28 dépôts
Utilities for refreshing pinned package versions to the latest compatible releases.
Distinct from Dependency Versioning: Specifically focuses on updating pinned versions based on constraints rather than just managing version strings.
Explore 28 awesome GitHub repositories matching devops & infrastructure · Dependency Version Updates. Refine with filters or upvote what's useful.
This project is a dependency management tool for Go designed to track and lock package versions to ensure reproducible builds across different environments. It functions as a version lock file manager, recording complete snapshots of the dependency graph to prevent version drift, and as a semantic version constraint resolver that calculates compatible package versions. The tool orchestrates a local vendor directory, mirroring external source code to enable offline builds and source auditing. It utilizes a combination of static analysis to discover required libraries and a logic engine to inte
Provides utilities for refreshing pinned package versions to the latest compatible releases based on defined constraints.
EmDash is an open-source content management system built on Astro that combines a visual admin panel with a plugin-driven architecture and server-side rendering. It provides a complete content management system with structured content modeling, a rich text editor using Portable Text format, and a TypeScript API for type-safe content queries. The system supports authentication through passkeys, OAuth 2.1, and external providers, with role-based access control and fine-grained permission scopes. What distinguishes EmDash is its plugin development framework, which supports both native plugins ru
Updates plugin packages and core CMS to latest versions, then rebuilds the site.
MagiskOnWSALocal is a toolkit and set of scripts designed to integrate root access and Google Apps into the Windows Subsystem for Android. It functions as a customization utility to provide administrative control over the virtualized Android environment. The project enables the installation of Magisk root binaries and the integration of Google Play Store services. It includes capabilities for removing default application marketplaces and modifying system settings to customize the subsystem. The toolset manages subsystem maintenance through version updates that preserve user data. It also pro
Provides script-based capability to install newer system versions while preserving user data.
NexT is a responsive, elegant static blog theme for Hexo that generates HTML pages from Markdown posts. It is designed as a pre-built visual design for the Hexo framework, producing mobile-friendly layouts that adapt across devices with support for dark mode and multiple visual schemes. The theme distinguishes itself through extensive customization options, including five built-in code highlighting themes for technical blog posts and a multilingual interface supporting over 15 languages. It offers configuration flexibility by allowing theme settings to be stored either in the main Hexo config
Provides guidance for updating Hexo and its plugins to versions compatible with the latest theme release.
Glide is a Go dependency management tool that fetches, pins, and vendors external packages to enable reproducible builds across environments. It stores project-specific copies of Go packages in a vendor directory, isolating dependencies per project to avoid version conflicts, and supports fetching packages from Git, Mercurial, Bazaar, and Subversion repositories. The tool resolves dependency versions using semantic versioning ranges and operators, and generates a lock file that records exact commit IDs for all transitive dependencies. Glide distinguishes itself with an interactive version wiz
Fetches the latest versions matching version ranges and pins exact versions in a lock file.
pip-tools is a set of utilities for Python dependency pinning, lockfile management, and virtual environment synchronization. It functions as a requirement compiler that resolves high-level package declarations into a pinned list of specific versions and content hashes to ensure repeatable builds across different environments. The tool differentiates itself by providing a mechanism to refresh locked dependencies to their latest compatible versions without manual editing. It supports a layered dependency workflow, allowing one requirements file to act as a constraint for another to maintain com
Provides utilities to refresh pinned package versions to the latest compatible releases.
pip-tools is a set of command line utilities for compiling high-level Python dependency lists into pinned requirements files. It functions as a dependency lock tool and requirements compiler that resolves transitive dependencies to produce a deterministic list of packages. The project enables the maintenance of separate production and development dependency layers through layered requirement constraints. It supports targeted package upgrades and the generation of content hashes to verify package integrity during installation. The toolset covers dependency locking, version updates, and virtua
Refreshes pinned package versions to the latest compatible releases based on defined version constraints.
Standard-version is a semantic versioning release automation tool and Git versioning manager. It calculates the next semantic version by parsing commit messages that follow the Conventional Commits specification and automates the process of updating project files and creating signed Git tags. The tool distinguishes itself by generating formatted changelogs automatically from commit history and providing a release process simulation to preview version bumps without modifying files or Git history. It supports pre-release version management for experimental builds and allows for manual version o
Allows specification of which files to read and update using built-in or custom version tools.
The Operator SDK is a framework for building, packaging, and managing custom controllers that extend the Kubernetes API. It serves as a toolset for defining new API types and implementing reconcile loops to automate the lifecycles of complex applications. The project provides specialized support for creating operators based on Helm charts or Ansible playbooks, allowing users to maintain a desired cluster state using existing automation tools. It includes a dedicated system for packaging controllers into standardized container image bundles for distribution via the Operator Lifecycle Manager.
Updates project dependencies and build manifests to ensure compatibility with newer cluster versions.
SerpentAI is a game AI development kit and computer vision framework designed for building autonomous agents that interact with video games. It serves as a game input automation tool and a machine learning model integration engine, allowing developers to create agents that perceive game states and execute actions. The framework utilizes a plugin-based agent architecture to provide modular extensions for game-specific logic and behaviors. It features a specialized system for training, bundling, and deploying machine learning classifiers to recognize visual contexts and game states in real time
Provides utilities for updating the framework to the latest compatible releases from a package registry.
Specs is a centralized package metadata repository and distribution service for the Apple platform. It serves as a public index of library specifications, enabling the discovery, resolution, and installation of third-party frameworks for iOS and macOS projects. The project provides a podspec distribution service that hosts and validates library specifications to ensure reproducible dependency resolution. It utilizes a Git-based collection of structured specifications and a REST API to manage library publishing, ownership, and versioning. The system encompasses comprehensive capabilities for
Provides utilities to refresh pinned package versions to the latest compatible releases by ignoring the lockfile.
npm-check is a command-line tool that audits a project's npm dependencies, comparing local package versions against the npm registry to identify outdated, unused, or incorrect entries. It scans both package.json and node_modules, and can also inspect globally installed npm packages for the same issues. The tool distinguishes itself by offering multiple modes of operation. It can automatically update all outdated dependencies to their latest versions without interaction, suitable for automated scripts. Alternatively, it provides an interactive terminal interface that lets users review and
Saves updated dependencies with exact version numbers in package.json to prevent future minor or patch upgrades.
WordPress boilerplate with Composer and Git, easier configuration, and an improved folder structure
Re-requires dependencies to install the latest or a specific version of WordPress core or any plugin.
This repository is the source for a curated collection of printable reference sheets for R and Python packages. It provides quick-reference guides organized by topic, available as both PDF files for offline printing and interactive HTML versions for online browsing. The collection also includes community-contributed translations of these reference sheets into multiple languages, expanding accessibility for non-English speakers. The project is built around a reproducible rendering pipeline that generates both PDF and HTML formats from source documents, using a lockfile to guarantee identical b
Snapshots exact package versions and sources into a lockfile for reproducible builds.
godep est un gestionnaire de dépendances pour Go qui enregistre, restaure et met à jour les versions de paquets pour assurer des builds reproductibles sur différents environnements. Il fonctionne comme un outil de verrouillage de version, suivant des révisions de paquets spécifiques dans un fichier manifeste pour synchroniser les espaces de travail de développement et les états de build. L'outil inclut des capacités de vendoring qui copient le code source Go externe dans un répertoire local, permettant aux projets d'être construits sans accès réseau actif. Le système gère le cycle de vie complet des dépendances, couvrant le verrouillage des versions, la synchronisation de l'espace de travail et la mise à jour des paquets suivis vers de nouvelles versions.
Provides utilities to refresh pinned package versions to their latest compatible releases and update the lock file.
dependabot-core is the automated dependency management engine that powers multi-ecosystem package updates and vulnerability remediation. It parses package manifests and lockfiles, polls package registries for newer versions, resolves version constraints across entire dependency trees, and generates pull requests with changelogs and structured descriptions. The system integrates vulnerability database matching to detect known security flaws and can automatically create remediation pull requests. What distinguishes this project is its handling of complex multi-ecosystem resolution across dozens
Fetches latest package versions from registries on a configurable schedule to detect available updates.
clib est un gestionnaire de paquets et de dépendances en langage C utilisé pour installer, mettre à jour et gérer des bibliothèques C externes et des dépendances exécutables depuis des dépôts distants. Il fonctionne comme un outil de distribution pour structurer le code source et les métadonnées afin de publier des bibliothèques C, et comme une boîte à outils de développement pour maintenir des environnements de build cohérents. Le projet fournit un framework pour la distribution de bibliothèques C et la résolution de dépendances, utilisant des fichiers manifestes pour suivre les versions de bibliothèques requises et assurer des builds reproductibles sur différents systèmes. Il rationalise le flux de travail de développement C en gérant l'installation et la désinstallation de binaires natifs et d'outils de développement. Le système couvre un large éventail de capacités de programmation système, incluant le profilage mémoire, la mesure de performance et les tests unitaires. Il inclut également des utilitaires pour la gestion de structures de données, l'interaction avec le système de fichiers, le hachage cryptographique, le chiffrement de données et la communication réseau.
Retrieves the latest versions of installed packages to keep project dependencies current.
Bundler is a Ruby dependency manager that resolves gem versions and locks them in a lockfile so every machine installs the same set of dependencies. It manages package sources, provides environment diagnostics, and wraps commands and consoles to run inside a consistent gem context, preventing version mismatches across development, testing, and production. Unlike a simple package installer, Bundler uses a SAT solver to find a consistent set of gem versions satisfying all constraints, segregates authentication secrets from source URLs, and enforces platform-specific dependency filtering. Its lo
Bundler replaces locked package versions with newer ones that satisfy the constraints in the dependency manifest, for a subset or all packages.
NuGetForUnity est un gestionnaire de paquets et un système de gestion des dépendances qui intègre les paquets NuGet dans les projets Unity. Il fonctionne comme un client NuGet pour le développement de jeux, permettant l'installation, la restauration et la mise à jour de bibliothèques .NET externes et de leurs dépendances transitives sans importations DLL manuelles. L'outil inclut un utilitaire de publication de bibliothèque pour créer des fichiers de spécification de paquet et télécharger des bibliothèques personnalisées vers des serveurs NuGet distants. Il prend en charge l'utilisation de flux de paquets officiels et personnalisés, permettant la distribution de bibliothèques propriétaires via des registres privés. Le système fournit une interface visuelle pour rechercher et gérer les bibliothèques, ainsi qu'une interface en ligne de commande pour automatiser la restauration des paquets au sein des pipelines d'intégration et de livraison continues. Il couvre de larges domaines de capacité incluant la résolution sous contrainte de version, le suivi des dépendances basé sur le manifeste et le contrôle des références d'assemblage.
Identifies and applies newer or older versions of installed packages to update or downgrade dependencies.
diun is a monitoring service that tracks container registries for new tags or digest changes to notify users when image updates are available. It functions as a container orchestration watcher and registry notification engine, identifying images used within environments to ensure container deployments remain up to date. The project distinguishes itself by providing automated image discovery across multiple orchestrators and runtimes, including Kubernetes, Docker Swarm, Nomad, and containerd. It supports flexible configuration through YAML files, environment variables, and metadata labels or a
Runs scheduled checks against remote container registries to detect new tags or updated image digests.