Puppet, an automated administrative engine for your Linux, Unix, and Windows systems, performs administrative tasks (such as adding users, installing packages, and updating server configurations) based on a centralized specification.
Documentation for Puppet and related projects can be found online at the Puppet Docs site.
The best way to run Puppet is with Puppet Enterprise (PE), which also includes orchestration features, a web console, and professional support. The PE documentation is available here.
To install an open source release of Puppet, see the installation guide on the docs site.
If you need to run Puppet from source as a tester or developer, see the Quick Start to Developing on Puppet guide.
We'd love to get contributions from you! For a quick guide to getting your system setup for developing, take a look at our Quickstart Guide. Once you are up and running, take a look at the Contribution Documents to see how to get your changes merged in.
For more complete docs on developing with Puppet, take a look at the rest of the developer documents.
See LICENSE file. Puppet is licensed by Puppet, Inc. under the Apache license. Puppet, Inc. can be contacted at: info@puppet.com
Please log issues in this project's GitHub Issues. A mailing list is available for asking questions and getting help from others, or if you prefer chat, we also have a Puppet Community slack.
We use semantic version numbers for our releases and recommend that users stay as up-to-date as possible by upgrading to patch releases and minor releases as they become available.
Bug fixes and ongoing development will occur in minor releases for the current major version. Security fixes will be backported to a previous major version on a best-effort basis, until the previous major version is no longer maintained.
For example: If a security vulnerability is discovered in Puppet 8.1.1, we would fix it in the 8 series, most likely as 8.1.2. Maintainers would then make a best effort to backport that fix onto the latest Puppet 7 release.
Long-term support, including security patches and bug fixes, is available for commercial customers. Please see the following page for more details:
FAQs
Unknown package
We found that puppet demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A data handling bug in OSV.dev caused disputed CVEs to disappear from vulnerability feeds until a recent fix restored over 500 advisories.
Research
/Security News
175 malicious npm packages (26k+ downloads) used unpkg CDN to host redirect scripts for a credential-phishing campaign targeting 135+ organizations worldwide.
Security News
Python 3.14 adds template strings, deferred annotations, and subinterpreters, plus free-threaded mode, an experimental JIT, and Sigstore verification.
