Version control of dependencies

Asked

Viewed 78 times

2

Use python, Django on a server with CloudFoundry installed. There, I can keep my requirements.txt with all the dependencies of my application and, for security, I always keep the exact name of the version of each plugin to avoid unexpected crashes for incompatibility with new versions.

Werkzeug==1.0.0.2
Django==1.11

What are the best practices to follow the versions of my dependencies in a "serious" (large) application? I subscribe to each plugin’s email distribution lists to receive update information but they don’t always exist.

I imagine this question is applicable to other environments/frameworks.

  • If instead of me asking the best ones, I asked what options are available, would I reopen? Or is it still too wide?

1 answer

2

I have seen some projects using external service Badges like the https://requires.io/

They have free plans for open source projects and paid plans.

You can also run pip list -o that will list the packages that have update available, you can put this command running once a day on your CI and have an alert if the command has some output.

  • The requires.io seemed very interesting to those who use Github. I’ll leave the question open for now, to see if I see any examples of large production applications.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.