Could we use snakefood?
Jeremy has done some of this before.
A/C:
Before you start check in with cale about the oep 2 checker.
Enumerate available tools
Recommend tools for use on this project
wiki page
list tools and pro/cons on wiki page
present to team
- Random list of tools and services along these lines:
Gemnasium - DevOps's current requirements tracking tool of choice
VersionEye - Another requirements tracking service we've experimented with, open source and has some compelling features
requires.io - Yet another requirements tracker that I used at a previous job
pyup.io - Auto-generates PRs for updated dependencies
pip-tools - pip-compile generates fully pinned requirements files from top-level dependencies, and annotates which packages required each entry
pipdeptree - Local tool for tracing through the hierarchy of package dependencies
snakefood - Local tool for dependency tracking at the level of modules rather than packages
pipreqs - Create a requirements file from the imports actually used
pycycle - Finds circular imports
undebt - Not really a dependency tracker, but could be used to automate refactoring deprecated code patterns when upgrading libraries
Also note that there are Trove classifiers which packages should be using to declare which exact Python, Django, etc. versions they support with each release; these aren't always used or kept up to date, but are very useful when they are. pip show -v lists these classifiers for a particular package, and Warehouse even allows searching by these classifiers.
I expanded a bit on these and did some investigation into how they might help the upgrade project here: https://openedx.atlassian.net/wiki/display/PLAT/Potential+Tooling+for+Upgrade