By Vincent Driessen
on Tuesday, July 21, 2015

Yesterday, pip-tools version 1.0 was silently released, officially introducing the pip-compile and pip-sync tools, and replacing the current pip-dump and pip-review tools.

I've blogged before about these ideas in Pinning Your Packages and Better Package Management. During the last year, I've been slowly working on the future branch on the pip-tools repo, and have been using the new tools there. The pip-sync script was the only thing that was still delaying the release, but since Hugo Peixoto contributed this one recently, it's now ready to switch over.

So it's now time to switch over to the new tools if you've been using the old ones.

Old: pip-review, pip-dump
New: pip-compile, pip-sync

How to upgrade

If you're using pip-tools 0.x, you'll notice that its main commands, pip-review and pip-dump are gone. Instead, you'll find two new commands, pip-compile and pip-sync, which should allow you to do the same things, but arguably in a more solid way.

Typical usage:

  • pip install pip-tools
  • Record your top-level dependencies in requirements.in. Everything you directly use in your source code should be a top-level dependency.
  • Don't pin them—unless you want them pinned, of course.
  • Put both requirements.in and requirements.txt under version control.
  • Then, run pip-compile. This will produce a requirements.txt that pins the high-level requirements to the highest versions found on PyPI to match the given requirements.
  • Using pip-sync now will install/upgrade/uninstall everything so that your virtual env exactly matches what's in requirements.txt.

For more information, see the README of the new tools.

Let me know how it works for you!

If you want to get in touch, I'm @nvie on Twitter.