Update packaging tutorial to allow installing dependencies when testing installation

In Packaging Python Projects - Python Packaging User Guide, the way you’re told to install your sample package is to run python3 -m pip install --index-url https://test.pypi.org/simple/ --no-deps example-package-YOUR-USERNAME-HERE.

I’m a volunteer helper at Python Discord, (https://www.pythondiscord.com/) and I’ve run into a couple instances where users that had already created a package with dependencies attempted to follow this guide, and got stuck on this step, because even after removing --no-deps, pip still refused to install their dependencies because the --index-url argument causes pip to consider only Test PyPI when looking for the dependencies.

Most newcomers [in Python Discord] expect --index-url to add to the search scope not replace it.
There is a note explaining that --no-deps is there to avoid installing something unexpected from Test PyPI, but it doesn’t really explain why the prod PyPI was excluded.

I don’t see any reason to block installations from prod PyPI; I’d like to propose changing --index-url to --extra-index-url and removing the --no-deps flag.

Though I don’t know why this guide was written this way in the first place, so I’m also here to ask about the history behind this, to make sure there’s not some reasoning for this that I’m unaware of.

The document says:

Create a virtual environment and install your package from TestPyPI:

python3 -m pip install --index-url https://test.pypi.org/simple/ --no-deps example-package-YOUR-USERNAME-HERE

You can test that it was installed correctly by importing the package. Make sure you’re still in your virtual environment, then run Python:

But of course that’s not true, in general - you can’t test that a package was installed correctly if you’ve specifically told pip not to install its dependencies.

It seems a bit weird that this is conflating testing the built package with testing the twine uploads. For testing the package itself, pip install dist/*.whl in a fresh virtualenv seems much more useful than pip install --index-url https://test.pypi.org/simple/ --no-deps packagename. It’s simpler and easier to explain, and it installs the dependencies, so you can actually test the installed package.

Testing that you can upload to TestPyPI is somewhat useful, for checking that your package follows the correct filename conventions and so on, but downloading from TestPyPI seems far less useful, especially if you need to supply --no-deps and so you can’t test the package you’ve installed.

Maybe using pip install --only-deps dist/*.whl first to install the dependencies into the venv from PyPI via the local wheel file would help?

That would probably be very dangerous because it doesn’t guarantee that only your package comes from test.pypi, and installing things from test.pypi is a very bad idea:

So maybe a better solution would be to remove that step from the guide entirely?

1 Like
1 Like