craftplan
Craftplan is an open-source ERP platform built for small artisanal and craft manufacturers managing direct-to-consumer sales. It consolidates inventory, production, orders, invoicing, and CRM into one self-hosted application without vendor lock-in.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | puemos/craftplan |
| Owner | puemos |
| Primary language | Elixir |
| License | AGPL-3.0 — OSI-approved |
| Stars | 1.1k |
| Forks | 58 |
| Open issues | 3 |
| Latest release | v0.5.0 (2026-06-23) |
| Last updated | 2026-06-30 |
| Source | https://github.com/puemos/craftplan |
What craftplan is
Written in Elixir with Phoenix LiveView and PostgreSQL backend, Craftplan provides JSON:API and GraphQL endpoints, encrypted API key management, and real-time UI updates. It includes BOM versioning with cost rollups, production batching, allergen tracking, and integrations with major email providers (SMTP, SendGrid, Mailgun, Postmark, Brevo, SES).
Get the craftplan source
Clone the repository and explore it locally.
git clone https://github.com/puemos/craftplan.gitcd craftplan# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Requires Elixir ~> 1.20 and Erlang/OTP 28 for development; Docker Compose simplifies deployment but demands infrastructure knowledge for production setup.
- Schema migration and seed data must be understood before first deployment; review .env.example for email, object storage (MinIO), and secret management.
- BOM structure and cost rollup logic should be validated against your product recipes early; nested BOM complexity may require data modeling review.
- iCal calendar integration and API access depend on correct configuration; test email delivery (SMTP/SendGrid/etc.) before go-live.
- Policy-based authorization (admin/staff roles) is present but should be audited against your RBAC needs; no mention of LDAP, SAML, or SSO integration.
When to avoid it — and what to weigh
- High-Volume Mass Manufacturing — Craftplan targets small batch/D2C production; no evidence of capability for large-scale factory workflows, complex supply chain networks, or real-time MES integration.
- Turnkey SaaS Without DevOps Overhead — Self-hosted only; requires Docker, PostgreSQL, and infrastructure management. No managed hosting or hands-off SaaS option available; unsuitable for teams without DevOps capacity.
- Multi-Tenancy or Reseller Model — No documentation of multi-tenant architecture; appears designed for single-organization deployment. Adding customer isolation would require significant architectural changes.
- Real-Time Industry Compliance Audits — While it tracks allergens and nutrition, no evidence of audit logging, SOC 2, ISO 27001, or FDA 21 CFR Part 11 compliance features. Requires independent security review.
License & commercial use
Licensed under AGPL-3.0 (GNU Affero General Public License v3.0). This is a copyleft license requiring source code disclosure of any modifications and network derivative works.
AGPL-3.0 permits commercial use and modification, but imposes strict obligations: any modified version deployed as a network service must make source code available to users. Self-hosting your own instance is permitted; selling a hosted or modified version without disclosing source requires legal review. Not a permissive OSI license for proprietary closed-source deployment. Consult counsel before commercial integration or resale.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Strong |
| License clarity | Clear |
| Deployment complexity | Low |
| DEV.co fit | Good |
| Assessment confidence | High |
Self-hosted deployment removes data residency risks common to SaaS. API keys encrypted at rest. CORS configuration present. Email credentials handled securely. No mention of: encryption at rest for database, audit logging, vulnerability disclosure policy, OWASP adherence, or third-party security review. Admin/staff role-based authorization exists but RBAC depth not detailed. No evidence of rate limiting, CSRF protection detail, or input validation documentation. Any public deployment should be behind a reverse proxy with TLS and firewall rules. Independent security review recommended before processing sensitive customer or ingredient data.
Alternatives to consider
Odoo (Community Edition)
Mature, feature-rich ERP with strong manufacturing, inventory, and CRM modules. Permissive LGPL license. Larger community and ecosystem. No first-class allergen tracking; more complex to self-host and extend.
Tryton
Open-source modular ERP (GPL), Python-based, strong in manufacturing and supply chain. Smaller community than Odoo. Fewer integrations and less allergen-specific tooling than Craftplan.
Shopify / Shopify Plus + Custom Apps
SaaS ecommerce with built-in order and inventory management. No self-hosting or vendor lock-in risk reduction. Strong app ecosystem. Proprietary and costly; production planning and BOM versioning require custom development.
Build on craftplan with DEV.co software developers
Review the AGPL-3.0 license implications, validate feature fit for your workflows, and assess DevOps capacity. If self-hosted manufacturing ERP aligns with your needs, spin up a demo or development instance using Docker Compose.
Talk to DEV.coRelated on DEV.co
Explore the category and the services that help you build with it.
craftplan FAQ
Can I use Craftplan for closed-source commercial manufacturing?
What happens if I modify Craftplan for my business?
How mature is Craftplan for production?
What if I need email, calendar, or API integrations?
Software developers & web developers for hire
DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If craftplan is part of your open-source erp roadmap, our team can implement, customize, migrate, and maintain it.
Ready to Deploy Craftplan?
Review the AGPL-3.0 license implications, validate feature fit for your workflows, and assess DevOps capacity. If self-hosted manufacturing ERP aligns with your needs, spin up a demo or development instance using Docker Compose.