Why Package Managers Should Avoid Using Git as a Database for Registries
By
birdculture
Crackling crust, pillowy middle. The kind of bagel that earns a second cup of coffee.
Summary
The article critiques the recurring pattern of package managers using Git repositories as databases for package registries, arguing that while Git offers attractive features like version history, pull request workflows, and free hosting, it fails to scale effectively as registries grow. The piece examines specific examples including Cargo's crates.io index, which started as a Git repository but encountered performance issues as the registry expanded, leading to slow clone operations and visible progress bars that frustrated users. The author argues that Git's design makes it unsuitable for large-scale package registry databases despite its initial appeal.
Key quotes
· 5 pulledUsing git as a database is a seductive idea. You get version history for free. Pull requests give you a review workflow. It's distributed by design. GitHub will host it for free. Everyone already knows how to use it.
Package managers keep falling for this. And it keeps not working out.
The crates.io index started as a git repository. Every Cargo client cloned it. This worked fine when the registry was small, but the index kept growing.
Users would see progress bars like 'Resolving deltas: 74.01%, (64415/95919)' hanging for ages, the visible symptom of Cargo's lib
Git repositories seem like an elegant solution for package registry data. Pull requests for governance, version history for free, distributed by design. But as registries grow, the cracks appear.
You might also wanna read
What Truly Defines a Package Manager: Beyond Basic Registries to Dependency Graphs
The article discusses the characteristics that distinguish true package managers from tools that merely resemble them. The author argues tha
The Package Management Conflict: System vs Language Package Managers and the C Library Problem
The article examines the fundamental conflict between system package managers (like apt, dnf) and language package managers (like npm, pip),
Experiencing Derivation Issues with Nix Package Management for Ruby
The author shares a personal experience with Nix package management where they encountered a perplexing issue trying to access the derivatio
fzakaria.com·7mo ago
Why Average LLM Use Is Likely Destroying Value in Software Development
The author argues that, contrary to prevailing hype, the average use of Large Language Models (LLMs) is likely destroying value rather than
unessays.substack.com·10h ago
How AI Accelerated Prototyping: From Idea to Tangible in Record Time
The author reflects on how AI has transformed their prototyping workflow. Previously, the biggest bottleneck was the time needed to scaffold
darylcecile.net·10h ago
GitLab 19.0 launches with Secrets Manager, agentic workflows, and self-hosted AI models
GitLab 19.0 has been released, positioning itself as an intelligent orchestration platform for DevSecOps. The release includes expanded secr
bit.ly·23h ago