keptdepends

Keptdepends is a conceptual approach to managing software dependencies that focuses on maintaining a persistent, auditable record of a project’s dependency graph across builds and environments. It defines a manifest and lock mechanism designed to promote reproducible builds, stability, and transparency in software supply chains.

In practice, keptdepends operates alongside existing package managers. A typical workflow includes declaring dependencies in a

Key features include immutability of the resolved dependency graph, provenance metadata for each dependency, and modes

Limitations include adoption overhead, the risk of stale lockfiles if not refreshed, and the need for robust