New Python lock file format will specify dependencies
a year ago
- #Dependency Management
- #Python
- #PEP 751
- Python's builders accepted PEP 751 to create a universal lock file format for Python projects.
- The lock file will specify dependencies, ensuring installation reproducibility in Python environments.
- The format is machine-generated and human-readable, allowing audits to exclude undesired dependencies.
- No resolver is needed at install time, simplifying reasoning about installations and speeding up the process.
- Currently, there's no standard lock file format, leading to fragmentation with tools like PDM, pip freeze, pip-tools, Poetry, and uv.
- The proposal aims to unify lock file formats to avoid compatibility and interoperability issues.
- The format has been under discussion for about four years and is now fully accepted, though adoption remains open-ended.