Package Management - sgml/signature GitHub Wiki
Comparison
| Language | Package Manager | Relevant GitHub Issue | Minimum RAM | Disk Cache Requirements |
|---|---|---|---|---|
| Python | Poetry | Poetry memory usage issue | ~512 MB | ~100 MB |
| PHP | Composer | Composer 2 memory usage improvements | ~512 MB | ~100 MB |
| Perl | CPAN | CPAN memory usage monitoring | ~256 MB | ~50 MB |
| Ruby | RubyGems | RubyGems memory usage discussion | ~256 MB | ~50 MB |
| TCL | tcllib | Tcllib memory usage topic | ~128 MB | ~30 MB |
| OCaml | OPAM | OPAM memory usage concerns | ~256 MB | ~50 MB |
| Erlang | rebar3 | Rebar3 memory efficiency issue | ~256 MB | ~50 MB |
| JavaScript | pnpm | pnpm memory usage issue | ~512 MB | ~100 MB |
Linux
- https://devopedia.org/package-manager
- https://fossies.org/linux/
- https://jfearn.fedorapeople.org/en-US/RPM/4/html/RPM_Guide/ch-advanced-packaging.html
CPAN
Yarn / NPM
- https://classic.yarnpkg.com/lang/en/docs/envvars/
- https://yarnpkg.com/getting-started/migration
- https://docs.npmjs.com/cli/v9/using-npm/config#environment-variables
- https://www.npmjs.com/package/npm
Serverless
- https://www.serverless.com/framework/docs/providers/aws/guide/variables
- https://www.serverless.com/framework/docs/environment-variables
- https://www.serverless.com/framework/docs/providers/openwhisk/guide/variables
PIP
- https://pip.pypa.io/en/stable/user_guide/
- https://pip.pypa.io/en/stable/topics/configuration/
- https://www.activestate.com/products/python/pip-tools/pip-install-environment/
Maven
- https://medium.com/codefx-weekly/java-9-maven-compile-errors-module-names-kill-switches-73411c511750
Security
- http://neurocline.github.io/papers/survey-of-programming-language-packaging-systems.html
- https://snyk.io/blog/publishing-malicious-packages/
- https://www.cloudfoundry.org/blog/security-corner-snyk-top-six-vulnerabilities-maven-npm/
- http://manpages.ubuntu.com/manpages/xenial/man3/CPAN.3perl.html
- https://metacpan.org/pod/CPAN
- https://news.ycombinator.com/item?id=8226139
- https://news.ycombinator.com/item?id=11341990
- http://incolumitas.com/2016/06/30/what-other-package-managers-are-vulnerable-to-typosquatting/
- https://github.com/topics/package-manager
- http://www.modulecounts.com
- https://depfu.com/blog/2017/03/22/a-brief-history-of-dependency-management
- https://blackducksoftware.atlassian.net/wiki/spaces/INTDOCS/pages/49131875/Hub+Detect
- https://news.ycombinator.com/item?id=11088125