Skip to main content
Redhat Developers  Logo
  • Products

    Featured

    • Red Hat Enterprise Linux
      Red Hat Enterprise Linux Icon
    • Red Hat OpenShift AI
      Red Hat OpenShift AI
    • Red Hat Enterprise Linux AI
      Linux icon inside of a brain
    • Image mode for Red Hat Enterprise Linux
      RHEL image mode
    • Red Hat OpenShift
      Openshift icon
    • Red Hat Ansible Automation Platform
      Ansible icon
    • Red Hat Developer Hub
      Developer Hub
    • View All Red Hat Products
    • Linux

      • Red Hat Enterprise Linux
      • Image mode for Red Hat Enterprise Linux
      • Red Hat Universal Base Images (UBI)
    • Java runtimes & frameworks

      • JBoss Enterprise Application Platform
      • Red Hat build of OpenJDK
    • Kubernetes

      • Red Hat OpenShift
      • Microsoft Azure Red Hat OpenShift
      • Red Hat OpenShift Virtualization
      • Red Hat OpenShift Lightspeed
    • Integration & App Connectivity

      • Red Hat Build of Apache Camel
      • Red Hat Service Interconnect
      • Red Hat Connectivity Link
    • AI/ML

      • Red Hat OpenShift AI
      • Red Hat Enterprise Linux AI
    • Automation

      • Red Hat Ansible Automation Platform
      • Red Hat Ansible Lightspeed
    • Developer tools

      • Red Hat Trusted Software Supply Chain
      • Podman Desktop
      • Red Hat OpenShift Dev Spaces
    • Developer Sandbox

      Developer Sandbox
      Try Red Hat products and technologies without setup or configuration fees for 30 days with this shared Openshift and Kubernetes cluster.
    • Try at no cost
  • Technologies

    Featured

    • AI/ML
      AI/ML Icon
    • Linux
      Linux Icon
    • Kubernetes
      Cloud icon
    • Automation
      Automation Icon showing arrows moving in a circle around a gear
    • View All Technologies
    • Programming Languages & Frameworks

      • Java
      • Python
      • JavaScript
    • System Design & Architecture

      • Red Hat architecture and design patterns
      • Microservices
      • Event-Driven Architecture
      • Databases
    • Developer Productivity

      • Developer productivity
      • Developer Tools
      • GitOps
    • Secure Development & Architectures

      • Security
      • Secure coding
    • Platform Engineering

      • DevOps
      • DevSecOps
      • Ansible automation for applications and services
    • Automated Data Processing

      • AI/ML
      • Data Science
      • Apache Kafka on Kubernetes
      • View All Technologies
    • Start exploring in the Developer Sandbox for free

      sandbox graphic
      Try Red Hat's products and technologies without setup or configuration.
    • Try at no cost
  • Learn

    Featured

    • Kubernetes & Cloud Native
      Openshift icon
    • Linux
      Rhel icon
    • Automation
      Ansible cloud icon
    • Java
      Java icon
    • AI/ML
      AI/ML Icon
    • View All Learning Resources

    E-Books

    • GitOps Cookbook
    • Podman in Action
    • Kubernetes Operators
    • The Path to GitOps
    • View All E-books

    Cheat Sheets

    • Linux Commands
    • Bash Commands
    • Git
    • systemd Commands
    • View All Cheat Sheets

    Documentation

    • API Catalog
    • Product Documentation
    • Legacy Documentation
    • Red Hat Learning

      Learning image
      Boost your technical skills to expert-level with the help of interactive lessons offered by various Red Hat Learning programs.
    • Explore Red Hat Learning
  • Developer Sandbox

    Developer Sandbox

    • Access Red Hat’s products and technologies without setup or configuration, and start developing quicker than ever before with our new, no-cost sandbox environments.
    • Explore Developer Sandbox

    Featured Developer Sandbox activities

    • Get started with your Developer Sandbox
    • OpenShift virtualization and application modernization using the Developer Sandbox
    • Explore all Developer Sandbox activities

    Ready to start developing apps?

    • Try at no cost
  • Blog
  • Events
  • Videos

Thoth prescriptions for resolving Python dependencies

September 22, 2021
Fridolin Pokorny
Related topics:
Data ScienceArtificial intelligenceOpen sourcePythonSecure Coding
Related products:
Red Hat Enterprise Linux

Share:

    Python offers a wealth of programming libraries, which often invoke functions from other libraries in complex hierarchies. While these libraries make it possible to develop powerful applications quickly, the ever-changing library versions often introduce conflicts that cause runtime or build-time issues. Thoth, an open source project developed within the Artificial Intelligence Center of Excellence (AICoE), is dedicated to alleviating this problem in Python programs. This article looks at Thoth prescriptions, a mechanism that you can use to avoid clashing library versions in your Python applications.

    Note: For more about resolving Python project dependencies with Thoth, see our recent introduction to Thoth Dependency Monkey.

    Curated knowledge about Python libraries

    One of Thoth's major offerings is a cloud-based resolver, which examines the packages and libraries requested by an application and determines the best way to resolve them so that they work together in the target environment. Thoth's prescription repository is comparable to the more familiar security project from the Python Packaging Authority (PyPA), a curated database of known vulnerabilities in the Python ecosystem. The Python Advisory DB resulting from that project is now available on GitHub. The repository contains YAML files describing known vulnerabilities in machine-readable form.

    Whereas the Python Advisory DB focuses only on security flaws, Thoth prescriptions are more generic and are directly consumed by the resolver. The database curates a broad range of knowledge about Python libraries and packages: Their communities, known build-time issues, runtime issues, compatibility with native dependencies, suggestions for which runtime to use, or other suggestions of interest to Python package consumers.

    Prescription information is stored as YAML files and used automatically by the Thoth resolver to guide Python application developers. Anyone can contribute to this database. The Thoth resolver automatically loads prescriptions and consults them during the resolution process, so that resolved dependencies are in a healthy state. As a result, developers can focus on application development rather than on fixing library issues. Unlike other resolvers, such as pip, Pipenv, or Poetry, which tend to resolve the latest libraries, Thoth’s resolver chooses the libraries that best fit the application's needs, and takes the prescriptions into consideration.

    Examples of Thoth prescriptions at work

    In a previous article, the Project Thoth team showed an issue in the TensorFlow software stack that occurred when urrlib3 was installed with package six. The problem is recorded in a prescription that helps the Thoth resolver avoid trying to combine problematic versions of these packages. Applications using the Thoth resolver do not suffer from this recognized runtime problem.

    Another example is a Pillow issue that will not work with NumPy. A prescription is provided to protect Python application stacks from this issue.

    Yet another example warns users about the archived argparse project. Using archived projects on GitHub that suffer from the problem might drive users away, so this prescription notifies users about the project state.

    Browse the Thoth prescriptions repository or documentation for more examples.

    Watch a video about Thoth prescriptions

    Are you curious about how "greatest" stacks are resolved? This video introduces a community-curated database that Thoth users can benefit from:

     

    Note: see Healing Python applications with prescriptions for a video overview of the prescriptions concept. Visit the Thoth Station YouTube channel for more videos like these.

    Calling all Python developers and package maintainers!

    If you are a Python developer or Python package maintainer, we encourage you to get involved in building the prescriptions database. You can report issues to be turned into prescriptions, which are used to help create healthy Python applications.

    If you would like to report a library issue, reach out to us at the Thoth Station support repository. You can also write prescriptions directly by following the online documentation. If you would like to be notified when a new prescription is created for a library, add yourself to the repository's CODEOWNERS file to follow per-project prescription updates.

    Helping the Python community create healthy applications

    As part of Project Thoth, we are accumulating knowledge to help Python developers create healthy applications. If you would like to follow updates in project Thoth, subscribe to our YouTube channel or follow us on the @ThothStation Twitter handle.

    Last updated: September 19, 2022

    Related Posts

    • Resolve Python dependencies with Thoth Dependency Monkey

    • Managing Python dependencies with the Thoth JupyterLab extension

    • AI software stack inspection with Thoth and TensorFlow

    • Continuous learning in Project Thoth using Kafka and Argo

    Recent Posts

    • Create and enrich ServiceNow ITSM tickets with Ansible Automation Platform

    • Expand Model-as-a-Service for secure enterprise AI

    • OpenShift LACP bonding performance expectations

    • Build container images in CI/CD with Tekton and Buildpacks

    • How to deploy OpenShift AI & Service Mesh 3 on one cluster

    Red Hat Developers logo LinkedIn YouTube Twitter Facebook

    Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform

    Build

    • Developer Sandbox
    • Developer Tools
    • Interactive Tutorials
    • API Catalog

    Quicklinks

    • Learning Resources
    • E-books
    • Cheat Sheets
    • Blog
    • Events
    • Newsletter

    Communicate

    • About us
    • Contact sales
    • Find a partner
    • Report a website issue
    • Site Status Dashboard
    • Report a security problem

    RED HAT DEVELOPER

    Build here. Go anywhere.

    We serve the builders. The problem solvers who create careers with code.

    Join us if you’re a developer, software engineer, web designer, front-end designer, UX designer, computer scientist, architect, tester, product manager, project manager or team lead.

    Sign me up

    Red Hat legal and privacy links

    • About Red Hat
    • Jobs
    • Events
    • Locations
    • Contact Red Hat
    • Red Hat Blog
    • Inclusion at Red Hat
    • Cool Stuff Store
    • Red Hat Summit
    © 2025 Red Hat

    Red Hat legal and privacy links

    • Privacy statement
    • Terms of use
    • All policies and guidelines
    • Digital accessibility

    Report a website issue