frphank's avatar
frphank 1 year ago
There is also a larger problem here. Your thinking revolves around isolated, single responsitories. But the open source world has repositories referring to one another. Example:
GitHub
simplex-chat/cabal.project at stable · simplex-chat/simplex-chat
SimpleX - the first messaging network operating without user identifiers of any kind - 100% private by design! iOS, Android and desktop apps 📱! ...
 #L34 The whole chain of repositories must be decentralized and highly available. This is the problem I have to solve.
↑ Parent

Replies (1)

frphank's avatar
frphank 1 year ago
Relying on the centralized package manager's idea of what the authoritative state is is a serious bottleneck. This is why lock files are being used for each project to define its own state. This is @simplex lock file:
GitHub
simplex-chat/flake.lock at stable · simplex-chat/simplex-chat
SimpleX - the first messaging network operating without user identifiers of any kind - 100% private by design! iOS, Android and desktop apps 📱! ...
 Each time it says "github" that's a centralized bottleneck that must go away.
1 replies ↓