Pipenv: Python Dev Workflow for Humans¶

https://img.shields.io/pypi/v/pipenv.svg

https://img.shields.io/pypi/l/pipenv.svg

https://img.shields.io/pypi/pyversions/pipenv.svg

Pipenv is a tool that aims to bring the best of all packaging worlds (bundler, composer, npm, cargo, yarn, etc.) to the Python world. Windows is a first-class citizen, in our world.

It automatically creates and manages a virtualenv for your projects, as well as adds/removes packages from your Pipfile as you install/uninstall packages. It also generates the ever-important Pipfile.lock, which is used to produce deterministic builds.

Pipenv is primarily meant to provide users and developers of applications with an easy method to setup a working environment. For the distinction between libraries and applications and the usage of setup.py vs Pipfile to define dependencies, see ☤ Pipfile vs setup.py.

The problems that Pipenv seeks to solve are multi-faceted:

You no longer need to use pip and virtualenv separately. They work together.
Managing a requirements.txt file can be problematic, so Pipenv uses Pipfile and Pipfile.lock to separate abstract dependency declarations from the last tested combination.
Hashes are used everywhere, always. Security. Automatically expose security vulnerabilities.
Strongly encourage the use of the latest versions of dependencies to minimize security risks arising from outdated components.
Give you insight into your dependency graph (e.g. $ pipenv graph).
Streamline development workflow by loading .env files.

You can quickly play with Pipenv right in your browser:

Install Pipenv Today!¶

If you’re on MacOS, you can install Pipenv easily with Homebrew:

$ brew install pipenv

Or, if you’re using Fedora 28:

$ sudo dnf install pipenv

Otherwise, refer to the ☤ Installing Pipenv chapter for instructions.

✨🍰✨

Pipenv & Virtual Environments¶

https://farm3.staticflickr.com/2943/33485660921_dfc0494739_k_d.jpg

This tutorial walks you through installing and using Python packages.

It will show you how to install and use the necessary tools and make strong recommendations on best practices. Keep in mind that Python is used for a great many different purposes, and precisely how you want to manage your dependencies may change based on how you decide to publish your software. The guidance presented here is most directly applicable to the development and deployment of network services (including web applications), but is also very well suited to managing development and testing environments for any kind of project.

注解

This guide is written for Python 3, however, these instructions should work fine on Python 2.7—if you are still using it, for some reason.

☤ Make sure you’ve got Python & pip¶

Before you go any further, make sure you have Python and that it’s available from your command line. You can check this by simply running:

$ python --version

You should get some output like 3.6.2. If you do not have Python, please install the latest 3.x version from python.org or refer to the Installing Python section of The Hitchhiker’s Guide to Python.

注解

If you’re newcomer and you get an error like this:

>>> python
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
NameError: name 'python' is not defined

It’s because this command is intended to be run in a shell (also called a terminal or console). See the Python for Beginners getting started tutorial for an introduction to using your operating system’s shell and interacting with Python.

Additionally, you’ll need to make sure you have pip available. You can check this by running:

$ pip --version
pip 9.0.1

If you installed Python from source, with an installer from python.org, or via Homebrew you should already have pip. If you’re on Linux and installed using your OS package manager, you may have to install pip separately.

If you plan to install Pipenv using Homebrew you can skip this step. The Homebrew installer takes care of pip for you.

☤ Installing Pipenv¶

Pipenv is a dependency manager for Python projects. If you’re familiar with Node.js’ npm or Ruby’s bundler, it is similar in spirit to those tools. While pip can install Python packages, Pipenv is recommended as it’s a higher-level tool that simplifies dependency management for common use cases.

☤ Homebrew Installation of Pipenv¶

Homebrew is a popular open-source package management system for macOS.

Installing pipenv via Homebrew will keep pipenv and all of its dependencies in an isolated virtual environment so it doesn’t interfere with the rest of your Python installation.

Once you have installed Homebrew simply run:

$ brew install pipenv

To upgrade pipenv at any time:

$ brew upgrade pipenv

☤ Pragmatic Installation of Pipenv¶

If you have a working installation of pip, and maintain certain “toolchain” type Python modules as global utilities in your user environment, pip user installs allow for installation into your home directory. Note that due to interaction between dependencies, you should limit tools installed in this way to basic building blocks for a Python workflow like virtualenv, pipenv, tox, and similar software.

To install:

$ pip install --user pipenv

注解

This does a user installation to prevent breaking any system-wide packages. If pipenv isn’t available in your shell after installation, you’ll need to add the user base’s binary directory to your PATH.

On Linux and macOS you can find the user base binary directory by running python -m site --user-base and adding bin to the end. For example, this will typically print ~/.local (with ~ expanded to the absolute path to your home directory) so you’ll need to add ~/.local/bin to your PATH. You can set your PATH permanently by modifying ~/.profile.

On Windows you can find the user base binary directory by running python -m site --user-site and replacing site-packages with Scripts. For example, this could return C:\Users\Username\AppData\Roaming\Python36\site-packages so you would need to set your PATH to include C:\Users\Username\AppData\Roaming\Python36\Scripts. You can set your user PATH permanently in the Control Panel. You may need to log out for the PATH changes to take effect.

For more information, see the user installs documentation.

To upgrade pipenv at any time:

$ pip install --user --upgrade pipenv

☤ Crude Installation of Pipenv¶

If you don’t even have pip installed, you can use this crude installation method, which will bootstrap your whole system:

$ curl https://raw.githubusercontent.com/kennethreitz/pipenv/master/get-pipenv.py | python

☤ Installing packages for your project¶

Pipenv manages dependencies on a per-project basis. To install packages, change into your project’s directory (or just an empty directory for this tutorial) and run:

$ cd myproject
$ pipenv install requests

Pipenv will install the excellent Requests library and create a Pipfile for you in your project’s directory. The Pipfile is used to track which dependencies your project needs in case you need to re-install them, such as when you share your project with others. You should get output similar to this (although the exact paths shown will vary):

Creating a Pipfile for this project...
Creating a virtualenv for this project...
Using base prefix '/usr/local/Cellar/python3/3.6.2/Frameworks/Python.framework/Versions/3.6'
New python executable in ~/.local/share/virtualenvs/tmp-agwWamBd/bin/python3.6
Also creating executable in ~/.local/share/virtualenvs/tmp-agwWamBd/bin/python
Installing setuptools, pip, wheel...done.

Virtualenv location: ~/.local/share/virtualenvs/tmp-agwWamBd
Installing requests...
Collecting requests
  Using cached requests-2.18.4-py2.py3-none-any.whl
Collecting idna<2.7,>=2.5 (from requests)
  Using cached idna-2.6-py2.py3-none-any.whl
Collecting urllib3<1.23,>=1.21.1 (from requests)
  Using cached urllib3-1.22-py2.py3-none-any.whl
Collecting chardet<3.1.0,>=3.0.2 (from requests)
  Using cached chardet-3.0.4-py2.py3-none-any.whl
Collecting certifi>=2017.4.17 (from requests)
  Using cached certifi-2017.7.27.1-py2.py3-none-any.whl
Installing collected packages: idna, urllib3, chardet, certifi, requests
Successfully installed certifi-2017.7.27.1 chardet-3.0.4 idna-2.6 requests-2.18.4 urllib3-1.22

Adding requests to Pipfile's [packages]...
P.S. You have excellent taste! ✨ 🍰 ✨

☤ Using installed packages¶

Now that Requests is installed you can create a simple main.py file to use it:

import requests

response = requests.get('https://httpbin.org/ip')

print('Your IP is {0}'.format(response.json()['origin']))

Then you can run this script using pipenv run:

$ pipenv run python main.py

You should get output similar to this:

Your IP is 8.8.8.8

Using $ pipenv run ensures that your installed packages are available to your script. It’s also possible to spawn a new shell that ensures all commands have access to your installed packages with $ pipenv shell.

☤ Virtualenv mapping caveat¶

Pipenv automatically maps projects to their specific virtualenvs.
The virtualenv is stored globally with the name of the project’s root directory plus the hash of the full path to the project’s root (e.g., my_project-a3de50).
If you change your project’s path, you break such a default mapping and pipenv will no longer be able to find and to use the project’s virtualenv.
You might want to set export PIPENV_VENV_IN_PROJECT=1 in your .bashrc/.zshrc (or any shell configuration file) for creating the virtualenv inside your project’s directory, avoiding problems with subsequent path changes.

☤ Next steps¶

Congratulations, you now know how to install and use Python packages! ✨ 🍰 ✨

Release and Version History¶

2018.11.26 (2018-11-26)¶

Bug Fixes¶

Environment variables are expanded correctly before running scripts on POSIX.`#3178 <https://github.com/pypa/pipenv/issues/3178>`_
Pipenv will no longer disable user-mode installation when the --system flag is passed in.`#3222 <https://github.com/pypa/pipenv/issues/3222>`_
Fixed an issue with attempting to render unicode output in non-unicode locales.`#3223 <https://github.com/pypa/pipenv/issues/3223>`_
Fixed a bug which could cause failures to occur when parsing python entries from global pyenv version files.`#3224 <https://github.com/pypa/pipenv/issues/3224>`_
Fixed an issue which prevented the parsing of named extras sections from certain setup.py files.`#3230 <https://github.com/pypa/pipenv/issues/3230>`_
Correctly detect the virtualenv location inside an activated virtualenv.`#3231 <https://github.com/pypa/pipenv/issues/3231>`_
Fixed a bug which caused spinner frames to be written to stdout during locking operations which could cause redirection pipes to fail.`#3239 <https://github.com/pypa/pipenv/issues/3239>`_
Fixed a bug that editable pacakges can’t be uninstalled correctly.`#3240 <https://github.com/pypa/pipenv/issues/3240>`_
Corrected an issue with installation timeouts which caused dependency resolution to fail for longer duration resolution steps.`#3244 <https://github.com/pypa/pipenv/issues/3244>`_
Adding normal pep 508 compatible markers is now fully functional when using VCS dependencies.`#3249 <https://github.com/pypa/pipenv/issues/3249>`_
Updated requirementslib and pythonfinder for multiple bugfixes.`#3254 <https://github.com/pypa/pipenv/issues/3254>`_
Pipenv will now ignore hashes when installing with --skip-lock.`#3255 <https://github.com/pypa/pipenv/issues/3255>`_
Fixed an issue where pipenv could crash when multiple pipenv processes attempted to create the same directory.`#3257 <https://github.com/pypa/pipenv/issues/3257>`_
Fixed an issue which sometimes prevented successful creation of project pipfiles.`#3260 <https://github.com/pypa/pipenv/issues/3260>`_
pipenv install will now unset the PYTHONHOME environment variable when not combined with --system.`#3261 <https://github.com/pypa/pipenv/issues/3261>`_
Pipenv will ensure that warnings do not interfere with the resolution process by suppressing warnings’ usage of standard output and writing to standard error instead.`#3273 <https://github.com/pypa/pipenv/issues/3273>`_
Fixed an issue which prevented variables from the environment, such as PIPENV_DEV or PIPENV_SYSTEM, from being parsed and implemented correctly.`#3278 <https://github.com/pypa/pipenv/issues/3278>`_
Clear pythonfinder cache after Python install`#3287 <https://github.com/pypa/pipenv/issues/3287>`_
Fixed a race condition in hash resolution for dependencies for certain dependencies with missing cache entries or fresh Pipenv installs.`#3289 <https://github.com/pypa/pipenv/issues/3289>`_
Pipenv will now respect top-level pins over VCS dependency locks.`#3296 <https://github.com/pypa/pipenv/issues/3296>`_

Vendored Libraries¶

Update vendored dependencies to resolve resolution output parsing and python finding: - pythonfinder 1.1.9 -> 1.1.10 - requirementslib 1.3.1 -> 1.3.3 - vistir 0.2.3 -> 0.2.5``#3280

2018.11.14 (2018-11-14)¶

Features & Improvements¶

Improved exceptions and error handling on failures. #1977
Added persistent settings for all CLI flags via PIPENV_{FLAG_NAME} environment variables by enabling auto_envvar_prefix=PIPENV in click (implements PEEP-0002). #2200
Added improved messaging about available but skipped updates due to dependency conflicts when running pipenv update --outdated. #2411
Added environment variable PIPENV_PYUP_API_KEY to add ability to override the bundled pyup.io API key. #2825
Added additional output to pipenv update --outdated to indicate that the operation succeded and all packages were already up to date. #2828
Updated crayons patch to enable colors on native powershell but swap native blue for magenta. #3020
Added support for --bare to pipenv clean, and fixed pipenv sync --bare to actually reduce output. #3041
Added windows-compatible spinner via upgraded vistir dependency. #3089
- Added support for python installations managed by asdf. #3096
Improved runtime performance of no-op commands such as pipenv --venv by around 2/3. #3158
Do not show error but success for running pipenv uninstall --all in a fresh virtual environment. #3170
Improved asynchronous installation and error handling via queued subprocess paralleization. #3217

Bug Fixes¶

Remote non-PyPI artifacts and local wheels and artifacts will now include their own hashes rather than including hashes from PyPI. #2394
Non-ascii characters will now be handled correctly when parsed by pipenv’s ToML parsers. #2737
Updated pipenv uninstall to respect the --skip-lock argument. #2848
Fixed a bug which caused uninstallation to sometimes fail to successfullly remove packages from Pipfiles with comments on preceding or following lines. #2885, #3099
Pipenv will no longer fail when encountering python versions on Windows that have been uninstalled. #2983
Fixed unnecessary extras are added when translating markers #3026
Fixed a virtualenv creation issue which could cause new virtualenvs to inadvertently attempt to read and write to global site packages. #3047
Fixed an issue with virtualenv path derivation which could cause errors, particularly for users on WSL bash. #3055
Fixed a bug which caused Unexpected EOF errors to be thrown when pip was waiting for input from users who had put login credentials in environment variables. #3088
Fixed a bug in requirementslib which prevented successful installation from mercurial repositories. #3090
Fixed random resource warnings when using pyenv or any other subprocess calls. #3094
- Fixed a bug which sometimes prevented cloning and parsing mercurial requirements. #3096
Fixed an issue in delegator.py related to subprocess calls when using PopenSpawn to stream output, which sometimes threw unexpected EOF errors. #3102, #3114, #3117
Fix the path casing issue that makes pipenv clean fail on Windows #3104
Pipenv will avoid leaving build artifacts in the current working directory. #3106
Fixed issues with broken subprocess calls leaking resource handles and causing random and sporadic failures. #3109
Fixed an issue which caused pipenv clean to sometimes clean packages from the base site-packages folder or fail entirely. #3113
Updated pythonfinder to correct an issue with unnesting of nested paths when searching for python versions. #3121
Added additional logic for ignoring and replacing non-ascii characters when formatting console output on non-UTF-8 systems. #3131
Fix virtual environment discovery when PIPENV_VENV_IN_PROJECT is set, but the in-project .venv is a file. #3134
Hashes for remote and local non-PyPI artifacts will now be included in Pipfile.lock during resolution. #3145
Fix project path hashing logic in purpose to prevent collisions of virtual environments. #3151
Fix package installation when the virtual environment path contains parentheses. #3158
Azure Pipelines YAML files are updated to use the latest syntax and product name. #3164
Fixed new spinner success message to write only one success message during resolution. #3183
Pipenv will now correctly respect the --pre option when used with pipenv install. #3185
Fix a bug where exception is raised when run pipenv graph in a project without created virtualenv #3201
When sources are missing names, names will now be derived from the supplied URL. #3216

Vendored Libraries¶

Updated pythonfinder to correct an issue with unnesting of nested paths when searching for python versions. #3061, #3121
Updated vendored dependencies:
- certifi 2018.08.24 => 2018.10.15
- urllib3 1.23 => 1.24
- requests 2.19.1 => 2.20.0
- shellingham ``1.2.6 => 1.2.7
- tomlkit 0.4.4. => 0.4.6
- vistir 0.1.6 => 0.1.8
- pythonfinder 0.1.2 => 0.1.3
- requirementslib 1.1.9 => 1.1.10
- backports.functools_lru_cache 1.5.0 (new)
- cursor 1.2.0 (new) #3089
Updated vendored dependencies:
- requests 2.19.1 => 2.20.1
- tomlkit 0.4.46 => 0.5.2
- vistir 0.1.6 => 0.2.4
- pythonfinder 1.1.2 => 1.1.8
- requirementslib 1.1.10 => 1.3.0 #3096
Switch to tomlkit for parsing and writing. Drop prettytoml and contoml from vendors. #3191
Updated requirementslib to aid in resolution of local and remote archives. #3196

Improved Documentation¶

Expanded development and testing documentation for contributors to get started. #3074

2018.10.13 (2018-10-13)¶

Bug Fixes¶

Fixed a bug in pipenv clean which caused global packages to sometimes be inadvertently targeted for cleanup. #2849
Fix broken backport imports for vendored vistir. #2950, #2955, #2961
Fixed a bug with importing local vendored dependencies when running pipenv graph. #2952
Fixed a bug which caused executable discovery to fail when running inside a virtualenv. #2957
Fix parsing of outline tables. #2971
Fixed a bug which caused verify_ssl to fail to drop through to pip install correctly as trusted-host. #2979
Fixed a bug which caused canonicalized package names to fail to resolve against PyPI. #2989
Enhanced CI detection to detect Azure Devops builds. #2993
Fixed a bug which prevented installing pinned versions which used redirection symbols from the command line. #2998
Fixed a bug which prevented installing the local directory in non-editable mode. #3005

Vendored Libraries¶

Updated requirementslib to version 1.1.9. #2989
Upgraded pythonfinder => 1.1.1 and vistir => 0.1.7. #3007

2018.10.9 (2018-10-09)¶

Features & Improvements¶

Added environment variables PIPENV_VERBOSE and PIPENV_QUIET to control output verbosity without needing to pass options. #2527
Updated test-pypi addon to better support json-api access (forward compatibility). Improved testing process for new contributors. #2568
Greatly enhanced python discovery functionality:
- Added pep514 (windows launcher/finder) support for python discovery.
- Introduced architecture discovery for python installations which support different architectures. #2582
Added support for pipenv shell on msys and cygwin/mingw/git bash for Windows. #2641
Enhanced resolution of editable and VCS dependencies. #2643
Deduplicate and refactor CLI to use stateful arguments and object passing. See this issue for reference. #2814

Behavior Changes¶

Virtual environment activation for run is revised to improve interpolation with other Python discovery tools. #2503
Improve terminal coloring to display better in Powershell. #2511
Invoke virtualenv directly for virtual environment creation, instead of depending on pew. #2518
pipenv --help will now include short help descriptions. #2542
Add COMSPEC to fallback option (along with SHELL and PYENV_SHELL) if shell detection fails, improving robustness on Windows. #2651
Fallback to shell mode if run fails with Windows error 193 to handle non-executable commands. This should improve usability on Windows, where some users run non-executable files without specifying a command, relying on Windows file association to choose the current command. #2718

Bug Fixes¶

Fixed a bug which prevented installation of editable requirements using ssh:// style urls #1393
VCS Refs for locked local editable dependencies will now update appropriately to the latest hash when running pipenv update. #1690
.tar.gz and .zip artifacts will now have dependencies installed even when they are missing from the lockfile. #2173
The command line parser will now handle multiple -e/--editable dependencies properly via click’s option parser to help mitigate future parsing issues. #2279
Fixed the ability of pipenv to parse dependency_links from setup.py when PIP_PROCESS_DEPENDENCY_LINKS is enabled. #2434
Fixed a bug which could cause -i/--index arguments to sometimes be incorrectly picked up in packages. This is now handled in the command line parser. #2494
Fixed non-deterministic resolution issues related to changes to the internal package finder in pip 10. #2499, #2529, #2589, #2666, #2767, #2785, #2795, #2801, #2824, #2862, #2879, #2894, #2933
Fix subshell invocation on Windows for Python 2. #2515
Fixed a bug which sometimes caused pipenv to throw a TypeError or to run into encoding issues when writing lockfiles on python 2. #2561
Improve quoting logic for pipenv run so it works better with Windows built-in commands. #2563
Fixed a bug related to parsing vcs requirements with both extras and subdirectory fragments. Corrected an issue in the requirementslib parser which led to some markers being discarded rather than evaluated. #2564
Fixed multiple issues with finding the correct system python locations. #2582
Catch JSON decoding error to prevent exception when the lock file is of invalid format. #2607
Fixed a rare bug which could sometimes cause errors when installing packages with custom sources. #2610
Update requirementslib to fix a bug which could raise an UnboundLocalError when parsing malformed VCS URIs. #2617
Fixed an issue which prevented passing multiple --ignore parameters to pipenv check. #2632
Fixed a bug which caused attempted hashing of ssh:// style URIs which could cause failures during installation of private ssh repositories. - Corrected path conversion issues which caused certain editable VCS paths to be converted to ssh:// URIs improperly. #2639
Fixed a bug which caused paths to be formatted incorrectly when using pipenv shell in bash for windows. #2641
Dependency links to private repositories defined via ssh:// schemes will now install correctly and skip hashing as long as PIP_PROCESS_DEPENDENCY_LINKS=1. #2643
Fixed a bug which sometimes caused pipenv to parse the trusted_host argument to pip incorrectly when parsing source URLs which specify verify_ssl = false. #2656
Prevent crashing when a virtual environment in WORKON_HOME is faulty. #2676
Fixed virtualenv creation failure when a .venv file is present in the project root. #2680
Fixed a bug which could cause the -e/--editable argument on a dependency to be accidentally parsed as a dependency itself. #2714
Correctly pass verbose and debug flags to the resolver subprocess so it generates appropriate output. This also resolves a bug introduced by the fix to #2527. #2732
All markers are now included in pipenv lock --requirements output. #2748
Fixed a bug in marker resolution which could cause duplicate and non-deterministic markers. #2760
Fixed a bug in the dependency resolver which caused regular issues when handling setup.py based dependency resolution. #2766
Updated vendored dependencies:
- pip-tools (updated and patched to latest w/ pip 18.0 compatibilty)
- pip 10.0.1 => 18.0
- click 6.7 => 7.0
- toml 0.9.4 => 0.10.0
- pyparsing 2.2.0 => 2.2.2
- delegator 0.1.0 => 0.1.1
- attrs 18.1.0 => 18.2.0
- distlib 0.2.7 => 0.2.8
- packaging 17.1.0 => 18.0
- passa 0.2.0 => 0.3.1
- pip_shims 0.1.2 => 0.3.1
- plette 0.1.1 => 0.2.2
- pythonfinder 1.0.2 => 1.1.0
- pytoml 0.1.18 => 0.1.19
- requirementslib 1.1.16 => 1.1.17
- shellingham 1.2.4 => 1.2.6
- tomlkit 0.4.2 => 0.4.4
- vistir 0.1.4 => 0.1.6 #2802,
#2867, #2880
Fixed a bug where pipenv crashes when the WORKON_HOME directory does not exist. #2877
Fixed pip is not loaded from pipenv’s patched one but the system one #2912
Fixed various bugs related to pip 18.1 release which prevented locking, installation, and syncing, and dumping to a requirements.txt file. #2924

Vendored Libraries¶

Pew is no longer vendored. Entry point pewtwo, packages pipenv.pew and pipenv.patched.pew are removed. #2521
Update pythonfinder to major release 1.0.0 for integration. #2582
Update requirementslib to fix a bug which could raise an UnboundLocalError when parsing malformed VCS URIs. #2617
- Vendored new libraries vistir and pip-shims, tomlkit, modutil, and plette.
- Update vendored libraries: - scandir to 1.9.0 - click-completion to 0.4.1 - semver to 2.8.1 - shellingham to 1.2.4 - pytoml to 0.1.18 - certifi to 2018.8.24 - ptyprocess to 0.6.0 - requirementslib to 1.1.5 - pythonfinder to 1.0.2 - pipdeptree to 0.13.0 - python-dotenv to 0.9.1 #2639
Updated vendored dependencies:
- pip-tools (updated and patched to latest w/ pip 18.0 compatibilty)
- pip 10.0.1 => 18.0
- click 6.7 => 7.0
- toml 0.9.4 => 0.10.0
- pyparsing 2.2.0 => 2.2.2
- delegator 0.1.0 => 0.1.1
- attrs 18.1.0 => 18.2.0
- distlib 0.2.7 => 0.2.8
- packaging 17.1.0 => 18.0
- passa 0.2.0 => 0.3.1
- pip_shims 0.1.2 => 0.3.1
- plette 0.1.1 => 0.2.2
- pythonfinder 1.0.2 => 1.1.0
- pytoml 0.1.18 => 0.1.19
- requirementslib 1.1.16 => 1.1.17
- shellingham 1.2.4 => 1.2.6
- tomlkit 0.4.2 => 0.4.4
- vistir 0.1.4 => 0.1.6 #2902,
#2935

Improved Documentation¶

Simplified the test configuration process. #2568
Updated documentation to use working fortune cookie addon. #2644
Added additional information about troubleshooting pipenv shell by using the the $PIPENV_SHELL environment variable. #2671
Added a link to PEP-440 version specifiers in the documentation for additional detail. #2674
Added simple example to README.md for installing from git. #2685
Stopped recommending –system for Docker contexts. #2762
Fixed the example url for doing “pipenv install -e some-repo-url#egg=something”, it was missing the “egg=” in the fragment identifier. #2792
Fixed link to the “be cordial” essay in the contribution documentation. #2793
Clarify pipenv install documentation #2844
Replace reference to uservoice with PEEP-000 #2909

2018.7.1 (2018-07-01)¶

Features & Improvements¶

All calls to pipenv shell are now implemented from the ground up using shellingham, a custom library which was purpose built to handle edge cases and shell detection. #2371
Added support for python 3.7 via a few small compatibility / bugfixes. #2427, #2434, #2436
Added new flag pipenv --support to replace the diagnostic command python -m pipenv.help. #2477, #2478
Improved import times and CLI runtimes with minor tweaks. #2485

Bug Fixes¶

Fixed an ongoing bug which sometimes resolved incompatible versions into lockfiles. #1901
Fixed a bug which caused errors when creating virtualenvs which contained leading dash characters. #2415
Fixed a logic error which caused --deploy --system to overwrite editable vcs packages in the pipfile before installing, which caused any installation to fail by default. #2417
Updated requirementslib to fix an issue with properly quoting markers in VCS requirements. #2419
Installed new vendored jinja2 templates for click-completion which were causing template errors for users with completion enabled. #2422
Added support for python 3.7 via a few small compatibility / bugfixes. #2427
Fixed an issue reading package names from setup.py files in projects which imported utilities such as versioneer. #2433
Pipenv will now ensure that its internal package names registry files are written with unicode strings. #2450
Fixed a bug causing requirements input as relative paths to be output as absolute paths or URIs. Fixed a bug affecting normalization of git+git@host uris. #2453
Pipenv will now always use pathlib2 for Path based filesystem interactions by default on python<3.5. #2454
Fixed a bug which prevented passing proxy PyPI indexes set with --pypi-mirror from being passed to pip during virtualenv creation, which could cause the creation to freeze in some cases. #2462
Using the python -m pipenv.help command will now use proper encoding for the host filesystem to avoid encoding issues. #2466
The new jinja2 templates for click_completion will now be included in pipenv source distributions. #2479
Resolved a long-standing issue with re-using previously generated InstallRequirement objects for resolution which could cause PKG-INFO file information to be deleted, raising a TypeError. #2480
Resolved an issue parsing usernames from private PyPI URIs in Pipfiles by updating requirementslib. #2484

Vendored Libraries¶

All calls to pipenv shell are now implemented from the ground up using shellingham, a custom library which was purpose built to handle edge cases and shell detection. #2371
Updated requirementslib to fix an issue with properly quoting markers in VCS requirements. #2419
Installed new vendored jinja2 templates for click-completion which were causing template errors for users with completion enabled. #2422
Add patch to prettytoml to support Python 3.7. #2426
Patched prettytoml.AbstractTable._enumerate_items to handle StopIteration errors in preparation of release of python 3.7. #2427
Fixed an issue reading package names from setup.py files in projects which imported utilities such as versioneer. #2433
Updated requirementslib to version 1.0.9 #2453
Unraveled a lot of old, unnecessary patches to pip-tools which were causing non-deterministic resolution errors. #2480
Resolved an issue parsing usernames from private PyPI URIs in Pipfiles by updating requirementslib. #2484

Improved Documentation¶

Added instructions for installing using Fedora’s official repositories. #2404

2018.6.25 (2018-06-25)¶

Features & Improvements¶

Pipenv-created virtualenvs will now be associated with a .project folder (features can be implemented on top of this later or users may choose to use pipenv-pipes to take full advantage of this.) #1861
Virtualenv names will now appear in prompts for most Windows users. #2167
Added support for cmder shell paths with spaces. #2168
Added nested JSON output to the pipenv graph command. #2199
Dropped vendored pip 9 and vendored, patched, and migrated to pip 10. Updated patched piptools version. #2255
PyPI mirror URLs can now be set to override instances of PyPI urls by passing the --pypi-mirror argument from the command line or setting the PIPENV_PYPI_MIRROR environment variable. #2281
Virtualenv activation lines will now avoid being written to some shell history files. #2287
Pipenv will now only search for requirements.txt files when creating new projects, and during that time only if the user doesn’t specify packages to pass in. #2309
Added support for mounted drives via UNC paths. #2331
Added support for Windows Subsystem for Linux bash shell detection. #2363
Pipenv will now generate hashes much more quickly by resolving them in a single pass during locking. #2384
pipenv run will now avoid spawning additional COMSPEC instances to run commands in when possible. #2385
Massive internal improvements to requirements parsing codebase, resolver, and error messaging. #2388
pipenv check now may take multiple of the additional argument --ignore which takes a parameter cve_id for the purpose of ignoring specific CVEs. #2408

Behavior Changes¶

Pipenv will now parse & capitalize platform_python_implementation markers .. warning:: This could cause an issue if you have an out of date Pipfile which lowercases the comparison value (e.g. cpython instead of CPython). #2123
Pipenv will now only search for requirements.txt files when creating new projects, and during that time only if the user doesn’t specify packages to pass in. #2309

Bug Fixes¶

Massive internal improvements to requirements parsing codebase, resolver, and error messaging. #1962, #2186, #2263, #2312
Pipenv will now parse & capitalize platform_python_implementation markers. #2123
Fixed a bug with parsing and grouping old-style setup.py extras during resolution #2142
Fixed a bug causing pipenv graph to throw unhelpful exceptions when running against empty or non-existent environments. #2161
Fixed a bug which caused --system to incorrectly abort when users were in a virtualenv. #2181
Removed vendored cacert.pem which could cause issues for some users with custom certificate settings. #2193
Fixed a regression which led to direct invocations of virtualenv, rather than calling it by module. #2198
Locking will now pin the correct VCS ref during pipenv update runs. Running pipenv update with a new vcs ref specified in the Pipfile will now properly obtain, resolve, and install the specified dependency at the specified ref. #2209
pipenv clean will now correctly ignore comments from pip freeze when cleaning the environment. #2262
Resolution bugs causing packages for incompatible python versions to be locked have been fixed. #2267
Fixed a bug causing pipenv graph to fail to display sometimes. #2268
Updated requirementslib to fix a bug in pipfile parsing affecting relative path conversions. #2269
Windows executable discovery now leverages os.pathext. #2298
Fixed a bug which caused --deploy --system to inadvertently create a virtualenv before failing. #2301
Fixed an issue which led to a failure to unquote special characters in file and wheel paths. #2302
VCS dependencies are now manually obtained only if they do not match the requested ref. #2304
Added error handling functionality to properly cope with single-digit Requires-Python metatdata with no specifiers. #2377
pipenv update will now always run the resolver and lock before ensuring your dependencies are in sync with your lockfile. #2379
Resolved a bug in our patched resolvers which could cause nondeterministic resolution failures in certain conditions. Running pipenv install with no arguments in a project with only a Pipfile will now correctly lock first for dependency resolution before installing. #2384
Patched python-dotenv to ensure that environment variables always get encoded to the filesystem encoding. #2386

Improved Documentation¶

Update documentation wording to clarify Pipenv’s overall role in the packaging ecosystem. #2194
Added contribution documentation and guidelines. #2205
Added instructions for supervisord compatibility. #2215
Fixed broken links to development philosophy and contribution documentation. #2248

Vendored Libraries¶

Removed vendored cacert.pem which could cause issues for some users with custom certificate settings. #2193
Dropped vendored pip 9 and vendored, patched, and migrated to pip 10. Updated patched piptools version. #2255
Updated requirementslib to fix a bug in pipfile parsing affecting relative path conversions. #2269
Added custom shell detection library shellingham, a port of our changes to pew. #2363
Patched python-dotenv to ensure that environment variables always get encoded to the filesystem encoding. #2386
Updated vendored libraries. The following vendored libraries were updated:
- distlib from version 0.2.6 to 0.2.7.
- jinja2 from version 2.9.5 to 2.10.
- pathlib2 from version 2.1.0 to 2.3.2.
- parse from version 2.8.0 to 2.8.4.
- pexpect from version 2.5.2 to 2.6.0.
- requests from version 2.18.4 to 2.19.1.
- idna from version 2.6 to 2.7.
- certifi from version 2018.1.16 to 2018.4.16.
- packaging from version 16.8 to 17.1.
- six from version 1.10.0 to 1.11.0.
- requirementslib from version 0.2.0 to 1.0.1.
In addition, scandir was vendored and patched to avoid importing host system binaries when falling back to pathlib2. #2368

User Testimonials¶

Jannis Leidel, former pip maintainer—: Pipenv is the porcelain I always wanted to build for pip. It fits my brain and mostly replaces virtualenvwrapper and manual pip calls for me. Use it.
David Gang—: This package manager is really awesome. For the first time I know exactly what my dependencies are which I installed and what the transitive dependencies are. Combined with the fact that installs are deterministic, makes this package manager first class, like cargo.
Justin Myles Holmes—: Pipenv is finally an abstraction meant to engage the mind instead of merely the filesystem.

☤ Pipenv Features¶

Enables truly deterministic builds, while easily specifying only what you want.
Generates and checks file hashes for locked dependencies.
Automatically install required Pythons, if pyenv is available.
Automatically finds your project home, recursively, by looking for a Pipfile.
Automatically generates a Pipfile, if one doesn’t exist.
Automatically creates a virtualenv in a standard location.
Automatically adds/removes packages to a Pipfile when they are un/installed.
Automatically loads .env files, if they exist.

The main commands are install, uninstall, and lock, which generates a Pipfile.lock. These are intended to replace $ pip install usage, as well as manual virtualenv management (to activate a virtualenv, run $ pipenv shell).

Basic Concepts¶

A virtualenv will automatically be created, when one doesn’t exist.
When no parameters are passed to install, all packages [packages] specified will be installed.
To initialize a Python 3 virtual environment, run $ pipenv --three.
To initialize a Python 2 virtual environment, run $ pipenv --two.
Otherwise, whatever virtualenv defaults to will be the default.

Other Commands¶

graph will show you a dependency graph of your installed dependencies.
shell will spawn a shell with the virtualenv activated. This shell can be deactivated by using exit.
run will run a given command from the virtualenv, with any arguments forwarded (e.g. $ pipenv run python or $ pipenv run pip freeze).
check checks for security vulnerabilities and asserts that PEP 508 requirements are being met by the current environment.

Further Documentation Guides¶

Basic Usage of Pipenv¶

https://farm4.staticflickr.com/3931/33173826122_b7ee8f1a26_k_d.jpg

This document covers some of Pipenv’s more basic features.

☤ Example Pipfile & Pipfile.lock¶

Here is a simple example of a Pipfile and the resulting Pipfile.lock.

Example Pipfile¶

[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true
name = "pypi"

[packages]
requests = "*"


[dev-packages]
pytest = "*"

Example Pipfile.lock¶

{
    "_meta": {
        "hash": {
            "sha256": "8d14434df45e0ef884d6c3f6e8048ba72335637a8631cc44792f52fd20b6f97a"
        },
        "host-environment-markers": {
            "implementation_name": "cpython",
            "implementation_version": "3.6.1",
            "os_name": "posix",
            "platform_machine": "x86_64",
            "platform_python_implementation": "CPython",
            "platform_release": "16.7.0",
            "platform_system": "Darwin",
            "platform_version": "Darwin Kernel Version 16.7.0: Thu Jun 15 17:36:27 PDT 2017; root:xnu-3789.70.16~2/RELEASE_X86_64",
            "python_full_version": "3.6.1",
            "python_version": "3.6",
            "sys_platform": "darwin"
        },
        "pipfile-spec": 5,
        "requires": {},
        "sources": [
            {
                "name": "pypi",
                "url": "https://pypi.python.org/simple",
                "verify_ssl": true
            }
        ]
    },
    "default": {
        "certifi": {
            "hashes": [
                "sha256:54a07c09c586b0e4c619f02a5e94e36619da8e2b053e20f594348c0611803704",
                "sha256:40523d2efb60523e113b44602298f0960e900388cf3bb6043f645cf57ea9e3f5"
            ],
            "version": "==2017.7.27.1"
        },
        "chardet": {
            "hashes": [
                "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691",
                "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae"
            ],
            "version": "==3.0.4"
        },
        "idna": {
            "hashes": [
                "sha256:8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4",
                "sha256:2c6a5de3089009e3da7c5dde64a141dbc8551d5b7f6cf4ed7c2568d0cc520a8f"
            ],
            "version": "==2.6"
        },
        "requests": {
            "hashes": [
                "sha256:6a1b267aa90cac58ac3a765d067950e7dbbf75b1da07e895d1f594193a40a38b",
                "sha256:9c443e7324ba5b85070c4a818ade28bfabedf16ea10206da1132edaa6dda237e"
            ],
            "version": "==2.18.4"
        },
        "urllib3": {
            "hashes": [
                "sha256:06330f386d6e4b195fbfc736b297f58c5a892e4440e54d294d7004e3a9bbea1b",
                "sha256:cc44da8e1145637334317feebd728bd869a35285b93cbb4cca2577da7e62db4f"
            ],
            "version": "==1.22"
        }
    },
    "develop": {
        "py": {
            "hashes": [
                "sha256:2ccb79b01769d99115aa600d7eed99f524bf752bba8f041dc1c184853514655a",
                "sha256:0f2d585d22050e90c7d293b6451c83db097df77871974d90efd5a30dc12fcde3"
            ],
            "version": "==1.4.34"
        },
        "pytest": {
            "hashes": [
                "sha256:b84f554f8ddc23add65c411bf112b2d88e2489fd45f753b1cae5936358bdf314",
                "sha256:f46e49e0340a532764991c498244a60e3a37d7424a532b3ff1a6a7653f1a403a"
            ],
            "version": "==3.2.2"
        }
    }
}

☤ General Recommendations & Version Control¶

Generally, keep both Pipfile and Pipfile.lock in version control.
Do not keep Pipfile.lock in version control if multiple versions of Python are being targeted.
Specify your target Python version in your Pipfile’s [requires] section. Ideally, you should only have one target Python version, as this is a deployment tool.
pipenv install is fully compatible with pip install syntax, for which the full documentation can be found here.

☤ Example Pipenv Workflow¶

Clone / create project repository:

$ cd myproject

Install from Pipfile, if there is one:

$ pipenv install

Or, add a package to your new project:

$ pipenv install <package>

This will create a Pipfile if one doesn’t exist. If one does exist, it will automatically be edited with the new package you provided.

Next, activate the Pipenv shell:

$ pipenv shell
$ python --version

This will spawn a new shell subprocess, which can be deactivated by using exit.

☤ Example Pipenv Upgrade Workflow¶

Find out what’s changed upstream: $ pipenv update --outdated.
Upgrade packages, two options:
1. Want to upgrade everything? Just do $ pipenv update.
2. Want to upgrade packages one-at-a-time? $ pipenv update <pkg> for each outdated package.

☤ Importing from requirements.txt¶

If you only have a requirements.txt file available when running pipenv install, pipenv will automatically import the contents of this file and create a Pipfile for you.

You can also specify $ pipenv install -r path/to/requirements.txt to import a requirements file.

If your requirements file has version numbers pinned, you’ll likely want to edit the new Pipfile to remove those, and let pipenv keep track of pinning. If you want to keep the pinned versions in your Pipfile.lock for now, run pipenv lock --keep-outdated. Make sure to upgrade soon!

☤ Specifying Versions of a Package¶

You can specify versions of a package using the Semantic Versioning scheme (i.e. major.minor.micro).

For example, to install requests you can use:

$ pipenv install requests~=1.2   # equivalent to requests~=1.2.0

Pipenv will install version 1.2 and any minor update, but not 2.0.

This will update your Pipfile to reflect this requirement, automatically.

In general, Pipenv uses the same specifier format as pip. However, note that according to PEP 440 , you can’t use versions containing a hyphen or a plus sign.

To make inclusive or exclusive version comparisons you can use:

$ pipenv install "requests>=1.4"   # will install a version equal or larger than 1.4.0
$ pipenv install "requests<=2.13"  # will install a version equal or lower than 2.13.0
$ pipenv install "requests>2.19"   # will install 2.19.1 but not 2.19.0

注解

The use of " " around the package and version specification is highly recommended to avoid issues with Input and output redirection in Unix-based operating systems.

The use of ~= is preferred over the == identifier as the former prevents pipenv from updating the packages:

$ pipenv install "requests~=2.2"  # locks the major version of the package (this is equivalent to using ==2.*)

To avoid installing a specific version you can use the != identifier.

For an in depth explanation of the valid identifiers and more complex use cases check the relevant section of PEP-440.

☤ Specifying Versions of Python¶

To create a new virtualenv, using a specific version of Python you have installed (and on your PATH), use the --python VERSION flag, like so:

Use Python 3:

$ pipenv --python 3

Use Python3.6:

$ pipenv --python 3.6

Use Python 2.7.14:

$ pipenv --python 2.7.14

When given a Python version, like this, Pipenv will automatically scan your system for a Python that matches that given version.

If a Pipfile hasn’t been created yet, one will be created for you, that looks like this:

[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true

[dev-packages]

[packages]

[requires]
python_version = "3.6"

注解

The inclusion of [requires] python_version = "3.6" specifies that your application requires this version of Python, and will be used automatically when running pipenv install against this Pipfile in the future (e.g. on other machines). If this is not true, feel free to simply remove this section.

If you don’t specify a Python version on the command–line, either the [requires] python_full_version or python_version will be selected automatically, falling back to whatever your system’s default python installation is, at time of execution.

☤ Editable Dependencies (e.g. `-e .` )¶

You can tell Pipenv to install a path as editable — often this is useful for the current working directory when working on packages:

$ pipenv install --dev -e .

$ cat Pipfile
...
[dev-packages]
"e1839a8" = {path = ".", editable = true}
...

注解

All sub-dependencies will get added to the Pipfile.lock as well. Sub-dependencies are not added to the Pipfile.lock if you leave the -e option out.

☤ Environment Management with Pipenv¶

The three primary commands you’ll use in managing your pipenv environment are $ pipenv install, $ pipenv uninstall, and $ pipenv lock.

$ pipenv install¶

$ pipenv install is used for installing packages into the pipenv virtual environment and updating your Pipfile.

Along with the basic install command, which takes the form:

$ pipenv install [package names]

The user can provide these additional parameters:

--two — Performs the installation in a virtualenv using the system python2 link.

--three — Performs the installation in a virtualenv using the system python3 link.

--python — Performs the installation in a virtualenv using the provided Python interpreter.

警告

None of the above commands should be used together. They are also destructive and will delete your current virtualenv before replacing it with an appropriately versioned one.

注解

The virtualenv created by Pipenv may be different from what you were expecting. Dangerous characters (i.e. $`!*@" as well as space, line feed, carriage return, and tab) are converted to underscores. Additionally, the full path to the current folder is encoded into a “slug value” and appended to ensure the virtualenv name is unique.

--dev — Install both develop and default packages from Pipfile.

--system — Use the system pip command rather than the one from your virtualenv.

--ignore-pipfile — Ignore the Pipfile and install from the Pipfile.lock.

--skip-lock — Ignore the Pipfile.lock and install from the Pipfile. In addition, do not write out a Pipfile.lock reflecting changes to the Pipfile.

$ pipenv uninstall¶

$ pipenv uninstall supports all of the parameters in pipenv install, as well as two additional options, --all and --all-dev.

--all — This parameter will purge all files from the virtual environment, but leave the Pipfile untouched.

--all-dev — This parameter will remove all of the development packages from the virtual environment, and remove them from the Pipfile.

$ pipenv lock¶

$ pipenv lock is used to create a Pipfile.lock, which declares all dependencies (and sub-dependencies) of your project, their latest available versions, and the current hashes for the downloaded files. This ensures repeatable, and most importantly deterministic, builds.

☤ About Shell Configuration¶

Shells are typically misconfigured for subshell use, so $ pipenv shell --fancy may produce unexpected results. If this is the case, try $ pipenv shell, which uses “compatibility mode”, and will attempt to spawn a subshell despite misconfiguration.

A proper shell configuration only sets environment variables like PATH during a login session, not during every subshell spawn (as they are typically configured to do). In fish, this looks like this:

if status --is-login
    set -gx PATH /usr/local/bin $PATH
end

You should do this for your shell too, in your ~/.profile or ~/.bashrc or wherever appropriate.

注解

The shell launched in interactive mode. This means that if your shell reads its configuration from a specific file for interactive mode (e.g. bash by default looks for a ~/.bashrc configuration file for interactive mode), then you’ll need to modify (or create) this file.

If you experience issues with $ pipenv shell, just check the PIPENV_SHELL environment variable, which $ pipenv shell will use if available. For detail, see configuration-with-environment-variables.

☤ A Note about VCS Dependencies¶

You can install packages with pipenv from git and other version control systems using URLs formatted according to the following rule:

<vcs_type>+<scheme>://<location>/<user_or_organization>/<repository>@<branch_or_tag>#egg=<package_name>

The only optional section is the @<branch_or_tag> section. When using git over SSH, you may use the shorthand vcs and scheme alias git+git@<location>:<user_or_organization>/<repository>@<branch_or_tag>#<package_name>. Note that this is translated to git+ssh://git@<location> when parsed.

Note that it is strongly recommended that you install any version-controlled dependencies in editable mode, using pipenv install -e, in order to ensure that dependency resolution can be performed with an up to date copy of the repository each time it is performed, and that it includes all known dependencies.

Below is an example usage which installs the git repository located at https://github.com/requests/requests.git from tag v2.20.1 as package name requests:

$ pipenv install -e git+https://github.com/requests/requests.git@v2.20.1#egg=requests
Creating a Pipfile for this project...
Installing -e git+https://github.com/requests/requests.git@v2.20.1#egg=requests...
[...snipped...]
Adding -e git+https://github.com/requests/requests.git@v2.20.1#egg=requests to Pipfile's [packages]...
[...]

$ cat Pipfile
[packages]
requests = {git = "https://github.com/requests/requests.git", editable = true, ref = "v2.20.1"}

Valid values for <vcs_type> include git, bzr, svn, and hg. Valid values for <scheme> include http, https, ssh, and file. In specific cases you also have access to other schemes: svn may be combined with svn as a scheme, and bzr can be combined with sftp and lp.

You can read more about pip’s implementation of VCS support here. For more information about other options available when specifying VCS dependencies, please check the Pipfile spec.

☤ Pipfile.lock Security Features¶

Pipfile.lock takes advantage of some great new security improvements in pip. By default, the Pipfile.lock will be generated with the sha256 hashes of each downloaded package. This will allow pip to guarantee you’re installing what you intend to when on a compromised network, or downloading dependencies from an untrusted PyPI endpoint.

We highly recommend approaching deployments with promoting projects from a development environment into production. You can use pipenv lock to compile your dependencies on your development environment and deploy the compiled Pipfile.lock to all of your production environments for reproducible builds.

Advanced Usage of Pipenv¶

https://farm4.staticflickr.com/3672/33231486560_bff4124c9a_k_d.jpg

This document covers some of Pipenv’s more glorious and advanced features.

☤ Caveats¶

Dependencies of wheels provided in a Pipfile will not be captured by $ pipenv lock.
There are some known issues with using private indexes, related to hashing. We’re actively working to solve this problem. You may have great luck with this, however.
Installation is intended to be as deterministic as possible — use the --sequential flag to increase this, if experiencing issues.

☤ Specifying Package Indexes¶

If you’d like a specific package to be installed with a specific package index, you can do the following:

[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true
name = "pypi"

[[source]]
url = "http://pypi.home.kennethreitz.org/simple"
verify_ssl = false
name = "home"

[dev-packages]

[packages]
requests = {version="*", index="home"}
maya = {version="*", index="pypi"}
records = "*"

Very fancy.

☤ Using a PyPI Mirror¶

If you’d like to override the default PyPI index urls with the url for a PyPI mirror, you can use the following:

$ pipenv install --pypi-mirror <mirror_url>

$ pipenv update --pypi-mirror <mirror_url>

$ pipenv sync --pypi-mirror <mirror_url>

$ pipenv lock --pypi-mirror <mirror_url>

$ pipenv uninstall --pypi-mirror <mirror_url>

Alternatively, you can set the PIPENV_PYPI_MIRROR environment variable.

☤ Injecting credentials into Pipfiles via environment variables¶

Pipenv will expand environment variables (if defined) in your Pipfile. Quite useful if you need to authenticate to a private PyPI:

[[source]]
url = "https://$USERNAME:${PASSWORD}@mypypi.example.com/simple"
verify_ssl = true
name = "pypi"

Luckily - pipenv will hash your Pipfile before expanding environment variables (and, helpfully, will substitute the environment variables again when you install from the lock file - so no need to commit any secrets! Woo!)

☤ Specifying Basically Anything¶

If you’d like to specify that a specific package only be installed on certain systems, you can use PEP 508 specifiers to accomplish this.

Here’s an example Pipfile, which will only install pywinusb on Windows systems:

[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true
name = "pypi"

[packages]
requests = "*"
pywinusb = {version = "*", sys_platform = "== 'win32'"}

Voilà!

Here’s a more complex example:

[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true

[packages]
unittest2 = {version = ">=1.0,<3.0", markers="python_version < '2.7.9' or (python_version >= '3.0' and python_version < '3.4')"}

Magic. Pure, unadulterated magic.

☤ Using pipenv for Deployments¶

You may want to use pipenv as part of a deployment process.

You can enforce that your Pipfile.lock is up to date using the --deploy flag:

$ pipenv install --deploy

This will fail a build if the Pipfile.lock is out–of–date, instead of generating a new one.

Or you can install packages exactly as specified in Pipfile.lock using the sync command:

$ pipenv sync

注解

pipenv install --ignore-pipfile is nearly equivalent to pipenv sync, but pipenv sync will never attempt to re-lock your dependencies as it is considered an atomic operation. pipenv install by default does attempt to re-lock unless using the --deploy flag.

Deploying System Dependencies¶

You can tell Pipenv to install a Pipfile’s contents into its parent system with the --system flag:

$ pipenv install --system

This is useful for managing the system Python, and deployment infrastructure (e.g. Heroku does this).

☤ Pipenv and Other Python Distributions¶

To use Pipenv with a third-party Python distribution (e.g. Anaconda), you simply provide the path to the Python binary:

$ pipenv install --python=/path/to/python

Anaconda uses Conda to manage packages. To reuse Conda–installed Python packages, use the --site-packages flag:

$ pipenv --python=/path/to/python --site-packages

☤ Generating a `requirements.txt`¶

You can convert a Pipfile and Pipfile.lock into a requirements.txt file very easily, and get all the benefits of extras and other goodies we have included.

Let’s take this Pipfile:

[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true

[packages]
requests = {version="*"}

And generate a requirements.txt out of it:

$ pipenv lock -r
chardet==3.0.4
requests==2.18.4
certifi==2017.7.27.1
idna==2.6
urllib3==1.22

If you wish to generate a requirements.txt with only the development requirements you can do that too! Let’s take the following Pipfile:

[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true

[dev-packages]
pytest = {version="*"}

And generate a requirements.txt out of it:

$ pipenv lock -r --dev
py==1.4.34
pytest==3.2.3

Very fancy.

☤ Detection of Security Vulnerabilities¶

Pipenv includes the safety package, and will use it to scan your dependency graph for known security vulnerabilities!

Example:

$ cat Pipfile
[packages]
django = "==1.10.1"

$ pipenv check
Checking PEP 508 requirements…
Passed!
Checking installed package safety…

33075: django >=1.10,<1.10.3 resolved (1.10.1 installed)!
Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.

33076: django >=1.10,<1.10.3 resolved (1.10.1 installed)!
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually specify a password in the database settings TEST dictionary.

33300: django >=1.10,<1.10.7 resolved (1.10.1 installed)!
CVE-2017-7233: Open redirect and possible XSS attack via user-supplied numeric redirect URLs
============================================================================================

Django relies on user input in some cases  (e.g.
:func:`django.contrib.auth.views.login` and :doc:`i18n </topics/i18n/index>`)
to redirect the user to an "on success" URL. The security check for these
redirects (namely ``django.utils.http.is_safe_url()``) considered some numeric
URLs (e.g. ``http:999999999``) "safe" when they shouldn't be.

Also, if a developer relies on ``is_safe_url()`` to provide safe redirect
targets and puts such a URL into a link, they could suffer from an XSS attack.

CVE-2017-7234: Open redirect vulnerability in ``django.views.static.serve()``
=============================================================================

A maliciously crafted URL to a Django site using the
:func:`~django.views.static.serve` view could redirect to any other domain. The
view no longer does any redirects as they don't provide any known, useful
functionality.

Note, however, that this view has always carried a warning that it is not
hardened for production use and should be used only as a development aid.

✨🍰✨

注解

In order to enable this functionality while maintaining its permissive copyright license, pipenv embeds an API client key for the backend Safety API operated by pyup.io rather than including a full copy of the CC-BY-NC-SA licensed Safety-DB database. This embedded client key is shared across all pipenv check users, and hence will be subject to API access throttling based on overall usage rather than individual client usage.

You can also use your own safety API key by setting the environment variable PIPENV_PYUP_API_KEY.

☤ Community Integrations¶

There are a range of community-maintained plugins and extensions available for a range of editors and IDEs, as well as different products which integrate with Pipenv projects:

Heroku (Cloud Hosting)
Platform.sh (Cloud Hosting)
PyUp (Security Notification)
Emacs (Editor Integration)
Fish Shell (Automatic $ pipenv shell!)
VS Code (Editor Integration)
PyCharm (Editor Integration)

Works in progress:

Sublime Text (Editor Integration)
Mysterious upcoming Google Cloud product (Cloud Hosting)

☤ Open a Module in Your Editor¶

Pipenv allows you to open any Python module that is installed (including ones in your codebase), with the $ pipenv open command:

$ pipenv install -e git+https://github.com/kennethreitz/background.git#egg=background
Installing -e git+https://github.com/kennethreitz/background.git#egg=background…
...
Updated Pipfile.lock!

$ pipenv open background
Opening '/Users/kennethreitz/.local/share/virtualenvs/hmm-mGOawwm_/src/background/background.py' in your EDITOR.

This allows you to easily read the code you’re consuming, instead of looking it up on GitHub.

注解

The standard EDITOR environment variable is used for this. If you’re using VS Code, for example, you’ll want to export EDITOR=code (if you’re on macOS you will want to install the command on to your PATH first).

☤ Automatic Python Installation¶

If you have pyenv installed and configured, Pipenv will automatically ask you if you want to install a required version of Python if you don’t already have it available.

This is a very fancy feature, and we’re very proud of it:

$ cat Pipfile
[[source]]
url = "https://pypi.python.org/simple"
verify_ssl = true

[dev-packages]

[packages]
requests = "*"

[requires]
python_version = "3.6"

$ pipenv install
Warning: Python 3.6 was not found on your system…
Would you like us to install latest CPython 3.6 with pyenv? [Y/n]: y
Installing CPython 3.6.2 with pyenv (this may take a few minutes)…
...
Making Python installation global…
Creating a virtualenv for this project…
Using /Users/kennethreitz/.pyenv/shims/python3 to create virtualenv…
...
No package provided, installing all dependencies.
...
Installing dependencies from Pipfile.lock…
🐍   ❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒❒ 5/5 — 00:00:03
To activate this project's virtualenv, run the following:
 $ pipenv shell

Pipenv automatically honors both the python_full_version and python_version PEP 508 specifiers.

💫✨🍰✨💫

☤ Automatic Loading of `.env`¶

If a .env file is present in your project, $ pipenv shell and $ pipenv run will automatically load it, for you:

$ cat .env
HELLO=WORLD⏎

$ pipenv run python
Loading .env environment variables…
Python 2.7.13 (default, Jul 18 2017, 09:17:00)
[GCC 4.2.1 Compatible Apple LLVM 8.1.0 (clang-802.0.42)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> import os
>>> os.environ['HELLO']
'WORLD'

This is very useful for keeping production credentials out of your codebase. We do not recommend committing .env files into source control!

If your .env file is located in a different path or has a different name you may set the PIPENV_DOTENV_LOCATION environment variable:

$ PIPENV_DOTENV_LOCATION=/path/to/.env pipenv shell

To prevent pipenv from loading the .env file, set the PIPENV_DONT_LOAD_ENV environment variable:

$ PIPENV_DONT_LOAD_ENV=1 pipenv shell

☤ Custom Script Shortcuts¶

Pipenv supports creating custom shortcuts in the (optional) [scripts] section of your Pipfile.

You can then run pipenv run <shortcut name> in your terminal to run the command in the context of your pipenv virtual environment even if you have not activated the pipenv shell first.

For example, in your Pipfile:

[scripts]
printspam = "python -c \"print('I am a silly example, no one would need to do this')\""

And then in your terminal:

$ pipenv run printspam
I am a silly example, no one would need to do this

Commands that expect arguments will also work. For example:

[scripts]
echospam = "echo I am really a very silly example"

$ pipenv run echospam "indeed"
I am really a very silly example indeed

☤ Support for Environment Variables¶

Pipenv supports the usage of environment variables in values. For example:

[[source]]
url = "https://${PYPI_USERNAME}:${PYPI_PASSWORD}@my_private_repo.example.com/simple"
verify_ssl = true
name = "pypi"

[dev-packages]

[packages]
requests = {version="*", index="home"}
maya = {version="*", index="pypi"}
records = "*"

Environment variables may be specified as ${MY_ENVAR} or $MY_ENVAR. On Windows, %MY_ENVAR% is supported in addition to ${MY_ENVAR} or $MY_ENVAR.

☤ Configuration With Environment Variables¶

Pipenv comes with a handful of options that can be enabled via shell environment variables. To activate them, simply create the variable in your shell and pipenv will detect it.

If you’d like to set these environment variables on a per-project basis, I recommend utilizing the fantastic direnv project, in order to do so.

Also note that pip itself supports environment variables, if you need additional customization.

For example:

$ PIP_INSTALL_OPTION="-- -DCMAKE_BUILD_TYPE=Release" pipenv install -e .

☤ Custom Virtual Environment Location¶

Pipenv automatically honors the WORKON_HOME environment variable, if you have it set — so you can tell pipenv to store your virtual environments wherever you want, e.g.:

export WORKON_HOME=~/.venvs

In addition, you can also have Pipenv stick the virtualenv in project/.venv by setting the PIPENV_VENV_IN_PROJECT environment variable.

☤ Testing Projects¶

Pipenv is being used in projects like Requests for declaring development dependencies and running the test suite.

We’ve currently tested deployments with both Travis-CI and tox with success.

Travis CI¶

An example Travis CI setup can be found in Requests. The project uses a Makefile to define common functions such as its init and tests commands. Here is a stripped down example .travis.yml:

language: python
python:
    - "2.6"
    - "2.7"
    - "3.3"
    - "3.4"
    - "3.5"
    - "3.6"
    - "3.7-dev"

# command to install dependencies
install: "make"

# command to run tests
script:
    - make test

and the corresponding Makefile:

init:
    pip install pipenv
    pipenv install --dev

test:
    pipenv run py.test tests

Tox Automation Project¶

Alternatively, you can configure a tox.ini like the one below for both local and external testing:

[tox]
envlist = flake8-py3, py26, py27, py33, py34, py35, py36, pypy

[testenv]
deps = pipenv
commands=
    pipenv install --dev
    pipenv run py.test tests

[testenv:flake8-py3]
basepython = python3.4
commands=
    pipenv install --dev
    pipenv run flake8 --version
    pipenv run flake8 setup.py docs project test

Pipenv will automatically use the virtualenv provided by tox. If pipenv install --dev installs e.g. pytest, then installed command py.test will be present in given virtualenv and can be called directly by py.test tests instead of pipenv run py.test tests.

You might also want to add --ignore-pipfile to pipenv install, as to not accidentally modify the lock-file on each test run. This causes Pipenv to ignore changes to the Pipfile and (more importantly) prevents it from adding the current environment to Pipfile.lock. This might be important as the current environment (i.e. the virtualenv provisioned by tox) will usually contain the current project (which may or may not be desired) and additional dependencies from tox’s deps directive. The initial provisioning may alternatively be disabled by adding skip_install = True to tox.ini.

This method requires you to be explicit about updating the lock-file, which is probably a good idea in any case.

A 3rd party plugin, tox-pipenv is also available to use Pipenv natively with tox.

☤ Shell Completion¶

To enable completion in fish, add this to your config:

eval (pipenv --completion)

Alternatively, with bash or zsh, add this to your config:

eval "$(pipenv --completion)"

Magic shell completions are now enabled!

✨🍰✨

☤ Working with Platform-Provided Python Components¶

It’s reasonably common for platform specific Python bindings for operating system interfaces to only be available through the system package manager, and hence unavailable for installation into virtual environments with pip. In these cases, the virtual environment can be created with access to the system site-packages directory:

$ pipenv --three --site-packages

To ensure that all pip-installable components actually are installed into the virtual environment and system packages are only used for interfaces that don’t participate in Python-level dependency resolution at all, use the PIP_IGNORE_INSTALLED setting:

$ PIP_IGNORE_INSTALLED=1 pipenv install --dev

☤ Pipfile vs setup.py¶

There is a subtle but very important distinction to be made between applications and libraries. This is a very common source of confusion in the Python community.

Libraries provide reusable functionality to other libraries and applications (let’s use the umbrella term projects here). They are required to work alongside other libraries, all with their own set of subdependencies. They define abstract dependencies. To avoid version conflicts in subdependencies of different libraries within a project, libraries should never ever pin dependency versions. Although they may specify lower or (less frequently) upper bounds, if they rely on some specific feature/fix/bug. Library dependencies are specified via install_requires in setup.py.

Libraries are ultimately meant to be used in some application. Applications are different in that they usually are not depended on by other projects. They are meant to be deployed into some specific environment and only then should the exact versions of all their dependencies and subdependencies be made concrete. To make this process easier is currently the main goal of Pipenv.

To summarize:

For libraries, define abstract dependencies via install_requires in setup.py. The decision of which version exactly to be installed and where to obtain that dependency is not yours to make!
For applications, define dependencies and where to get them in the Pipfile and use this file to update the set of concrete dependencies in Pipfile.lock. This file defines a specific idempotent environment that is known to work for your project. The Pipfile.lock is your source of truth. The Pipfile is a convenience for you to create that lock-file, in that it allows you to still remain somewhat vague about the exact version of a dependency to be used. Pipenv is there to help you define a working conflict-free set of specific dependency-versions, which would otherwise be a very tedious task.
Of course, Pipfile and Pipenv are still useful for library developers, as they can be used to define a development or test environment.
And, of course, there are projects for which the distinction between library and application isn’t that clear. In that case, use install_requires alongside Pipenv and Pipfile.

You can also do this:

$ pipenv install -e .

This will tell Pipenv to lock all your setup.py–declared dependencies.

☤ Changing Pipenv’s Cache Location¶

You can force Pipenv to use a different cache location by setting the environment variable PIPENV_CACHE_DIR to the location you wish. This is useful in the same situations that you would change PIP_CACHE_DIR to a different directory.

☤ Changing Default Python Versions¶

By default, Pipenv will initialize a project using whatever version of python the python3 is. Besides starting a project with the --three or --two flags, you can also use PIPENV_DEFAULT_PYTHON_VERSION to specify what version to use when starting a project when --three or --two aren’t used.

Frequently Encountered Pipenv Problems¶

Pipenv is constantly being improved by volunteers, but is still a very young project with limited resources, and has some quirks that needs to be dealt with. We need everyone’s help (including yours!).

Here are some common questions people have using Pipenv. Please take a look below and see if they resolve your problem.

注解

Make sure you’re running the newest Pipenv version first!

☤ Your dependencies could not be resolved¶

Make sure your dependencies actually do resolve. If you’re confident they are, you may need to clear your resolver cache. Run the following command:

pipenv lock --clear

and try again.

If this does not work, try manually deleting the whole cache directory. It is usually one of the following locations:

~/Library/Caches/pipenv (macOS)
%LOCALAPPDATA%\pipenv\pipenv\Cache (Windows)
~/.cache/pipenv (other operating systems)

Pipenv does not install prereleases (i.e. a version with an alpha/beta/etc. suffix, such as 1.0b1) by default. You will need to pass the --pre flag in your command, or set

[pipenv]
allow_prereleases = true

in your Pipfile.

☤ No module named <module name>¶

This is usually a result of mixing Pipenv with system packages. We strongly recommend installing Pipenv in an isolated environment. Uninstall all existing Pipenv installations, and see ☤ Installing Pipenv to choose one of the recommended way to install Pipenv instead.

☤ My pyenv-installed Python is not found¶

Make sure you have PYENV_ROOT set correctly. Pipenv only supports CPython distributions, with version name like 3.6.4 or similar.

☤ Pipenv does not respect pyenv’s global and local Python versions¶

Pipenv by default uses the Python it is installed against to create the virtualenv. You can set the --python option, or $PYENV_ROOT/shims/python to let it consult pyenv when choosing the interpreter. See ☤ Specifying Versions of a Package for more information.

If you want Pipenv to automatically “do the right thing”, you can set the environment variable PIPENV_PYTHON to $PYENV_ROOT/shims/python. This will make Pipenv use pyenv’s active Python version to create virtual environments by default.

☤ ValueError: unknown locale: UTF-8¶

macOS has a bug in its locale detection that prevents us from detecting your shell encoding correctly. This can also be an issue on other systems if the locale variables do not specify an encoding.

The workaround is to set the following two environment variables to a standard localization format:

LC_ALL
LANG

For Bash, for example, you can add the following to your ~/.bash_profile:

export LC_ALL='en_US.UTF-8'
export LANG='en_US.UTF-8'

For Zsh, the file to edit is ~/.zshrc.

注解

You can change both the en_US and UTF-8 part to the language/locale and encoding you use.

☤ /bin/pip: No such file or directory¶

This may be related to your locale setting. See ☤ ValueError: unknown locale: UTF-8 for a possible solution.

☤ `shell` does not show the virtualenv’s name in prompt¶

This is intentional. You can do it yourself with either shell plugins, or clever PS1 configuration. If you really want it back, use

pipenv shell -c

instead (not available on Windows).

☤ Pipenv does not respect dependencies in setup.py¶

No, it does not, intentionally. Pipfile and setup.py serve different purposes, and should not consider each other by default. See ☤ Pipfile vs setup.py for more information.

☤ Using `pipenv run` in Supervisor program¶

When you configure a supervisor program’s command with pipenv run ..., you need to set locale enviroment variables properly to make it work.

Add this line under [supervisord] section in /etc/supervisor/supervisord.conf:

[supervisord]
environment=LC_ALL='en_US.UTF-8',LANG='en_US.UTF-8'

☤ An exception is raised during `Locking dependencies…`¶

Run pipenv lock --clear and try again. The lock sequence caches results to speed up subsequent runs. The cache may contain faulty results if a bug causes the format to corrupt, even after the bug is fixed. --clear flushes the cache, and therefore removes the bad results.

Contribution Guides¶

Development Philosophy¶

Pipenv is an open but opinionated tool, created by an open but opinionated developer.

Management Style¶

Kenneth Reitz is the BDFL. He has final say in any decision related to the Pipenv project. Kenneth is responsible for the direction and form of the library, as well as its presentation. In addition to making decisions based on technical merit, he is responsible for making decisions based on the development philosophy of Pipenv.

Dan Ryan, Tzu-ping Chung, and Nate Prewitt are the core contributors. They are responsible for triaging bug reports, reviewing pull requests and ensuring that Kenneth is kept up to speed with developments around the library. The day-to-day managing of the project is done by the core contributors. They are responsible for making judgements about whether or not a feature request is likely to be accepted by Kenneth.

Values¶

Simplicity is always better than functionality.
Listen to everyone, then disregard it.
The API is all that matters. Everything else is secondary.
Fit the 90% use-case. Ignore the nay-sayers.

Contributing to Pipenv¶

If you’re reading this, you’re probably interested in contributing to Pipenv. Thank you very much! Open source projects live-and-die based on the support they receive from others, and the fact that you’re even considering contributing to the Pipenv project is very generous of you.

This document lays out guidelines and advice for contributing to this project. If you’re thinking of contributing, please start by reading this document and getting a feel for how contributing to this project works. If you have any questions, feel free to reach out to either Dan Ryan, Tzu-ping Chung, or Nate Prewitt, the primary maintainers.

The guide is split into sections based on the type of contribution you’re thinking of making, with a section that covers general guidelines for all contributors.

Be Cordial¶

Be cordial or be on your way. —Kenneth Reitz

Pipenv has one very important rule governing all forms of contribution, including reporting bugs or requesting features. This golden rule is “be cordial or be on your way”.

All contributions are welcome, as long as everyone involved is treated with respect.

Get Early Feedback¶

If you are contributing, do not feel the need to sit on your contribution until it is perfectly polished and complete. It helps everyone involved for you to seek feedback as early as you possibly can. Submitting an early, unfinished version of your contribution for feedback in no way prejudices your chances of getting that contribution accepted, and can save you from putting a lot of work into a contribution that is not suitable for the project.

Contribution Suitability¶

Our project maintainers have the last word on whether or not a contribution is suitable for Pipenv. All contributions will be considered carefully, but from time to time, contributions will be rejected because they do not suit the current goals or needs of the project.

If your contribution is rejected, don’t despair! As long as you followed these guidelines, you will have a much better chance of getting your next contribution accepted.

Code Contributions¶

Steps for Submitting Code¶

When contributing code, you’ll want to follow this checklist:

Fork the repository on GitHub.
Run the tests to confirm they all pass on your system. If they don’t, you’ll need to investigate why they fail. If you’re unable to diagnose this yourself, raise it as a bug report by following the guidelines in this document: Bug Reports.
Write tests that demonstrate your bug or feature. Ensure that they fail.
Make your change.
Run the entire test suite again, confirming that all tests pass including the ones you just added.
Send a GitHub Pull Request to the main repository’s master branch. GitHub Pull Requests are the expected method of code collaboration on this project.

The following sub-sections go into more detail on some of the points above.

Code Review¶

Contributions will not be merged until they’ve been code reviewed. You should implement any code review feedback unless you strongly object to it. In the event that you object to the code review feedback, you should make your case clearly and calmly. If, after doing so, the feedback is judged to still apply, you must either apply the feedback or withdraw your contribution.

Documentation Contributions¶

Documentation improvements are always welcome! The documentation files live in the docs/ directory of the codebase. They’re written in reStructuredText, and use Sphinx to generate the full suite of documentation.

When contributing documentation, please do your best to follow the style of the documentation files. This means a soft-limit of 79 characters wide in your text files and a semi-formal, yet friendly and approachable, prose style.

When presenting Python code, use single-quoted strings ('hello' instead of "hello").

Bug Reports¶

Bug reports are hugely important! Before you raise one, though, please check through the GitHub issues, both open and closed, to confirm that the bug hasn’t been reported before. Duplicate bug reports are a huge drain on the time of other contributors, and should be avoided as much as possible.

Run the tests¶

Three ways of running the tests are as follows:

make test (which uses docker)
./run-tests.sh or run-tests.bat
Using pipenv:
```
pipenv install --dev
pipenv run pytest
```

For the last two, it is important that your environment is setup correctly, and this may take some work, for example, on a specific Mac installation, the following steps may be needed:

# Make sure the tests can access github
if [ "$SSH_AGENT_PID" = "" ]
then
   eval `ssh-agent`
   ssh-add
fi

# Use unix like utilities, installed with brew,
# e.g. brew install coreutils
for d in /usr/local/opt/*/libexec/gnubin /usr/local/opt/python/libexec/bin
do
  [[ ":$PATH:" != *":$d:"* ]] && PATH="$d:${PATH}"
done

export PATH

# PIP_FIND_LINKS currently breaks test_uninstall.py
unset PIP_FIND_LINKS

Pipenv: Python Dev Workflow for Humans¶

Install Pipenv Today!¶

Pipenv & Virtual Environments¶

☤ Make sure you’ve got Python & pip¶

☤ Installing Pipenv¶

☤ Homebrew Installation of Pipenv¶

☤ Pragmatic Installation of Pipenv¶

☤ Crude Installation of Pipenv¶

☤ Installing packages for your project¶

☤ Using installed packages¶

☤ Virtualenv mapping caveat¶

☤ Next steps¶

Release and Version History¶

2018.11.26 (2018-11-26)¶

Bug Fixes¶

Vendored Libraries¶

2018.11.14 (2018-11-14)¶

Features & Improvements¶

Bug Fixes¶

Vendored Libraries¶

Improved Documentation¶

2018.10.13 (2018-10-13)¶

Bug Fixes¶

Vendored Libraries¶

2018.10.9 (2018-10-09)¶

Features & Improvements¶

Behavior Changes¶

Bug Fixes¶

Vendored Libraries¶

Improved Documentation¶

2018.7.1 (2018-07-01)¶

Features & Improvements¶

Bug Fixes¶

Vendored Libraries¶

Improved Documentation¶

2018.6.25 (2018-06-25)¶

Features & Improvements¶

Behavior Changes¶

Bug Fixes¶

Improved Documentation¶

Vendored Libraries¶

User Testimonials¶

☤ Pipenv Features¶

Basic Concepts¶

Other Commands¶

Further Documentation Guides¶

Basic Usage of Pipenv¶

☤ Example Pipfile & Pipfile.lock¶

Example Pipfile¶

Example Pipfile.lock¶

☤ General Recommendations & Version Control¶

☤ Example Pipenv Workflow¶

☤ Example Pipenv Upgrade Workflow¶

☤ Importing from requirements.txt¶

☤ Specifying Versions of a Package¶

☤ Specifying Versions of Python¶

☤ Editable Dependencies (e.g. -e . )¶

☤ Environment Management with Pipenv¶

$ pipenv install¶

$ pipenv uninstall¶

$ pipenv lock¶

☤ About Shell Configuration¶

☤ A Note about VCS Dependencies¶

☤ Pipfile.lock Security Features¶

Advanced Usage of Pipenv¶

☤ Caveats¶

☤ Specifying Package Indexes¶

☤ Using a PyPI Mirror¶

☤ Injecting credentials into Pipfiles via environment variables¶

☤ Specifying Basically Anything¶

☤ Using pipenv for Deployments¶

Deploying System Dependencies¶

☤ Pipenv and Other Python Distributions¶

☤ Generating a requirements.txt¶

☤ Detection of Security Vulnerabilities¶

☤ Community Integrations¶

☤ Open a Module in Your Editor¶

☤ Automatic Python Installation¶

☤ Automatic Loading of .env¶

☤ Custom Script Shortcuts¶

☤ Editable Dependencies (e.g. `-e .` )¶

☤ Generating a `requirements.txt`¶

☤ Automatic Loading of `.env`¶

☤ `shell` does not show the virtualenv’s name in prompt¶

☤ Using `pipenv run` in Supervisor program¶

☤ An exception is raised during `Locking dependencies…`¶