How to Find Python Package Dependencies

Understanding a Python package's dependencies is crucial for setting up development environments, deploying applications, and ensuring compatibility.

This guide explains various ways to list a package's dependencies, including using pip show, pkg_resources, pipdeptree, johnnydep, querying the PyPI API, and generating requirements.txt files.

Using `pip show` (Simple Dependency Listing)

The pip show command is the simplest way to get basic information about an installed package, including its dependencies:

pip show <YOUR_PACKAGE>

# Example:
pip show requests

Replace <YOUR_PACKAGE> with the actual package name (e.g., requests, numpy, pandas).
The output includes a "Requires" field that lists the direct dependencies. It doesn't show the versions of those dependencies, nor does it show transitive dependencies (dependencies of dependencies).

Example Output (for requests):

Name: requests
Version: 2.31.0
...
Requires: certifi, charset-normalizer, idna, urllib3
...

You can also use python -m pip for consistency, which is helpful if you have more than one python interpreter installed.

python -m pip show requests

Using `pkg_resources` (Detailed Dependency Information)

The pkg_resources module (part of setuptools, which is almost always installed with Python) provides more detailed information, including version requirements:

from pip._vendor import pkg_resources  # Access pkg_resources through pip

def find_dependencies(package_name):
    package = pkg_resources.working_set.by_key[package_name]
    return [str(dependency) for dependency in package.requires()]

print(find_dependencies('requests'))
# Example Output:
# ['certifi>=2017.4.17', 'charset-normalizer<4,>=2', 'idna<4,>=2.5', 'urllib3<3,>=1.21.1']

pkg_resources.working_set.by_key[package_name] gets the installed package's metadata.
package.requires() returns a list of dependency objects.
str(dependency) converts each dependency object to a string, including the version specifier (e.g., >=2.0, <3).

Dependency Trees with `pipdeptree` (Installed Packages)

pipdeptree visualizes the dependencies of installed packages as a tree:

pip install pipdeptree
pipdeptree

This shows the full dependency tree for all installed packages in your current environment. This is extremely useful for understanding how packages relate to each other.

You can focus on a specific package with:

pipdeptree -p requests # Dependency tree for requests

And output in JSON:

pipdeptree --json

Dependency Trees with `johnnydep` (Package-Centric)

johnnydep focuses on a single package's dependency tree, even if it's not installed locally. This is useful for inspecting a package before installing it.

pip install johnnydep
johnnydep requests

To see version requirements:

johnnydep requests --output-format pinned

Querying the PyPI API (Programmatic Access)

For programmatic access to dependency information, you can query the PyPI (Python Package Index) JSON API:

import requests

def find_package_dependencies(package_name):
    url = f'https://pypi.org/pypi/{package_name}/json'
    response = requests.get(url, timeout=10)
    response.raise_for_status() # Raise HTTPError for bad responses (4xx or 5xx)
    json_data = response.json()

    requires_dist = json_data['info'].get('requires_dist')
    if requires_dist:
      print(requires_dist)
    else:
        print("No dependencies listed on PyPI.")
    print('-' * 50)
    print('Required Python version:', json_data['info']['requires_python'])

find_package_dependencies('requests')

This will produce the list of requirements from the requires_dist parameter of a package uploaded to PyPi.

Generating `requirements.txt` with `pipreqs`

pipreqs generates a requirements.txt file based on the imports used in your project, not just what's installed in your environment. This is crucial for creating reproducible environments.

pip install pipreqs
pipreqs /path/to/your/project  # Generates requirements.txt in the project root

pipreqs analyzes your project's source code to identify the required packages and their versions.

`pip freeze` vs. `pipreqs`

pip freeze: Lists all packages installed in the current environment, including those you might not be using in your project. This is good for replicating an entire environment, but can include unnecessary packages.
pipreqs: Lists only the packages that are actually imported in your project's code. This results in a more minimal and accurate requirements.txt for your project.

Example:

# Create a requirements.txt using pip freeze
pip freeze > requirements.txt

# Or with pip3, if needed:
pip3 freeze > requirements.txt

How to Find Python Package Dependencies

Using pip show (Simple Dependency Listing)​

Using pkg_resources (Detailed Dependency Information)​

Dependency Trees with pipdeptree (Installed Packages)​

Dependency Trees with johnnydep (Package-Centric)​

Querying the PyPI API (Programmatic Access)​

Generating requirements.txt with pipreqs​

pip freeze vs. pipreqs​

Table of Contents