Adding Python Support

VersionEye 2.0 started with only 3 languages. Ruby, NodeJS and PHP. Now Python was added as well!

VersionEye supports the package manger PIP. You can simply upload your requirements.txt file to get a BOM (Bill of Materials). By default the ‘requirements.txt’ file contains only the direct dependencies. I would recommend to use Pips freeze feature to lock down all transitive dependencies. That can be achieved with this command:

python -m pip freeze > frozen-requirements.txt

That command will take all direct dependencies from the requirements.txt file, resolve all transitive dependencies and create a new file frozen-requirements.txt which contains ALL (direct & transitive) dependencies with fixed versions. That’s much better then the pure requirements.txt file because the frozen version contains all dependencies which are shipped to production. That contains ALL dependencies which are necessary to run the application.

Here is an example for a Python VersionEye scan:

Try it out and let me know how you like it! Would love to hear your feedback.

If you don’t have an account yet, signup with this promotion code “Ve2Python“. That code is valid until 4th of June and gives you a 50% discount on the monthly subscription!

How to better support PIP requirements.txt

We recently pushed a new version of VersionEye online. The new version comes with an improved parser for requirements.txt files.

ImageThe new features include:

  • Comments in requirements.txt files can be handled.
  • Lines starting with http:// or https:// will be ignored.
  • Handling of entries without explicit version string.
  • pip.log file support.

Here is a simple example of an entry:

Image

But other comparators work, too now. Like this one here:

Image

Or in case you have only the package name, like this:

Image

The new version can handle the pip.log file. Simply upload it or put in the URL and all the dependencies in the pip.log file will be shown.

Check it out and we’d love to hear your feedback.