[jshen]

I’m curious how they ensure every developer is using the same versions of things, as well as how they manage dev dependencies and transitive dependencies.

pip + venv + requirements.txt doesn’t solve this out of the box while most languages have common tools that do. Either they’ve rolled their own way to manage these things, or they’re rolling the dice every time they deploy.

[ghshephard]

We have the following:

   $ wc -l requirements.txt
   118 requirements.txt

And every module in it is locked to a particular version:

   alembic==0.8.8
   amqp==2.2.2
   anyjson==0.3.3
   azure-storage==0.36.0
   backports.shutil-get-terminal-size==1.0.0
   billiard==3.5.0.2

etc...

I don't really understand the "Dependencies" thing (Or the difference between dev dependencies/transitive dependencies)- we literally list every single module in our environment, and its version - It's not clear to me what other dependencies there could be in a python development environment.

I do note we have three requirements.txt files, a requirements.txt, requirements-test.txt, and a requirements-dev.txt. So, presumably there is a need for different requirements that you've identified that I don't understand. So there's that.

[jshen]

Dev dependencies: a library you need during development, but that isn’t needed in production. I think your -test and -dev are this, but it’s not clear how you are maintaining all of these, and building for prod.

This is the main complaint, most modern languages have a standard set of tools and flows for achieving this. Python doesn’t, and everyone does it a bit differently, and when starting a new project, you have to hand roll your own flow.

Or, use something like poetry but the python community as a whole doesn’t have a commonly used solution.

[Denvercoder9]

You can pin versions in requirements.txt, and have a separate requirements-dev.txt.