A small tool to view real-world ActivityPub objects as JSON! Enter a URL
or username from Mastodon or a similar service below, and we'll send a
request with
the right
Accept
header
to the server to view the underlying object.
{
"@context": [
"https://join-lemmy.org/context.json",
"https://www.w3.org/ns/activitystreams"
],
"type": "Page",
"id": "https://programming.dev/post/25536275",
"attributedTo": "https://programming.dev/u/logging_strict",
"to": [
"https://programming.dev/c/python",
"https://www.w3.org/ns/activitystreams#Public"
],
"name": "Dependency management",
"cc": [],
"content": "<h3>Market research</h3>\n<p>This post is only about dependency management, not package management, not build backends.</p>\n<p>You know about these:</p>\n<ul>\n<li>\n<p>uv</p>\n</li>\n<li>\n<p>poetry</p>\n</li>\n<li>\n<p>pipenv</p>\n</li>\n</ul>\n<p>You are probably not familiar with:</p>\n<ul>\n<li>\n<p>pip-compile-multi</p>\n<p>(toposort, pip-tools)</p>\n</li>\n</ul>\n<p>You are defintely unfamiliar with:</p>\n<ul>\n<li>\n<p>wreck</p>\n<p>(pip-tools, pip-requirements-parser)</p>\n</li>\n</ul>\n<p><strong>pip-compile-multi</strong> creates lock files. Has no concept of unlock files.</p>\n<p><strong>wreck</strong> produces both lock and unlock files. venv aware.</p>\n<p>Both sync dependencies across requirement files</p>\n<p>Both act only upon requirements files, not venv(s)</p>\n<h3>Up to speed with wreck</h3>\n<p>You are familiar with <code>.in</code> and <code>.txt</code> requirements files.</p>\n<p><code>.txt</code> is split out into <code>.lock</code> and <code>.unlock</code>. The later is for packages which are not apps.</p>\n<p>Create <code>.in</code> files that are interlinked with <code>-r</code> and <code>-c</code>. No editable builds. No urls.</p>\n<p>(If this is a deal breaker feel free to submit a PR)</p>\n<h4>pins files</h4>\n<p><code>pins-*.in</code> are for common constraints. The <strong>huge advantage</strong> here is to document why?</p>\n<p>Without the documentation even the devs has no idea whether or not the constraint is still required.</p>\n<p><code>pins-*.in</code> file are split up to tackle one issue. The beauty is the issue must be documented with enough details to bring yourself up to speed.</p>\n<p>Explain the origin of the issue in terms a 6 year old can understand.</p>\n<h3>Configuration</h3>\n<p><code>python -m pip install wreck</code></p>\n<p>This is logging-strict <code>pyproject.toml</code></p>\n<pre style=\"background-color:#ffffff;\">\n<span style=\"color:#323232;\">\n</span><span style=\"color:#323232;\">[tool.wreck]\n</span><span style=\"color:#323232;\">create_pins_unlock = false\n</span><span style=\"color:#323232;\">\n</span><span style=\"color:#323232;\">[[tool.wreck.venvs]]\n</span><span style=\"color:#323232;\">venv_base_path = '.venv'\n</span><span style=\"color:#323232;\">reqs = [\n</span><span style=\"color:#323232;\"> 'requirements/dev',\n</span><span style=\"color:#323232;\"> 'requirements/kit',\n</span><span style=\"color:#323232;\"> 'requirements/pip',\n</span><span style=\"color:#323232;\"> 'requirements/pip-tools',\n</span><span style=\"color:#323232;\"> 'requirements/prod',\n</span><span style=\"color:#323232;\"> 'requirements/manage',\n</span><span style=\"color:#323232;\"> 'requirements/mypy',\n</span><span style=\"color:#323232;\"> 'requirements/tox',\n</span><span style=\"color:#323232;\">]\n</span><span style=\"color:#323232;\">\n</span><span style=\"color:#323232;\">[[tool.wreck.venvs]]\n</span><span style=\"color:#323232;\">venv_base_path = '.doc/.venv'\n</span><span style=\"color:#323232;\">reqs = [\n</span><span style=\"color:#323232;\"> 'docs/requirements',\n</span><span style=\"color:#323232;\">]\n</span><span style=\"color:#323232;\">\n</span><span style=\"color:#323232;\">dynamic = [\n</span><span style=\"color:#323232;\"> "optional-dependencies",\n</span><span style=\"color:#323232;\"> "dependencies",\n</span><span style=\"color:#323232;\"> "version",\n</span><span style=\"color:#323232;\">]\n</span><span style=\"color:#323232;\">\n</span><span style=\"color:#323232;\">[tool.setuptools.dynamic]\n</span><span style=\"color:#323232;\">dependencies = { file = ["requirements/prod.unlock"] }\n</span><span style=\"color:#323232;\">optional-dependencies.pip = { file = ["requirements/pip.lock"] }\n</span><span style=\"color:#323232;\">optional-dependencies.pip_tools = { file = ["requirements/pip-tools.lock"] }\n</span><span style=\"color:#323232;\">optional-dependencies.dev = { file = ["requirements/dev.lock"] }\n</span><span style=\"color:#323232;\">optional-dependencies.manage = { file = ["requirements/manage.lock"] }\n</span><span style=\"color:#323232;\">optional-dependencies.docs = { file = ["docs/requirements.lock"] }\n</span><span style=\"color:#323232;\">version = {attr = "logging_strict._version.__version__"}\n</span><span style=\"color:#323232;\">\n</span></pre>\n<p>Look how short and simple that is.</p>\n<p>The only thing you have to unlearn is being so timid.</p>\n<p>More venvs. More constraints and requirements complexity.</p>\n<h4>Do it</h4>\n<pre style=\"background-color:#ffffff;\">\n<span style=\"color:#323232;\">mkdir -p .venv || :;\n</span><span style=\"color:#323232;\">pyenv version > .venv/python-version\n</span><span style=\"color:#323232;\">python -m venv .venv\n</span><span style=\"color:#323232;\">\n</span><span style=\"color:#323232;\">mkdir -p .doc || :;\n</span><span style=\"color:#323232;\">echo "3.10.14" > .doc/python-version\n</span><span style=\"color:#323232;\">cd .doc && python -m venv .venv; cd - &>/dev/null\n</span><span style=\"color:#323232;\">\n</span><span style=\"color:#323232;\">. .venv/bin/activate\n</span><span style=\"color:#323232;\"># python -m pip install wreck\n</span><span style=\"color:#323232;\">reqs fix --venv-relpath='.venv'\n</span></pre>\n<p>There will be no <strong>avoidable</strong> resolution conflicts.</p>\n<p>Preferable to do this within <a href=\"https://raw.githubusercontent.com/msftcangoblowm/logging-strict/refs/heads/master/tox-req.ini\" rel=\"nofollow\">tox-reqs.ini</a></p>\n<h4>Details</h4>\n<p>TOML file format expects paths to be single quoted. The paths are relative without the <strong>last</strong> file suffix.</p>\n<p>If pyproject.toml not in the cwd, <code>–path=‘path to pyproject.toml’</code></p>\n<p><code>create_pins_unlock = false</code> tells <strong>wreck</strong> to not produce .unlock files for <code>pins-*.in</code> files.</p>\n<h4>DANGER</h4>\n<p>This is not for a faint of heart. If you can avoid it. This is for the folks who often say, <code>Oh really, hold my beer!</code></p>\n<p>For pins that span venv, add the file suffix <code>.shared</code></p>\n<p>e.g. <code>pins-typing.shared.in</code></p>\n<p><strong>wreck</strong> deals with one venv at a time. Files that span venv have to be dealt with manually and carefully.</p>\n<h3>Issues</h3>\n<ol>\n<li>\n<p>no support for editable builds</p>\n</li>\n<li>\n<p>no url support</p>\n</li>\n<li>\n<p>no hashs</p>\n</li>\n<li>\n<p>your eyes will tire and brains will splatter on the wall, from all the eye rolling after sifting thru endless posts on uv and poetry and none about pip-compile-multi or wreck</p>\n</li>\n<li>\n<p>Some folks love having all dependency managed within pyproject.toml These folks are deranged and its impossible to convince them otherwise. pyproject.toml is a config file, not a database. It should be read only.</p>\n</li>\n<li>\n<p>a docs link on pypi.org is 404. Luckily there are two docs links. Should really just fix that, but it’s left like that to see if anyone notices. No one did.</p>\n</li>\n</ol>\n",
"mediaType": "text/html",
"source": {
"content": "### Market research\n\nThis post is only about dependency management, not package management, not build backends.\n\nYou know about these:\n\n- uv\n\n- poetry\n\n- pipenv\n\nYou are probably not familiar with:\n\n- pip-compile-multi\n\n (toposort, pip-tools)\n\nYou are defintely unfamiliar with:\n\n- wreck\n\n (pip-tools, pip-requirements-parser)\n\n**pip-compile-multi** creates lock files. Has no concept of unlock files.\n\n**wreck** produces both lock and unlock files. venv aware. \n\nBoth sync dependencies across requirement files\n\nBoth act only upon requirements files, not venv(s)\n\n### Up to speed with wreck\n\nYou are familiar with `.in` and `.txt` requirements files.\n\n`.txt` is split out into `.lock` and `.unlock`. The later is for packages which are not apps.\n\nCreate `.in` files that are interlinked with `-r` and `-c`. No editable builds. No urls.\n\n(If this is a deal breaker feel free to submit a PR)\n\n#### pins files\n\n`pins-*.in` are for common constraints. The **huge advantage** here is to document why?\n\nWithout the documentation even the devs has no idea whether or not the constraint is still required.\n\n`pins-*.in` file are split up to tackle one issue. The beauty is the issue must be documented with enough details to bring yourself up to speed.\n\nExplain the origin of the issue in terms a 6 year old can understand.\n\n### Configuration\n\n`python -m pip install wreck`\n\nThis is logging-strict `pyproject.toml`\n\n```\n\n[tool.wreck]\ncreate_pins_unlock = false\n\n[[tool.wreck.venvs]]\nvenv_base_path = '.venv'\nreqs = [\n 'requirements/dev',\n 'requirements/kit',\n 'requirements/pip',\n 'requirements/pip-tools',\n 'requirements/prod',\n 'requirements/manage',\n 'requirements/mypy',\n 'requirements/tox',\n]\n\n[[tool.wreck.venvs]]\nvenv_base_path = '.doc/.venv'\nreqs = [\n 'docs/requirements',\n]\n\ndynamic = [\n \"optional-dependencies\",\n \"dependencies\",\n \"version\",\n]\n\n[tool.setuptools.dynamic]\ndependencies = { file = [\"requirements/prod.unlock\"] }\noptional-dependencies.pip = { file = [\"requirements/pip.lock\"] }\noptional-dependencies.pip_tools = { file = [\"requirements/pip-tools.lock\"] }\noptional-dependencies.dev = { file = [\"requirements/dev.lock\"] }\noptional-dependencies.manage = { file = [\"requirements/manage.lock\"] }\noptional-dependencies.docs = { file = [\"docs/requirements.lock\"] }\nversion = {attr = \"logging_strict._version.__version__\"}\n\n```\n\nLook how short and simple that is.\n\nThe only thing you have to unlearn is being so timid.\n\nMore venvs. More constraints and requirements complexity.\n\n#### Do it\n\n```\nmkdir -p .venv || :;\npyenv version > .venv/python-version\npython -m venv .venv\n\nmkdir -p .doc || :;\necho \"3.10.14\" > .doc/python-version\ncd .doc && python -m venv .venv; cd - &>/dev/null\n\n. .venv/bin/activate\n# python -m pip install wreck\nreqs fix --venv-relpath='.venv'\n```\nThere will be no **avoidable** resolution conflicts.\n\nPreferable to do this within [tox-reqs.ini](https://raw.githubusercontent.com/msftcangoblowm/logging-strict/refs/heads/master/tox-req.ini)\n\n#### Details\n\nTOML file format expects paths to be single quoted. The paths are relative without the **last** file suffix.\n\nIf pyproject.toml not in the cwd, `--path='path to pyproject.toml'`\n\n`create_pins_unlock = false` tells **wreck** to not produce .unlock files for `pins-*.in` files.\n\n#### DANGER\n\nThis is not for a faint of heart. If you can avoid it. This is for the folks who often say, `Oh really, hold my beer!`\n\nFor pins that span venv, add the file suffix `.shared`\n\ne.g. `pins-typing.shared.in`\n\n**wreck** deals with one venv at a time. Files that span venv have to be dealt with manually and carefully.\n\n### Issues\n\n1. no support for editable builds\n\n2. no url support\n\n3. no hashs\n\n4. your eyes will tire and brains will splatter on the wall, from all the eye rolling after sifting thru endless posts on uv and poetry and none about pip-compile-multi or wreck\n\n5. Some folks love having all dependency managed within pyproject.toml These folks are deranged and its impossible to convince them otherwise. pyproject.toml is a config file, not a database. It should be read only.\n\n6. a docs link on pypi.org is 404. Luckily there are two docs links. Should really just fix that, but it's left like that to see if anyone notices. No one did.",
"mediaType": "text/markdown"
},
"attachment": [
{
"href": "https://pypi.org/project/wreck",
"mediaType": "text/html; charset=utf-8",
"type": "Link"
}
],
"image": {
"type": "Image",
"url": "https://raw.githubusercontent.com/msftcangoblowm/wreck/refs/heads/master/docs/_static/wreck-logo-1.svg"
},
"sensitive": false,
"published": "2025-02-16T06:57:34.047449Z",
"updated": "2025-02-16T09:42:36.022435Z",
"audience": "https://programming.dev/c/python",
"tag": [
{
"href": "https://programming.dev/post/25536275",
"name": "#python",
"type": "Hashtag"
}
]
}