The heart of tech

This article was published on May 13, 2019

Here’s why I’m genuinely excited about GitHub’s new package registry

GitHub moves from hosting to distribution, and I'm really excited

Here’s why I’m genuinely excited about GitHub’s new package registry
Matthew Hughes
Story by

Matthew Hughes

Former TNW Reporter

Matthew Hughes is a journalist from Liverpool, England. His interests include security, startups, food, and storytelling. Follow him on Twi Matthew Hughes is a journalist from Liverpool, England. His interests include security, startups, food, and storytelling. Follow him on Twitter.

Fridays are frequently used by companies to bury bad news. By announcing dismal sales figures and privacy SNAFUs when everyone has left the newsroom (either in body or in mind), they can avoid the attention and scrutiny they’d otherwise get on literally any other day of the working week. I mention this because on Friday, GitHub announced something really fucking awesome, and I’m only just getting the chance to write about it.

The Microsoft-owned company, which is best known for its source management platform, announced the launch of GitHub Package Registry.

Now, I’ve got to be really careful here. It would probably easier if I first told you what it isn’t.

This isn’t a package management tool, like NPM or RubyGems. If those tools are concerned about the acquisition and installation of packages into a software project, Github’s Package Registry is primarily focused on the actual back-end hosting infrastructure.

But I still haven’t told you what it is. In a nutshell, it’s another place where people can host and publish packages. But what makes this exciting is that it’s completely platform-independent. If you’re a developer with multiple language versions of the same library, you don’t have to publish to multiple different places. Instead, you can consolidate all your efforts into one platform.

The platform is currently compatible with JavaScript (NPM), Ruby (RubyGems), .Net (NuGet) and Java (Maven), as well as Docker images. GitHub promises that support for other languages and package management is in the pipeline, but sadly didn’t specify which exact ones. Personally, I’m hoping that PIP, one of the most popular Python package managers, gets some love in the coming months.

And for what it’s worth, I’m glad that the company didn’t bother trying to replace the existing package managers with something of their own creation. It’d be a fool’s errand. They’re just too tightly ingrained in the development workflow. Instead, the company has wisely chosen to build something that floats above the existing players, complimenting rather than usurping them.

Credit: XKCD 927 - Standards

Another advantage that makes the GitHub Package Registry so attractive to developers is the familiarity factor at play. This can’t be understated. GitHub‘s ubiquity means that almost everyone who slings code for a living is intimately familiar with it. Therefore, the Package Registry shouldn’t have too much of a learning curve.

It should also offer a more professional experience, especially compared to the other smaller non-commercial platforms which don’t have Microsoft’s money burning a hole in their back pocket.

Packages are mirrored across the site’s  expansive global content delivery network, meaning that users across the world should get a consistent, fast experience. The platform also comes with an analytic dashboard, allowing developers to spot trends and understand where downloads are coming from. Both of these features will make it attractive to big corporates, who insist on having stratospheric uptime figures, while simultaneously suffering from an unquenchable thirst for data.

One thing I forgot to mention: The GitHub Package Registry lets developers host public and private packages. Although the site is most widely regarded as a place for open-source collaboration, it’s also home to a great many proprietary products, which are kept hidden from public view.

It also plays nice with GitHub Actions and webhooks, allowing developers to introduce more complicated behavior, potentially tying it in their packages with other tools – like a static code analyzer, or a continuous development product.

So, here’s the TL;DR for this wall of text: GitHub’s interests have shifted from the hosting of code, to how developers actually deploy and use it. That can only be a good thing. GitHub consistently exhibits a keen understanding of developer needs.

GitHub Package Registry is a really exciting product. It offers a consistent experience for developers and users alike. This is largely driven by the fact that it means coders only have to work with just one hosting provider, rather than several (assuming said developer is publishing multiple language versions of the same package).

Am I surprised that GitHub is going in this direction? Not in the least. The company’s ambitions have soared since the Microsoft takeover, with Actions, released towards the tail-end of last year, being a great example of that. The GitHub Package Registry is just a mere continuation of that trend. To check it out, register for the limited public beta here.

Also tagged with