35
How to improve Python packaging, or why fourteen tools are at least twelve too many
(chriswarrick.com)
Welcome to the Python community on the programming.dev Lemmy instance!
Past
November 2023
October 2023
July 2023
August 2023
September 2023
It's worth noting that there are basically just 3 systems worth considering, maybe even just 2.
pip is usually part of the python distribution, so any lightweight project can be finished in 1-5 minutes with pip. It's also quite widespread and the vast majority of publishers (if not all) target pip compatibility.
Poetry is a great project management framework and it deals with dependency management beautifully. If you're doing any data engineering or backend development, for any project that has more than 1 dependency and 200 lines of code, then Poetry is probably the best tool to use. Poetry makes the whole mess with helper tools like pip-tools seem outdated.
Conda is for the crazy world of data science libraries where developers don't bother with compatibility too much. Conda does it for them. And the users of those libraries can benefit from using conda.
I think the big competition is between poetry and pip. Maybe one day poetry will come as part of some Python distributions.
Worth noting the thing that finds does well is handle system-leave dependencies, there are a lot more binaries available there (beyond just Python packages) that make it easier to install packages without having to compile C++ code or something.
Besides that I hate it haha, it makes everything else so complicated
I’ve also not had great experiences with poetry, it’s supposed to use the lock file to lock in dependencies but whenever I did anything the lock file was always being updated which kind of defeats the point. I’m sure it was user error but the fact that the lock file doesn’t stay static by default is already weird to me
It would be interesting to hear what you mean about the lock file being updated. Many Poetry commands should and do touch the lock, like
poetry add
orpoetry update
, but of coursepoetry install
should leave it untouched.But if I want to add a single new dependency, then I probably don’t want all the rest updated at the same time
That can't be achieved due to dependency compatibility. What if you installed y==1.4, and froze it for a while, and then you install x==3.2, and it depends on y==1.5 or later?
pyproject.toml defines dependency restrictions, so it will be in accordance with that, but the lock file will change every time you add/remove dependencies. Naturally.
I don’t find that behaviour natural unless there is a hard conflict or I request it. So I guess it’s just a philosophical difference that led me to having a bad tint with it.
If you use
poetry add
it should only update what is necessary, and you can usepoetry lock --no-update
to lock without updating everything.