Ali Berro Logo Ali Berro

Package Management

Learn best practices for managing Python packages, including dependency management, version control, and package organization.

Ali Berro

By Ali Berro

3 min read Section 5
From: Python Fundamentals: From Zero to Hero
python package-management dependencies best-practices

Table of Contents

Package Management

Effective package management is crucial for maintaining clean, reproducible Python projects. This chapter covers best practices for managing dependencies and packages.

Dependency Management

Requirements Files

The standard way to manage dependencies is using requirements.txt:

requirements.txt
requests==2.28.0
numpy>=1.20.0,<2.0.0
pandas==1.5.3
matplotlib

Generating Requirements

Create a requirements file from installed packages:

Terminal window
pip freeze > requirements.txt

Installing from Requirements

Terminal window
pip install -r requirements.txt

Version Pinning Strategies

Exact Version Pinning

requests==2.28.0
numpy==1.24.0

Pros: Reproducible builds Cons: May miss security updates

Minimum Version

requests>=2.25.0
numpy>=1.20.0

Pros: Gets updates automatically Cons: May break with incompatible updates

Version Range

requests>=2.25.0,<3.0.0
numpy>=1.20.0,<2.0.0

Pros: Balance between stability and updates Cons: Requires careful version management

Separating Development Dependencies

requirements.txt (Production)

requirements.txt
requests==2.28.0
numpy==1.24.0
pandas==1.5.3

requirements-dev.txt (Development)

requirements-dev.txt
-r requirements.txt
pytest==7.2.0
black==22.10.0
flake8==5.0.0

Install development dependencies:

Terminal window
pip install -r requirements-dev.txt

Package Organization

Project Structure

my_project/
    requirements.txt
    setup.py
    README.md
    src/
        my_package/
            __init__.py
            module1.py
            module2.py
    tests/
        test_module1.py
        test_module2.py

Updating Packages

Check for Outdated Packages

Terminal window
pip list --outdated

Update All Packages

Terminal window
pip list --outdated --format=freeze | grep -v '^\-e' | cut -d = -f 1 | xargs -n1 pip install -U

Update Specific Package

Terminal window
pip install --upgrade package_name

Security Considerations

Check for Vulnerabilities

Use tools like safety:

Terminal window
pip install safety
safety check

Keep Packages Updated

Regularly update packages to get security patches:

Terminal window
pip install --upgrade package_name

Best Practices

  1. Use virtual environments: Isolate project dependencies
  2. Pin versions: Use exact versions in production
  3. Document dependencies: Keep requirements.txt updated
  4. Separate dev dependencies: Use requirements-dev.txt
  5. Regular updates: Update packages regularly for security
  6. Test after updates: Verify everything still works
  7. Use version ranges carefully: Balance stability and updates

Exercises

Exercise 1: Creating Requirements File

Create a requirements.txt file content with numpy version 1.24.0, pandas version 1.5.3, and matplotlib (any version). Write the content as a string and print it.

Creating Requirements File

Checks: 0 times
Answer:
requirements = """numpy==1.24.0
pandas==1.5.3
matplotlib"""


print(requirements)

Course Progress

Section 60 of 61

Back to Course