New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

`pipenv update --outdated` should alert users to newer excluded versions #2411

Alexgmin opened this Issue Jun 25, 2018 · 4 comments


None yet
5 participants

Alexgmin commented Jun 25, 2018

Is your feature request related to a problem? Please describe.
I don't have a way to know which packages I'm using that have an update outside the version restriction in the Pipfile. I can do pip list --outdated, but that lists every package in the enviroment, instead of only the ones in the Pipfile.

Describe the solution you'd like
I think pipenv update --outdated should show every package in the Pipfile with an update. However it should be indicated which ones are in the version restrictions of the Pipfile.
For example, Composer color codes it depending on semver


This comment has been minimized.


uranusjr commented Jun 25, 2018

I’m not entirely sure I understand what you’re asking. Can you attach a Pipfile and illustrate what you want with its output?


This comment has been minimized.

Alexgmin commented Jun 26, 2018

url = ""
verify_ssl = true
name = "pypi"


six = "==1.10.*"
rules = "==1.2.*"
requests = "==2.18.*"

python_version = "3.6"

If you run pip list --outdated you get this:

Package  Version Latest Type 
-------- ------- ------ -----
idna     2.6     2.7    wheel
requests 2.18.4  2.19.1 wheel
rules    1.2.1   1.3    sdist
six      1.10.0  1.11.0 wheel
urllib3  1.22    1.23   wheel

However if you run pipenv update --outdated you get nothing. If I change the version restrictions to this:

six = "==1.10.*"
rules = "==1.3.*"
requests = "==2.19.*"

Then the result of pipenv update --outdated is

Package 'rules' out–of–date: '==1.2.1' installed, '==1.3' available.
Package 'urllib3' out–of–date: '==1.22' installed, '==1.23' available.
Package 'requests' out–of–date: '==2.18.4' installed, '==2.19.1' available.
Package 'idna' out–of–date: '==2.6' installed, '==2.7' available.

My point is, just like composer and pip, pipenv shouldn't take into account the version restrictions when showing if there's an update to a package. It should show all of them, like pip, but informing the user whether the update is allowed under the restrictions in the Pipfile.


This comment has been minimized.


techalchemy commented Jun 26, 2018

I actually really like this idea, I liked it even when I couldn't read the properly formatted version when I was on mobile this morning. We will need to run it by Kenneth and @ncoghlan but I am fairly confident this will be thumbs up from them as well.

@ncoghlan ncoghlan changed the title from pip update --outdated shouldn't take into account version restrictions in the Pipfile to `pipenv update --outdated` should alert users to newer excluded versions Jun 27, 2018


This comment has been minimized.


ncoghlan commented Jun 27, 2018

I've reworded the issue title based on what I believe @Alexgmin is actually proposing (i.e. respect the version restrictions when it comes to actually updating anything, but also note in the output when there are newer packages being ignored based on the Pipfile constraints).

Assuming I've understood the proposal correctly, it seems like a reasonable prompt to me - while there's some risk of notification fatigue, I agree that warning about this situation will be better default behaviour.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment