BestHub
Sign in
Backend Development 6 min read

Using tach to Identify and Validate Python Third‑Party Dependencies

This article explains how to detect missing or unused Python packages, install the tach tool, configure it to analyze a project’s source root, and use its built‑in commands to list and verify external dependencies against the declared requirements, ensuring a clean and reproducible environment.

Python Programming Learning Circle
Python Programming Learning Circle
Python Programming Learning Circle
Using tach to Identify and Validate Python Third‑Party Dependencies

The error python3: No module named [module name] often appears when required dependencies are not installed or when the installed set does not match the code’s imports, leading to bloated packages and slower deployments.

To ensure the installed dependencies match those used in the code, you can use the built‑in tach command to list external dependencies for a Python repository.

First, install tach:

> pip install tach

Then configure the project root so tach knows where the source lives:

> tach mod

Run the built‑in command to display external dependencies used by the rich package (or any other module):

<code>&gt; tach report-external --raw python/tach
pydantic
pyyaml
gitpython
rich
prompt-toolkit
tomli-w
networkx
stdlib-list
importlib-metadata</code>

Note that dependencies are printed once in PEP 508 format unless a flag is set to show each usage.

Check the pyproject.toml file to see the declared dependencies, for example:

<code>dependencies = [
  "pyyaml~=6.0",
  "tomli-w~=1.0",
  "pydantic~=2.0",
  "rich~=13.0",
  "prompt-toolkit~=3.0",
  "GitPython~=3.1",
  "networkx~=3.0; python_version > '3.7'",
  "networkx>=2.6,<4.0; python_version == '3.7'",
  "pydot~=2.0",
  "stdlib-list>=0.10.0; python_version < '3.10'",
  "importlib_metadata>=6.5; python_version == '3.7'",
]</code>

Some imports, like pydot , may be inside a if TYPE_CHECKING: block, causing them to be ignored by default; you can flip the ignore_type_checking_imports flag in tach.toml to include them:

<code># tach.toml
...
ignore_type_checking_imports = false</code>

After enabling this, running the report again shows the previously hidden dependency:

<code>&gt; tach report-external --raw python/tach
gitpython
networkx
pydantic
pyyaml
prompt-toolkit
stdlib-list
rich
pydot
tomli-w
importlib-metadata</code>

Thus, the used dependencies match the declared ones.

Execution

When a required dependency is removed, the toolchain fails somewhere, but it can be hard to spot other bloat; this is where tach check-external helps.

check-external verifies that the code only imports and uses the third‑party dependencies listed in the configuration, supporting multiple source roots and suitable for CI checks:

<code>&gt; tach check-external
✅ All external dependencies validated!</code>

This ensures you never miss an installation dependency.

Pythoncode analysisdependency-managementpiptach
Python Programming Learning Circle
Written by

Python Programming Learning Circle

A global community of Chinese Python developers offering technical articles, columns, original video tutorials, and problem sets. Topics include web full‑stack development, web scraping, data analysis, natural language processing, image processing, machine learning, automated testing, DevOps automation, and big data.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment