-
Notifications
You must be signed in to change notification settings - Fork 4
Dependencies
Ben Thorner edited this page Dec 29, 2021
·
12 revisions
Each Python app should have:
-
requirements.txt
- pinned versions of all production dependencies -
requirements.in
- main / top-level dependencies, used to generaterequirements.txt
-
requirements_for_test.txt
- additional dependencies for dev / test
requirements.txt
is generated from the requirements.in
in order to pin versions of all nested dependencies. If requirements.in
has been changed, run make freeze-requirements
to regenerate it.
Currently we do this as-and-when. We should prioritise dependencies with security vulnerabilities.