Dependencies

Top 23 Dependency Open-Source Projects

  • renovate

    Universal dependency automation tool.

    Project mention: Understanding Mend Renovate's Pull Request Workflow | dev.to | 2024-03-25

    To get started with Mend Renovate, the comprehensive official documentation provides detailed instructions on installation, configuration, and best practices. Additionally, the Mend Renovate community forum offers a platform for users to connect, share experiences, and access the collective knowledge base.

  • patch-package

    Fix broken node modules instantly 🏃🏽‍♀️💨

    Project mention: TypeScript NPM Packages Done Right | news.ycombinator.com | 2023-09-24

    If you use Yarn, there’s the `yarn patch` command [1], which lets you maintain patches for your dependencies. Even though I try to upstream patches wherever possible, sometimes you just want to apply a quick patch and move on, especially if the dependency is poorly maintained or even worse, deeply nested in your dependency hierarchy. I use `yarn patch` regularly, it’s one of the main reasons why I moved to Yarn in the first place.

    If you’re not using Yarn, there seems to be a similar thing on npm, `patch-package`. [2] I never had to use that though.

    [1]: https://yarnpkg.com/cli/patch

    [2]: https://www.npmjs.com/package/patch-package

  • SurveyJS

    Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.

  • madge

    Create graphs from your CommonJS, AMD or ES6 module dependencies

    Project mention: Madge: Create graphs from your CommonJS, AMD or ES6 module dependencies | news.ycombinator.com | 2024-02-15
  • yalc

    Work with yarn/npm packages locally like a boss.

  • dependency-cruiser

    Validate and visualize dependencies. Your rules. JavaScript, TypeScript, CoffeeScript. ES6, CommonJS, AMD.

    Project mention: Taking Frontend Architecture Serious with dependency-cruiser | dev.to | 2023-09-25

    With dependency-cruiser, you can enforce which imports are allowed. This enables you to create an architecture fitness function that ensures your code continues to adhere to the initial design. You can also visualize your dependencies to gain a clearer understanding of your code's actual structure, allowing you to compare it with your mental model and make improvements where necessary.

  • athens

    A Go module datastore and proxy (by gomods)

    Project mention: go install on a private repo. | /r/golang | 2023-03-29

    I wrote this a few years ago. This is the basic way to do it. A better developer experience is to set up an Athens proxy and use Go environment variables to tell the tool chain where to look for modules.

  • dependabot-core

    🤖 Dependabot's core logic for creating update PR's.

    Project mention: Storybook 8 | news.ycombinator.com | 2024-03-13

    Storybook is great and all, but these days nearly every Dependabot alert I get is about a sub-dependency of Storybook. Since Dependabot doesn't currently allow you to ignore dev dependencies and only check production dependencies [0], this makes Storybook a Big Noise Generator and every time I dismiss another alert from it, I can't help but wonder if there's a better option out there.

    [0] https://github.com/dependabot/dependabot-core/issues/2521

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • CPM.cmake

    📦 CMake's missing package manager. A small CMake script for setup-free, cross-platform, reproducible dependency management.

    Project mention: C++ Game Utility Libraries: for Game Dev Rustaceans | dev.to | 2024-03-13

    C++20 brings std::format, improving C++ developer experience for formatting strings. If you have to use older standards, though, add fmtlib to your repo. It plays well with CMake and you can use CPM to add fmtlib to your project. The library supports many Rust format macro features, and makes code far cleaner when you need to do string interpolation with variables.

  • taze

    🥦 A modern cli tool that keeps your deps fresh

  • scancode-toolkit

    :mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!

    Project mention: ScanCode: Scan license and packages, dependencies and origin information | news.ycombinator.com | 2023-08-11
  • Rebar3

    Erlang build tool that makes it easy to compile and test Erlang applications and releases.

    Project mention: A Regex Barometer | news.ycombinator.com | 2023-07-05

    Not to be confused with Rebar3 [0] which is a de-facto package manager and build tool for Erlang.

    [0] https://github.com/erlang/rebar3

  • ort

    A suite of tools to automate software compliance checks.

  • asimov

    Automatically exclude development dependencies from Apple Time Machine backups

    Project mention: ThinMachine – A $25 Thin Client macOS Time Machine Appliance | news.ycombinator.com | 2023-06-25

    I have found that Asimov alleviates this issue.

    https://github.com/stevegrunwell/asimov

    I wrote a tiny blurb about it here:

    https://nabeards.com/time-machine-backups-ignoring-npm-modul...

  • syncpack

    Consistent dependency versions in large JavaScript Monorepos.

    Project mention: I made a CLI to sync dependency versions in monorepos | /r/node | 2023-11-16

    There's a video on the homepage at https://jamiemason.github.io/syncpack and a getting started guide at https://jamiemason.github.io/syncpack/guide/getting-started/.

  • dep-tree

    tool for helping developers keep their code bases clean and decoupled. It allows visualising a "code base entropy" using a 3d force-directed graph of files and the dependencies between.

    Project mention: Show HN: Visualize the Entropy of a Codebase with a 3D Force-Directed Graph | news.ycombinator.com | 2024-01-31

    The portion of the code in charge of rendering lives inside the `internal/entropy` (https://github.com/gabotechs/dep-tree/tree/main/internal/ent...).

    Force-directed is an algorithm for displaying graphs in a 2d or 3d space, which simulates attraction/repulsion based on the dependencies between the nodes, the wikipedia page explains it really well https://en.wikipedia.org/wiki/Force-directed_graph_drawing

    > Love it, I think dependency trees are super underused data for static analysis.

    Definitely, specially for evaluating "the big picture" of a codebase

  • scala-steward

    :robot: A bot that helps you keep your projects up-to-date

  • licensed

    A Ruby gem to cache and verify the licenses of dependencies (by github)

  • tern

    Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more. (by tern-tools)

  • conan-center-index

    Recipes for the ConanCenter repository

    Project mention: Mokara.io Open Beta (Pre-Built C++ Third-Party Libraries) | /r/cpp | 2023-06-27

    Just checkout ConanCenter https://conan.io/center it's free.

  • shrinkpack

    Fast, resilient, reproducible builds with npm install.

  • deptry

    Find unused, missing and transitive dependencies in a Python project.

    Project mention: This Week In Python | dev.to | 2024-03-17

    deptry – Find unused, missing and transitive dependencies in a Python project

  • MANUL

    :smirk_cat: The madness vendoring utility for Golang programs

  • import-linter

    Import Linter allows you to define and enforce rules for the internal and external imports within your Python project.

    Project mention: Kraken Technologies: How we organise our large Python monolith | news.ycombinator.com | 2023-07-18

    Never heard of https://import-linter.readthedocs.io/ before. Not sure if I like this type of solution, but it's interesting, and certainly the problem is real.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2024-03-25.

Dependencies related posts

Index

What are some of the best open-source Dependency projects? This list will help you:

Project Stars
1 renovate 15,405
2 patch-package 9,867
3 madge 8,313
4 yalc 5,334
5 dependency-cruiser 4,914
6 athens 4,316
7 dependabot-core 3,805
8 CPM.cmake 2,507
9 taze 2,199
10 scancode-toolkit 1,948
11 Rebar3 1,649
12 ort 1,460
13 asimov 1,430
14 syncpack 1,219
15 dep-tree 1,195
16 scala-steward 1,120
17 licensed 966
18 tern 929
19 conan-center-index 876
20 shrinkpack 793
21 deptry 738
22 MANUL 663
23 import-linter 616
The modern identity platform for B2B SaaS
The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
workos.com