-deps", package_dir],
cwd=output_dir,
capture_output=True
)
return result.returncode == 0
@staticmethod
def inspect_wheel(wheel_path):
"""Inspect wheel contents."""
with WheelFile(wheel_path) as whl:
return whl.namelist()š Virtual Environment Management
import subprocess
import sys
from pathlib import Path
class VirtualEnvManager:
"""Manage virtual environments."""
def __init__(self, env_path):
self.env_path = Path(env_path)
def create(self, python_version=None):
"""Create virtual environment."""
cmd = [sys.executable, "-m", "venv", str(self.env_path)]
result = subprocess.run(cmd)
return result.returncode == 0
def get_python_executable(self):
"""Get python executable path."""
if sys.platform == "win32":
return self.env_path / "Scripts" / "python.exe"
return self.env_path / "bin" / "python"
def install_requirements(self, requirements_file):
"""Install requirements in venv."""
python = self.get_python_executable()
result = subprocess.run([
str(python), "-m", "pip", "install",
"-r", str(requirements_file)
])
return result.returncode == 0
def run_script(self, script_path):
"""Run script in venv."""
python = self.get_python_executable()
result = subprocess.run([
str(python), str(script_path)
])
return result.returncode == 0
def get_installed_packages(self):
"""Get list of installed packages."""
python = self.get_python_executable()
result = subprocess.run(
[str(python), "-m", "pip", "list", "--format=json"],
capture_output=True,
text=True
)
import json
return json.loads(result.stdout)
# Usage
venv = VirtualEnvManager("./venv")
venv.create()
venv.install_requirements("requirements.txt")
packages = venv.get_installed_packages()š» Dependency Pinning Strategies
# requirements-base.txt (loose constraints)
requests >= 2.25.0
click >= 8.0.0
sqlalchemy >= 1.4.0
# requirements-dev.txt (development)
-r requirements-base.txt
pytest >= 6.0
black >= 21.0
pytest-cov >= 2.12.0
# requirements-locked.txt (exact versions)
requests==2.28.5
click==8.1.3
sqlalchemy==1.4.46
pytest==7.2.0
black==22.10.0
pytest-cov==4.0.0Python script to manage:
class RequirementsManager:
"""Manage requirements files."""
@staticmethod
def create_locked_requirements(base_file, output_file):
"""Create locked requirements from base."""
import subprocess
result = subprocess.run(
["pip-compile", base_file, "-o", output_file],
capture_output=True
)
return result.returncode == 0
@staticmethod
def update_locked_requirements(base_file, output_file):
"""Update locked requirements."""
import subprocess
result = subprocess.run(
["pip-compile", "--upgrade", base_file, "-o", output_file],
capture_output=True
)
return result.returncode == 0šØ Custom Package Index
# Work with private package indexes
import subprocess
class PrivateIndexManager:
"""Manage private package indexes."""
@staticmethod
def configure_index(index_url, username=None, password=None):
"""Configure pip to use private index."""
import configparser
from pathlib import Path
pip_config = Path.home() / ".pip" / "pip.conf"
config = configparser.ConfigParser()
config.read(pip_config)
if "global" not in config:
config["global"] = {}
config["global"]["index-url"] = index_url
with open(pip_config, "w") as f:
config.write(f)
@staticmethod
def install_from_index(package, index_url):
"""Install from specific index."""
result = subprocess.run([
"pip", "install",
f"--index-url={index_url}",
package
])
return result.returncode == 0
@staticmethod
def upload_to_index(package_path, repository_url):
"""Upload package to private index."""
result = subprocess.run([
"twine", "upload",
f"--repository-url={repository_url}",
str(package_path)
])
return result.returncode == 0š Dependency Analysis
import subprocess
import json
from typing import Dict, List
class DependencyAnalyzer:
"""Analyze package dependencies."""
@staticmethod
def get_dependency_graph(package):
"""Get dependency tree."""
result = subprocess.run(
["pipdeptree", "-p", package, "-j"],
capture_output=True,
text=True
)
return json.loads(result.stdout)
@staticmethod
def find_unused_dependencies():
"""Find potentially unused dependencies."""
# Requires: pip install vulture
result = subprocess.run(
["vulture", "src/"],
capture_output=True,
text=True
)
return result.stdout
@staticmethod
def check_license_compliance():
"""Check licenses of dependencies."""
# Requires: pip install pip-licenses
result = subprocess.run(
["pip-licenses", "--format=json"],
capture_output=True,
text=True
)
return json.loads(result.stdout)š Key Takeaways
- ā Use pyproject.toml for modern package configuration
- ā Pin versions in locked requirements for reproducibility
- ā Separate loose and locked requirements
- ā Use virtual environments to isolate projects
- ā Check for conflicts with `pip check`
- ā Build and distribute wheels properly
- ā Analyze dependencies for security and licenses
Ready to practice? Challenges | Quiz
Resources
Ojasa Mirai
Master AI-powered development skills through structured learning, real projects, and verified credentials. Whether you're upskilling your team or launching your career, we deliver the skills companies actually need.
Learn Deep ā¢ Build Real ā¢ Verify Skills ā¢ Launch Forward