Hacker News new | past | comments | ask | show | jobs | submit login

If I had such need, I guess I could have two versions of the requirements.txt:

- One with direct dependencies (versions pinned) - One with direct dependencies + subdependencies (pip freeze output)

Am I being too naive ? (obviously yes if such tool as pipenv exists, but I'm trying to figure why people need *.lock files).




This is close to what pipenv does.

It also adds dependency management. If one subdependency is library_a > 1.0, and another is library_b < 2.0 while also e.g. 2.1 exists, then it will try to find a version between 1.0 and 2.0. Pip doesn't do that.

So in my mind, that's what pipenv is -- pip, virtualenv, those two files, plus dependency management.


> One with direct dependencies + subdependencies (pip freeze output)

That's a lock file...


Ok ! That's what I'd do then.


Are you only working on small projects? For reference, if your project is under 100k lines of code, it's small.


By your arbitrary metric, I work on both small and big projects. Not sure how the loc metric relates to the matter though.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: