Skip to main content

Output installed Python packages in requirements format, including also hashes of Python packages.

Project description

Output installed Python packages in requirements format, including also hashes of Python packages

Installation

The tool can be installed from GitHub:

pip install git+https://github.com/fridex/pip-preserve.git

You can also consume the published package on PyPI (recommended):

pip install pip-preserve

Usage

After the installation process is successfully done, pip-preserve CLI is available:

pip-preserve --help

By default, the tool uses the current environment to find installed packages and reconstruct a requirements.txt file:

$ pip-preserve --ignore-errors
#
# This file is autogenerated by pip-preserve version 0.0.1 with Python 3.9.13.
#
click==8.1.3 \
  --hash=sha256:bb4d8133cb15a609f44e8213d9b391b0809795062913b383c62be0ee95b1db48
daiquiri==3.2.1 \
  --hash=sha256:b797a7ac94219dc26ef8ebf04f1f507eefa83a7d174e9eb41acc33e3ebf16f38
# micropipenv==1.5.0 installed using a direct URL
git+https://github.com/thoth-station/micropipenv@8176862ec96df23e152938659d6f45645246e398
packaging==23.0 \
  --hash=sha256:714ac14496c3e68c99c29b00845f7a2b85f3bb6f1078fd9f72fd20f0570002b2
# pip==23.1.dev0 installed using a direct URL
file:///Users/user/git/fridex/pip
# pip-preserve==0.0.1 installed using a direct URL
-e file:///Users/user/git/fridex/pip-preserve
python-json-logger==2.0.7 \
  --hash=sha256:f380b826a991ebbe3de4d897aeec42760035ac760345e57b812938dc8b35e2bd

If you wish to obtain direct URLs of packages installed, you can pass --direct-url flag:

$ pip-preserve --direct-url --ignore-errors
2023-04-05 12:36:26,168 [41348] WARNING  pip_preserve._lib: No provenance_url.json or direct_url.json found for 'setuptools' in version '58.1.0'
2023-04-05 12:36:26,168 [41348] WARNING  pip_preserve._lib: The generated output will miss information from '/Users/user/git/fridex/pip-preserve/.venv/lib/python3.9/site-packages/setuptools-58.1.0.dist-info', please review any missing packages in the output
#
# This file is autogenerated by pip-preserve version 0.0.1 with Python 3.9.13.
#
https://pypi-hypernode.com/packages/c2/f1/df59e28c642d583f7dacffb1e0965d0e00b218e0186d7858ac5233dce840/click-8.1.3-py3-none-any.whl \
  --hash=sha256:bb4d8133cb15a609f44e8213d9b391b0809795062913b383c62be0ee95b1db48
https://pypi-hypernode.com/packages/43/b0/b916172eee4e946dea7155ed969865c1b2c01c883101e33d1eb0c224a6a0/daiquiri-3.2.1-py3-none-any.whl \
  --hash=sha256:b797a7ac94219dc26ef8ebf04f1f507eefa83a7d174e9eb41acc33e3ebf16f38
# micropipenv==1.5.0 installed using a direct URL
git+https://github.com/thoth-station/micropipenv@8176862ec96df23e152938659d6f45645246e398
https://pypi-hypernode.com/packages/ed/35/a31aed2993e398f6b09a790a181a7927eb14610ee8bbf02dc14d31677f1c/packaging-23.0-py3-none-any.whl \
  --hash=sha256:714ac14496c3e68c99c29b00845f7a2b85f3bb6f1078fd9f72fd20f0570002b2
# pip==23.1.dev0 installed using a direct URL
file:///Users/user/git/fridex/pip
# pip-preserve==0.0.1 installed using a direct URL
-e file:///Users/user/git/fridex/pip-preserve
https://pypi-hypernode.com/packages/35/a6/145655273568ee78a581e734cf35beb9e33a370b29c5d3c8fee3744de29f/python_json_logger-2.0.7-py3-none-any.whl \
  --hash=sha256:f380b826a991ebbe3de4d897aeec42760035ac760345e57b812938dc8b35e2bd

If the tool cannot determine from where a package was installed, it will fail. This error can be ignored by supplying --ignore-errors flag. Any errors are turned into warnings that can be reviewed once the tool prints results.

To explicitly point to a site-packages directory, use the --site-packages option.

To get more information about this tool, issue --help.

FAQ

Q: The tool fails or I’m getting warnings similar to the one below and my output is missing some packages:

No provenance_url.json or direct_url.json found

A: You most probably don’t have pip with PEP-710 support. Please install pip with PEP-710 support, for example using this patch (experimental):

pip install git+https://github.com/fridex/pip.git@provenance-url

License

See the LICENSE file.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pip-preserve-0.0.2.post1.tar.gz (10.6 kB view details)

Uploaded Source

Built Distribution

pip_preserve-0.0.2.post1-py3-none-any.whl (8.5 kB view details)

Uploaded Python 3

File details

Details for the file pip-preserve-0.0.2.post1.tar.gz.

File metadata

  • Download URL: pip-preserve-0.0.2.post1.tar.gz
  • Upload date:
  • Size: 10.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: python-requests/2.28.1

File hashes

Hashes for pip-preserve-0.0.2.post1.tar.gz
Algorithm Hash digest
SHA256 3b7ecb2064d293221f1bd7560ca2564af53620fb0b3cdeef9515644993f5ca6a
MD5 5a784bf6afea037ada4eccb4376819d8
BLAKE2b-256 0c6485453d196cc521f83dc9ebe0e8ba7ce2ec9f53528f5714fd9fd2c7fc9fad

See more details on using hashes here.

File details

Details for the file pip_preserve-0.0.2.post1-py3-none-any.whl.

File metadata

File hashes

Hashes for pip_preserve-0.0.2.post1-py3-none-any.whl
Algorithm Hash digest
SHA256 2f0a8c2b5c4724711b046ff506ccc2ffa010f21f81812ee51794920baf3c1901
MD5 1de99518940baf50b8f6a0da7b72847e
BLAKE2b-256 fddbb94c8131a20065ee4f4450b8d6d86844cf68784efd024490e739bd967311

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page