What is the difference between == and ~= version specifiers?

== pins an exact version (flask==2.3.0). ~= allows compatible releases (flask~=2.3.0 allows 2.3.x but not 2.4.0). >= allows any newer version. Use == for reproducible builds, ~= for patch updates, and >= cautiously.

Should I pin all dependencies or use ranges?

For applications, pin exact versions for reproducibility. For libraries, use ranges to avoid conflicts with other packages. Always use a lock file (pip-tools, poetry.lock) to capture the full dependency tree.

How do I export my current environment to requirements.txt?

Use pip freeze > requirements.txt. For cleaner output without subdependencies, use pip-compile from pip-tools or pipreqs to scan imports in your code. Poetry users can export with poetry export.

What are extras and how do I specify them?

Extras are optional dependencies for specific features. Specify them in brackets: fastapi[all], pytest[dev]. This installs the main package plus additional dependencies for that feature set.

Python requirements.txt Generator - Package Presets & Templates

What Is requirements.txt

requirements.txt is the standard dependency specification file for Python projects. It lists the Python packages required to run the project, optionally with version constraints, enabling anyone to recreate the exact environment using pip install -r requirements.txt. This file is the Python ecosystem's equivalent of package.json (Node.js) or Gemfile (Ruby).

This tool generates properly formatted requirements.txt files with common packages for various Python project types, including version pinning best practices and dependency grouping.

Dependency Specification Syntax

Syntax	Meaning	Example
package	Latest version	requests
package==1.2.3	Exact version	requests==2.31.0
package>=1.2.0	Minimum version	requests>=2.28.0
package>=1.2,<2.0	Version range	requests>=2.28.0,<3.0.0
package~=1.2	Compatible release (~=1.2 means >=1.2,<2.0)	requests~=2.31
package[extra]	With optional dependencies	requests[security]
-r other.txt	Include another requirements file	-r base.txt
-e ./local-pkg	Editable install from local path	-e ./my-library

Common Use Cases

New project setup: Generate a requirements.txt with common packages for your project type (web API, data science, machine learning, CLI tool, scraping)
Environment reproducibility: Pin exact versions to ensure all team members and CI/CD pipelines use identical package versions
Docker image building: Include requirements.txt in Docker builds for consistent, reproducible container images
Virtual environment documentation: Document which packages a virtual environment contains for onboarding new developers
Dependency auditing: Review installed packages for known vulnerabilities using tools like pip-audit or safety

Best Practices

Pin exact versions in production — Use == for production requirements to ensure reproducible deployments. Generated with: pip freeze > requirements.txt
Use separate requirements files — Maintain requirements.txt (production), requirements-dev.txt (development tools), and requirements-test.txt (testing dependencies).
Audit dependencies regularly — Run pip-audit or safety check to scan for packages with known CVEs. Set up automated scanning in CI/CD.
Use virtual environments always — Never install project dependencies globally. Use venv, virtualenv, or conda to isolate project dependencies.
Consider modern alternatives — For new projects, evaluate pyproject.toml (PEP 621) with pip, Poetry, or PDM as more modern dependency management approaches that offer lock files and dependency resolution.
Hash-check for security — Use --require-hashes with pip to verify package integrity: pip install --require-hashes -r requirements.txt. This prevents supply chain attacks through tampered packages.

Python requirements.txt Generator

DevOps & Development Experts

What Is requirements.txt

Dependency Specification Syntax

Common Use Cases

Best Practices

Frequently Asked Questions