Skip to content

Feature: Command to verify hash in Pipfile.lock against packages in Pipfile (out-of-date check) #4893

New issue
New issue
Closed
Closed
Feature: Command to verify hash in Pipfile.lock against packages in Pipfile (out-of-date check)#4893
Labels
PR: awaiting-reviewThe PR related to this issue is awaiting review by a maintainer.Type: Enhancement 💡This is a feature or enhancement request.
@den4uk

Description

@den4uk
den4uk
opened on Dec 10, 2021

When running pipenv install --deploy, it checks the hash in the Pipfile.lock file matches with the packages in the Pipfile. Upon a mismatch, an exception is raised, else it proceeds to install.

NEW FEATURE: It would be very used to have the hash verification step to be a standalone command, which could return an exit code if the hash is verified or not.

User case.
This can come in useful in the CI/CD pipelines, where locking could be performed and committed when the hash is not verified. This could save a significant amount of time to avoid re-locking dependencies, especially when there are many of them.

Metadata

Metadata

Assignees

No one assigned

    Labels

    PR: awaiting-reviewThe PR related to this issue is awaiting review by a maintainer.Type: Enhancement 💡This is a feature or enhancement request.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions