Run tox environments with strictly pinned dependencies (and no project or code changes).
MIT License
Run tox
environments with strictly pinned dependencies using simple,
well-maintained tools (you're probably using already) with no project or code changes.
This plugin
uses jazzband/pip-tools' pip-compile
to freeze test and project dependencies, save a lock file per-testenv, and have
the locked deps installed, in the usual way via pip
, on subsequent invocations.
This plugin supports both tox 3 and tox 4.
tox-pin-deps
in the same environment as tox
.tox --pip-compile
to pin deps for the default envlist
.{toxinidir}/requirements/*.txt
to version control.tox
will install from the lock file.tox --pip-compile --pip-compile-opts \ --upgrade
at any time to lock updated dependencies based on:
deps
named in tox.ini
for the environmentpyproject.toml
,setup.cfg
, or setup.py
.
skip_install
or skipsdist
is truetox --ignore-pins
to use the dependencies named in deps
withoutpip_compile_opts = --generate-hashes
in the testenv
config to enablerequires = tox-pin-deps
in the [tox]
sectiontox.ini
This project is designed to enable reproducible test (and runtime) environments without changing project structure or requiring the use of non-standard tools.
deps
and install_requires
/[project.dependencies]
that the project already specifiespip-compile
at lock time, not at runtimepip
and virtualenv
tox-constraints
constraints.txt
constraints.txt
is a newer concept in the python packaging, which may be unfamiliar.constraints.txt
with hash checking hastox-constraints
does not support tox 4poetry
/ tox-poetry
poetry
is a newer tool that most python programmers haven't worked with.poetry
is a runtime dependency for developing/testing projects.[tool.poetry]
section of pyproject.toml
.poetry
, adopting it for the sole purposetox-poetry
does not support tox 4pipenv
/ tox-pipenv
pipenv
is slow, non-standard, and does NOT work for dist projects
pipenv
is older, but still a tool that most python programmers haven't worked with.pipenv
is a runtime dependency for developing/testing projects.Pipfile
and Pipfile.lock
.pipenv
, adopting it for the sole purposetox-pipenv
has behavioral edge cases that make it uncomfortable to work with.tox-pipenv
does not support tox 4pip-compile
(directly)deps
integration for locking test environmentspip-compile-multi
tox-pin-deps
does essentially the same thing as pip-compile-multi
, except using the
environment deps
section as the layer on top of the project's setup.py
or pyproject.toml
, instead of a separate text file.
If a project didn't want to use tox
for managing test environments,
then pip-compile-multi
is a great choice for achieving similar ends.