With Python, the best practice of pinning all the packages in an environment at a specific version ensures that the environment can be reproduced months or even years later.
- Pinned packages in a requirements.txt file are denoted by ==. For example, requests==2.21.0. Pinned packages should never be updated except for a very good reason, such as to fix a critical bug or vulnerability.
- Conversely, unpinned packages are typically denoted by >=, which indicates that the package can be replaced by a later version. Unpinned packages are more common in development environments, where the latest version can offer bug fixes, security patches and even new functionality.
As packages age, many of them are likely to have vulnerabilities and bugs logged against them. In order to maintain the security and performance of your application, you’ll need to update these packages to a newer version that fixes the issue.
The pip package manager can be used to update one or more packages system-wide. However, if your deployment is located in a virtual environment, you should use the Pipenv package manager to update all Python packages.
NOTE: be aware that upgrading packages can break your environment by installing incompatible dependencies. This is because pip and pipenv do not resolve dependencies, unlike the ActiveState Platform. To ensure your environment doesn’t break on upgrade, you can sign up for a free ActiveState Platform account and import your current requirements.txt, ready to be upgraded.
Python Package Upgrade Checklist
In general, you can use the following steps to perform a package upgrade:
1. Check that Python is installed
Before packages can be updated, ensure that a Python installation containing the necessary files needed for updating packages is in place by following the steps outlined in <Installation Requirements>
2. Get a list of all the outdated packages
To generate a list of all outdated packages:
pip list --outdated
3. Upgrade outdated packages
Depending on your operating system or virtual environment, refer to the following sections.
Update all Python Packages on Windows
The easiest way to update all packages in a Windows environment is to use pip in conjunction with Windows PowerShell:
- Open a command shell by typing ‘powershell’ in the Search Box of the Task bar
- Enter:
pip freeze | %{$_.split('==')[0]} | %{pip install --upgrade $_}
This will upgrade all packages system-wide to the latest version available in the Python Package Index (PyPI).
Update all Python Packages on Linux
Linux provides a number of ways to use pip in order to upgrade Python packages, including grep and awk.
To upgrade all packages using pip with grep on Ubuntu Linux:
pip3 list --outdated --format=freeze | grep -v '^\-e' | cut -d = -f 1 | xargs -n1 pip3 install -U
To upgrade all packages using pip with awk on Ubuntu Linux:
pip3 list -o | cut -f1 -d' ' | tr " " "\n" | awk '{if(NR>=3)print}' | cut -d' ' -f1 | xargs -n1 pip3 install -UUpdating Python Packages on Windows or Linux
Pip can be used to upgrade all packages on either Windows or Linux:
- Output a list of installed packages into a requirements file (requirements.txt):
pip freeze > requirements.txt
- Edit requirements.txt, and replace all ‘==’ with ‘>=’. Use the ‘Replace All’ command in the editor.
- Upgrade all outdated packages:
pip install -r requirements.txt --upgrade
Updating all Packages in a Virtual Environment
The easiest way to update unpinned packages (i.e., packages that do not require a specific version) in a virtual environment is to run the following Python script that makes use of pip:
import pkg_resourcesfrom subprocess import callfor dist in pkg_resources.working_set:call("python -m pip install --upgrade " + dist.<projectname>, shell=True)Updating all Packages in a Pipenv Environment
The simplest way to update all the unpinned packages in a specific virtual environment created with pipenv is to do the following steps:
- Activate the Pipenv shell that contains the packages to be upgraded:
pipenv shell
- Upgrade all packages:
pipenv update
Modern way to manage Python packages – ActiveState Platform
The ActiveState Platform is a cloud-based build automation anddependencymanagementtool forPython. It providesdependencyresolution for:
- Pythonlanguage cores, includingPython2.7 andPython3.5+
- Pythonpackagesand theirdependencies, including:
- Transitivedependencies(ie.,dependenciesofdependencies)
- Linked C and Fortran libraries, so you can build data science packages
- Operating system-leveldependenciesfor Windows,Linux, and macOS
- Shareddependencies(ie., OpenSSL)
The ActiveState Platform is the onlyPythonpackagemanagement solution that not only resolvesdependenciesbut also provides workarounds fordependencyconflicts.
Simply following the instruction prompts will resolve the conflict, eliminatingdependencyhell.
You can try the ActiveState Platform for free bycreating an account using your email or yourGitHubcredentials. Start by creating a new Python project, pick thelatest versionthat applies to your project, your OS and start to add packages. Or start by simply importing yourrequirements.txtfileand creating aPython versionwith all the packages you need. The Platform will automatically pick the rightpackage versionsfor your environment to ensure security and reproducibility.
Watch thistutorialto learnhow to use the ActiveState Platformto create aPython 3.9 environment, and then use thePlatform’sCommand-LineInterface (State Tool)to install and manage it.
Ready to see for yourself? You can try the ActiveState Platform bysigning up for a free account using your email orGitHubcredentials.
Just run the following command to install Python 3.9 and our package manager, the State Tool:
Windows
powershell -Command "& $([scriptblock]::Create((New-Object Net.WebClient).DownloadString('https://platform.activestate.com/dl/cli/install.ps1'))) -activate-default ActiveState-Labs/Python-3.9Beta"Linux
sh <(curl -q https://platform.activestate.com/dl/cli/install.sh) --activate-default ActiveState-Labs/Python-3.9Beta
Now you can runstate install <packagename>.Learn more abouthow to use the State Toolto manage your Python environment. Orsign up for a free demo and let us show you how it can help improve your dev team’s workflow by compiling Python packages and resolve dependencies in minutes.
Related Links
- How to Download Python Packages
- How To Install Python Packages Using A Script
- How To List Installed Python Packages
- Understanding Python Packages
- Learn More About ActivePython
Frequently Asked Questions
Can I pip update all Python packages?
You can pip update all Python packages system-wide to the latest version available in the Python Package Index (PyPI) by running the following command:pip install -r requirements.txt --upgrade
NOTE: The above command assumes all dependencies listed in requirements.txt are upgradeable (ie. are set to >= some version rather than == some version).
Understanding Python packages, modules and libraries.
How do I pip update individual packages in Python?
To update individual packages in Python, run the following command:pip install <packagename> --upgrade
Where packagename is the name of the package to be upgraded.
Learn more about how to install Python packages on Windows.
How do I pip install all Python packages at once?
To install all Python packages at once for your project, first create a requirements.txt file that contains all the packages you need, then run the following command:pip install -r requirements.txt
Learn more about requirements.txt and dependencies.
Can I use pip to update Python?
No, you cannot upgrade Python versions with pip. Pip can only be used to update packages, not Python.
If you want to upgrade Python, download a recent version like the ActivePython installer for Windows, Mac or Linux.
