pypa
Getting and persisting additional metadata in `pip install`s
What's the problem this feature will solve?
I'm interested in learning how I can tell pip to keep track of where a particular package came from or stuff metadata for pip to track. For example, if I install a git clone-d package with pip install ., is there a way to make pip make note of additional metadata (git commit hash, git branch, is there local changes, etc) for lineage purposes?
Describe the solution you'd like
pip could record additional metadata via a config upon each install and can be accessed through something like pip list --verbose. This feature may already exist, I could just be not familiar enough in pip to find it.
Alternative Solutions
I discovered pip install --report and I believe I can use this as a way to correlate metadata (by looking at the install log and look for more metadata in the install report) but install reports get overwritten by subsequent installs so I won't be able to persist them nicely without some hacky log-rotation script. Are there plans to make --report append existing files?
Additional context
MRE on install --report overwriting existing files
### github.com/nedbat/coveragepy cloned into ~/coveragepy
(test) [bowiechen@bowiechen-mbp ~/coveragepy (master)]$ pip install .
(...)
(test) [bowiechen@bowiechen-mbp ~/coveragepy (master)]$ head -n 10 /tmp/pip.report
{
"version": "1",
"pip_version": "23.2.1",
"install": [
{
"download_info": {
"url": "file:///home/bowiechen/coveragepy",
"dir_info": {}
},
"is_direct": true,
(test) [bowiechen@bowiechen-mbp ~/coveragepy (master)]$ pip uninstall coverage -y
(test) [bowiechen@bowiechen-mbp ~/coveragepy (master)]$ pip install coverage
Collecting coverage
Obtaining dependency information for coverage from https://files.pythonhosted.org/packages/a9/1a/e2120233177b3e2ea9dcfd49a050748060166c74792b2b1db4a803307da4/coverage-7.4.3-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata
Using cached coverage-7.4.3-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl.metadata (8.2 kB)
Using cached coverage-7.4.3-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl (237 kB)
Installing collected packages: coverage
Successfully installed coverage-7.4.3
(test) [bowiechen@bowiechen-mbp ~/coveragepy (master)]$ head -n 10 /tmp/pip.report
{
"version": "1",
"pip_version": "23.2.1",
"install": [
{
"download_info": {
"url": "https://files.pythonhosted.org/packages/a9/1a/e2120233177b3e2ea9dcfd49a050748060166c74792b2b1db4a803307da4/coverage-7.4.3-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl",
"archive_info": {
"hash": "sha256=b3ec74cfef2d985e145baae90d9b1b32f85e1741b04cd967aaf9cfa84c1334f3",
"hashes": {
Version & Config
(test) [bowiechen@bowiechen-mbp ~/a (master)]$ pip -V
pip 23.2.1 from /home/bowiechen/.conda/envs/test/lib/python3.11/site-packages/pip (python 3.11)
(test) [bowiechen@bowiechen-mbp ~/a (master)]$ pip config debug
env_var:
env:
global:
/etc/xdg/pip/pip.conf, exists: False
/etc/pip.conf, exists: False
site:
/home/bowiechen/.conda/envs/test/pip.conf, exists: False
user:
/home/bowiechen/.pip/pip.conf, exists: True
global.log: /tmp/pip.log
install.report: /tmp/pip.report
/home/bowiechen/.config/pip/pip.conf, exists: False
(test) [bowiechen@bowiechen-mbp ~/a (master)]$ ls /tmp/pip.report /tmp/pip.log
ls: cannot access '/tmp/pip.report': No such file or directory
ls: cannot access '/tmp/pip.log': No such file or directory
Code of Conduct
- [X] I agree to follow the PSF Code of Conduct.
