# Requirements and Dependency Management

This notebook covers different approaches to managing Python dependencies, from simple requirements.txt to modern pyproject.toml.

## requirements.txt - The Traditional Approach

In [None]:
# Basic requirements.txt example
basic_requirements = """
# Basic requirements.txt
requests==2.31.0
numpy>=1.24.0
pandas~=2.0.0
django>=4.0,<5.0
flask
"""

print("Basic requirements.txt:")
print(basic_requirements)

# Version specifiers explanation
version_specs = """
Version Specifiers:
==2.31.0     # Exact version
>=1.24.0     # Minimum version
~=2.0.0      # Compatible release (>=2.0.0, <2.1.0)
>=4.0,<5.0   # Version range
flask        # Latest version (not recommended for production)
"""

print(version_specs)

In [None]:
# Advanced requirements.txt features
advanced_requirements = """
# requirements.txt with advanced features

# Comments and organization
# Web framework
django==4.2.7
djangorestframework==3.14.0

# Database
psycopg2-binary==2.9.7
sqlalchemy==2.0.23

# Development tools (usually in separate file)
pytest==7.4.3
black==23.11.0
flake8==6.1.0

# Install from Git repository
git+https://github.com/user/repo.git@v1.0.0

# Install from local path
-e ./my-local-package

# Install with extras
requests[security,socks]==2.31.0

# Include other requirement files
-r requirements-dev.txt

# Environment markers
pywin32==306; sys_platform == "win32"
uvloop==0.19.0; sys_platform != "win32"
"""

print("Advanced requirements.txt:")
print(advanced_requirements)

## Multiple Requirements Files Strategy

In [None]:
# Multiple requirements files structure
requirements_structure = """
Project structure:
requirements/
├── base.txt          # Core dependencies
├── development.txt   # Development tools
├── production.txt    # Production-specific
├── testing.txt       # Testing dependencies
└── docs.txt         # Documentation tools
"""

print(requirements_structure)

# base.txt
base_txt = """
# requirements/base.txt
django==4.2.7
djangorestframework==3.14.0
psycopg2-binary==2.9.7
celery==5.3.4
redis==5.0.1
"""

# development.txt
dev_txt = """
# requirements/development.txt
-r base.txt

# Development tools
django-debug-toolbar==4.2.0
black==23.11.0
flake8==6.1.0
mypy==1.7.1
pre-commit==3.6.0

# Testing
pytest==7.4.3
pytest-django==4.7.0
coverage==7.3.2
"""

# production.txt
prod_txt = """
# requirements/production.txt
-r base.txt

# Production-specific
gunicorn==21.2.0
sentry-sdk==1.38.0
whitenoise==6.6.0
"""

print("\nbase.txt:")
print(base_txt)
print("\ndevelopment.txt:")
print(dev_txt)
print("\nproduction.txt:")
print(prod_txt)

## pip-tools for Dependency Resolution

In [None]:
# pip-tools workflow
pip_tools_workflow = """
# Install pip-tools
pip install pip-tools

# Create requirements.in (high-level dependencies)
# requirements.in
django>=4.0
requests
celery

# Compile to requirements.txt (with all sub-dependencies)
pip-compile requirements.in

# This generates requirements.txt with pinned versions:
# django==4.2.7
# requests==2.31.0
# celery==5.3.4
# kombu==5.3.4  # celery dependency
# ... (all sub-dependencies)

# Install exact versions
pip-sync requirements.txt

# Update dependencies
pip-compile --upgrade requirements.in

# Update specific package
pip-compile --upgrade-package django requirements.in
"""

print("pip-tools Workflow:")
print(pip_tools_workflow)

## pyproject.toml - Modern Python Packaging

In [None]:
# Complete pyproject.toml example
pyproject_example = """
[build-system]
requires = ["hatchling"]
build-backend = "hatchling.build"

[project]
name = "my-awesome-project"
version = "0.1.0"
description = "A sample Python project"
readme = "README.md"
license = {text = "MIT"}
authors = [
    {name = "Your Name", email = "your.email@example.com"},
]
maintainers = [
    {name = "Maintainer Name", email = "maintainer@example.com"},
]
keywords = ["web", "api", "framework"]
classifiers = [
    "Development Status :: 4 - Beta",
    "Intended Audience :: Developers",
    "License :: OSI Approved :: MIT License",
    "Programming Language :: Python :: 3",
    "Programming Language :: Python :: 3.9",
    "Programming Language :: Python :: 3.10",
    "Programming Language :: Python :: 3.11",
    "Programming Language :: Python :: 3.12",
]
requires-python = ">=3.9"
dependencies = [
    "requests>=2.25.0",
    "click>=8.0.0",
    "rich>=10.0.0",
    "pydantic>=2.0.0",
]

[project.optional-dependencies]
dev = [
    "pytest>=6.0",
    "pytest-cov>=3.0",
    "black>=22.0",
    "flake8>=4.0",
    "mypy>=0.900",
    "pre-commit>=2.15",
]
docs = [
    "sphinx>=4.0",
    "sphinx-rtd-theme>=1.0",
    "myst-parser>=0.15",
]
test = [
    "pytest>=6.0",
    "pytest-cov>=3.0",
    "pytest-mock>=3.6",
]

[project.scripts]
my-cli = "my_project.cli:main"
my-tool = "my_project.tools:run"

[project.urls]
Homepage = "https://github.com/user/my-awesome-project"
Documentation = "https://my-awesome-project.readthedocs.io"
Repository = "https://github.com/user/my-awesome-project.git"
"Bug Tracker" = "https://github.com/user/my-awesome-project/issues"
"""

print("Complete pyproject.toml:")
print(pyproject_example)

## Tool Configuration in pyproject.toml

In [None]:
# Tool configurations in pyproject.toml
tool_configs = """
# Tool configurations
[tool.black]
line-length = 88
target-version = ['py39', 'py310', 'py311']
include = '\.pyi?$'
extend-exclude = '''
(
  /(
      \.eggs
    | \.git
    | \.hg
    | \.mypy_cache
    | \.tox
    | \.venv
    | _build
    | buck-out
    | build
    | dist
  )/
)
'''

[tool.mypy]
python_version = "3.9"
warn_return_any = true
warn_unused_configs = true
disallow_untyped_defs = true
disallow_incomplete_defs = true
check_untyped_defs = true
disallow_untyped_decorators = true
no_implicit_optional = true
warn_redundant_casts = true
warn_unused_ignores = true
warn_no_return = true
warn_unreachable = true
strict_equality = true

[tool.pytest.ini_options]
minversion = "6.0"
addopts = "-ra -q --strict-markers --strict-config"
testpaths = [
    "tests",
    "integration",
]
markers = [
    "slow: marks tests as slow (deselect with '-m "not slow"')",
    "integration: marks tests as integration tests",
]

[tool.coverage.run]
source = ["src"]
omit = [
    "*/tests/*",
    "*/test_*.py",
    "setup.py",
]

[tool.coverage.report]
exclude_lines = [
    "pragma: no cover",
    "def __repr__",
    "if self.debug:",
    "if settings.DEBUG",
    "raise AssertionError",
    "raise NotImplementedError",
    "if 0:",
    "if __name__ == .__main__.:",
]

[tool.isort]
profile = "black"
multi_line_output = 3
line_length = 88
known_first_party = ["my_project"]
"""

print("Tool Configurations:")
print(tool_configs)

## Dependency Management Commands

In [None]:
# Common dependency management commands
dep_commands = """
# Traditional pip workflow
pip install requests
pip install -r requirements.txt
pip freeze > requirements.txt
pip list --outdated
pip install --upgrade package_name

# pip-tools workflow
pip-compile requirements.in
pip-sync requirements.txt
pip-compile --upgrade requirements.in
pip-compile --upgrade-package django requirements.in

# Modern pyproject.toml workflow
pip install -e .                    # Install in development mode
pip install -e ".[dev]"             # Install with dev dependencies
pip install -e ".[dev,test,docs]"   # Install multiple extras

# Using uv (modern alternative)
uv pip install requests
uv pip install -r requirements.txt
uv pip compile pyproject.toml
uv pip sync requirements.txt

# Project-based with uv
uv init myproject
uv add requests
uv add pytest --dev
uv sync
uv run python main.py
"""

print("Dependency Management Commands:")
print(dep_commands)

## Environment-Specific Dependencies

In [None]:
# Environment markers and platform-specific dependencies
env_specific = """
# Platform-specific dependencies
pywin32==306; sys_platform == "win32"
uvloop==0.19.0; sys_platform != "win32"

# Python version specific
typing-extensions>=4.0; python_version < "3.10"
importlib-metadata>=1.0; python_version < "3.8"

# Implementation specific
psutil==5.9.6; implementation_name == "cpython"

# Architecture specific
tensorflow-macos==2.13.0; sys_platform == "darwin" and platform_machine == "arm64"
tensorflow==2.13.0; sys_platform != "darwin" or platform_machine != "arm64"

# Environment variables
debug-toolbar==4.2.0; os_name == "posix" and "DEBUG" in os.environ

# Complex conditions
some-package==1.0; (sys_platform == "win32" and python_version >= "3.9") or (sys_platform != "win32")
"""

print("Environment-Specific Dependencies:")
print(env_specific)

# Available markers
markers_info = """
Available Environment Markers:
- os_name: 'posix', 'nt'
- sys_platform: 'linux', 'win32', 'darwin'
- platform_machine: 'x86_64', 'arm64', 'AMD64'
- platform_python_implementation: 'CPython', 'PyPy'
- platform_release: OS release version
- platform_system: 'Linux', 'Windows', 'Darwin'
- platform_version: OS version
- python_version: '3.9', '3.10', etc.
- python_full_version: '3.9.18', '3.10.13', etc.
- implementation_name: 'cpython', 'pypy'
- implementation_version: implementation version
"""

print("\n" + markers_info)

## Best Practices for Dependency Management

1. **Pin versions in production** - Use exact versions for reproducible builds
2. **Use ranges in libraries** - Allow flexibility for users
3. **Separate dev dependencies** - Keep production lean
4. **Regular updates** - Keep dependencies current for security
5. **Document requirements** - Explain why specific versions are needed
6. **Use lock files** - For exact reproducibility
7. **Test with multiple versions** - Ensure compatibility
8. **Monitor security** - Use tools like `safety` or `pip-audit`

In [None]:
# Security and maintenance commands
security_commands = """
# Check for security vulnerabilities
pip install safety
safety check
safety check -r requirements.txt

# Alternative: pip-audit (official tool)
pip install pip-audit
pip-audit
pip-audit -r requirements.txt

# Check for outdated packages
pip list --outdated
pip list --outdated --format=json

# Update all packages (be careful!)
pip list --outdated --format=freeze | grep -v '^\-e' | cut -d = -f 1 | xargs -n1 pip install -U

# License checking
pip install pip-licenses
pip-licenses
pip-licenses --format=json
pip-licenses --format=csv --output-file=licenses.csv

# Dependency tree
pip install pipdeptree
pipdeptree
pipdeptree --graph-output png > dependencies.png
"""

print("Security and Maintenance Commands:")
print(security_commands)