pip freeze -r requirements.txt strips URLs

[adamsb6]

This is very similar to issue #43.

When running 'pip freeze -r requirements.txt', the output generated does not contain the package URLs specified in the referenced requirements.txt. For example, if I had a line like this in my requirements.txt:

http://mydomain.com/mypackage.tar.gz#egg=mypackage==1.0

Then the output associated with that line would just be:

mypackage==1.0

Subsequent runs of 'pip install -r requirements.txt' then fail, since mypackage is not in a repository that pip searches.

Ideally, if a user installed a package by referencing a URL, e.g.:

pip install http://mydomain.com/mypackage.tar.gz

Then a simple 'pip freeze' would contain that URL so that future pip runs install from it.

[carljm]

When pip installs a tarball from a specific URL, it currently doesn't record that "source" metadata with the installed package, so the only available metadata is the setup.py version, which is why that is what's reflected in the output of pip freeze.

It would be possible for pip to save the exact source line in a custom metadata file in the egg-info directory, and I think this would be reasonable. Then pip freeze could provide a more accurate representation of how things were originally installed.

Pull request welcome! (I think @dstufft may have also had some interest in working on this.)

[dstufft]

Yea i've been planning on storing the exact tarball, the requirements line, probably any other data about what and from where a package was installed from that I can locate. I havn't had time yet but it's something I plan on doing as soon as I can (if someone doesn't beat me).

[qwcode]

the open PR for this: #507

[ldshi]

How this issue still didn't get fixed? The #507 already got closed!

I think this is important: it is not a good manner that when u commit a project u commit all ur dependencies modules, better let the other people can rebuild the environment by just running 'pip install -r requirements.txt', but unfortunately, it will fail because pip strips the source url info.

Every time I need to manually maintain the requirements.txt just because 'pip freeze' will strip the info again and again.

[dstufft]

I'm going to close this. Directly referencing an URL like that is sort of fraught with issues, this being one of them. A better answer would be to do something like

-f https://example.com/example-1.0.tar.gz#egg=example-1.0

example==1.0

This should then work correctly.