Một số kinh nghiệm làm việc với PIP – trình quản lý module/package của Python. Hy vọng nó sẽ hữu ích cho các bạn đang học lập trình Python. Show
Pip là gì?Pip là một trình quản lý gói (Module/Package) cho Python. Nó là một công cụ cho phép bạn cài đặt và quản lý các thư viện và dependency (phụ thuộc) mà không được phân phối như một phần của thư viện chuẩn của Python. pip có 2 phiên bản là pip (Python 2) và pip3 (Python 3) Hướng dẫn sử dụng pip để quản lý Python ModuleTrong bài viết là hướng dẫn sử dụng pip3, với pip (Cho Python 3) các lệnh tương tự chỉ cần thay pip3 = pip pip syntaxpip <command> [options] Một số lệnh thường dùngMở hướng dẫn của PIP pip3 help Kiểm tra Version pip3 --version Nâng cấp lên version mới nhất python3 -m pip install --upgrade pip Liệt kê danh sách module/package đang được cài đặt trên môi trường của bạn pip list Tìm kiếm module/package pip3 search <module_name> Liệt kê module/package (Tìm kiếm toàn bộ) pip3 search * Cài đặt module/package pip3 install <module_name> Cài đặt một module/package và chỉ định version cài đặt pip3 install <module_name>==<module_version> Nâng cấp module/package tới 1 version, mặc định là version mới nhất pip3 install --upgrade <module_name>==<module_version> Gỡ bỏ một module/package pip3 uninstall <module_name> Nguồn: vinasupport.com Running pip#pip is a command line program. When you install pip, a Unix/macOS python -m pip <pip arguments>
Windows py -m pip <pip arguments>
Installing Packages#pip supports installing from PyPI, version control, local projects, and directly from distribution files. The most common scenario is to install from PyPI using Requirement Specifiers Unix/macOS python -m pip install SomePackage # latest version python -m pip install SomePackage==1.0.4 # specific version python -m pip install 'SomePackage>=1.0.4' # minimum version Windows py -m pip install SomePackage # latest version py -m pip install SomePackage==1.0.4 # specific version py -m pip install 'SomePackage>=1.0.4' # minimum version For more information and examples, see the pip install reference. Basic Authentication Credentials This is now covered in Authentication. netrc Support This is now covered in Authentication. Keyring Support This is now covered in Authentication. Using a Proxy Server#When installing packages from PyPI, pip requires internet access, which in many corporate environments requires an outbound HTTP proxy server. pip can be configured to connect through a proxy server in various ways:
Requirements Files#“Requirements files” are files containing a list of items to be installed using pip install like so: Unix/macOS python -m pip install -r requirements.txt Windows py -m pip install -r requirements.txt Details on the format of the files are here: Requirements File Format. Logically, a Requirements file is just a list of pip install arguments placed in a file. Note that you should not rely on the items in the file being installed by pip in any particular order. In practice, there are 4 common uses of Requirements files:
It’s important to be clear that pip determines package dependencies using install_requires metadata, not by discovering See also:
Constraints Files#Constraints files are requirements files that only control which version of a requirement is installed, not whether it is installed or not. Their syntax and contents is a subset of Requirements Files, with several kinds of syntax not allowed: constraints must have a name, they cannot be editable, and they cannot specify extras. In terms of semantics, there is one key difference: Including a package in a constraints file does not trigger installation of the package. Use a constraints file like so: Unix/macOS python -m pip install -c constraints.txt Windows py -m pip install -c constraints.txt Constraints files are used for exactly the same reason as requirements files when you don’t know exactly what things you want to install. For instance, say that the “helloworld” package doesn’t work in your environment, so you have a local patched version. Some things you install depend on “helloworld”, and some don’t. One way to ensure that the patched version is used consistently is to manually audit the dependencies of everything you install, and if “helloworld” is present, write a requirements file to use when installing that thing. Constraints files offer a better way: write a single constraints file for your organisation and use that everywhere. If the thing being installed requires “helloworld” to be installed, your fixed version specified in your constraints file will be used. Constraints file support was added in pip 7.1. In Changes to the pip dependency resolver in 20.3 (2020) we did a fairly comprehensive overhaul, removing several undocumented and unsupported quirks from the previous implementation, and stripped constraints files down to being purely a way to specify global (version) limits for packages. Installing from Wheels#“Wheel” is a built, archive format that can greatly speed installation compared to building and installing from source archives. For more information, see the Wheel docs , PEP 427, and PEP 425. pip prefers Wheels where they are available. To disable this, use the --no-binary flag for pip install. If no satisfactory wheels are found, pip will default to finding source archives. To install directly from a wheel archive: Unix/macOS python -m pip install SomePackage-1.0-py2.py3-none-any.whl Windows py -m pip install SomePackage-1.0-py2.py3-none-any.whl To include optional dependencies provided in the Unix/macOS python -m pip install './somepackage-1.0-py2.py3-none-any.whl[my-extras]'
Windows py -m pip install './somepackage-1.0-py2.py3-none-any.whl[my-extras]'
Note In the future, the For the cases where wheels are not available, pip offers pip wheel as a convenience, to build wheels for all your requirements and dependencies. pip wheel requires the wheel package to be installed, which provides the “bdist_wheel” setuptools extension that it uses. To build wheels for your requirements and all their dependencies to a local directory: Unix/macOS python -m pip install wheel
python -m pip wheel --wheel-dir=/local/wheels -r requirements.txt
Windows py -m pip install wheel
py -m pip wheel --wheel-dir=/local/wheels -r requirements.txt
And then to install those requirements just using your local directory of wheels (and not from PyPI): Unix/macOS python -m pip install --no-index --find-links=/local/wheels -r requirements.txt
Windows py -m pip install --no-index --find-links=/local/wheels -r requirements.txt
Uninstalling Packages#pip is able to uninstall most packages like so: Unix/macOS python -m pip uninstall SomePackage Windows py -m pip uninstall SomePackage pip also performs an automatic uninstall of an old version of a package before upgrading to a newer version. For more information and examples, see the pip uninstall reference. Listing Packages#To list installed packages: Unix/macOS $ python -m pip list docutils (0.9.1) Jinja2 (2.6) Pygments (1.5) Sphinx (1.1.2) Windows C:\> py -m pip list docutils (0.9.1) Jinja2 (2.6) Pygments (1.5) Sphinx (1.1.2) To list outdated packages, and show the latest version available: Unix/macOS $ python -m pip list --outdated docutils (Current: 0.9.1 Latest: 0.10) Sphinx (Current: 1.1.2 Latest: 1.1.3) Windows C:\> py -m pip list --outdated docutils (Current: 0.9.1 Latest: 0.10) Sphinx (Current: 1.1.2 Latest: 1.1.3) To show details about an installed package: Unix/macOS $ python -m pip show sphinx --- Name: Sphinx Version: 1.1.3 Location: /my/env/lib/pythonx.x/site-packages Requires: Pygments, Jinja2, docutils Windows C:\> py -m pip show sphinx --- Name: Sphinx Version: 1.1.3 Location: /my/env/lib/pythonx.x/site-packages Requires: Pygments, Jinja2, docutils For more information and examples, see the pip list and pip show reference pages. Searching for Packages#pip can search PyPI for packages using the Unix/macOS python -m pip search "query"
Windows The query will be used to search the names and summaries of all packages. For more information and examples, see the pip search reference. Configuration This is now covered in Configuration. Config file This is now covered in Configuration. Environment Variables This is now covered in Configuration. Config Precedence This is now covered in Configuration. Command Completion#pip comes with support for command line completion in bash, zsh and fish. To setup for bash: python -m pip completion --bash >> ~/.profile To setup for zsh: python -m pip completion --zsh >> ~/.zprofile To setup for fish: python -m pip completion --fish > ~/.config/fish/completions/pip.fish To setup for powershell: python -m pip completion --powershell | Out-File -Encoding default -Append $PROFILE Alternatively, you can use the result of
the eval "`pip completion --bash`" Installing from local packages#In some cases, you may want to install from local packages only, with no traffic to PyPI. First, download the archives that fulfill your requirements: Unix/macOS python -m pip download --destination-directory DIR -r requirements.txt Windows py -m pip download --destination-directory DIR -r requirements.txt Note that Unix/macOS python -m pip wheel --wheel-dir DIR -r requirements.txt Windows py -m pip wheel --wheel-dir DIR -r requirements.txt Then, to install from local only, you’ll be using --find-links and --no-index like so: Unix/macOS python -m pip install --no-index --find-links=DIR -r requirements.txt
Windows py -m pip install --no-index --find-links=DIR -r requirements.txt
“Only if needed” Recursive Upgrade#
The default strategy is It is important to note that As an example, say
As an historic note, an earlier “fix” for getting the Unix/macOS python -m pip install --upgrade --no-deps SomePackage python -m pip install SomePackage Windows py -m pip install --upgrade --no-deps SomePackage py -m pip install SomePackage A proposal for an User Installs#With Python 2.6 came the “user scheme” for installation, which means that all Python distributions support an alternative install location that is specific to a user. The default location for each OS is explained in the python documentation for the
site.USER_BASE variable. This mode of installation can be turned on by specifying the --user option to Moreover, the “user scheme” can be customized by setting the To install “SomePackage” into an environment with
Unix/macOS export PYTHONUSERBASE=/myappenv python -m pip install --user SomePackage Windows set PYTHONUSERBASE=c:/myappenv py -m pip install --user SomePackage
To make the rules clearer, here are some examples: From within a Unix/macOS $ python -m pip install --user SomePackage Can not perform a '--user' install. User site-packages are not visible in this virtualenv. Windows C:\> py -m pip install --user SomePackage Can not perform a '--user' install. User site-packages are not visible in this virtualenv. From within a Unix/macOS $ python -m pip install --user SomePackage==0.4 Will not install to the user site because it will lack sys.path precedence Windows C:\> py -m pip install --user SomePackage==0.4 Will not install to the user site because it will lack sys.path precedence From within a real python, where Unix/macOS $ python -m pip install --user SomePackage [...] Successfully installed SomePackage Windows C:\> py -m pip install --user SomePackage [...] Successfully installed SomePackage From within a real python, where Unix/macOS $ python -m pip install --user SomePackage [...] Requirement already satisfied (use --upgrade to upgrade) $ python -m pip install --user --upgrade SomePackage [...] Successfully installed SomePackage Windows C:\> py -m pip install --user SomePackage [...] Requirement already satisfied (use --upgrade to upgrade) C:\> py -m pip install --user --upgrade SomePackage [...] Successfully installed SomePackage From within a real python, where Unix/macOS $ python -m pip install --user SomePackage [...] Requirement already satisfied (use --upgrade to upgrade) $ python -m pip install --user --upgrade SomePackage [...] Requirement already up-to-date: SomePackage # force the install $ python -m pip install --user --ignore-installed SomePackage [...] Successfully installed SomePackage Windows C:\> py -m pip install --user SomePackage [...] Requirement already satisfied (use --upgrade to upgrade) C:\> py -m pip install --user --upgrade SomePackage [...] Requirement already up-to-date: SomePackage # force the install C:\> py -m pip install --user --ignore-installed SomePackage [...] Successfully installed SomePackage Ensuring Repeatability This is now covered in Repeatable Installs. Fixing conflicting dependencies This is now covered in Dependency Resolution. Using pip from your program#As noted previously, pip is a command line program. While it is implemented in Python, and so is available from your
Python code via
This does not mean that the pip developers are opposed in principle to the idea that pip could be used as a library - it’s just that this isn’t how it was written, and it would be a lot of work to redesign the internals for use as a library, handling all of the above issues, and designing a usable, robust and stable API that we could guarantee would remain available across multiple releases of pip. And we simply don’t currently have the resources to even consider such a task. What this means in practice is that everything inside of pip is considered an implementation detail. Even the fact that the import name is It should also be noted that installing packages into Having said all of the above, it is worth covering the options available if you decide that you do want to run pip from within your program. The most reliable approach, and the one that is fully supported, is to run pip in a subprocess. This is easily done using the standard subprocess.check_call([sys.executable, '-m', 'pip', 'install', 'my_package']) If you want to process the output further, use one of the other APIs in the module. We are using freeze here which outputs installed packages in requirements format.: reqs = subprocess.check_output([sys.executable, '-m', 'pip', 'freeze']) If you don’t want to use pip’s command line functionality, but are rather trying to implement code that works with Python packages, their metadata, or PyPI, then you should consider other, supported, packages that offer this type of ability. Some examples that you could consider include:
Changes to the pip dependency resolver in 20.3 (2020)#pip 20.3 has a new dependency resolver, on by default for Python 3 users. (pip 20.1 and 20.2 included pre-release versions of the new dependency resolver, hidden behind optional user flags.) Read below for a migration guide, how to invoke the legacy resolver, and the deprecation timeline. We also made a two-minute video explanation you can watch. We will continue to improve the pip dependency resolver in response to testers’ feedback. Please give us feedback through the resolver testing survey. Watch out for#The big change in this release is to the pip dependency resolver within pip. Computers need to know the right order to
install pieces of software (“to install The most significant changes to the resolver are:
So, if you have been using workarounds to force pip to deal with incompatible or inconsistent requirements combinations, now’s a good time to fix the underlying problem in the packages, because pip will be stricter from here on out. This also means that, when you run a We are also changing our support for Constraints Files, editable installs, and related functionality. We did a fairly comprehensive overhaul and stripped constraints files down to being purely a way to specify global (version) limits for packages, and so some combinations that used to be allowed will now cause errors. Specifically:
Per our Python 2 Support policy, pip 20.3 users who are using Python 2 will use the legacy resolver by default. Python 2 users should upgrade to Python 3 as soon as possible, since in pip 21.0 in January 2021, pip dropped support for Python 2 altogether. How to upgrade and migrate#
Setups to test with special attention#
Examples to try#Install:
Try:
Tell us about#Specific things we’d love to get feedback on:
Please let us know through the resolver testing survey. Deprecation timeline#We plan for the resolver changeover to proceed as follows, using Feature Flags and following our Release Cadence:
Since this work will not change user-visible behavior described in the pip documentation, this change is not covered by the Deprecation Policy. Context and followup#As discussed in our announcement on the PSF blog, the pip team are in the process of developing a new “dependency resolver” (the part of pip that works out what to install based on your requirements). We’re tracking our rollout in #6536 and you can watch for announcements on the low-traffic packaging announcements list and the official Python blog. Using system trust stores for verifying HTTPS#pip 22.2 added experimental support for using system trust stores to verify HTTPS certificates instead of certifi. Using system trust stores has advantages over certifi like automatically supporting corporate proxy certificates without additional configuration. In order to use system trust stores you must be using Python 3.10+ and install the package truststore from PyPI. Unix/macOS # Requires Python 3.10 or later $ python --version Python 3.10.4 # Install the 'truststore' package from PyPI $ python -m pip install truststore [...] # Use '--use-feature=truststore' flag to enable $ python -m pip install SomePackage --use-feature=truststore [...] Successfully installed SomePackage Windows # Requires Python 3.10 or later C:\> py --version Python 3.10.4 # Install the 'truststore' package from PyPI C:\> py -m pip install truststore [...] # Use '--use-feature=truststore' flag to enable C:\> py -m pip install SomePackage --use-feature=truststore [...] Successfully installed SomePackage When to use system trust stores#You should try using system trust stores when there is a custom certificate chain configured for your system that pip isn’t aware of. Typically this situation will manifest with an $ python -m pip install -U SomePackage [...] Could not fetch URL https://pypi.org/simple/SomePackage/: There was a problem confirming the ssl certificate: [...] (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:997)'))) - skipping This error means that OpenSSL wasn’t able to find a trust anchor to verify the chain against. Using system trust stores instead of certifi will likely solve this issue. Follow up#If you encounter a TLS/SSL error when using the |