List only outdated pip packages mentioned in requirements file
Question:
I can use pip list -o
to get a list of outdated packages but I would like to only get a list of outdated packages which are listed in a particular requirements file. Basically the equivalent of pip freeze -r requirements.txt
for outdated packages.
I could use --not-required
but this would still list packages installed which are installed but not listed in the requirements file.
Answers:
Came up with a solution in form of a bash
snippet while writing the question:
join -t=
<(python -m pip list -o --format=freeze | sort)
<(awk -F== '{ print $1 }' requirements.txt | sort)
Use this tool: https://github.com/simion/pip-upgrader
All you have to do is the following:
pip install pip-upgrader
pip-upgrade
This then walks you through all packages that can be upgraded in the requirements.txt
in an interactive fashion.
If you want to upgrade your dependencies without also upgrading your requirements.txt
, you can utilize pip install --upgrade
. This will only make sense if your requirements.txt
doesn’t freeze exact versions, but rather provides either no version requirements at all, or allows version ranges. You can then utilize pip install --report
:
pip install --upgrade -r requirements.txt --dry-run --report - --quiet 2> /dev/null
| jq -r '.install[] | "(.metadata.name) (.metadata.version)"'
Since pip install --report
is printing a report in JSON, you’ll need jq
. By now basically any distribution should have it in its repository, if it’s not already pre-installed.
You might want to think about using pip install --user
.
Let me explain:
- (
pip install
) --upgrade
tells pip
to not only check whether the required packages are installed, but also whether there are newer versions of the required packages available
- (
pip install
) -r requirements.txt
tells pip
to read the packages to install from your requirements.txt
- (
pip install
) --dry-run
tells pip
to only print what it would do (i.e. don’t install anything)
- (
pip install
) --report -
tells pip
to create a JSON report about what it does (or better: would do since --dry-run
was given); the -
tells pip
to print the report to stdout
- (
pip install
) --quiet
and the >&2 /dev/null
pipe tells pip
to not output anything and interfere with report generation
jq
reads pip
‘s report from STDIN and prints the package name and latest version of available updates in the form name-of-package version-of-package
(the report JSON looks like the following: { "install": [ { "metadata": { "name": "name-of-first-package", "version": "version-of-first-package", … }, … }, { "metadata": { "name": "name-of-second-package", "version": "version-of-second-package", … }, … }, … ], … }
)
Here’s an example:
$ pip install --upgrade -r requirements.txt --dry-run --report - --quiet 2> /dev/null | jq -r '.install[] | "(.metadata.name) (.metadata.version)"'
imaplib2 3.6
urllib3 1.25.11
I can use pip list -o
to get a list of outdated packages but I would like to only get a list of outdated packages which are listed in a particular requirements file. Basically the equivalent of pip freeze -r requirements.txt
for outdated packages.
I could use --not-required
but this would still list packages installed which are installed but not listed in the requirements file.
Came up with a solution in form of a bash
snippet while writing the question:
join -t=
<(python -m pip list -o --format=freeze | sort)
<(awk -F== '{ print $1 }' requirements.txt | sort)
Use this tool: https://github.com/simion/pip-upgrader
All you have to do is the following:
pip install pip-upgrader
pip-upgrade
This then walks you through all packages that can be upgraded in the requirements.txt
in an interactive fashion.
If you want to upgrade your dependencies without also upgrading your requirements.txt
, you can utilize pip install --upgrade
. This will only make sense if your requirements.txt
doesn’t freeze exact versions, but rather provides either no version requirements at all, or allows version ranges. You can then utilize pip install --report
:
pip install --upgrade -r requirements.txt --dry-run --report - --quiet 2> /dev/null
| jq -r '.install[] | "(.metadata.name) (.metadata.version)"'
Since pip install --report
is printing a report in JSON, you’ll need jq
. By now basically any distribution should have it in its repository, if it’s not already pre-installed.
You might want to think about using pip install --user
.
Let me explain:
- (
pip install
)--upgrade
tellspip
to not only check whether the required packages are installed, but also whether there are newer versions of the required packages available - (
pip install
)-r requirements.txt
tellspip
to read the packages to install from yourrequirements.txt
- (
pip install
)--dry-run
tellspip
to only print what it would do (i.e. don’t install anything) - (
pip install
)--report -
tellspip
to create a JSON report about what it does (or better: would do since--dry-run
was given); the-
tellspip
to print the report to stdout - (
pip install
)--quiet
and the>&2 /dev/null
pipe tellspip
to not output anything and interfere with report generation jq
readspip
‘s report from STDIN and prints the package name and latest version of available updates in the formname-of-package version-of-package
(the report JSON looks like the following:{ "install": [ { "metadata": { "name": "name-of-first-package", "version": "version-of-first-package", … }, … }, { "metadata": { "name": "name-of-second-package", "version": "version-of-second-package", … }, … }, … ], … }
)
Here’s an example:
$ pip install --upgrade -r requirements.txt --dry-run --report - --quiet 2> /dev/null | jq -r '.install[] | "(.metadata.name) (.metadata.version)"'
imaplib2 3.6
urllib3 1.25.11