How to specify dependency versions?
Tobias Pfeiffer
I am trying to package an existing Python application using PyInstaller, but I'm unable to find out how to specify the required version of each dependency.
I am using poetry to manage dependencies, so I have a pyproject.toml with the major dependencies of my project and a poetry.lock file that specifies for all direct and indirect dependencies which version is necessary for my project to work; this information cannot possibly be extracted from inspecting the import statements in all the Python files.
Ideally I would skip the auto-detection feature and use the poetry.lock file to tell PyInstaller which dependencies to bundle, or as a fallback I would like to tell PyInstaller which versions to use of certain hidden import modules on the command line, is such a thing possible?
Thanks
Tobias
Tobias Pfeiffer
I think I may have misunderstood what pyinstaller does. It does not download Python modules from any repository given some package name, but it packages only the modules that are present *in the current environment*, is that right?
If that is the case then there is obviously no need to specify the exact version, then I can just do `poetry install && poetry run pyinstaller ...` and will get the modules in the same version as my poetry lockfile; that's good.
(Still I feel pyinstaller would have to do less work if it just blindly packaged what was in the poetry lockfile, rather than trying to auto-discover the needed modules and then maybe needing additional hints.)
Thanks
Tobias
bwoodsend
I think I may have misunderstood what pyinstaller does. It does not download Python modules from any repository given some package name, but it packages only the modules that are present in the current environment, is that right?
This is correct. PyInstaller has virtually no awareness of package managers of any kind. It doesn’t even know which modules are standard library, which are 3rd party and which are part of your code. It just looks for import statements, finds the modules being imported in the current environment, then scans those for imports, and so on.
(Still I feel pyinstaller would have to do less work if it just blindly packaged what was in the poetry lockfile, rather than trying to auto-discover the needed modules and then maybe needing additional hints.)
I totally agree. Virtually any developer not only knows their own project’s dependencies but has them written down somewhere in a handy machine readable format so there is no reason at all to try and auto-detect dependencies then reinvent each packages metadata to collect each distribution’s data and binary files which are undetectable to the import scanning mechanism. I’ve had some vague plans about writing a replacement to the a = Analysis(...) part of the .spec file but have never had the time.