How to Find Python Package Dependencies
Understanding a Python package's dependencies is crucial for setting up development environments, deploying applications, and ensuring compatibility.
This guide explains various ways to list a package's dependencies, including using pip show
, pkg_resources
, pipdeptree
, johnnydep
, querying the PyPI API, and generating requirements.txt
files.
Using pip show
(Simple Dependency Listing)
The pip show
command is the simplest way to get basic information about an installed package, including its dependencies:
pip show <YOUR_PACKAGE>
# Example:
pip show requests
- Replace
<YOUR_PACKAGE>
with the actual package name (e.g.,requests
,numpy
,pandas
). - The output includes a "Requires" field that lists the direct dependencies. It doesn't show the versions of those dependencies, nor does it show transitive dependencies (dependencies of dependencies).
Example Output (for requests
):
Name: requests
Version: 2.31.0
...
Requires: certifi, charset-normalizer, idna, urllib3
...
You can also use python -m pip
for consistency, which is helpful if you have more than one python interpreter installed.
python -m pip show requests
Using pkg_resources
(Detailed Dependency Information)
The pkg_resources
module (part of setuptools
, which is almost always installed with Python) provides more detailed information, including version requirements:
from pip._vendor import pkg_resources # Access pkg_resources through pip
def find_dependencies(package_name):
package = pkg_resources.working_set.by_key[package_name]
return [str(dependency) for dependency in package.requires()]
print(find_dependencies('requests'))
# Example Output:
# ['certifi>=2017.4.17', 'charset-normalizer<4,>=2', 'idna<4,>=2.5', 'urllib3<3,>=1.21.1']
pkg_resources.working_set.by_key[package_name]
gets the installed package's metadata.package.requires()
returns a list of dependency objects.str(dependency)
converts each dependency object to a string, including the version specifier (e.g.,>=2.0
,<3
).
Dependency Trees with pipdeptree
(Installed Packages)
pipdeptree
visualizes the dependencies of installed packages as a tree:
pip install pipdeptree
pipdeptree
This shows the full dependency tree for all installed packages in your current environment. This is extremely useful for understanding how packages relate to each other.
You can focus on a specific package with:
pipdeptree -p requests # Dependency tree for requests
And output in JSON:
pipdeptree --json
Dependency Trees with johnnydep
(Package-Centric)
johnnydep
focuses on a single package's dependency tree, even if it's not installed locally. This is useful for inspecting a package before installing it.
pip install johnnydep
johnnydep requests
To see version requirements:
johnnydep requests --output-format pinned
Querying the PyPI API (Programmatic Access)
For programmatic access to dependency information, you can query the PyPI (Python Package Index) JSON API:
import requests
def find_package_dependencies(package_name):
url = f'https://pypi.org/pypi/{package_name}/json'
response = requests.get(url, timeout=10)
response.raise_for_status() # Raise HTTPError for bad responses (4xx or 5xx)
json_data = response.json()
requires_dist = json_data['info'].get('requires_dist')
if requires_dist:
print(requires_dist)
else:
print("No dependencies listed on PyPI.")
print('-' * 50)
print('Required Python version:', json_data['info']['requires_python'])
find_package_dependencies('requests')
- This will produce the list of requirements from the
requires_dist
parameter of a package uploaded to PyPi.
Generating requirements.txt
with pipreqs
pipreqs
generates a requirements.txt
file based on the imports used in your project, not just what's installed in your environment. This is crucial for creating reproducible environments.
pip install pipreqs
pipreqs /path/to/your/project # Generates requirements.txt in the project root
pipreqs
analyzes your project's source code to identify the required packages and their versions.
pip freeze
vs. pipreqs
pip freeze
: Lists all packages installed in the current environment, including those you might not be using in your project. This is good for replicating an entire environment, but can include unnecessary packages.pipreqs
: Lists only the packages that are actually imported in your project's code. This results in a more minimal and accuraterequirements.txt
for your project.
Example:
# Create a requirements.txt using pip freeze
pip freeze > requirements.txt
# Or with pip3, if needed:
pip3 freeze > requirements.txt