ToolStabil
Velisch Package Manager
Verwaltet Dependencies und Packages für Velisch-Projekte mit SemVer-Support.
Installation
cd tools/package-manager
cargo build --releaseGrundlegende Befehle
Projekt initialisieren
velin-pkg init my-projectDependency hinzufügen
velin-pkg add github.com/user/repo --version ^1.0.0Dependency entfernen
velin-pkg remove github.com/user/repoDependencies installieren
velin-pkg installVersion Constraints
^1.2.0Compatible (>=1.2.0, <2.0.0)
~1.2.0Patch (>=1.2.0, <1.3.0)
1.2.0Exact Version
>=1.2.0Minimum Version
*Latest Version
velin.toml Format
velin.tomltoml
[package]
name = "my-project"
version = "0.1.0"
description = "Mein tolles Projekt"
authors = ["Author <author@example.com>"]
license = "MIT"
repository = "https://github.com/user/repo"
[dependencies]
github.com/example/database = "^1.0.0"
github.com/example/auth = "~1.2.0"
github.com/example/utils = "1.5.0"
[dev-dependencies]
github.com/example/test-utils = "^0.1.0"
[features]
default = []
axum = []
sea-orm = []Weitere Befehle
Dependencies aktualisieren
# Prüfe auf Updates
velin-pkg update
# Update alle
velin-pkg update --all
# Mit Breaking Changes erlauben
velin-pkg update --all --allow-breakingDependencies auflisten
velin-pkg list
velin-pkg list --tree # Dependency-Baum
velin-pkg list --outdated # Nur veralteteSecurity Audit
velin-pkg auditWorkspaces
Für Multi-Package-Projekte:
[workspace]
members = [
"package1",
"package2",
"package3"
]Best Practices
Version Constraints
Verwende SemVer Constraints (^, ~)
Lock File committen
Committe velin.lock für reproduzierbare Builds
Regelmäßige Updates
Prüfe regelmäßig auf Updates
Security Audits
Führe regelmäßig velin-pkg audit aus
Minimale Dependencies
Füge nur notwendige Dependencies hinzu
Version Pinning
Pin kritische Dependencies auf exakte Versionen
CI/CD Integration
.github/workflows/ci.ymlyaml
- name: Install Dependencies
run: |
cd tools/package-manager
cargo build --release
./target/release/velin-pkg install
- name: Audit Dependencies
run: |
./target/release/velin-pkg audit