+ 12

[Python] Forced "pip install" if ModuleNotFoundError

What is your stance towards a forced installation of a needed module when your particular Python installation doesn't have one? I wrote a code that when run, imports needed modules and if any of them is not found, it asks a user if it can "pip install" it. However, I don't have any control over dependencies and it might overwhelm the user if he sees too many packages being installed. So is it a good or bad practice? Same question goes to version checking and letting the user upgrade/downgrade as needed...

4th Feb 2018, 8:12 PM
Kuba Siekierzyński
Kuba Siekierzyński - avatar
7 odpowiedzi
+ 7
@Kuba give this a read, it may interest or help you. https://www.google.com/amp/s/www.nylas.com/blog/packaging-deploying-JUMP_LINK__&&__python__&&__JUMP_LINK/%3fhs_amp=true Deploying with a virtual environment would usually be an ideal option, but is not always feasible. There are also several wrappers/containers or binary conversion tools that may be able to help with this. (I'm sure you're aware). That being said I personally don't have an issue with version and dependency checking and then asking the end user to install the needed requirements, but if we're talking about 10+ or so needed then this could also be a deterrent for a user and may create installation issues as you may also be dependent on dependency servers outside of your control. This could result in partial dependency installations etc that may result in issues with the users main python installation and give the illusion that the issue is with your software. You may be able to check the machines main python version and if pip and virtualenv are installed to it and then ask the user to install the these required dependencies via your script or otherwise, and then programmatically create a venv that your program will use for the current and future versions, installing all other dependencies to the venv and updating it as needed so as not to mess with the users main python installation. This would also give you more control, as you can recreate the venv, delete, install, uninstall corrupt, needed, un-needed dependecies as required without effecting the users main python installation.
4th Feb 2018, 9:10 PM
ChaoticDawg
ChaoticDawg - avatar
+ 9
I don't know about a professional stance, but a forced installation is bad in my eyes, since a user should understand what they're installing. Plus, a dependency can contain harmful code if not reviewed. Sounds unlikely, but harmful modules posing as other modules or useful modules do exist!
5th Feb 2018, 12:19 AM
Ahri Fox
Ahri Fox - avatar
+ 8
in Germany we know the DAU = dümmster anzunehmender User = silliest user one can imagine he might be a bit confused. Users with a little knowledge should have a rough idea about pip. A very defensive way could be a temporary env. Python should be able to create and delete one.
4th Feb 2018, 8:51 PM
Oma Falk
Oma Falk - avatar
+ 8
There is another point: updating modules might lead to crashes of existing programs which need a special version of a module.
4th Feb 2018, 9:16 PM
Oma Falk
Oma Falk - avatar
+ 8
I don't know about the versions but I wouldn't like unknown packages getting downloaded as the packages on PyPi are not checked for malware, unless it is explicitly stated otherwise.
5th Feb 2018, 12:51 AM
Harsh
Harsh - avatar
+ 6
Aha, a virtual environment sounds like a good idea :) Nothing should screw up and even if so, it can be easily flushed. Thanks!
4th Feb 2018, 9:41 PM
Kuba Siekierzyński
Kuba Siekierzyński - avatar
+ 1
if the virtual environment is not approachable, generations of software installers lead the way: make a huge, detailed and easily skippable description, followed by an accept button that grants administrator rights for the remaining steps of the installation: good practice for careful user that will find the info he needs and good practice for average joe that blindly clicks accept, without the pain of deciding y or n for every package required.
7th Mar 2018, 9:23 PM
seamiki
seamiki - avatar