| In Python there are multiple file formats for defining dependencies: - [`requirements.txt`](https://pip.pypa.io/en/stable/reference/requirements-file-format/) - [`Pipfile`](https://pipenv.pypa.io/en/latest/pipfile.html) - [`pyproject.toml`](<https://packaging.python.org/en/latest/specifications/pyproject-toml/>) Let's call these "dependency definition files", even though some do more than just that. I think in general it's a good idea to pin versions of your dependencies when you're building an application, it's different for libraries. My question is not about whether or not this is a good idea. These dependency definition files allow for defining non-specific versions of those dependencies. For example: `cowsay >= 4.0`. In my applications I'd like to force and remind myself to only create pinned dependencies. Ideally there would be a linter and git pre-commit hook so that I'm warned and blocked from creating dependencies that are not pinned. In the JavaScript world there's a linter for `package.json` files that does exactly what I want:
- [the tool](https://npmpackagejsonlint.org/)
- [the rule](https://npmpackagejsonlint.org/docs/rules/dependencies/prefer-absolute-version-dependencies/) Do tools like this exist for Python? |