I'd like to be able to generate wheels for all dependencies in a Pipfile.lock while taking advantage of hash verification. Prior to 11.1.2 you could accomplish this with:
pipenv lock -r > reqs.txt
pip wheel -r reqs.txt
_(#1417 was problematic for this workflow, but otherwise it worked)_
In 11.1.2, hashes were removed from the requirements-style output which (afaik) means there is no way to build/download hash-verified wheels from a lock file.
The use-case is to package Python modules for offline installs or installs without compilation/development tools on the server. The wheels can be built, then distributed and installed in a minimal Python environment.
Is this functionality that you'd consider including in the project? If not, is there some way to support this workflow again?
ipmb
All 3 comments
no plans for this at this time
kennethreitz42
on 8 Mar 2018
this sounds like a great opportunity for a pipenv-wheels tool, though.
kennethreitz42
on 8 Mar 2018
Just in case anybody looks here for a solution, it's pretty easy (assuming the pipenv internals don't change):
from pipenv.utils import convert_deps_to_pip
with open('Pipfile.lock') as f:
deps = json.load(f)['default']
# remove local project which wouldn't have a hash
for k, v in list(deps.items()):
if v.get('path') == '.':
del(deps[k])
path_to_requirements_file_with_hashes = convert_deps_to_pip(deps)
Related issues
marc-fez
路
3Comments
konstin
路
3Comments
jerzyk
路
3Comments
JacobHayes
路
3Comments
fbender
路
3Comments
Most helpful comment
Just in case anybody looks here for a solution, it's pretty easy (assuming the
pipenvinternals don't change):