Skip to content

Instantly share code, notes, and snippets.

Created November 3, 2021 13:21
What would you like to do?
For installing with pinning

For the project you want to build via lektor, or install lektor for.

Create a file with the following content:


Add any other dependencies there.

Then create a requirements.txt file with the pinned hashes, remember to do it in a same environment, for example using Python3.7 on Debian 10.

python3 -m venv .venv
source .venv/bin/activate
python3 -m pip install pip-tools # This is being downloaded directly from PyPI.
pip-compile --generate-hashes --allow-unsafe --output-file=requirements.txt

Commit the requiremnts.* files in your project.

Now, in the virtualenv you are actually installing the project, or say lektor, you can use the follwing command to verify that pinning is being used.

python -m pip install --require-hashes -r requirements.txt

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment