Having to ship a compiler to a host|container to build python with pyenv, needing all kinds of development headers like libffi for poetry. The hoopla around poetry init (or pipenv's equivalent) to get a deterministic result of the environment and all packages. Or you use requirements files, and don't get deterministic results.

Or you use effectively an entire operating system on top of your OS to use a conda derivative.

And we still haven't executed a lick of python.

Then there's the rigmarole around getting one of these environments to play nice with cron, having to manipulate your PATH so you can manipulate your PATH further to make the call.

It's really gotten me started questioning assumptions on what language "quick wins" should be written in.

There are a couple other tools that take the same approach, including PyOxidizer[3], which was written by a Mercurial maintainer.

[1] https://docs.bazel.build/versions/master/be/python.html#py_r...

[2] https://github.com/erain/bazel-python-example

[3] https://pyoxidizer.readthedocs.io/en/stable/overview.html

As far as I know the only language making static binaries easily is Go, but it was a first class language design principle.

For everybody else it’s a jenky 1000 line Makefile. And don’t get me started on cross-compiling!

Rust does this as well.

The official high level build tool, `cargo`, uses a declarative TOML file for dependency management and supports lock files for deterministic builds. The default output is a single, statically linked binary.

Rust does depend on libc (like Go) which brings in dynamic linking on some platforms. But Cargo supports easy cross-compilation, and the `x86_64-unknown-linux-musl` target will produce a fully static binary.

https://pyoxidizer.readthedocs.io/en/stable/overview.html

Your milage might vary, but I think the former is still very much a work in progress.

It can't do this for non-Linux executables (e.g. Windows, Mac). On those OSs, the executables are dynamically linked with system libraries.

Edit: I mention cgo as many who want to cross-compile a statically linked binary may want to interface with other libs via FFI and this is a huge gotcha. It is a bit tangential to strict "static linking binary building".

I decided "to heck with it" and went back to bash. There's no built-in JSON parser but I can use 'grep' and 'cut' as well as anyone so the end result is the same. I push it to our repo, I tell coworkers to run it, and I wash my hands of the thing.

Another thing to consider is more of a middle-ground approach. Most systems do have a python interpreter, so you can use a lot of base python without worrying about dependency hell. I use inline python in bash all the time, e.g.

  ls | python -c 'import sys,json;lines=sys.stdin.read();print(json.dumps(list(filter(bool,lines.split("\n"))),sort_keys=True,indent=2))'

  python -c "print(f'Congrats, ${USER}, you are visitor number ${RANDOM}. This is {__name__}, running in $(pwd)')"

  # python << EOPYTHON
  print("Congrats, ${USER}")
  print("You are visitor ${RANDOM}")
  print("This is {__name__}, running in ${pwd}")
  print("It's a heredoc to allow both quote characters")
  EOPYTHON

edit: You probably already know this, but for anyone reading along, piping `ls` is unsafe if you plan to use the paths for anything except for printing them out. A path on linux can contain any byte except for NULL, so when `ls` prints them out, you can get broken behavior if you try to break on newlines.

With Bash, your best bet for portability is to run scripts in a Docker container. If you want portable code, you have to bundle your dependencies--there's no free lunch here, including Bash.

This didn't solve the multiple versions of python on the host. That was managed by having a bootstrap script written in python2 that would set up the development environment to a consistent state (i.e. install homebrew, install required packages) that anyone wanting to run the tools would run (no "getting started guides") which also versioned itself & was idempotent (generally robust against running multiple times). We also shipped this to our external partners in the factory. Generally worked well as once you ran the necessary scripts once no further internet access was required.

It wasn't easy but eventually it worked super reliably.

[1] https://github.com/jazzband/pip-tools

This was critical for devs because this was the underlying thing for all scripts devs ran (build system, terminal to device, unit tests, etc etc). Startup latency was key & I spent time optimizing that to feel as instant as a native executable unless the virtual environment changed which isolated the expensive part (& generally happened more & more rarely for any given tool as I found the dependency set to mature & freeze pretty quickly).

This had a great side benefit making it super-easy to run the scripts once on an internet-connected device & then use that as the base image for all the factory machines that could then be offline because all the virtual envs had been initialized.

It's Scala, runs on the JVM, and is perfect for writing scripts. (It has a great built in dependency resolver, I mean it uses Ivy, but it downloads the dep by itself, you just import it via the "maven coordinate" - http://ammonite.io/#IvyDependencies )

It gives you a lot more safety/correctness than Python, and it's a bit simpler to install too. (No need to compile extensions, just get JDK8 and it'll run.)

There are lots of ways to handle this problem, but if you're handling lots of systems, you presumably already have a method you use to keep them up to date and secure. You presumably are also installing Python from the system packages (if not, you probably shouldn't be writing system utils in it unless you can ensure it's the same on every system you guys maintain, in which case your dependency problem shouldn't be a problem), so tie into that mechanism. It's a lot easier to reason about when there aren't two competing systems, and presumably you aren't going to do away with the security updates the distro provides.

I recently received a script from partner company that used such of script for forwarding data to their API. It was quite long and had few dependencies that were not visible until you (stupidly) executed it.

Few random thoughts:

- Bash scripts can be ran in environments where all dependencies to binaries are not met. In these cases the script might cause damage if they expect that everything is available.

- When someone is unexpectedly required to modify the script it can be difficult or cause issues when this is done by inexperienced developer (in this age I wouldn't be surprised)

- If the script uses a program that is required to be certain version for getting wanted results it may cause issues

- The environment where script is ran is usually not a vacuum. Another scripts might change environment variables or change/remove programs in general

While dependencies with Python can cause issues in the future. The trade-off is having some sort of control as long you don't execute other binaries directly.

There is the question of the dependencies of a shell script, but I find in practice just checking for deps like `curl` at the beginning leads to be a better user experience. It's unlikely that there is going to be a ton of tools you require, and the tools you do require are probably going to be good about backwards compatibility [curl again as an example].

Sure. The argument is that it's a lot easier for the user of the program to read an error message that says "jq is required. Run apt-get install jq or homebrew install jq" than to fuck around with the python or ruby ecosystem, especially if they don't work in those languages.

> Finally there are differences in how `/bin/sh` will interpret things (which there shouldn't be) depending upon underlying shell is running ksh, zsh, bash, dash

Do you have an example of code that is written to the POSIX standard of shell that runs differently? I only write POSIX shell, and use https://github.com/koalaman/shellcheck to verify that to prevent that exact thing.

There are differences between versions. I can't even remember what they are off the top of my head like I used to, which makes them all the more aggravating to discover again.

But I would recommend sticking to a subset of bash, not any of the new fancy features like 'globstar' which allows recursively globbing.

There are tools to manage these kinds of tests, like bashenv. But you're in the same problem scope at that point.

[1] Well, it has $@, which you can use as a general-purpose array with some hacks[2], but that's no way to live.

[2] http://www.etalabs.net/sh_tricks.html

But even the nicest shell doesn't solve the dependency problem like statically compiled programs. If I could take my currently running Python code and produce some artifact that would run with nothing other than the python binary I think we'd be in a much better place.

Ohh apparently all I've needed in my life is zipapps.

One drawback is that if you want your Bash script to work on macOS, you need to restrict yourself to features that exist on version 3.2 (from 2006) because that's the latest version that will ever be included on macOS by default.

> If I could take my currently running Python code and produce some artifact that would run with nothing other than the python binary I think we'd be in a much better place.

See my other comment: https://news.ycombinator.com/item?id=23338316

Let me put it like this: I'm a programmer. I don't mind making programming a bit harder for myself if it means that I get to avoid a lot of the non-programing minutia that's part of a modern interpreted environment.

Also, if you're willing to take a dependency on jq, the issue goes away completely.

We even how have a nice tool to automate the bundling for you:

https://pypi.org/project/shiv/

Of course you still have to figure out how to get a Python installed on the final machine, that's the price to pay to be an interpreted language.

We don't have yet a story to ship a beautiful exe/dmg/deb/rpm that embeds the zipapp and libpython in an easy way.

This is a non-trivial thing to handwave away.

Using an interpretted language always leads to this.

I know no popular interpretted language with a seamless experience to ship a standalone exe.

In fact, Python is probably the one with the best story here, since it has nuitka (https://nuitka.net/), which allows to compile Python code into a fully standalone exe.

But then you need to install a compiler, headers, etc. And no cross compilation of course. Not to mention on Linux, you have to ensure you target the lowest version of libc you can.

You are still very far from Go or Rust, and I'm hoping one day that RustPython will succeed because that would mean an amazing deployment story.

Meanwhile, you trade the ease of deployment of compiled languages for the ease of development of interpretted ones.

I think it's a fare trade for most people: you dev the program much more often that you deploy it.

That doesn't mean we shouldn't work, as a community, to improve the deployment story. It's a serious hindrance.

That's the raison d'être of the Briefcase project (https://beeware.org/project/projects/tools/briefcase/). It's still in progress, but the last prez I saw on it was quite impressive already.

Isn't RustPython just an alternative interpreter to CPython, implemented in Rust instead of C?

How would RustPython offer better deployment than CPython?

So if one day RustPython gets compatible enought with CPython that you can use it as a drop in replacement, you can start creating a tool that compiles any Python VM for any target, and bring along your program with it. Making a standalone version of it would become much easier.

Right now, doing so either requires you to bring in a pre-compile version of cpython for your target (which is what briefcase does) or compile the thing yourself with gcc + headers + deps(which is what nuitka does).

It's not easy.

I don't think this will ever happen unless the community converges on a standard C-extension interface. Presently Python leans so hard on C-extensions, but there is no standard interface--if you're writing a C-extension library, you just depend on whatever obscure corner of CPython that suits your purpose. If you're writing an alternative Python interpreter, you have to implement the entire surface area of CPython, which generally means you must implement CPython exactly and you are severely restricted on the improvements you can make. At that point, why even bother?

Fortunately, I think there are emerging candidate interfaces, but the community needs to either update C-extension packages to use those interfaces or support packages (and maintainers) who already do. https://github.com/pyhandle/hpy.

The rest is not popular enought to be a blocker. You will hear them scream a lot, but they will be like 0.00001% of the user base, and we can just tell them to stay on CPython with its limitations. They don't lose anything, just not gain anything either.

Those C extensions authors are directly in communication with Python core devs, when they are not core devs themselves, so if HPY is adopted, we can expect a total adoption under 5 years.

Numpy authors already said it would take 1 year to adopt it.

Give the huge number of benefits of HPY, I deeply hope it will be a success.

Indeed.

I don't know exactly how it goes but I'm pretty sure it's a horror story.

That being said, a lot of extensions are pre-compiled and provided as wheel, which is the case for tensorflow (I don't know for CUDA, I can't test on a laptop without a GPU).

Let's see what this means:

    $ py -m venv test
    $ test\Scripts\activate
    $ pip install tensorflow
    $ code hello_tensor.py
    # import tensorflow as tf

    # def main():

    #     with tf.compat.v1.Session() as sess:
    #         a = tf.constant(3.0)
    #         b = tf.constant(4.0)
    #         c = a+b
    #         print(sess.run(c))

    $ copy hello_tensor.py test\Lib\site-packages
    $ shiv -e hello_tensor.main --site-packages test\Lib\site-packages\ -o hello_tensor.pyz
    $ python hello_tensor.pyz
    ...
    2020-05-28 17:31:46.580704: I tensorflow/compiler/xla/service/service.cc:176]   StreamExecutor device (0): Host, Default Version
    7.0

- it will only run on the system this particular wheel has been designed to run on. In my case cp38-win_amd64.

- it will come bundled with tensorflow, which is a behemot, meaning your hello world pyz will around 500 Mo.

- it needs to unzip, so the first run will be REALLY slow

For something like this, I would advice a more generic deployment tool, like fabric 2 if it's remote, or a make-like tool such as doit if it's local only.

Make your deployment script, and zipapp that.

If so, the extraction is going to make startup very slow. If not, that’s just messy. Either way, it’s not ideal.

Yes, it's not ideal.

But it beats shipping your entire dev env to the server.

I find it a good compromise. The extraction is done is $HOME/.shiv/{zipappname}_{zipapphash} so it's not a horrible mess. But if your project is big, you do have to clean up the old install because it can eat a significant amount of space.

For you regular cmd tool though, it's a blip.

Also for Java. The installs usually include their own favorite version of Java alongside the actual application.

[1] https://docs.oracle.com/javase/9/tools/jlink.htm

For PATH with cron or others, I use the full path to the virtualenv such as /path/to/project/.venv/bin/python. The path can be extracted by "which" or "Get-Command" when the venv is active.

Using a python version different from the system python version is probably the messiest part but well, targeting 3.6 is alright.

I do agree it could be better and it's not quite as streamlined as other ecosystems.

So a huge number of cases can be handled with just that. It will be "reproducible" enought for a lot of people.

That's why I use "poetry export -f requirements.txt > requirements.txt" instead of pip freeze. It only exports prod requirements from the poettry lock file.

You pass cron the full path to your entry point. Where’s the rigamarole?

0 0 * * * /path/to/bash/script/to/init/pyenv && /my/path/to/poetry run /my/path/to/python.py -arg1

0 0 * * * /path/to/interpreter/created/by/poetry/bin/python myscript.py

I seem to recall that with python2.7 that calling bin/python in a virtualenv without activating the virtualenv did not used to "work" (i.e. it would use the system packages). Did this change at some point or is my memory just wrong?

An anecdote: Homebrew uses this method for shipping python executables.

The exception is if your python thingy is "the main thing" running on a server, i.e. your customer facing webapp.

My $.10 anyway

This of course leads to other issues to solve, now that your development environment doesn't actually mirror production.

I wonder how many others are doing the same but are keeping it close to their chest because it’s such an amazing advantage.

According to the user needs, your dockerized application will run with different base distro. Alpine and musl for small OS footprint ? Or Debia(or debian-slim) for glibc compatibility ?

Those concerns are the same with or without Docker. Docker makes things easy, just not those things because it is not its purpose.

The packager of an application is part of the project's team. It's not up to the user to package your application.

- Runtime comes with a package manager

- Dependencies (not just imports, but tooling) are fully manifested in a project-local file

- Installs dependencies in a project-local directory

- Can specify exact package versions if you want maximum stability

- Left-pad can't happen again due to policy changes: https://docs.npmjs.com/cli/unpublish#description

- Doesn't require any build steps or extra hoops if you're fine with skipping static types

In general it just does a really great job isolating from the environment. No messing with environment variables, most things even run fine on Windows out of the box. All you need is node itself installed and you're off to the races, whether you're starting a new project or running one you checked out from github.

What about pip freeze?

https://github.com/RustPython/RustPython

--

That said, from a security standpoint, I'm not sure it's a good idea to run a script downloaded from the web, without verification, on your local command line:

  curl https://pyenv.run | bash

For pyenv all is needed is to clone their git repository and add a couple of lines to your .bashrc.

If I want to run pip, I need to trust PYPA. It's their code I want to run, and I need to download it one way or another. If I don't trust them to keep their domain secure, I don't see why I would trust them to keep their github repo secure.

And the whole point of pip is to download code from PYPI and run it. pip, git, curl|bash, all do the same exact thing in this case. curl|bash just smells funny because it makes it more plainly obvious what is going on.

Beside, curl works on all linux AND on mac.

Saves time.

And the "more information" link https://raw.githubusercontent.com/pyenv/pyenv-installer in that script points to "400: Invalid request" result.

If you're mainstream: Go or Java. If you're edgy: Nim, Scala, or Crystal

All of those have much more sane type, build, and packaging systems.

@perl-people, was this a solved problem when Perl was big? Or is python walking the same roads?

The recipe for the 'solved' deployment:

  - a compiler that ships with a build tool (so building is homogenous in the community)
  - a centralized or at least uniformly accessible package repository (so dependency acquisition is homogenous in the community)
  - a common file format for describing dependencies (so dependency resolution is homogenous in the community)
  - a common file format for locking dependency versions (so deployment can be done reliably without vendoring dependencies)
  - optional but very nice: a tool for managing compiler versions so it's easy to switch/upgrade projects

https://github.com/Bogdanp/racksnaps

I think a language should have its own official tooling that can achieve those without installing any external shit

There are quite a few of these. I couldn't do any of my ML work in a language other than Python or C++.

Calling what Go has a "type system" is a stretch IMO.

Overall looking at Python deployment story after using Elixir for the past couple of years makes me cringe a bit. Rather I have no idea how to do it. Deterministic versions, lock files, and container/tarball (or binary) support seems a given in 2020.

1: https://medium.com/@giovanni_94706/introducing-nimtorch-b8b0...

I don't follow - wouldn't nimtorch also require bundling pytorch on an embedded device?

See: https://pytorch.org/tutorials/advanced/cpp_frontend.html

I don't see the advantage of this setup over just loading a torchscript model in C++ or any other static language. A full set of bindings seems unnecessary unless you need to train in nim.

I prefer to avoid Python nowadays due to the pain of dependency management, a nice as this article is don't care to learn about Poetry. So training in pure C++ (or better Nim) is my preferred setup. Keeping a similar build setup for both training and deployment saves a lot of headaches which is why the nimtorch interface is handy even if it's not as full featured/up to date. Now I'm only deploying a very simple NN without much need for experimentation.

Deployment then just become:

- build zipapp - upload zipapp - ensure python interpretter - run zipapp

Which is just one more step than go.

Let's try an example with numpy:

    $ py -m venv foo
    $ foo\Scripts\activate
    $ pip install numpy
    $ code hello_numpy.py
    # import numpy as np
    # def main():
    #     print(np.arange(15).reshape(3, 5))
    $ python hello_numpy.py
    [[ 0  1  2  3  4]
    [ 5  6  7  8  9]
    [10 11 12 13 14]]

    $ copy hello_numpy.py foo\Lib\site-packages
    $ shiv -e hello_numpy.main --site-packages test\Lib\site-packages\ -o hello_numpy.pyz
    $ python hello_numpy.pyz
    [[ 0  1  2  3  4]
    [ 5  6  7  8  9]
    [10 11 12 13 14]]

- it will only run on the system this particular numpy wheel has been designed to run on. In my case cp38-win_amd64.

- it will comes bundle with numpy. Numpy is quite big, which means your hello world pyz will be 14.1 Mo.

- it needs to unzip, so the first run will be slow

And then I can do things like import a big package (pandas) only after parsing the args, which is highly convenient to users that want to check the argument options without a five second lag.

[1] https://github.com/tiangolo/typer

What I mean is if you execute script.py help, it will print out the possible options, along with their docstrings, or maybe just the first line.

What is the reason for requiring Python >=3.7?

-- it's probably not the most flexible tool, but IMHO it's the one with the best API: fire.Fire(obj) and everything else is taken care of ;)

p.s.: for lazy imports, just don't put them in the top of your module in the entry point.

Here's a very minimal CLI for one of my PyPI packages: https://github.com/minimaxir/aitextgen/blob/master/aitextgen...

For lazy import - You can do it with click, too, just put your imports in your entrypoint functions.

Click isn't minimalistic though. Nor is poetry or pyenv. Seems to be the main complaints about the article.

https://pypi.org/project/ConfigArgParse/

[1] https://abseil.io/docs/python/guides/flags

Of course, sometimes you can't avoid external dependencies (personally, this often involves pandas). But the standard library gets you really far. And even though urllib.request is clunky, I will only use Requests if something else already is forcing me to add external dependencies.

Unless I am making a "real" application, I do my best to avoid virtualenvs altogether.

It's an official feature (https://docs.python.org/fr/3/library/zipapp.html) that lets Python execute an entire project bundled into a zip file.

If you don't want to create it by hand, use shiv: https://pypi.org/project/shiv/

It's the best of both worlds.

I think the reason is that something like shiv was missing: it streamlines the process, shows a finish product instead of just telling people "all the thing they can do", and the automatic unzipping solved plenty of problems that you had with alternative like Pex, espacially on windows or with static resources.

So now you have it. Spread the word.

90% of the time the only lines in my requirements.txt file are for PyYAML and Jinja2.

Using just the Python standard library is the ideal case for scripts and other sysadmin-ey tools - no dependencies, runs with everywhere (tested in multiple python versions via tox) in a single source file.

Yes, yes, I know. But...

Just skim-read but it seems to cover the sensible parts - all of this applies if you are writing 100,000 lines of code or 3 lines of hello.py

I am trying to write thedevmanual.com which is basically all of that - what it takes to run in real life. it is of course opinionated, and in lockdown :-(

This article lists a set of bleeding-edge tools, should you choose to add them and learn them all in one place. I wouldn't use half the tools (they're too hypermodern), but it's helpful to know where things are moving.

I also generally don't lock versions on dev machines; code should use the core, supported API, and not break on bleeding-edge functionality and API changes. I lock version on deploy machines, obviously.

Smart people on my teams don't like this approach, though, so I could be wrong.

But you can do Python this way. And beginners definitely should start by doing Python this way.

When you say beginniners, I think it depends on whether you're referring to programming neophytes in general or professional developers who are new to Python specifically. In the latter case, I actually think it's really important for newcomers to Python to get into best practices like this very early on -- indeed, pretty much immediately. Otherwise they're going to end up either being unable to use any interesting dependencies or being unable to distribute their work in a way that is easy and convenient for others to hack on. Do this with a bunch of people simultaneously and it's a big problem.

1) There's a world of difference between that and docker, and especially docker with containers for not just postgresql, but a half-dozen specialized data stores, queuing systems, MTAs, etc.

2) There's also a world of difference between having numpy / pandas / etc. in your requirements.txt, and having those pinned to a specific version. I'm okay with one or two pinned dependencies on any specific project (for example, if there's an overall project built on Django).

But if you're using the corners of standard libraries in ways where version 1.65 works and 1.73 doesn't, you're probably doing something wrong. You're probably using features which are too bleeding-edge. I'm okay with a few conditionals in code too (if library is 1.65, do X, and if it's 1.73, do Y).

When I've seen systems that to depend on nuances of specific versions, upgrades turn into "migration to [library] 1.73" and eat up weeks of developer time. It gets worse when you have cascades (upgrading library X means upgrading Y, etc.).

And goodness help you if you want to integrate two systems built in docker with pinned everything and fine-grained dependencies.

A lot of this also comes back to willing and able to say "no" to features which take 15 minutes to introduce, but cost time down the line to maintain.

Systems which install on Ubuntu without virtualenv or pip (just apt-get installing packages) are an ideal I strive for. It's usually one I don't hit (and it's also not how I develop, obviously -- it's not for me, but for my users, as well as for the discipline).

Your argument probably would be that the dependencies used should be so simple and core that the risk of it not working with someone else’s package set should be minimal or zero. That’s just a bit too extreme for my taste. I want builds to be 100% reproducible. This is exactly what modern build tools for other languages do.

Re: Docker, I don’t think anyone is claiming pip and virtualenv are somehow a replacement for that.

Re: apt-get, we tend to actually avoid this. It’s really not a good package manager at all and can easily break. We’re going in the direction of nix instead and may even port our entire Python workflow over to it or bazel at some point.

(1) I want builds to be 100% reproducible on deployment servers and on CI/CD pipelines. Otherwise, you can undebuggable Heisenbugs. On the other hand, I don't want builds to be reproducible between developer machines. If I'm running Python 3.6 on Ubuntu, and another developer is running Python 3.7 on a Mac, and we have slightly different versions of numpy, that makes sure the system is not too brittle. Come to think of it, if I had infinite resources, I'd have several build machines with different (reproducible) configurations.

(2) I'm a lot more spartan about dependencies than other developers I've met.

(3) I'd never use apt to manage Python packages myself in something I'm working on. The constraint is in the other direction. If I build a tool, a user ought to be able to install it using apt in some future version of Debian, and likewise for other systems. Even if that's an abstract user.

I've found that if I develop this way, the upsides outweigh the downsides, especially over extended periods. A lot of software gets built like a system which can only live in one places. There's a set of AWS machines, code on them, and that's the system. There might be a few copies of it (stage+dev+etc.), but you can't move it somewhere else. I like systems I build to be portable. Someone can bring them up-and-running on their own machine, ideally in a few minutes. I've always found that to be cheaper, in the long term.

On projects I've worked on before, I think this would have made sense /technically/, given project priorities, but so did many other things which weren't done. It's a lot easier to make the case for resources for customer-facing features than for technical debt or infrastructure. So there's the political component too, which varies organization-by-organization.

This is already done in a lot of projects with hardware. The Linux kernel will run on a thousand hardware and software configurations before integrating features.

If I did this, I'd probably want at least three builds:

* my pinned deployment versions (sometimes a release or two behind, sometimes bleeding-edge)

* latest released version; and

* HEAD

If an upstream project is introducing a breaking change, I'd know immediately. That'd be super-helpful, probably both to me and to those projects.

Come to think of it, the right way to do this might be to have three virtualenvs on my local machine, rather than just different targets in CI/CD....

Usually distributions bundle one or two specific versions of Python. Pyenv makes it super easy to install and use all the versions of Python that you want.

Even though for most people it might be enough to just use whatever version of Python comes installed with your system, for a team it might be important that everyone has the exact same version.

Moreover, pyenv-virtualenv makes it painless to use virtualenvs and so I recommend you give pyenv a try even if you do not need additional Python versions.

Why not just install the required version of Python, maybe from a 3rd party repo if not available in the main repos? Why would I ever want to get a compiler toolchain to get my Python interpreter?

It is a single `apt-get install` (which probably downloads less MBs than our typical `npm/yarn` install).

Consider that if pyenv came pre-packaged for ubuntu/debian, those packages would be runtime dependencies and then you would just need to `apt-get install pyenv`.

Real scenario I'm in right now:

- Need to build libraries to support 2.7, 3.6, plus future proofing for >=3.7

- CI workers have images which only python 2.7 and 3.6, platform team too busy to update them

- Mac Homebrew only supports >=3.7

There's no common environment between anything unless we use pyenv

I understand that virtualenv and maybe even pyenv are useful if you need different requirements for different projects using the same version of Python, as apparently pip installs packages globally. But for your setup, I don't get why something like pyenv really helps...

Yep, most people can just do this. Then, they want a little script over the top that downloads the different versions of Python for them -- just to make life easier for them. Wouldn't it be handy to also script the installation? It'd also probably be useful to automatically setup the version of Python I want to use when I switch folders, so I'm not constantly running the wrong version when I change projects.

... et voila, we've reinvented pyenv :).

But having c compiler toolchain available is pretty much standard practice when using python (or nodejs, ruby, etc) because you might need to install some library that requires compilation from source (e.g. psycopg2). If you don't want that, you'll stuck with installing those 3rd party libs from your distro's repo, which might be out of date or outright missing (especially for less popular packages).

That's the thing. pyenv just downloads the source code of the specified Python version, and then compiles it on your machine. They did that to be agnostic of the OS you're running on.

It's a Python stack that solves some problems for a part of the community.

It’s a failure of the author to explain intent. The entire article is WHAT, not WHY.

If you are already hyper-familiar with python, you know what you are looking at. Yes, of course I’ll want to use pyenv, “everyone knows that”. For the rest of us, it just seems like a lot of steps to do - for some reason.

I think it’s different from just not being the target audience. A good tutorial explains intent.

It's worth noting that this a rather opinionated toolset, and that we shouldn't mistake opinionated for hypermodern. You could replace poetry for pipenv (particularly now that it's being maintained again...), and I tend to prefer unittest to pytest. The further into it you get, the more opinionated it is -- for instance, code coverage support and CI/CD is not one-size-fits-all, but the choices of CodeCov and GitHub Actions are nicely illustrative.

Even the testimonials are self-important.

> Pipenv is finally an abstraction meant to engage the mind instead of merely the filesystem.

Like, really? I want to interpret that as a joke, but I don't think it is.

Poetry should be the future of Python dependency management. I'd like to forget pipenv ever happened. Unfortunately since PyPA took pipenv under its wing, that might not happen.

Those tools have been existing for years, and as always with Python, they serve only a subset of the Python users.

Not that it's a bad article. If you don't know about them, give it a read, it's good to know it exists and the post is well written.

But don't think it's the ultimate stack or whatever.

And if you learn Python, you should always strive to master the basics first:

- installing python.org for windows and mac, or apt/yum on Linux (those ones are tricky, it's more than just the "python" package to get pip and venv)

- don't try to get the latest and greatest version (which is 3.8, or 3.9 alpha today). 3.6 is great already and is wildly available. I personnally strive for 3.7 now, but I'm happy with 3.6 if I don't have to use asyncio. So get the most modern version that is easy to install for you.

- be comfortable with "-m", the "py" command on windows, "pip" (-m, --user, install, install -r, freeze), and "-m venv".

- make sure you understand what the PYTHON PATH is and how it works regarding the import system

- know how to configure your favorite editor to work with those

Once you have those basics, you can go and try whatever have you: peotry, pyenv, pew, virtualenvwrapper, pipenv and so on. It will be easy because you will have a solid understanding of where it comes from and how it plugs in into the ecosystem. You will be able to chose if they are worth it or not for you. And more importantly, when you will have to move away from them (because of work, because they don't suit you, because they are abandonned...), you will always be able to fall back to basics.

But franckly, there are so many things that you should be learning before those extras: pdb, black, pylint, zipapps... Or even concepts like generators, decorators, unpacking, etc. They all have a better value for the time you spend on them than learning a new "modern" stack.

Not that it's not useful to have a modern stack. I update my stack all the time.

I'm currently using pip + pew + doit + nox + pytest, and I'm experimenting with dephell.

But it's my full time job. I'm an expert.

Most Python devs have a much limited amount of resource to spent in learning stuff. They have deadlines, and other stuff to care about than Python.

I know because I go from company to administrations to students to train them, and it's always the same: they chose Python because it's an efficient use of their time.

If you're shipping a package on pypi, you will want to develop and automatically test using multiple Python versions and maybe a range of versions of your dependencies. Having good tools to manage multiple sets of Python versions and dependencies and parallel automated testing is a godsend.

If you're writing an internal or web application that will run only in a single well-known environment, pip + venv + pytest might well be good enough.

Besides, if you want to develop and automatically test using multiple Python versions and a range of versions of your dependencies, none of the tools from the article will do it.

At best they are one of the ways to get dependancies before you use a tool to do it. You can do that with raw pip and venv as well.

What you need though, is something like tox, which has existed for years.

As mentioned in my comment, I personnally use nox for this, as it is, ironically, more modern to my taste.

Nox doesn't care if you use poetry, pew, virtualenv wrapper or venv manually.

I would certainly advice to learn something like nox or doit before learning poetry, for example.

Now I don't advice against learning poetry, mind you. It's a good tool, well written.

Pyenv is another matter entirely. The day one really need what pyenv gives you to the point it's worth investing in it, they can discard all my advices entirely, as they would have the skill and experience to not need my explanations.

I don't see how this stack is "hypermodern" either, mind you.

My point was just that these articles and other like it tend to omit context completely. What is this stack good for? Who should use it? Who shouldn't? Without answering these questions the articles are not all that useful, or even could be harmful, if a dev who doesn't know better apes a complicated stack for no good reason.

We know we can isolate the interpreter and modules via venv/docker/etc. and get repeatable and reliable deployments. However, because we're a utility module, we like to allow users to import our code freely, and that's a lot harder when that code is isolated and bundled with very specific requirements.

Seems like the only perfect solution is to just support every conceivable version of python and our required modules. Which is of course very hard. It would probably require greatly reducing our usage of tensorflow and some other packages which change a lot and are trickier to use on Windows.

Good old dependency hell.

https://thomazleite.com/posts/development-with-nix-python/

But now you have truly deterministic builds.

Well, almost. Don't forget to pin channels.

It provides the needed isolation, you can get lots of packages without having to compile from conda-forge and it still works with pip for the odd cases where a given package is not directly available (as a bonus, it works for other native toolchains, not only Python, which is a huge plus for me).

As a note, I personally use it with `conda devenv` to be able to replicate installs for a given project -- i.e.: https://conda-devenv.readthedocs.io/en/latest/.

I mean, the Python community has a standard repository for packages (pypi). You cannot even name a library $something if $something is not available on pypi. Why would I use something hosted by a private company that does not even interface with the rest of the community?

This is not an attack on conda. I just cannot understand its rationale.

Also, while it was initially done by a private company, I'd say it's definitely a community effort right now (it's also the reason I tend to use https://conda-forge.org/, which is community driven and not anaconda).

As for dealing with pypi, it does integrate well enough for me (given that you can just pip install packages on the python for which conda is managing the env), but yes, the other way around isn't true (conda solves a bigger problem than pypi up to the point that it's possible to even have non-python tools available -- one real use case example I have here is having innosetup binaries as a tool in the PATH in some conda env for doing builds).

Note: I don't have any affiliation with any of that, these are just my preferences for managing python envs (when I'm developing pydevd, which is the debugger engine used in pydev/pycharm/vscode, many times I need to reproduce some weird env and before using conda that was pretty annoying).

pyenv is a poor cousin of rbenv, has such a poor cli api and a leaky abstraction over virtualenv (with its plugin for virtualenv)

did you mean pipenv instead? we suck at naming things (and pipenv has its share of issues, no arguments there).

Go's only flaw is the module system sucks. Java is rock solid and rolls up nicely into a fat jar.

I'm not sure using pyenv + poetry + click qualifies as a minimalist setup. I have never had to use pyenv as I figured out it was more robust to install the python versions directly from python.org and create the appropriate symlinks. Then using the venv module which has been included in python since 3.3. The argparser module of python is not that bad once you are used to it.

I'm not saying the tools and libs mentioned in the article shouldn't be used, it's just that they're not mandatory for whoever wants to stay close to the bare minimum.

It basically boils down to using pyenv, poetry and setting up the pyproject.toml and project src layout.

I read the comments before the article and was expecting a MUCH more complicated content and intricate bash, tool or config setups but it seems straightforward.

I feel everything else is part of getting started into professional software development (git, modern OS, env vars setup, bash or shell scripts, etc) which is it's own right complicated for newcomers.

I think deployment and packaging vary a lot depending on the target deploy env which is why I'm fine with it being left out of the article.

For adding a separate package in your filesystem, I believe using https://python-poetry.org/docs/dependency-specification/#pat... is what you are looking for

``` poetry add ../path/to/package ```

It'd be worth sharing the alternative minimalistic approach

``` python3 -m venv .venv

. .venv/bin/activate

pip install -e . ```

But is good for people who are willing to install those tools to simplify their work. I use pyenv and poetry when I can.

I don't do too much Python now, but I bookmarked this article to possibly use as a future reference.

No it isn't, it introduces at least two external tools of questionable necessity - pyenv and poetry when python comes with venv and pip natively.