To me, the two major problems are:
- no namespaces
Someone uploads “serde2”? that’s blocked forever. Someone uploads a typo version of a popular package? Too bad for you, learn how to type.
- the github connection
If you want to contribute to crates.io you’re bound to github. No gitlab, codeberg, gitee, sourcehut, etc.
Not sure if there are any other problems, but those two seem like the biggest things and #1 is AFAIK not something they ever want to change + it would be difficult to as one would need a migration strategy.
Semver strings allows stuff like “version 2.5.x, but below 2.5.6”. Then cargo calculates the best solution for satisfying all dependency specifications from all packages using a single version (if possible).
Specifying a version in addition to the git branch doesn’t help there at all, because you still have to do it manually then.
Yes. That is in part why I mentioned that it’s not a real alternative, and mentioned
cargo-vendoras a possible basis for a less manual serviceable solution.Serviceable, but not necessarily good still. Anti-
crates.ioextremists would still be better off using an alternative crates registry*.* That’s something that already exists btw. True extremists don’t have to wait for the HN leak-promised Good Stuff.