sjev/devops-guide
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
devops-guide/docs/package-management.md
T
Jev Kuznetsov 846eca59d2 add knowledge
2026-04-23 12:06:00 +02:00

57 lines
1.4 KiB
Markdown
Raw Permalink Blame History

# Package Management
Declare dependencies explicitly, resolve them reproducibly, and isolate environments so projects don't interfere.
## Tools by Language
| Language | Recommended | Alternatives |
|---|---|---|
| Python | `uv` | pip, poetry, pipenv |
| JavaScript | `pnpm` | npm, yarn |
| Go | `go mod` | (built-in, no alternative needed) |
| C++ | `conan`, `vcpkg` | cmake FetchContent |
## Python — `uv`
Fast resolver with lock files. Drop-in for pip + venv.
```bash
# create venv and install
uv venv
uv pip install -e ".[dev]"
# add a dependency (updates pyproject.toml + lockfile)
uv add requests
# sync from lock file (reproducible installs)
uv sync
```
`pyproject.toml` is the single source of truth for dependencies and tool config (PEP 517/518).
## JavaScript — `pnpm`
Faster and more disk-efficient than npm; compatible with npm ecosystem.
```bash
pnpm install # install from lockfile
pnpm add lodash # add dependency
pnpm dlx create-vite # run one-off tool
```
## Go — `go mod`
Built into the toolchain; no extra install needed.
```bash
go mod init github.com/you/myproject
go get github.com/some/package@v1.2.3
go mod tidy # remove unused deps
```
## Key Principles
- Always commit the lock file (`uv.lock`, `pnpm-lock.yaml`, `go.sum`)
- Pin to a specific version in production; use ranges only in libraries
- Separate dev dependencies from runtime dependencies
Reference in New Issue View Git Blame Copy Permalink