GitHub announces beta version of GitHub Package Registry, its new package management service

2 min read

Update: At WWDC 2019, GitHub added support for Swift packages to GitHub Package Registry. Swift packages make it easy to share your libraries and source code across projects and with the Swift community.

Last Friday, GitHub announced a new package management service to allow developers and organizations to easily generate “packages” from their code. Called the GitHub Package Registry, this service allows developers to publish public or private packages next to their source code.

“GitHub Package Registry is compatible with common package management clients, so you can publish packages with your choice of tools,” Simina Pasat, director of Product Management at GitHub, explains in the official announcement.

The GitHub Package Registry is available in limited beta for now. However, it will always be free to use for open source. The new service is currently compatible with JavaScript (npm), Java (Maven), Ruby (RubyGems), .NET (NuGet) and Docker images, with support for other languages and tools to come. Packages hosted on GitHub will include detailed insights such as download statistics and project/package history.

Developers can also publish multiple packages of different types for more complex repositories. They can also customize publishing and post-publishing workflows using webhooks and GitHub Actions.

GitHub Package Registry has unified identity and permissions meaning packages on GitHub inherit the visibility and permissions associated with the repository. This means, organizations no longer need to maintain a separate package registry and mirror permissions across systems. They can use a single set of credentials across different systems for code and packages, and manage access permissions with the same tools.

Developers are generally enthusiastic about the new GitHub Venture. Here are some positive comments from a thread on Hacker News.

This is really outstanding. GitHub Package Registry separates the registry from the artifact storage, which is the right way to do it. The registry should be quick to update because it’s only a pointer. The artifact storage will be under my control. Credentials and security should be easier to deal with. I really hope this works out.

This is pretty interesting. Github really is becoming the social network that MS never seemed to be able to create. We already use it as our portfolio of work for potential employers. We collaborate with fellow enthusiasts and maybe even make new friends. We host our websites from it. Abuse it to store binaries, too. And now, alongside, source code we can use it as a CDN of sorts to serve packages, for free, sounds pretty great.

It’s a really nice project overall, having a GitHub Package Registry that supports many different projects and run by a company that today is good, is always nice.

Read Next

GitHub deprecates and then restores Network Graph after GitHub users share their disapproval

Apache Software Foundation finally joins the GitHub open source community

Introducing Gitpod, a one-click IDE for GitHub

Content Marketing Editor at Packt Hub. I blog about new and upcoming tech trends ranging from Data science, Web development, Programming, Cloud & Networking, IoT, Security and Game development.