Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Execute scripts from pyproject.toml, installing tools on-the-fly
Pyprojectx makes it easy to create all-inclusive Python projects; no need to install any tools upfront, not even Pyprojectx itself!
Tools that are specified within your pyproject.toml file will be installed on demand when invoked from Pyprojectx:
> ./pw black src
Collecting black ...
Successfully installed black-23.9.1 ...
All done! ✨ 🍰 ✨
18 files left unchanged.
Projects can be build/tested/used immediately without explicit installation nor initialization:
git clone https://github.com/pyprojectx/px-demo.git
cd px-demo
./pw build
One of the key features is that there is no need to install anything explicitly (except a Python 3.9+ interpreter).
cd
into your project directory and download the
wrapper scripts:
Linux/Mac
curl -LO https://github.com/pyprojectx/pyprojectx/releases/latest/download/wrappers.zip && unzip wrappers.zip && rm -f wrappers.zip
Windows
Invoke-WebRequest https://github.com/pyprojectx/pyprojectx/releases/latest/download/wrappers.zip -OutFile wrappers.zip; Expand-Archive -Path wrappers.zip -DestinationPath .; Remove-Item -Path wrappers.zip
Initialize a new or existing project by adding tools (on Windows, replace ./pw
with pw
):
./pw --add pdm,ruff,pre-commit,px-utils
./pw --install-context main
# invoke a tool via the wrapper script
./pw pdm --version
./pw ruff check src
# or activate the tool context
source .pyprojectx/main/activate
pdm --version
ruff check src
For reproducible builds and developer experience, it is recommended to lock the versions of the tools and add the generated pw.lock file to your repository:
./pw --lock
The tool.pyprojectx.aliases section in pyproject.toml can contain commandline aliases:
[tool.pyprojectx.aliases]
# convenience shortcuts
run = "poetry run"
test = "poetry run pytest"
lint = ["ruff check"]
check = ["@lint", "@test"]
Instead of calling the CLI of a tool directly, prefix it with ./pw
(pw
on Windows).
Examples:
./pw poetry add -D pytest
cd src
../pw lint
Aliases can be invoked as is or with extra arguments:
./pw poetry run my-script --foo bar
# same as above, but using the run alias
./pw run my-script --foo bar
git clone https://github.com/pyprojectx/pyprojectx.git
cd pyprojectx
./pw build
# Linux, Mac
export PYPROJECTX_PACKAGE=path/to/pyprojectx
ln -s $PYPROJECTX_PACKAGE/src/pyprojectx/wrapper/pw.py pw
# windows
set PYPROJECTX_PACKAGE=path/to/pyprojectx
mklink pw %PYPROJECTX_PACKAGE%\src\pyprojectx\wrapper\pw.py
# or copy the wrapper script if you can't create a symlink on windows
copy %PYPROJECTX_PACKAGE%\src\pyprojectx\wrapper\pw.py pw
FAQs
Execute scripts from pyproject.toml, installing tools on-the-fly
We found that pyprojectx demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.