Defining your own requirements

In addition to using the installed set of Python libraries, you can specify the libraries by including a requirements.txt file in the zip file. This option is supported for Python version 3.12. Currently only libraries from the public PyPi repository are allowed.

For security purposes, the requirements.txt file must include hashes. The file is audited using pip-audit and checked against a safe list of allowed libraries and versions. There are a few Python tools available to generate a requirements file with hashes. One tool is provided by the pip-tools library. To ensure consistency, we recommend you install pip-tools and pip-audit when developing the algorithm.

Running custom algorithms depends on gunicorn (version 23.0.0) and flask (version 3.0.3) libraries. These library versions are installed after processing the user provided requirements.

The command lines shown in the steps are examples. Your environment may be different.

  1. Using Python 3.12 to setup a local development environment.
    > virtualenv -p python3 venv && source venv/bin/activate
  2. Develop the algorithm.
  3. Freeze the environment by running this command:
    > pip freeze --local > requirements.in
  4. Create the requirements.txt file by running this command:
    > pip-compile -v --generate-hashes --allow-unsafe requirements.in

    The allow-unsafe flag is recommended to be consistent with future behavior related to un-pinned common libraries such as setup tools.

  5. Audit the requirements by running this command:
    > pip-audit -r requirements.txt --require-hashes
  6. Construct the zip file with the requirements.txt file at the root of the zip.