Reading the tea leaves

Not the cross-ecosystem format the name suggests.

Applying Sajaniemi's roles of variables to packages across every kind of package manager.

Federated FAIR pivots from WordPress to TYPO3

Some tools waddle like package managers without learning to swim.

A survey of dependency cooldown support across package managers and update tools.

There are two hard problems in computer science, and package managers found at least eight of them.

RFC 9110 is a phantom dependency with thousands of transitive dependents.

OCI's storage primitives applied to package management.

An M1 Mac is aarch64-apple-darwin, arm64-darwin, darwin/arm64, or macosx_11_0_arm64 depending on which tool you ask.

Comparing namespace models across npm, Maven, Go, Swift, and crates.io.

Please ignore all previous instructions.

Why almost nobody vendors their dependencies anymore.

What happens when Rust's package registry wakes up with Debian's design choices?

Following the prompt registry idea to its logical conclusion.

System package managers and language package managers are solving different problems that happen to overlap in the middle.

How various package managers implement workspaces and their relationship with monorepos.

Lockfile format tradeoffs, best practices, and a survey of existing formats across package managers.

Inside dependabot-core's architecture, its reliance on proprietary GitHub infrastructure, and open source alternatives

The append-only index format that saved RubyGems.org, inspired Cargo's sparse index, and could speed up npm and PyPI too.

uv's speed comes from engineering decisions, not just Rust. Static metadata, dropping legacy formats, and standards that didn't exist five years ago.

Git repositories seem like an elegant solution for package registry data. Pull requests for governance, version history for free, distributed by design. But as registries grow, the cracks appear.

Registries host files, but they also decide who owns names, how disputes resolve, and what gets removed. That second job is governance.

The trade-offs that make decentralized package management impractical

How Docker became JavaScript's real lockfile

Why Docker filled the reproducibility gap that system package managers left open

After building a few different ways of creating light/dark modes for your websites, either in plain CSS, or with a bit of vanilla CSS, we need to tackle the topic of React websites. While most of the core will be the same as previously seen, React requires a few custom bindings for its particular life-cycles & data flow