Home Python Pipenv – The Officially Recommended Python Packaging Tool

Pipenv – The Officially Recommended Python Packaging Tool

By sk
Published: Updated: 3.5K views

The other day we published a beginners guide to manage Python packages using PIP. In that guide, we discussed how to install pip, and how to install, update, uninstall Python packages using pip. We also discussed the importance of virtual environments and how to create a virtual environment using venv and virtualvnv tools. Today, we are going to learn about another python package manager named pipenv. It is the new recommended Python Packaging tool by Python.org. It can be used to easily install and manage python dependencies without having to create virtual environments. Pipenv automatically creates and manages a virtualenv for your projects. It also adds/removes packages from your Pipfile as you install/uninstall packages.

Why Pipenv?

Pipenv addresses the following real-time problems:

  • You no longer have to create virtual environment. Pipenv will automatically create virtualenv for your projects. To put this simply, pip and virtualenv work together.
  • Managing a requirements.txt file can be problematic, so Pipenv uses the upcoming Pipfile and Pipfile.lock instead, which is superior for basic use cases.
  • It is secure. Hashes are used everywhere, always. Automatically expose security vulnerabilities.
  • View the dependency graph at any time.
  • Streamline development workflow by loading .env files.

Well, let's get started.

Install Pipenv in Linux

There are many ways to install Pipenv. We will see two officially recommended methods.

1. Installing pipenv using pip

The official recommended way is to use pip. Make sure you have install python and pip. If not, refer our previous guide linked in the first paragraph of this article.

Once pip installed, run the following command to install pipenv.

$ pip install --user pipenv

This command will install pipenv in user level (i.e not system-wide). If pipenv is not available in your shell after installing it, you may need to add your user base's binary directory to your PATH. If you don't know what your user base is, run the following command to find it out:

$ python -m site --user-base

You'll see an output something like below.

/home/sk/.local

As you can see in the above output, my user base directory is /home/sk/.local, and my base's binary directory is /home/sk/.local/bin. Clear? Good. Now add this to your PATH. To do so, edit your ~/.profile file:

$ vi ~/.profile

Add this line at the end:

export PATH="$HOME/.local/bin:$PATH"

Press ESC key and type :wq to save and quit the file. Then, run the following command to take effect the changes.

$ source ~/.profile

Finally, run the following command:

$ pipenv --update

To upgrade pipenv at any time, run the following command:

$ pip install --user --upgrade pipenv

2. Installing pipenv using pipsi

Pipsi is a powerful tool which allows you to install Python scripts into isolated virtual environments.

To install pipsi, run:

$ curl https://raw.githubusercontent.com/mitsuhiko/pipsi/master/get-pipsi.py | python

Follow the on-screen instructions, you’ll have to update your PATH.

Once pipsi installed, run the following commands to install pipenv:

$ pipsi install pew
$ pipsi install pipenv

Finally, run the following command:

$ pipenv --update

To upgrade pipenv at any time, just run:

$ pipsi upgrade pipenv

Manage Python packages using Pipenv

Run 'pipenv' in your shell to display the list of available commands and general options.

$ pipenv

Sample output would be:

pipenv 1

Installing packages

Create a new project or go to the existing project's directory.

$ mkdir myproject
$ cd myproject

Install the packages for your project:

$ pipenv install requests

When you ls into your project's directory (i.e myproject in this case), you will see two files namely Pipfile, and Pipfile.lock. The Pipfile contains information of the newly installed package such as name, version etc. You can use this Pipfile to track which dependencies your project needs when you want to re-install or share the project with others.

$ cat Pipfile

And, the Pipfile.lock contains your system information, all the dependencies of the installed package including their version, and all the hashes for all installed packages and their dependencies.

$ cat Pipfile.lock

Now install another package and check the contents of the two files again. You will notice that the Pidfile now contains two packages. And, Pidfile.lock contains all the dependencies of the installed packages including their version, and all the hashes for all installed packages and their dependencies. To put this simple, these two files will get updated automatically each time you install a new package.

Did you notice? I haven't created any virtual environments. Pipenv automatically created virtual environment for my project. Wondering where your projects are stored? Just run this command to know your virtual environment location.

$ pipenv --venv
/home/sk/.local/share/virtualenvs/myproject-x7-2XYPN

To view your project's home details, run:

$ pipenv --where
/home/sk/myproject

As you can in the both outputs, "/home/sk/myproject" is my project's home directory and "/home/sk/.local/share/virtualenvs/myproject-x7-2XYPN" is my virtual environment.

You can "ls" into your virtualenv to check what's in there.

$ ls /home/sk/.local/share/virtualenvs/myproject-x7-2XYPN

Update packages

To update all packages, run:

$ pipenv update

This command will uninstall all packages, and re-install package(s) to latest compatible versions.

Checking integrity of a package

Are you worrying if there are any security vulnerabilities in the installed packages? No problem! Pipenv got your back. To check the integrity of packages, just run the following command:

$ pipenv check
Checking PEP 508 requirements…
Passed!
Checking installed package safety…
All good!

The above command checks for security vulnerabilities and against PEP 508 markers provided in the Pipfile.

View dependency graph

Let us run 'pipenv graph' and see what happens.

$ pipenv graph

As you can see, this command displays the dependency graph.

Uninstall a package

To remove a package, run:

$ pipenv uninstall requests
Un-installing speedtest-cli…
Uninstalling speedtest-cli-1.0.7:
 Successfully uninstalled speedtest-cli-1.0.7

Removing speedtest-cli from Pipfile…
Locking [dev-packages] dependencies…
Locking [packages] dependencies…
Updated Pipfile.lock (c23e27)!

To uninstall everything, run:

$ pipenv uninstall --all
Un-installing all packages from virtualenv…
Found 1 installed package(s), purging…

Environment now purged and fresh!

For more details, run:

$ pipenv -h

Or,

$ pipenv --man

As far as I tested Pipenv is much easier to use than pip. Since it is officially recommended by Python.org, you can now get-rid of venv and virtualenv altogether when installing Python packages.


Suggested read:


Resources:

You May Also Like

3 comments

Andrew November 18, 2018 - 4:19 am

Could you post a link to where on python.org they recommend pipenv over virtualenv or python -m venv ?

Thanks!

Reply
sk November 18, 2018 - 12:38 pm

I read it here. It is mentioned under the “Installing Pipenv” section.

Reply
j. glassy June 27, 2019 - 10:51 pm

Thanks for this info on pipenv. I could not tell however, from this discussion how pipenv explicitly interacts with a particular python instance (as installed, and in cooperation with “pip”,”pip2″, “pip3”, etc) that may typically be co-installed in my case on CentOS 7.x ,(e.g. python2.7, python3.4, python3.6 etc). I am most interested in assuring that pipenv can be directed to service packages only for python3.6, and avoid any other installed python instance, especially the yum installed python2.7

Reply

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. By using this site, we will assume that you're OK with it. Accept Read More