GitHub gets a package registry

GitHub today announced the launch of a limited beta of the GitHub Package Registry, its new package management service that lets developers publish public and private packages next to their source code.

To be clear, GitHub isn’t launching a competitor to tools like npm or RubyGems. What the company is launching, however, is a service that is compatible with these tools and allows developers to find and publish their own packages, using the same GitHub interface they use for their code. The new service is currently compatible with JavaScript (npm), Java (Maven), Ruby (RubyGems), .NET (NuGet) and Docker images, with support for other languages and tools to come.

GitHub Package Registry is compatible with common package management clients, so you can publish packages with your choice of tools,” Simina Pasat, director of Product Management at GitHub, explains in today’s announcement. “If your repository is more complex, you’ll be able to publish multiple packages of different types. And, with webhooks or with GitHub Actions, you can fully customize your publishing and post-publishing workflows.”With this, businesses can then also provide their employees with a single set of credentials to manage both their code and packages — and this new feature makes it easy to create a set of approved packages, too. Users will also get download statistics and access to the entire history of the package on GitHub.

Most open-source packages already use GitHub to develop their code before they publish it to a public registry. GitHub argues that these developers can now also use the GitHub Package Registry to publish pre-release versions, for example.

Developers already often use GitHub to host their private repositories. After all, it makes sense to keep packages and code in the same place. What GitHub is doing here, to some degree, is formalize this practice and wrap a product around it.