Comment by mikey_p

4 hours ago

The longer I go the more I have actually come to appreciate the way Packagist works for the PHP community, there are lots of cool things it does that I wish NPM or other registries did by default, like forcing you to package from a source repository, so that you can't upload a different artifact from what you keep in source control.

3 comments

mikey_p

Reply
ecshafer  3 hours ago

How does a close source package work? Depending on the language its not super helpful, but a package that is closed source should be possible.

  • hmry  2 hours ago

    For crates.io: They don't allow closed-source packages. But they're just the free community package index, you're not forced to use them.

    You can:

    - host a private index

    - host the proprietary binaries in a git repo and use a git dependency

    - commit the proprietary binaries into your source repo, and use a path dependency