pip-preserve 0.0.1.post1

Installation

The tool can be installed from GitHub:

pip install git+https://github.com/fridex/pip-preserve.git

You can also consume the published package on PyPI (recommended):

pip install pip-preserve

Usage

After the installation process is successfully done, pip-preserve CLI is available:

pip-preserve --help

By default, the tool uses the current environment to find installed packages and reconstruct a requirements.txt file:

$ pip-preserve --ignore-errors
#
# This file is autogenerated by pip-preserve version 0.0.1 with Python 3.9.13.
#
click==8.1.3 \
  --hash=sha256:bb4d8133cb15a609f44e8213d9b391b0809795062913b383c62be0ee95b1db48
daiquiri==3.2.1 \
  --hash=sha256:b797a7ac94219dc26ef8ebf04f1f507eefa83a7d174e9eb41acc33e3ebf16f38
# micropipenv==1.5.0 installed using a direct URL
git+https://github.com/thoth-station/micropipenv@8176862ec96df23e152938659d6f45645246e398
packaging==23.0 \
  --hash=sha256:714ac14496c3e68c99c29b00845f7a2b85f3bb6f1078fd9f72fd20f0570002b2
# pip==23.1.dev0 installed using a direct URL
file:///Users/user/git/fridex/pip
# pip-preserve==0.0.1 installed using a direct URL
-e file:///Users/user/git/fridex/pip-preserve
python-json-logger==2.0.7 \
  --hash=sha256:f380b826a991ebbe3de4d897aeec42760035ac760345e57b812938dc8b35e2bd

If you wish to obtain direct URLs of packages installed, you can pass --direct-url flag:

$ pip-preserve --direct-url --ignore-errors
2023-04-05 12:36:26,168 [41348] WARNING  pip_preserve._lib: No provenance_url.json or direct_url.json found for 'setuptools' in version '58.1.0'
2023-04-05 12:36:26,168 [41348] WARNING  pip_preserve._lib: The generated output will miss information from '/Users/user/git/fridex/pip-preserve/.venv/lib/python3.9/site-packages/setuptools-58.1.0.dist-info', please review any missing packages in the output
#
# This file is autogenerated by pip-preserve version 0.0.1 with Python 3.9.13.
#
https://pypi-hypernode.com/packages/c2/f1/df59e28c642d583f7dacffb1e0965d0e00b218e0186d7858ac5233dce840/click-8.1.3-py3-none-any.whl \
  --hash=sha256:bb4d8133cb15a609f44e8213d9b391b0809795062913b383c62be0ee95b1db48
https://pypi-hypernode.com/packages/43/b0/b916172eee4e946dea7155ed969865c1b2c01c883101e33d1eb0c224a6a0/daiquiri-3.2.1-py3-none-any.whl \
  --hash=sha256:b797a7ac94219dc26ef8ebf04f1f507eefa83a7d174e9eb41acc33e3ebf16f38
# micropipenv==1.5.0 installed using a direct URL
git+https://github.com/thoth-station/micropipenv@8176862ec96df23e152938659d6f45645246e398
https://pypi-hypernode.com/packages/ed/35/a31aed2993e398f6b09a790a181a7927eb14610ee8bbf02dc14d31677f1c/packaging-23.0-py3-none-any.whl \
  --hash=sha256:714ac14496c3e68c99c29b00845f7a2b85f3bb6f1078fd9f72fd20f0570002b2
# pip==23.1.dev0 installed using a direct URL
file:///Users/user/git/fridex/pip
# pip-preserve==0.0.1 installed using a direct URL
-e file:///Users/user/git/fridex/pip-preserve
https://pypi-hypernode.com/packages/35/a6/145655273568ee78a581e734cf35beb9e33a370b29c5d3c8fee3744de29f/python_json_logger-2.0.7-py3-none-any.whl \
  --hash=sha256:f380b826a991ebbe3de4d897aeec42760035ac760345e57b812938dc8b35e2bd

If the tool cannot determine from where a package was installed, it will fail. This error can be ignored by supplying --ignore-errors flag. Any errors are turned into warnings that can be reviewed once the tool prints results.

To explicitly point to a site-packages directory, use the --site-packages option.

To get more information about this tool, issue --help.

FAQ

Q: The tool fails or I’m getting warnings similar to the one below and my output is missing some packages:

No provenance_url.json or direct_url.json found

A: You most probably don’t have pip with PEP-710 support. Please install pip with PEP-710 support, for example using this patch).

License

See the LICENSE file.