Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free. Learn more →
Top 23 Package Management Open-Source Projects
-
(Note that I don't actually have calibre installed on my machine. I'm only going by the calibre.rb file present on brew's GitHub.)
-
Project mention: Unable to find a specification for `GoogleUtilities-Environment-Logger-NSData+zlib` | /r/flutterhelp | 2023-07-04
You will have better luck finding / getting help here https://github.com/CocoaPods/CocoaPods/issues create a new issue and hopefully, someone there will be able to assist you.
-
SonarLint
Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.
-
Hello! I'm using Helm in K8s and curious if there is a solution that could keep tabs on the deployed chart dependency versions and either alert us when something is out of date or when a new release is available. Does this exist? I was thinking something like Dependabot or Renovate, but neither seems to be able to manage this.
-
fpm
Effing package management! Build packages for multiple platforms (deb, rpm, etc) with great ease and sanity.
Project mention: PackagingCon – a conference only for software package management | news.ycombinator.com | 2023-08-08 -
Package management is not a new concept in the software industry. On Linux distros, you manage software installation and removal with package managers such as YUM/RPM or APT. On Windows, you can use Chocolatey or Homebrew on Mac.
-
If you use Yarn, there’s the `yarn patch` command [1], which lets you maintain patches for your dependencies. Even though I try to upstream patches wherever possible, sometimes you just want to apply a quick patch and move on, especially if the dependency is poorly maintained or even worse, deeply nested in your dependency hierarchy. I use `yarn patch` regularly, it’s one of the main reasons why I moved to Yarn in the first place.
If you’re not using Yarn, there seems to be a similar thing on npm, `patch-package`. [2] I never had to use that though.
-
$ sudo pip install y$ sudo pip install yaml WARNING: pip is being invoked by an old script wrapper. This will fail in a future version of pip. Please see https://github.com/pypa/pip/issues/5599 for advice on fixing the underlying issue. To avoid this problem you can invoke Python with '-m pip' instead of running pip directly. ERROR: Could not find a version that satisfies the requirement yaml (from versions: none) ERROR: No matching distribution found for yaml
-
Mergify
Updating dependencies is time-consuming.. Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free.
-
-
For small projects I recommend pip-tools. Just write packet list in requirements.in and pip-compile compile a requirements.txt with comments.
-
conda
A system-level, binary package and environment manager running on all major operating systems and platforms.
Project mention: Why does creating my conda environment use so much memory? | /r/learnpython | 2023-06-18 -
Project mention: A question about good practice when using docker. | /r/dataengineering | 2023-05-26
You'd need a proper dependencies management tool like PDM or Poetry to exhaustively resolve and lock down all the transitive dependencies if you want to have anything closed to reproducible build.
-
LUA_INCDIR is not listed on either https://github.com/luarocks/luarocks/wiki/Installation-instructions-for-Unix or https://github.com/luarocks/luarocks/wiki/Installation-instructions-for-Unix but luarocks complains that it's not set. What does it do?
-
And many more such as Scaleway, Oxide, Fuchsia, MeiliSearch, Vector, embark, Chef, BBC...
-
As others have mentioned, you want NuGet. However, beyond the directory approach that was already mentioned, people may be interested to know that you can also do a web hosted version or if you prefer you can use the full NuGet Gallery project that powers nuget.org. At this point there's like 20 different ways to do it now. Hanselman had a list of some options a while back. BaGet is kind of interesting on that list.
-
However, let's examine a typical partial, such as the one from the . rubygems.org search show page
-
-
-
Rust makes distribution and maintenance near trivial. My lab develops a fairly widely-used tool, salmon, for the quantification of transcript expression from RNA-seq data. This tool is written in C++14, and has a substantial number of dependencies. The process of updating the tool (e.g. bumping dependencies) and cutting a new release is painful. To maintain widespread availability, we distribute this tool using bioconda which uses it's own CI and setup to build new releases for (in our case) Linux and MacOS. Things break all the time. For example, recently, they bumped the compiler used to build packages. This changed some default "implementation defined" behavior, causing previously functioning code to fail. We didn't find this locally, because we didn't test that specific compiler version. When we tried to release a new version, we had to go back and fix things etc. This is not just because different compilers exist, but because the C++ specification is soooo complicated and the set of undefined and implementation defined behavior is sooo broad that it's very brittle and it's easy for things to "break" via bitrot. However, the stability provided by Rust has been phenomenal so far. In our code, we only use stable Rust features, and we have benefited tremendously from the empirical guarantee that valid Rust code (except in exceptional cases like latent bugs in the language) will remain valid. While not all crates follow it religiously, there is a reasonable respect for semantic versioning. Thus, cutting a new release of one of our Rust tools is often as simple as just updating the Cargo.toml (and Cargo.lock in the case of applications), tagging a new release in GitHub, and letting the bioconda CI do it's business with the tagged artifacts. The build "scripts" are almost always trivial because the builds just work, across platforms, across CIs, etc. Now, new projects like cargo dist look like they make this process even simpler.
-
NuGet
NuGet Gallery is a package repository that powers https://www.nuget.org. Use this repo for reporting NuGet.org issues.
Really happy to see this. This caused random NuGet package restore issues when the CNAME chain for api.nuget.org exceeded a certain length.
https://github.com/NuGet/NuGetGallery/issues/9396
Our CDN provider ended up having a shedding mode in some hot areas that made the chain exceed the limit from time to time. Our multi CDN set up saved us so we could do geo specific failovers.
-
-
-
-
-
InfluxDB
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
The latest post mention was on 2023-09-24.
Package Management related posts
- Can't seem to install Python YAML support
- PackagingCon – a conference only for software package management
- How to Manage Helm Chart Dependency Versions?
- Musl 1.2.4 adds TCP DNS fallback
- Rez package manager alternatives
- I want to pin but homebrew doesn't recognize cask
- Unable to find a specification for `GoogleUtilities-Environment-Logger-NSData+zlib`
-
A note from our sponsor - Mergify
blog.mergify.com | 30 Sep 2023
Index
What are some of the best open-source Package Management projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | Homebrew-cask | 20,180 |
| 2 | CocoaPods | 14,283 |
| 3 | renovate | 13,403 |
| 4 | fpm | 10,886 |
| 5 | Chocolatey | 9,388 |
| 6 | patch-package | 9,327 |
| 7 | pip | 8,943 |
| 8 | glide | 8,173 |
| 9 | pip-tools | 7,093 |
| 10 | conda | 5,722 |
| 11 | PDM | 5,256 |
| 12 | luarocks | 2,908 |
| 13 | habitat | 2,515 |
| 14 | BaGet | 2,396 |
| 15 | RubyGems | 2,215 |
| 16 | Paket | 1,946 |
| 17 | bpkg | 1,814 |
| 18 | bioconda-recipes | 1,507 |
| 19 | NuGet | 1,475 |
| 20 | Gem in a Box | 1,460 |
| 21 | virtualgo | 1,312 |
| 22 | gpm | 1,198 |
| 23 | Berkshelf | 1,077 |
Collect and Analyze Billions of Data Points in Real Time
Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
www.influxdata.com