A dependency manager for downloading and installing binary tools across multiple platforms and package managers.
- Multi-platform support: Automatically detects and downloads binaries for Linux, macOS (Intel/ARM), and Windows
- Multiple package managers: GitHub Releases, GitLab Releases, Apache archives, Maven repositories, and direct downloads
- Lock file management: Generate reproducible builds with
deps-lock.yaml - Checksum verification: Ensures binary integrity with SHA256 checksums
- Version constraints: Supports semantic versioning and version pinning
- Authentication: Built-in support for GitHub tokens and other auth mechanisms
go install github.com/flanksource/deps/cmd/deps@latestgit clone https://github.com/flanksource/deps
cd deps
make build
./bin/deps --helpDownload from the releases page.
- Initialize a configuration file:
deps initThis creates a deps.yaml file:
dependencies:
- name: yq
source: github.com/mikefarah/yq
version: v4.40.5- Install dependencies:
deps install- Generate a lock file:
deps lockThis creates deps-lock.yaml with resolved versions and checksums.
Install dependencies from deps.yaml or specific tools.
# Install all dependencies
deps install
# Install specific tool
deps install yq
# Install with specific version
deps install yq@v4.40.5Generate or update deps-lock.yaml with resolved versions and checksums.
# Lock all dependencies
deps lock
# Lock specific packages
deps lock yq kubectlFlags:
--platforms: Comma-separated list of platforms (e.g.,linux-amd64,darwin-arm64)
Check for and optionally update dependencies to newer versions.
# Check for updates
deps update
# Update specific dependency
deps update yqCheck versions of installed tools.
# Check all tools
deps check
# Check specific tool
deps check yqList all available dependencies from configuration.
Check installed versions of tools.
Initialize a new deps.yaml configuration file.
Show authentication status for package managers (GitHub, GitLab, etc.).
# Target directory for installed binaries (default: ./bin)
target: ./bin
# Default installation mode
mode: file # or "directory"
dependencies:
- name: yq
source: github.com/mikefarah/yq
version: v4.40.5
- name: kubectl
source: github.com/kubernetes/kubernetes
version: v1.28.0
# Apache package manager
- name: maven
source: apache.org/maven
version: 3.9.5
# Direct download
- name: custom-tool
url: https://example.com/tool-{{.Version}}-{{.Platform}}.tar.gz
version: 1.2.3Generated by deps lock, contains resolved versions and checksums:
dependencies:
- name: yq
version: v4.40.5
platforms:
linux-amd64:
url: https://github.com/mikefarah/yq/releases/download/v4.40.5/yq_linux_amd64
checksum: sha256:abc123...
darwin-arm64:
url: https://github.com/mikefarah/yq/releases/download/v4.40.5/yq_darwin_arm64
checksum: sha256:def456...Set environment variables for private repositories:
# GitHub
export GITHUB_TOKEN=ghp_...
# GitLab
export GITLAB_TOKEN=glpat-...Check authentication status:
deps whoami- Go 1.25 or later
- Task (optional, Makefile will auto-install)
- Ginkgo for testing
# Using make
make build
# Using task
task build
# Build for all platforms
make build-all# Run all tests
make test
# Run with report generation
make test:report
# Rerun failed tests
make test:failed# Format code
make fmt
# Run linter
make lint
# Run all checks
make check| Target | Description |
|---|---|
build |
Build the deps binary |
build-all |
Build for all supported platforms |
test |
Run all tests using Ginkgo |
test:report |
Run tests with JSON and JUnit report generation |
test:e2e-report |
Run e2e tests with report generation |
test:failed |
Rerun only failed tests from last test run |
lint |
Run golangci-lint |
fmt |
Format Go code |
vet |
Run go vet |
mod-tidy |
Tidy Go modules |
mod-download |
Download Go module dependencies |
clean |
Clean build artifacts |
install |
Install the binary to GOPATH/bin |
check |
Run all checks (fmt, vet, lint, test) |
ci |
Run all CI checks |
See the examples directory for more configuration examples.
See LICENSE file.