28 Repos
Utilities for refreshing pinned package versions to the latest compatible releases.
Distinct from Dependency Versioning: Specifically focuses on updating pinned versions based on constraints rather than just managing version strings.
Explore 28 awesome GitHub repositories matching devops & infrastructure · Dependency Version Updates. Refine with filters or upvote what's useful.
This project is a dependency management tool for Go designed to track and lock package versions to ensure reproducible builds across different environments. It functions as a version lock file manager, recording complete snapshots of the dependency graph to prevent version drift, and as a semantic version constraint resolver that calculates compatible package versions. The tool orchestrates a local vendor directory, mirroring external source code to enable offline builds and source auditing. It utilizes a combination of static analysis to discover required libraries and a logic engine to inte
Provides utilities for refreshing pinned package versions to the latest compatible releases based on defined constraints.
EmDash is an open-source content management system built on Astro that combines a visual admin panel with a plugin-driven architecture and server-side rendering. It provides a complete content management system with structured content modeling, a rich text editor using Portable Text format, and a TypeScript API for type-safe content queries. The system supports authentication through passkeys, OAuth 2.1, and external providers, with role-based access control and fine-grained permission scopes. What distinguishes EmDash is its plugin development framework, which supports both native plugins ru
Updates plugin packages and core CMS to latest versions, then rebuilds the site.
MagiskOnWSALocal is a toolkit and set of scripts designed to integrate root access and Google Apps into the Windows Subsystem for Android. It functions as a customization utility to provide administrative control over the virtualized Android environment. The project enables the installation of Magisk root binaries and the integration of Google Play Store services. It includes capabilities for removing default application marketplaces and modifying system settings to customize the subsystem. The toolset manages subsystem maintenance through version updates that preserve user data. It also pro
Provides script-based capability to install newer system versions while preserving user data.
NexT is a responsive, elegant static blog theme for Hexo that generates HTML pages from Markdown posts. It is designed as a pre-built visual design for the Hexo framework, producing mobile-friendly layouts that adapt across devices with support for dark mode and multiple visual schemes. The theme distinguishes itself through extensive customization options, including five built-in code highlighting themes for technical blog posts and a multilingual interface supporting over 15 languages. It offers configuration flexibility by allowing theme settings to be stored either in the main Hexo config
Provides guidance for updating Hexo and its plugins to versions compatible with the latest theme release.
Glide is a Go dependency management tool that fetches, pins, and vendors external packages to enable reproducible builds across environments. It stores project-specific copies of Go packages in a vendor directory, isolating dependencies per project to avoid version conflicts, and supports fetching packages from Git, Mercurial, Bazaar, and Subversion repositories. The tool resolves dependency versions using semantic versioning ranges and operators, and generates a lock file that records exact commit IDs for all transitive dependencies. Glide distinguishes itself with an interactive version wiz
Fetches the latest versions matching version ranges and pins exact versions in a lock file.
pip-tools is a set of utilities for Python dependency pinning, lockfile management, and virtual environment synchronization. It functions as a requirement compiler that resolves high-level package declarations into a pinned list of specific versions and content hashes to ensure repeatable builds across different environments. The tool differentiates itself by providing a mechanism to refresh locked dependencies to their latest compatible versions without manual editing. It supports a layered dependency workflow, allowing one requirements file to act as a constraint for another to maintain com
Provides utilities to refresh pinned package versions to the latest compatible releases.
pip-tools is a set of command line utilities for compiling high-level Python dependency lists into pinned requirements files. It functions as a dependency lock tool and requirements compiler that resolves transitive dependencies to produce a deterministic list of packages. The project enables the maintenance of separate production and development dependency layers through layered requirement constraints. It supports targeted package upgrades and the generation of content hashes to verify package integrity during installation. The toolset covers dependency locking, version updates, and virtua
Refreshes pinned package versions to the latest compatible releases based on defined version constraints.
Standard-version is a semantic versioning release automation tool and Git versioning manager. It calculates the next semantic version by parsing commit messages that follow the Conventional Commits specification and automates the process of updating project files and creating signed Git tags. The tool distinguishes itself by generating formatted changelogs automatically from commit history and providing a release process simulation to preview version bumps without modifying files or Git history. It supports pre-release version management for experimental builds and allows for manual version o
Allows specification of which files to read and update using built-in or custom version tools.
The Operator SDK is a framework for building, packaging, and managing custom controllers that extend the Kubernetes API. It serves as a toolset for defining new API types and implementing reconcile loops to automate the lifecycles of complex applications. The project provides specialized support for creating operators based on Helm charts or Ansible playbooks, allowing users to maintain a desired cluster state using existing automation tools. It includes a dedicated system for packaging controllers into standardized container image bundles for distribution via the Operator Lifecycle Manager.
Updates project dependencies and build manifests to ensure compatibility with newer cluster versions.
SerpentAI is a game AI development kit and computer vision framework designed for building autonomous agents that interact with video games. It serves as a game input automation tool and a machine learning model integration engine, allowing developers to create agents that perceive game states and execute actions. The framework utilizes a plugin-based agent architecture to provide modular extensions for game-specific logic and behaviors. It features a specialized system for training, bundling, and deploying machine learning classifiers to recognize visual contexts and game states in real time
Provides utilities for updating the framework to the latest compatible releases from a package registry.
Specs is a centralized package metadata repository and distribution service for the Apple platform. It serves as a public index of library specifications, enabling the discovery, resolution, and installation of third-party frameworks for iOS and macOS projects. The project provides a podspec distribution service that hosts and validates library specifications to ensure reproducible dependency resolution. It utilizes a Git-based collection of structured specifications and a REST API to manage library publishing, ownership, and versioning. The system encompasses comprehensive capabilities for
Provides utilities to refresh pinned package versions to the latest compatible releases by ignoring the lockfile.
npm-check is a command-line tool that audits a project's npm dependencies, comparing local package versions against the npm registry to identify outdated, unused, or incorrect entries. It scans both package.json and node_modules, and can also inspect globally installed npm packages for the same issues. The tool distinguishes itself by offering multiple modes of operation. It can automatically update all outdated dependencies to their latest versions without interaction, suitable for automated scripts. Alternatively, it provides an interactive terminal interface that lets users review and
Saves updated dependencies with exact version numbers in package.json to prevent future minor or patch upgrades.
WordPress boilerplate with Composer and Git, easier configuration, and an improved folder structure
Re-requires dependencies to install the latest or a specific version of WordPress core or any plugin.
This repository is the source for a curated collection of printable reference sheets for R and Python packages. It provides quick-reference guides organized by topic, available as both PDF files for offline printing and interactive HTML versions for online browsing. The collection also includes community-contributed translations of these reference sheets into multiple languages, expanding accessibility for non-English speakers. The project is built around a reproducible rendering pipeline that generates both PDF and HTML formats from source documents, using a lockfile to guarantee identical b
Snapshots exact package versions and sources into a lockfile for reproducible builds.
godep ist ein Abhängigkeitsmanager für Go, der Paketversionen aufzeichnet, wiederherstellt und aktualisiert, um reproduzierbare Builds über verschiedene Umgebungen hinweg sicherzustellen. Er fungiert als Version-Lock-Tool, das spezifische Paket-Revisionen in einer Manifest-Datei verfolgt, um Entwicklungsworkspaces und Build-Zustände zu synchronisieren. Das Tool enthält Vendoring-Funktionen, die externen Go-Quellcode in ein lokales Verzeichnis kopieren, wodurch Projekte ohne aktiven Netzwerkzugriff gebaut werden können. Das System verwaltet den gesamten Abhängigkeitslebenszyklus und deckt das Version-Locking, die Workspace-Synchronisierung und das Aktualisieren verfolgter Pakete auf neuere Releases ab.
Provides utilities to refresh pinned package versions to their latest compatible releases and update the lock file.
dependabot-core is the automated dependency management engine that powers multi-ecosystem package updates and vulnerability remediation. It parses package manifests and lockfiles, polls package registries for newer versions, resolves version constraints across entire dependency trees, and generates pull requests with changelogs and structured descriptions. The system integrates vulnerability database matching to detect known security flaws and can automatically create remediation pull requests. What distinguishes this project is its handling of complex multi-ecosystem resolution across dozens
Fetches latest package versions from registries on a configurable schedule to detect available updates.
clib ist ein C-Sprach-Paketmanager und Dependency-Manager, der zum Installieren, Aktualisieren und Verwalten externer C-Bibliotheken und ausführbarer Abhängigkeiten aus Remote-Repositories verwendet wird. Er fungiert als Distributionstool zur Strukturierung von Quellcode und Metadaten für die Veröffentlichung von C-Bibliotheken sowie als Entwicklungs-Toolkit zur Aufrechterhaltung konsistenter Build-Umgebungen. Das Projekt bietet ein Framework für die Distribution von C-Bibliotheken und Dependency-Resolution unter Verwendung von Manifest-Dateien, um erforderliche Bibliotheksversionen nachzuverfolgen und reproduzierbare Builds über verschiedene Systeme hinweg sicherzustellen. Es optimiert den C-Entwicklungs-Workflow durch die Verwaltung der Installation und Deinstallation nativer Binärdateien und Entwicklungstools. Das System deckt ein breites Spektrum an Systemprogrammierung ab, einschließlich Memory-Profiling, Leistungsmessung und Unit-Testing. Es enthält zudem Utilities für das Management von Datenstrukturen, Dateisysteminteraktion, kryptografisches Hashing, Datenverschlüsselung und Netzwerkkommunikation.
Retrieves the latest versions of installed packages to keep project dependencies current.
Bundler is a Ruby dependency manager that resolves gem versions and locks them in a lockfile so every machine installs the same set of dependencies. It manages package sources, provides environment diagnostics, and wraps commands and consoles to run inside a consistent gem context, preventing version mismatches across development, testing, and production. Unlike a simple package installer, Bundler uses a SAT solver to find a consistent set of gem versions satisfying all constraints, segregates authentication secrets from source URLs, and enforces platform-specific dependency filtering. Its lo
Bundler replaces locked package versions with newer ones that satisfy the constraints in the dependency manifest, for a subset or all packages.
NuGetForUnity ist ein Paketmanager und Abhängigkeitsmanagementsystem, das NuGet-Pakete in Unity-Projekte integriert. Es fungiert als NuGet-Client für die Spieleentwicklung und ermöglicht die Installation, Wiederherstellung und Aktualisierung externer .NET-Bibliotheken und deren transitiver Abhängigkeiten ohne manuelle DLL-Importe. Das Tool enthält ein Bibliotheks-Publishing-Utility für das Erstellen von Paketspezifikationsdateien und das Hochladen benutzerdefinierter Bibliotheken auf Remote-NuGet-Server. Es unterstützt die Nutzung sowohl offizieller als auch benutzerdefinierter Paket-Feeds, was die Verteilung proprietärer Bibliotheken über private Registries ermöglicht. Das System bietet ein visuelles Interface für das Suchen und Verwalten von Bibliotheken sowie ein Kommandozeilen-Interface für die Automatisierung der Paketwiederherstellung innerhalb von Continuous-Integration- und Delivery-Pipelines. Es deckt breite Funktionsbereiche ab, einschließlich Versions-beschränkter Auflösung, Manifest-basierter Abhängigkeitsverfolgung und Assembly-Referenzkontrolle.
Identifies and applies newer or older versions of installed packages to update or downgrade dependencies.
diun is a monitoring service that tracks container registries for new tags or digest changes to notify users when image updates are available. It functions as a container orchestration watcher and registry notification engine, identifying images used within environments to ensure container deployments remain up to date. The project distinguishes itself by providing automated image discovery across multiple orchestrators and runtimes, including Kubernetes, Docker Swarm, Nomad, and containerd. It supports flexible configuration through YAML files, environment variables, and metadata labels or a
Runs scheduled checks against remote container registries to detect new tags or updated image digests.