Python requirements.txt Generator

Generate Python requirements.txt files with presets for Django, FastAPI, Flask, Data Science, ML, LLM, testing, and CLI development. Copy-ready with version pinning options.

Advertisement

What Is requirements.txt

requirements.txt is the standard dependency specification file for Python projects. It lists the Python packages required to run the project, optionally with version constraints, enabling anyone to recreate the exact environment using pip install -r requirements.txt. This file is the Python ecosystem's equivalent of package.json (Node.js) or Gemfile (Ruby).

This tool generates properly formatted requirements.txt files with common packages for various Python project types, including version pinning best practices and dependency grouping.

Dependency Specification Syntax

SyntaxMeaningExample
packageLatest versionrequests
package==1.2.3Exact versionrequests==2.31.0
package>=1.2.0Minimum versionrequests>=2.28.0
package>=1.2,<2.0Version rangerequests>=2.28.0,<3.0.0
package~=1.2Compatible release (~=1.2 means >=1.2,<2.0)requests~=2.31
package[extra]With optional dependenciesrequests[security]
-r other.txtInclude another requirements file-r base.txt
-e ./local-pkgEditable install from local path-e ./my-library

Common Use Cases

  • New project setup: Generate a requirements.txt with common packages for your project type (web API, data science, machine learning, CLI tool, scraping)
  • Environment reproducibility: Pin exact versions to ensure all team members and CI/CD pipelines use identical package versions
  • Docker image building: Include requirements.txt in Docker builds for consistent, reproducible container images
  • Virtual environment documentation: Document which packages a virtual environment contains for onboarding new developers
  • Dependency auditing: Review installed packages for known vulnerabilities using tools like pip-audit or safety

Best Practices

  1. Pin exact versions in production — Use == for production requirements to ensure reproducible deployments. Generated with: pip freeze > requirements.txt
  2. Use separate requirements files — Maintain requirements.txt (production), requirements-dev.txt (development tools), and requirements-test.txt (testing dependencies).
  3. Audit dependencies regularly — Run pip-audit or safety check to scan for packages with known CVEs. Set up automated scanning in CI/CD.
  4. Use virtual environments always — Never install project dependencies globally. Use venv, virtualenv, or conda to isolate project dependencies.
  5. Consider modern alternatives — For new projects, evaluate pyproject.toml (PEP 621) with pip, Poetry, or PDM as more modern dependency management approaches that offer lock files and dependency resolution.
  6. Hash-check for security — Use --require-hashes with pip to verify package integrity: pip install --require-hashes -r requirements.txt. This prevents supply chain attacks through tampered packages.
Advertisement

Frequently Asked Questions

What is the difference between == and ~= version specifiers?+

== pins an exact version (flask==2.3.0). = allows compatible releases (flask=2.3.0 allows 2.3.x but not 2.4.0). >= allows any newer version. Use == for reproducible builds, ~= for patch updates, and >= cautiously.

Should I pin all dependencies or use ranges?+

For applications, pin exact versions for reproducibility. For libraries, use ranges to avoid conflicts with other packages. Always use a lock file (pip-tools, poetry.lock) to capture the full dependency tree.

How do I export my current environment to requirements.txt?+

Use pip freeze > requirements.txt. For cleaner output without subdependencies, use pip-compile from pip-tools or pipreqs to scan imports in your code. Poetry users can export with poetry export.

What are extras and how do I specify them?+

Extras are optional dependencies for specific features. Specify them in brackets: fastapi[all], pytest[dev]. This installs the main package plus additional dependencies for that feature set.

This tool is provided for informational and educational purposes only. All processing happens in your browser — no data is sent to or stored on our servers. While we strive for accuracy, we make no warranties about the completeness or reliability of results.