Manage dependencies using pipfile
Pipfile is the dedicated file used by the Pipenv virtual environment to manage project dependencies. This file is essential for using Pipenv. When you create a Pipenv environment either for a new or an existing project, the Pipfile is generated automatically. Similarly, when you open a project with a Pipfile file in PyCharm for the very first time, the Pipenv virtual environment is configured automatically.
Consider a task of creating a list of dependencies from scratch.
Record dependencies in Pipfile to manage project packages
When PyCharm creates a Pipfile for a new pipenv virtual environment, the file looks as follows:
python_versionparameter is the version of the base interpreter you specified when creating a new pipenv environment. The
packagessection is the place where you can list the packages required for your project.
Note that PyCharm suggests that you install Pipfile specific plugins. Click the corresponding link to install the plugin for Tom's Obvious, Minimal Language (TOML). You will have to restart PyCharm to enable the plugin. After the restart, you will see the message confirming that the Pipfile format is recognized:
Add a new package dependency by modifying the
packagessection.[packages] django = "*"
Any time you modify the Pipfile file, PyCharm suggests one of the following actions:
pipenv lock— records the new requirements to the Pipfile.lock file.
pipenv update— records the new requirements to the Pipfile.lock file and installs the missing dependencies on the project interpreter.
This step is very important, because PyCharm manages project dependencies based on the information recorded in the Pipfile.lock file. So, any requirement added to Pipfile but not locked will be ignored.
Let us select the
pipenv updatecommand to install the Django package.
Ensure that Django is in the list of the installed packages. In the Settings/Preferences dialog Ctrl+Alt+S, expand the node, click Project Interpreter, and examine the list of packages.
Now explore the opposite workflow. In the standard procedure. All available packages are added from the sources specified in Pipfile. The packages are installed, removed, and updated through pipenv rather than through pip.dialog, click to add the Flask package. Note that pipenv restricts configuring indexes using the
Once, the Flask package is added, close the Available packages dialog and review Pipfile. The
[packages]section now looks as follows:[packages] django = "*" flask = "*"
PyCharm tracks if any of the requirements listed in Pipfile are not met and suggests that you apply the affected dependencies.
Consider a case when you've checked out or updated the project source files and see the following message:
Thus, PyCharm reports that your virtual environment doesn't meet the requirements listed in the current version of Pipfile.
Click Install requirements from Pipfile.lock to install the missing packages.
You might have noticed that along with Pipfile, the Pipfile.lock file takes the key important role in managing pipenv project requirements. Each time you execute either
pipenv lock or
pipenv update, the current snapshot of the virtual environment is taken. Examine the following fragment:
The file has recorded the exact versions of the packages that were installed for the project. It also has generated the hash codes to facilitate secure deployment of your application. When you're downloading dependencies from an untrusted source, the hash codes are used to ensure that the project files are trusted.