uv
What is a package manager?
A collection of software tools that automates the process of installing, upgrading, configuring, and removing computer programs in a consistent manner. It helps manage software libraries, dependencies and packages.
Key functions:
- Looking up, downloading, installing, updating existing software from a software repository or removing existing software.
- Ensuring the integrity and authenticity of the package by verifying their checksums and digital certificates, respectively
- Managing dependencies to ensure a package is installed with all packages it requires, thus avoiding "dependency hell" (when several packages have dependencies on the same shared packages or libraries, but they depend on different and incompatible versions of the shared packages).
Types:
- System package managers
- System wide software
- apt, yum, dnf, brew etc.
- Programming language package managers
- Libraries and tools for specific programming language
- pip, npm, cargo etc.
- Application package managers
- Focus on specific applications
- typically reside within a directory tree that is not maintained by the system-level package manager
- Maven, Gradle, Composer etc.
A project manager for programming is a tool or framework designed to organize and manage an entire project, including its dependencies, environments, and configurations.
Features:
- Creates and manages virtual environments.
- Handles dependencies within a specific project scope.
- Manages configuration files and project settings.
- Facilitates project workflows (e.g., building, running, testing).
What is uv?
uv is an extremely fast Python package and project manager, written in Rust.
Why uv?
- A single tool to replace multiple other such as - pip, pip-tools, pipx, poetry, pyenv, twine, virtualenv, and more.
- 10-100x faster than pip.
- No need for Rust or Python, it can be directly installed using
curl. - Disk-space efficient, with a global cache for dependency deduplication.
- ... To be added after exploring ...
pip (Current Version 24.3.1)
- Website: https://pip.pypa.io/en/stable/
- Official package manager for Python
- Requires Python and is bundled with Python installation from 3.4 onwards.
- No official full form, but widely accepted one (a recursive acronym) - "Pip Installs Packages"
- can install and manage packages from Python Package Index (PyPI) (the official repository for Python packages) and other repositories.
- commands
- pip --version (Get the version number)
- pip install pkg (Install a package)
- pip install pkg==1.2.3 (Install a specific version of a package)
- pip install pkg -i INDEX_URL (Install a package from a specific index)
- pip install -r requirements.txt (Install packages from requirements file)
- pip install --upgrade pkg (Upgrade a package)
- pip list (show installed packages)
- pip list --outdated (show outdated packages)
- pip list --editable (show editable packages)
- pip show pkg (Show information about one or more installed packages)
- pip uninstall pkg (Uninstall a package)
- pip check pkg (Check for incompatible dependencies for installed packages)
- can resolve dependencies of the packages
Limitations:
- Doesn't support project or environment management
- Doesn't support a lockfile
- Doesn't manage virtual environments by itself. You'll need to manually create and activate a virtual environment.
- Doesn't support packaging Python projects. You'll need additional build tools such as setuptools, flit etc.
- No dependency grouping (such as development vs production dependencies in requirements.txt. Partially supported using optional dependencies / extras in pyproject.toml but pip can't interpret the dependency groups natively)
- Cannot publish to PyPI
- Slow installations (Pip installs from source, when a wheel is not available)
- Poor dependency resolution (Doesn't automatically resolve conflicts (when a compatible version exists) and always require a manual intervention)
pipx (Current Version 1.7.1)
- Website: https://pipx.pypa.io/stable/
- Install and Run Python applications in isolated environments
- Requires Python
- Can be installed with either
pipor system package managers such as brew, apt, dnf, pacman etc. - Creates isolated space for each application install, to avoid conflicts between different apps needing different versions of the same package. Even though each app is isolated, pipx makes it easy to run the app from the shell, just like you would run any command.
- Uses same index (PyPI) as pip and can also support other sources pip can, such as a local directory, wheel, git url, etc.
- There are optional environment variables that you can set for pipx. Examples:
- PIPX_HOME: Overrides default pipx location. Virtual Environments will be installed to $PIPX_HOME/venvs.
- PIPX_GLOBAL_HOME: Used instead of PIPX_HOME when the
--globaloption is given. - PIPX_DEFAULT_PYTHON: Overrides default python used for commands.
- Commands:
- pipx --version (Get the version number)
- pipx install pkg (Install a package)
- pipx install pkg --global (Install a package globally for all users)
- pipx install pkg==1.2.3 (Install a specific version of a package)
- pipx install pkg -i INDEX_URL (Install a package from a specific index)
- pipx install-all -r requirements.txt (Install packages from requirements file)
- pipx install --upgrade pkg (Upgrade a package)
- pipx inject installed_pkg pkg_to_inject (Install package into an existing virtual environment)
- pipx list (show installed packages)
- pipx list --include-injected (show packages injected into the main app's environment)
- pipx uninstall pkg (Uninstall a package)
- pipx run pkg (Temporarily install a package in an isolated environment, run it and then remove the env after execution)
Limitations:
- Designed only for applications (like a tool or script that you run) and not libraries (which are collections of code that help you do something), unlike pip.
- That is only packages with entry points are supported. You could techincally install libraries, but they are installed in isolated environments, so you won't be able to import them in your scripts which defeats the purpose of libraries.
- All limitations of pip apply, except that pipx can manage virtual (isolated) environments for standalone Python applications.
poetry (Current Version 1.8.5)
- Website: https://python-poetry.org/docs/
- Poetry is a Python dependency management and packaging tool that simplifies project setup, dependency management, versioning, and environment isolation. It can be used for building, packaging, and publishing Python projects while ensuring consistent and reproducible environments.
- Requires Python
- Can be installed with either
pipxor a custom installer that poetry provides. - Poetry is available as a CLI command to perform the operations.
- Poetry will not install a Python interpreter for you.
- It has 2 operating modes: package mode and non-package mode (where only dependencies are managed but the project can't be packaged for publish).
- Uses same index (PyPI) as pip and can also support other sources pip can, such as a local directory, wheel, git url, etc.
- Poetry supports lockfile (poetry.lock), for reproducible builds. It locks all project dependencies to specific versions, including sub-dependencies.
- Poetry automatically manages virtual environments for your projects, creating and isolating them to ensure that dependencies are installed in a separate environment. You don't need to manually activate the virtual environment (
poetry shell) when using poetry. You can run your code directly with Poetry using thepoetry runcommand, without the need for explicit activation. - Poetry provides a way to organize your dependencies by groups, such as development, testing, production etc.
- Commands:
- poetry new my_project (Create a new project)
- poetry list (List all commands)
- poetry install (Install current project in editable mode and its dependencies)
- poetry install --no-root (Install only the project dependencies)
- poetry install --with grp (Install dependencies of a specific group)
- poetry add pkg (Add a new dependency)
- poetry remove pkg (Remove a dependency)
- poetry show (Show list of installed dependencies)
- poetry show pkg (Show detailed information about a specific package)
- poetry show --outdated (Lists outdated dependencies in the project)
- poetry run python script.py (Execute a command using the Poetry-managed virtual environment)
- poetry shell (Activates the virtual environment for your project)
- poetry lock (Locks your dependencies and generates/updates the poetry.lock file)
- poetry update (Updates all dependencies to their latest compatible versions)
- poetry publish --build (Builds and publishes the package to PyPI)
- poetry version minor (Bumps the project version: patch/minor/major)
Limitations:
- Slow installations (poetry also uses PyPI. It installs from source, when a wheel is not available).
- Slow dependency resolution for complex projects with conflicting dependencies.
- Limited support for non-Python dependencies.
uv (Current Version 0.5.7)
- Website: https://docs.astral.sh/uv/
pip-tools pyenv twine virtualenv pip-sync pdm
Why lockfile?
A lockfile captures the exact versions of all dependencies, including transitive dependencies (dependencies of dependencies). This ensures that everyone working on the project, as well as any deployment environments, use the same versions of packages. This ensures consistency and reproducibility.
What is a wheel?
A wheel is a precompiled package format for Python. When you install a package in Python, you often install it from source, meaning the code needs to be compiled before it’s ready to use. A wheel (.whl) is a binary format that contains precompiled code, so the installation is faster because it doesn't need to be compiled from source. It’s like downloading a ready-to-use app instead of building it from scratch.
What is an egg?
An egg is an older package format for Python that was used before the wheel format became popular. It's similar to wheel, in that it's a precompiled package, but it has been largely replaced by wheel for modern Python packaging.
What is a package?
In Python, a package is a collection of modules organized together.
What is a library?
A library is a collection of reusable code that provides specific functionality to make programming tasks easier. Developers use libraries as building blocks to create applications. In Python terminology, a library is often distributed as a package.
What is a framework? (do justice to this)
A framework is a pre-defined structure or skeleton for building applications.It lets you build your software, but you must follow the framework's structure. Unlike libraries, frameworks focus on multiple areas of functionality.
pyproject.toml?
pip install works on any project that contains pyproject.toml file as long as it complies with PEP 517/518 standards. The build is created using the system specified in the .toml configuration.
Note: If the project contains both setup.py and pyproject.toml files: 1. pyproject.toml takes precedence if build system is not setuptools. 2. Else, some metadata (such as version) in setup.py takes precedence and some properties (dependencies) in pyproject.toml takes precedence.
Difference between setup.p and setup.cfg?
Both setup.py and setup.cfg are tools used to define metadata and configuration for Python projects built with setuptools. setup.py is a Python script and setup.cfg uses INI-style. Unlike setup.py, setup.cfg can only have static configuration. Also, setup.cfg can be used alongside setup.py to separate metadata from logic.
python -m?
This tells Python to treat the input as a module and execute it as a script. For single files, this is like any other Python module. But for packages, it expects the main.py file which is the entry point for that package and executes the code in it.