Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
English | 简体中文
Bin package manager (BPM) is a Github release-based package manager that allows users to install and manage binaries from any Github release.
BPM is currently supported on Linux and Windows, python >= 3.9.
[!CAUTION] Risk Warning: Be aware of the potential risk of BPM Linux damaging your computer. By using BPM to install software, you accept this risk and trust third-party Github release packagers.
[TIP] BPM guarantees parity, i.e.,
bpm install
followed immediately bybpm uninstall
will not change the system in any way.
In non-rolling release Linux distributions, the version of softwares in official source are often too low to use some new features.
Rolling distributions, such as Archlinux, are also unable to install software from the AUR as root.
A common way to manage packages on Windows is scoop, but it requires the packager to maintain a "manifest" list.
BPM needs to be installed to root user.
sudo pip install bin-package-manager --break-system-packages
sudo bpm
Note the risk of potentially breaking system packages.
pip install bin-package-manager
bpm
You can use pipx to install BPM.
sudo pipx install bin-package-manager
pipx will only install for the current user, so sudo
is required. Alternatively, you can track on this issue and use other methods mentioned there.
If you don't want to use pipx, you can also download and use the source code.
BPM requires these libs, please install them manually.
git clone https://github.com/lxl66566/bpm.git
cd bpm
python3 -m bpm
# or use poetry to install dependencies and run: `poetry install && poetry run python -m bpm`
bpm i <package>
bpm -h
and bpm i -h
for more help.❯ bpm i -h
usage: bpm install [-h] [-b [BIN_NAME]] [-l [Archive]] [-q] [--one-bin] [--prefer-gnu] [-n] [-i] [--filter [FILTER ...]] [--sort [SORT]] packages [packages ...]
positional arguments:
packages Package name or github url to install
options:
-h, --help show this help message and exit
-b [BIN_NAME], --bin-name [BIN_NAME]
specify the binary executable filename, otherwise use package name by default.
-l [Archive], --local [Archive]
install from local archive.
-q, --quiet not ask, install the best match repo.
--one-bin install given binary only. Use package name as binary name by default.
--prefer-gnu bpm prefers musl target by default, you can change this default option.
-n, --dry-run print the install position, but not install actually.
-i, --interactive select asset interactively.
--filter [FILTER ...]
filter assets
--sort [SORT] sort param in github api, use `best-match` by default. The value could be `stars`, `forks`, `help-wanted-
issues`, `updated`.
BPM automatically determines the file structure in the asset and installs it to the appropriate location on the system. The current installation is like:
lib
, include
, share
, man
, bin
directories into the systemBPM automatically adds the .old
suffix to existing files to avoid overwrite. The .old
files will be restored in uninstalling.
BPM downloads asset into %userprofile%/bpm/app/<name>
and creates shortcuts and cmd runner for the executables to %userprofile%/bpm/bin
, which is added to %path%
.
After v2.2.9, single .exe
and .msi
can be also downloaded and installed.
git clone https://github.com/lxl66566/bpm.git
cd bpm
poetry install
poetry run python -m unittest bpm/**/*.py # run tests
FAQs
Bin package manager, a package manager based on Github release
We found that bin-package-manager demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.