Erlang Package Manager
Switch branches/tags
Nothing to show
Pull request Compare This branch is 16 commits ahead of jkvor:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.

Erlang Package Manager (epm)

This is client/server package manager for prebuilt binary Erlang packages, but with source support. See requirements below.

Project is in development. Do not use


These are things I expect epm to be able to do:

TODO Client

  • Fetching by branch, tag/version, hash (source only).
  • Ability to list URLs pointing to archive/tarball as dependency.
  • [?] Central installation to erlang/lib

TODO Server

  • Binary repo running on a commodity web server with index and subdirectories like those Linux repos do;

Future Plans

  • Store index in Git(hub) with pull-requests and signing

Use Cases

TODO: epm ls - list installed packages (locally and globally?) TODO: epm update


A package is (copy from npm docs):

  • (a) a folder containing a program described by a package.json file
  • (b) a gzipped tarball containing (a)
  • (c) a url that resolves to (b)
  • (d) a @ that is published on the registry with (c)
  • (e) a @ that points to (d)
  • (f) a that has a "latest" tag satisfying (e)
  • (g) a git url that, when cloned, results in (a).

Command Line

Copy from npm docs:

  • npm install (with no args in a package dir) -- (in package directory, no arguments): Install the dependencies in the local node_modules folder.
  • npm install <tarball file> -- Install a package that is sitting on the filesystem.
  • npm install <tarball url> -- Fetch the tarball url, and then install it. In order to distinguish between this and other options, the argument must start with "http://" or "https://"
  • npm install <folder> -- Install a package that is sitting in a folder on the filesystem.
  • npm install <name> [--save|--save-dev|--save-optional] -- Do a @ install, where is the "tag" config. (?)
  • npm install <name>@<tag> -- Install the version of the package that is referenced by the specified tag. If the tag does not exist in the registry data for that package, then this will fail.
  • npm install <name>@<version> -- Install the specified version of the package. This will fail if the version has not been published to the registry.
  • npm install <name>@<version range> -- Install a version of the package matching the specified version range. This will follow the same rules for resolving dependencies described in package.json(5).
  • npm install <git remote url> -- Install a package by cloning a git remote url.
  • npm i (with any of the previous argument usage)


To install a package, npm uses the following algorithm:

install(where, what, family, ancestors)

fetch what, unpack to /node_modules/

for each dep in what.dependencies

  • resolve dep to precise version

for each dep@version in what.dependencies

  • not in /node_modules//node_modules/*
  • and not in
  • add precise version deps to
  • install(/node_modules/, dep, family)

For this package{dep} structure: A{B,C}, B{C}, C{D}, this algorithm produces:

+-- B
`-- C
    `-- D

That is, the dependency from B to C is satisfied by the fact that A already caused C to be installed at a higher level.