How safe is it to rely on thirdparty Python libs in a production product?

Posted by skyler on Programmers See other posts from Programmers or by skyler
Published on 2012-09-03T19:12:20Z Indexed on 2012/09/03 21:48 UTC
Read the original article Hit count: 255

Filed under:
|

I'm new to Python and come from the write-everything-yourself world of PHP (at least this is how I always approached it).

I'm using Flask, WTForms, Jinja2, and I've just discovered Flask-Login which I want to use. My question is about the reliability of using thirdparty libraries for core functionality in a project that is planned to be around for several years.

I've installed these libraries (via pip) into a virtualenv environment. What happens if these libraries stop being distributed? Should I back up these libraries (are they eggs)? Can I store these libraries in my project itself, instead of relying on pip to install them in a virtualenv? And should I store these separately?

I'm worried that I'll rely on a library for core functionality, and then one day I'll download an incompatible version through pip, or the author or maintainer will stop distributing it and it'll no longer be available.

How can I protect against this, and ensure that any thirdparty libraries that I use in my projects will always be available as they are now?

© Programmers or respective owner

Related posts about python

Related posts about flask