Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
This library supports the building of wheels which, when installed, will
expose packages in a local directory on sys.path
in "editable mode". In
other words, changes to the package source will be reflected in the package
visible to Python, without needing a reinstall.
Suppose you want to build a wheel for your project foo
. Your project is
located in the directory /path/to/foo
. Under that directory, you have a
src
directory containing your project, which is a package called foo
and a Python module called bar.py
. So your directory structure looks like
this:
/path/to/foo
|
+-- src
| +-- foo
| | +-- __init__.py
| +-- bar.py
|
+-- setup.py
+-- other files
Build your wheel as follows:
from editables import EditableProject
my_project = EditableProject("foo", "/path/to/foo")
my_project.add_to_path("src")
# Build a wheel however you prefer...
wheel = BuildAWheel()
# Add files to the wheel
for name, content in my_project.files():
wheel.add_file(name, content)
# Record any runtime dependencies
for dep in my_project.dependencies():
wheel.metadata.dependencies.add(dep)
The resulting wheel will, when installed, put the project src
directory on
sys.path
so that editing the original source will take effect without needing
a reinstall (i.e., as "editable" packages). The project is exposed on sys.path
by adding a single .pth
file, named after the project, into the wheel.
For more details, including how to control what gets exposed more precisely, see the documentation.
Note that this project doesn't build wheels directly. That's the responsibility of the calling code.
This project supports the same versions of Python as pip does. Currently that is Python 3.7 and later, and PyPy3 (although we don't test against PyPy).
FAQs
Editable installations
We found that editables demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.