List only outdated pip packages mentioned in requirements file

Question

I can use pip list -o to get a list of outdated packages but I would like to only get a list of outdated packages which are listed in a particular requirements file. Basically the equivalent of pip freeze -r requirements.txt for outdated packages.

I could use --not-required but this would still list packages installed which are installed but not listed in the requirements file.

Possible duplicate of: https://superuser.com/questions/259474/find-outdated-updatable-pip-packages — Dakkaron, Dec 06 '18 at 12:34

score 7 · Accepted Answer · answered Dec 06 '18 at 12:37

7

Use this tool: https://github.com/simion/pip-upgrader

All you have to do is the following:

pip install pip-upgrader
pip-upgrade

This then walks you through all packages that can be upgraded in the requirements.txt in an interactive fashion.

answered Dec 06 '18 at 12:37

Dakkaron

5,930
2
36
51

2

As of March 25, 2021, [pip-upgrader](https://github.com/simion/pip-upgrader) is unmaintained. The author of pip-upgrader is using [poetry](https://python-poetry.org/). – Matthew Rankin May 19 '22 at 12:25

phk · Answer 2 · 2019-07-02T07:15:38.867

2

Came up with a solution in form of a bash snippet while writing the question:

join -t= \
  <(python -m pip list -o --format=freeze | sort) \
  <(awk -F== '{ print $1 }' requirements.txt | sort)

edited Jul 02 '19 at 07:15

answered Dec 04 '18 at 10:11

phk

2,002
1
29
54

score 1 · Answer 3 · answered Feb 02 '23 at 20:14

If you want to upgrade your dependencies without also upgrading your requirements.txt, you can utilize pip install --upgrade. This will only make sense if your requirements.txt doesn't freeze exact versions, but rather provides either no version requirements at all, or allows version ranges. You can then utilize pip install --report:

pip install --upgrade -r requirements.txt --dry-run --report - --quiet 2> /dev/null \
    | jq -r '.install[] | "\(.metadata.name)  \(.metadata.version)"'

Since pip install --report is printing a report in JSON, you'll need jq. By now basically any distribution should have it in its repository, if it's not already pre-installed.

You might want to think about using pip install --user.

Let me explain:

(pip install) --upgrade tells pip to not only check whether the required packages are installed, but also whether there are newer versions of the required packages available
(pip install) -r requirements.txt tells pip to read the packages to install from your requirements.txt
(pip install) --dry-run tells pip to only print what it would do (i.e. don't install anything)
(pip install) --report - tells pip to create a JSON report about what it does (or better: would do since --dry-run was given); the - tells pip to print the report to stdout
(pip install) --quiet and the >&2 /dev/null pipe tells pip to not output anything and interfere with report generation
jq reads pip's report from STDIN and prints the package name and latest version of available updates in the form name-of-package version-of-package (the report JSON looks like the following: { "install": [ { "metadata": { "name": "name-of-first-package", "version": "version-of-first-package", … }, … }, { "metadata": { "name": "name-of-second-package", "version": "version-of-second-package", … }, … }, … ], … })

Here's an example:

$ pip install --upgrade -r requirements.txt --dry-run --report - --quiet 2> /dev/null | jq -r '.install[] | "\(.metadata.name)  \(.metadata.version)"'
imaplib2  3.6
urllib3  1.25.11

List only outdated pip packages mentioned in requirements file

3 Answers3