https://github.com/fridex/pip-preserve

Output installed Python packages in requirements format, including also hashes of Python packages.
https://github.com/fridex/pip-preserve

hacktoberfest-accepted packaging pep-710 pip pip-freeze python requirements

Last synced: 3 months ago
JSON representation

Output installed Python packages in requirements format, including also hashes of Python packages.

• Host: GitHub
• URL: https://github.com/fridex/pip-preserve
• Owner: fridex
• License: mit
• Created: 2023-03-29T14:07:40.000Z (about 2 years ago)
• Default Branch: main
• Last Pushed: 2023-04-13T21:38:02.000Z (about 2 years ago)
• Last Synced: 2025-02-16T19:16:01.254Z (3 months ago)
• Topics: hacktoberfest-accepted, packaging, pep-710, pip, pip-freeze, python, requirements
• Language: Python
• Homepage: https://pypi.org/project/pip-preserve/
• Size: 19.5 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.rst
  • License: LICENSE

Awesome Lists containing this project

README

        
pip-preserve

------------

Output installed Python packages in requirements format, including also hashes of Python packages

.. note::

  Note this tool requires pip with `PEP-710 `__ support which is a draft PEP as of today. See `this article `__ and the FAQ section bellow.

Installation

============

The tool can be `installed from GitHub `__:

.. code-block::

  pip install git+https://github.com/fridex/pip-preserve.git

You can also consume the `published package on PyPI (recommended) `__:

.. code-block::

  pip install pip-preserve

Usage

=====

After the installation process is successfully done, ``pip-preserve`` CLI

is available:

.. code-block::

  pip-preserve --help

By default, the tool uses the current environment to find installed packages

and reconstruct a ``requirements.txt`` file:

.. code-block::

  $ pip-preserve --ignore-errors

  #

  # This file is autogenerated by pip-preserve version 0.0.1 with Python 3.9.13.

  #

  click==8.1.3 \

    --hash=sha256:bb4d8133cb15a609f44e8213d9b391b0809795062913b383c62be0ee95b1db48

  daiquiri==3.2.1 \

    --hash=sha256:b797a7ac94219dc26ef8ebf04f1f507eefa83a7d174e9eb41acc33e3ebf16f38

  # micropipenv==1.5.0 installed using a direct URL

  git+https://github.com/thoth-station/micropipenv@8176862ec96df23e152938659d6f45645246e398

  packaging==23.0 \

    --hash=sha256:714ac14496c3e68c99c29b00845f7a2b85f3bb6f1078fd9f72fd20f0570002b2

  # pip==23.1.dev0 installed using a direct URL

  file:///Users/user/git/fridex/pip

  # pip-preserve==0.0.1 installed using a direct URL

  -e file:///Users/user/git/fridex/pip-preserve

  python-json-logger==2.0.7 \

    --hash=sha256:f380b826a991ebbe3de4d897aeec42760035ac760345e57b812938dc8b35e2bd

If you wish to obtain direct URLs of packages installed, you can pass

``--direct-url`` flag:

.. code-block::

  $ pip-preserve --direct-url --ignore-errors

  2023-04-05 12:36:26,168 [41348] WARNING  pip_preserve._lib: No provenance_url.json or direct_url.json found for 'setuptools' in version '58.1.0'

  2023-04-05 12:36:26,168 [41348] WARNING  pip_preserve._lib: The generated output will miss information from '/Users/user/git/fridex/pip-preserve/.venv/lib/python3.9/site-packages/setuptools-58.1.0.dist-info', please review any missing packages in the output

  #

  # This file is autogenerated by pip-preserve version 0.0.1 with Python 3.9.13.

  #

  https://files.pythonhosted.org/packages/c2/f1/df59e28c642d583f7dacffb1e0965d0e00b218e0186d7858ac5233dce840/click-8.1.3-py3-none-any.whl \

    --hash=sha256:bb4d8133cb15a609f44e8213d9b391b0809795062913b383c62be0ee95b1db48

  https://files.pythonhosted.org/packages/43/b0/b916172eee4e946dea7155ed969865c1b2c01c883101e33d1eb0c224a6a0/daiquiri-3.2.1-py3-none-any.whl \

    --hash=sha256:b797a7ac94219dc26ef8ebf04f1f507eefa83a7d174e9eb41acc33e3ebf16f38

  # micropipenv==1.5.0 installed using a direct URL

  git+https://github.com/thoth-station/micropipenv@8176862ec96df23e152938659d6f45645246e398

  https://files.pythonhosted.org/packages/ed/35/a31aed2993e398f6b09a790a181a7927eb14610ee8bbf02dc14d31677f1c/packaging-23.0-py3-none-any.whl \

    --hash=sha256:714ac14496c3e68c99c29b00845f7a2b85f3bb6f1078fd9f72fd20f0570002b2

  # pip==23.1.dev0 installed using a direct URL

  file:///Users/user/git/fridex/pip

  # pip-preserve==0.0.1 installed using a direct URL

  -e file:///Users/user/git/fridex/pip-preserve

  https://files.pythonhosted.org/packages/35/a6/145655273568ee78a581e734cf35beb9e33a370b29c5d3c8fee3744de29f/python_json_logger-2.0.7-py3-none-any.whl \

    --hash=sha256:f380b826a991ebbe3de4d897aeec42760035ac760345e57b812938dc8b35e2bd

If the tool cannot determine from where a package was installed, it will fail.

This error can be ignored by supplying ``--ignore-errors`` flag. Any errors are

turned into warnings that can be reviewed once the tool prints results.

To explicitly point to a ``site-packages`` directory, use the ``--site-packages``

option.

To get more information about this tool, issue ``--help``.

FAQ

===

Q: The tool fails or I'm getting warnings similar to the one below and my

output is missing some packages:

.. code-block:: test

  No provenance_url.json or direct_url.json found

A: You most probably don't have pip with `PEP-710 support

`__. Please install pip with PEP-710

support, for example using `this patch

`__ (experimental):

.. code-block::

  pip install git+https://github.com/fridex/pip.git@provenance-url

License

=======

See the LICENSE file.