List only outdated pip packages mentioned in requirements file
Question:
I can use pip list -o to get a list of outdated packages but I would like to only get a list of outdated packages which are listed in a particular requirements file. Basically the equivalent of pip freeze -r requirements.txt for outdated packages.
I could use --not-required but this would still list packages installed which are installed but not listed in the requirements file.
Answers:
Came up with a solution in form of a bash snippet while writing the question:
join -t=
<(python -m pip list -o --format=freeze | sort)
<(awk -F== '{ print $1 }' requirements.txt | sort)
Use this tool: https://github.com/simion/pip-upgrader
All you have to do is the following:
pip install pip-upgrader
pip-upgrade
This then walks you through all packages that can be upgraded in the requirements.txt in an interactive fashion.
If you want to upgrade your dependencies without also upgrading your requirements.txt, you can utilize pip install --upgrade. This will only make sense if your requirements.txt doesn’t freeze exact versions, but rather provides either no version requirements at all, or allows version ranges. You can then utilize pip install --report:
pip install --upgrade -r requirements.txt --dry-run --report - --quiet 2> /dev/null
| jq -r '.install[] | "(.metadata.name) (.metadata.version)"'
Since pip install --report is printing a report in JSON, you’ll need jq. By now basically any distribution should have it in its repository, if it’s not already pre-installed.
You might want to think about using pip install --user.
Let me explain:
- (
pip install) --upgrade tells pip to not only check whether the required packages are installed, but also whether there are newer versions of the required packages available
- (
pip install) -r requirements.txt tells pip to read the packages to install from your requirements.txt
- (
pip install) --dry-run tells pip to only print what it would do (i.e. don’t install anything)
- (
pip install) --report - tells pip to create a JSON report about what it does (or better: would do since --dry-run was given); the - tells pip to print the report to stdout
- (
pip install) --quiet and the >&2 /dev/null pipe tells pip to not output anything and interfere with report generation
jq reads pip‘s report from STDIN and prints the package name and latest version of available updates in the form name-of-package version-of-package (the report JSON looks like the following: { "install": [ { "metadata": { "name": "name-of-first-package", "version": "version-of-first-package", … }, … }, { "metadata": { "name": "name-of-second-package", "version": "version-of-second-package", … }, … }, … ], … })
Here’s an example:
$ pip install --upgrade -r requirements.txt --dry-run --report - --quiet 2> /dev/null | jq -r '.install[] | "(.metadata.name) (.metadata.version)"'
imaplib2 3.6
urllib3 1.25.11
I can use pip list -o to get a list of outdated packages but I would like to only get a list of outdated packages which are listed in a particular requirements file. Basically the equivalent of pip freeze -r requirements.txt for outdated packages.
I could use --not-required but this would still list packages installed which are installed but not listed in the requirements file.
Came up with a solution in form of a bash snippet while writing the question:
join -t=
<(python -m pip list -o --format=freeze | sort)
<(awk -F== '{ print $1 }' requirements.txt | sort)
Use this tool: https://github.com/simion/pip-upgrader
All you have to do is the following:
pip install pip-upgrader
pip-upgrade
This then walks you through all packages that can be upgraded in the requirements.txt in an interactive fashion.
If you want to upgrade your dependencies without also upgrading your requirements.txt, you can utilize pip install --upgrade. This will only make sense if your requirements.txt doesn’t freeze exact versions, but rather provides either no version requirements at all, or allows version ranges. You can then utilize pip install --report:
pip install --upgrade -r requirements.txt --dry-run --report - --quiet 2> /dev/null
| jq -r '.install[] | "(.metadata.name) (.metadata.version)"'
Since pip install --report is printing a report in JSON, you’ll need jq. By now basically any distribution should have it in its repository, if it’s not already pre-installed.
You might want to think about using pip install --user.
Let me explain:
- (
pip install)--upgradetellspipto not only check whether the required packages are installed, but also whether there are newer versions of the required packages available - (
pip install)-r requirements.txttellspipto read the packages to install from yourrequirements.txt - (
pip install)--dry-runtellspipto only print what it would do (i.e. don’t install anything) - (
pip install)--report -tellspipto create a JSON report about what it does (or better: would do since--dry-runwas given); the-tellspipto print the report to stdout - (
pip install)--quietand the>&2 /dev/nullpipe tellspipto not output anything and interfere with report generation jqreadspip‘s report from STDIN and prints the package name and latest version of available updates in the formname-of-package version-of-package(the report JSON looks like the following:{ "install": [ { "metadata": { "name": "name-of-first-package", "version": "version-of-first-package", … }, … }, { "metadata": { "name": "name-of-second-package", "version": "version-of-second-package", … }, … }, … ], … })
Here’s an example:
$ pip install --upgrade -r requirements.txt --dry-run --report - --quiet 2> /dev/null | jq -r '.install[] | "(.metadata.name) (.metadata.version)"'
imaplib2 3.6
urllib3 1.25.11