Automatically generate Pipfile.lock on install/uninstall
See original GitHub issueIt’s not clear to me why pipenv lock
is a separate command that the user must remember to invoke. This introduces something easily forgettable into the pipenv workflow which can ultimately lead to, say, committing but forgetting to add your dependencies (which is a pitfall already true of normal pip/virtualenv workflows).
It would be great to have the lockfile automatically regenerated on pipenv install
and pipenv uninstall
. This brings pipenv more in line with tools like Yarn and Bundler, which make it hard to get your dependency info into an inaccurate state.
E.g. running yarn add underscore
will both insert underscore into package.json and add a locked version to yarn.lock. I think it’s natural that pipenv install requests
should add requests to the Pipfile and the new locked versions to Pipfile.lock.
Issue Analytics
- State:
- Created 6 years ago
- Reactions:4
- Comments:11 (8 by maintainers)
Top GitHub Comments
That involved way too much work, but i’m happy with the results 😃
Just echoing feedback as an end user that the separate lock command is surprising given what I’d expect coming from other deterministic package management solutions, and not totally foolproof.
yarn
is a model example here and as I feel it, automated management of the lock file is the distinct user interface improvement of yarn over npm. You could make earlier versions of npm behave deterministically, but remembering to shrinkwrap was always a pain.Just adding an additional voice in support of this issue. I totally understand the performance constraints, and thanks to everyone for all the work that’s gone into pipenv!