[Humphrey]

I was happy with Pip until I spent time in the NPM/Yarn world. Frustrated with Pip I switched half of our projects to Pipenv. However, I found that it struggled to resolve dependencies. Poetry works like a dream now, and life is so much easy now that we have switched all our projects to it.

The methodology of specifying your core dependencies, but also having locked version of your dependency's dependencies works really well.

AND you can easily export to requirements.txt if you prefer to use that in production.

[jtdev]

What does NPM/yarn do better than virtualenv/pip?

“Added 17000332 packages (including is-even) 875 vulnerabilities found, have fun with that info. Yours truly, NPM”

[linkdd]

Ẁhile I agree the situation is ridiculous, what prevents anyone to do the same in Python?

I can publish is-even on PyPI if I want, is that Pip's fault?

[cookiecaper]

It's a difference in the community's engineering values. JavaScript devs pull in a dependency for virtually everything, whereas Python distributes an extensive standard library with the language. It's less important that the same thing is hypothetically possible in both communities and more important that specific communities have chosen to use similar toolkits differently.