2 min read

Why I'm making a package manager

The reason I'm making a package manager

Backstory

This whole thing started February 6, 2022 14:31, when I sent this message in the Cloudflare Developers Discord server:

Join the Cloudflare Workers Discord server at https://discord.gg/cloudflaredev
Join the Cloudflare Workers Discord server at https://discord.gg/cloudflaredev

After a while, I decided to jump in and think of how my packager would work, with other people joining in.

git-started is copyright Isaac McFadyen
git-started is copyright Isaac McFadyen

These ideas all came about because of why I wanted to make a package manager:

  1. ESM based core
  2. ESM first package source
  3. Lockfile-less design
  4. Plugin system
  5. Compatibility with other tools / Multiple sources
  6. Smaller footprint

The Why

ESM based core

We believe that ESM is the future of Javascript, however, none of the major package managers use ESM in their core code. ESM is a huge step up from Common JS, and I believe that using ESM in a package manager would help the ecosystem move to ESM.

ESM first package source

As we believe that ESM is the future, we felt that ESM packages needed their own fast, reliable, and safe source. This is why we are going to be building an ESM first package source. This source will help with other features in core, including the lockfile-less design and plugin system.

Lockfile-less design

Package lock’s aren’t interchangeable, which is why we decided to ditch package locks, and use package.json to store a shashum and version of each package.

Plugin system

You might be thinking, but about npm packages?! This is where the plugin system comes into play. The plugins system will let plugins, which are installable using our ESM first package source, add commands and provide custom sources. Allowing for compatibility with other tools.

Compatibility with other tools / Multiple sources

Compatibility is important. You don’t want to introduce a whole new ecosystem without retaining backwards compatibility. This is why we are building plugins that help retain compatibility with npm packages and other tools’ lockfiles. In addition, we are going to support multiple sources out of the box via our plugin system.

Smaller footprint

This all sounds great in theory, but on top of that, we want a smaller footprint. By keeping packages in a central folder, and symlinking to that folder, we are able to reduce the space taken up by dependencies you have installed. In addition to that, we will be building core to be light, and not use up too many resources.

Development

With help from Isaac, we are going to work on making this a polished package manager. We still have work to do, and if you want to help, or look at what’s going on with development, check out the #toastpack channel in my Discord server at https://discord.gg/XRzwMMcAB7.