Package Management\n\n## Managing Dependencies Like a Pro\n\nWhat you’ll learn:\n- Python: pip, conda, poetry, pipenv\n- Node.js: npm, yarn, pnpm\n- System packages: apt, yum, brew\n- Version pinning and lock files\n- Virtual environments\n- Security and auditing\n\nTime: 60-90 minutes

Contents

Package Management\n\n## Managing Dependencies Like a Pro\n\nWhat you’ll learn:\n- Python: pip, conda, poetry, pipenv\n- Node.js: npm, yarn, pnpm\n- System packages: apt, yum, brew\n- Version pinning and lock files\n- Virtual environments\n- Security and auditing\n\nTime: 60-90 minutes#

1. Python Package Management\n\n### pip - The Standard Tool\n\n`bash\n# Install package\npip install requests\n\n# Specific version\npip install requests==2.28.0\n\n# Upgrade\npip install --upgrade requests\n\n# Install from requirements\npip install -r requirements.txt\n\n# List installed\npip list\n\n# Show package info\npip show requests\n`#

# Create requirements.txt\n!cat > requirements.txt << 'EOF'\nrequests>=2.28.0,<3.0.0\npandas==1.5.3\nnumpy~=1.24.0  # Compatible version\nEOF\n\nprint("✅ Created requirements.txt")

Virtual Environments\n\n`bash\n# Create venv\npython -m venv myenv\n\n# Activate\nsource myenv/bin/activate # Linux/Mac\nmyenv\\Scripts\\activate # Windows\n\n# Deactivate\ndeactivate\n`#

Poetry - Modern Python\n\n`bash\n# Install poetry\ncurl -sSL https://install.python-poetry.org | python3 -\n\n# Init project\npoetry init\n\n# Add dependency\npoetry add requests\n\n# Install all\npoetry install\n\n# Run command in venv\npoetry run python app.py\n`\n\npyproject.toml:\n`toml\n[tool.poetry.dependencies]\npython = \"^3.8\"\nrequests = \"^2.28.0\"\n`#

2. Node.js Package Management\n\n### npm\n\n`bash\n# Install package\nnpm install express\n\n# Dev dependency\nnpm install --save-dev jest\n\n# Global install\nnpm install -g typescript\n\n# Install from package.json\nnpm install\n\n# Update\nnpm update\n\n# Audit security\nnpm audit\nnpm audit fix\n`#

yarn - Fast Alternative\n\n`bash\n# Install yarn\nnpm install -g yarn\n\n# Add package\nyarn add express\n\n# Dev dependency\nyarn add --dev jest\n\n# Install all\nyarn install\n\n# Why yarn?\n# - Faster than npm\n# - Better lock file (yarn.lock)\n# - Offline mode\n`#

3. System Package Managers\n\n### apt (Debian/Ubuntu)\n\n`bash\n# Update package list\nsudo apt update\n\n# Upgrade packages\nsudo apt upgrade\n\n# Install package\nsudo apt install git\n\n# Remove package\nsudo apt remove git\n\n# Search packages\napt search python\n\n# Show info\napt show python3\n`#

Homebrew (macOS/Linux)\n\n`bash\n# Install\n/bin/bash -c \"$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)\"\n\n# Install package\nbrew install git\n\n# Update\nbrew update\nbrew upgrade\n\n# Search\nbrew search python\n\n# Info\nbrew info python\n`#

4. Dependency Lock Files\n\n### Why Lock Files?\n\nWithout lock file:\n`\nrequests>=2.28.0 # Could install 2.28.0 or 2.31.0!\n`\n\nWith lock file:\n`\nrequests==2.28.0 # Exact version, reproducible\n urllib3==1.26.14\n certifi==2022.12.7\n`\n\n### Creating Lock Files\n\n`bash\n# Python\npip freeze > requirements.txt\n\n# Poetry\npoetry lock\n\n# npm\nnpm install # Creates package-lock.json\n\n# yarn\nyarn install # Creates yarn.lock\n`#

5. Security & Auditing\n\n`bash\n# Python: Check vulnerabilities\npip install safety\nsafety check\n\n# Node.js\nnpm audit\nnpm audit fix\n\n# Snyk (all languages)\nnpm install -g snyk\nsnyk test\n`#

🎯 Exercises\n\n1. Create virtual environment and install packages\n2. Generate requirements.txt with versions\n3. Set up Poetry project\n4. Audit dependencies for security issues\n\n## 🎓 Key Takeaways\n\n- Use virtual environments\n- Pin versions in production\n- Use lock files for reproducibility\n- Audit dependencies regularly\n- Separate dev and prod dependencies#

🚀 Next Steps\n\nNext lesson: `09_ssh_remote_systems.ipynb`\n\n## 📚 Resources\n\n- Poetry Docs\n- npm Docs\n- Homebrew #