dephash

Release 1.0.0

requirements.txt dependency hasher

Homepage PyPI Python

License
MPL-2.0
Install
pip install dephash==1.0.0

Documentation

dephash

https://travis-ci.org/escapewindow/dephash.svg?branch=master https://coveralls.io/repos/github/escapewindow/dephash/badge.svg?branch=master

Production installs sometimes call for pinning package versions; hash checking adds to the security and stability of those installs. pip >= 8.0.0 allows for checking package hashes through requirements files. However, it's easy for requirements to fall out of date, and it's a hassle to test other versions of packages.

With dephash, a permissive requirements-dev.txt can be transformed into a fully version-pinned, hashed requirements-prod.txt.

Usage

# Generate pinned+hashed requirements-prod.txt
dephash [-v] [-l,--logfile LOGFILE] gen requirements-dev.txt > requirements-prod.txt

# Check for outdated packages in PATH, where PATH is a virtualenv or requirements file
dephash [-v] [-l,--logfile LOGFILE] outdated PATH

Stats

Dependencies
5
Dependent packages
0
Dependent repositories
0
Total releases
3
Latest release
First release
Stars
1
Forks
2
Watchers
1
Contributors
2
Repository size
63.5 KB
SourceRank
8

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

1.0.0
0.3.0
0.2.0

Contributors

Aki Sasaki Justin Wood (Callek)


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-02-14 00:33:34 UTC

Login to resync this project