Track if a published version can be deleted #24
Description
Very useful project. Thank you.
There was a twitter thread a few months ago, around the time of this incident.
"which package ecosystems protect downstream libs/apps from a published version of an upstream lib being deleted"
https://twitter.com/mrinal/status/1546250871784108033
The thread captured, state of this for:
- Rust https://twitter.com/mrinal/status/1546250872711024641
- JS https://twitter.com/mrinal/status/1546250873851875329
- Go https://twitter.com/mrinal/status/1546250874908921858
- Erlang/Elixir https://twitter.com/mrinal/status/1546250875961675776
- Java / Scala/ other JVM https://twitter.com/mrinal/status/1546250876997685249
- Ruby https://twitter.com/mrinal/status/1546250878008537089
- Swift https://twitter.com/mrinal/status/1546250878977380353
- Python https://twitter.com/mrinal/status/1546250879853928448
- Github Packages https://twitter.com/mrinal/status/1546265142580547584
- Docker Hub https://twitter.com/mrinal/status/1546266861989351424
I wished at the time for something like packman and today someone pointed me packman :)
If there is interest in tracking this aspect, I'd be happy to send pull request.