
Why GitHub is not a great package repository - tbarbugli
https://github.com/jteeuwen/go-bindata
======
kjksf
Every repository has the same problem. Here's an incident in npm
[https://www.theregister.co.uk/2016/03/23/npm_left_pad_chaos/](https://www.theregister.co.uk/2016/03/23/npm_left_pad_chaos/)

For legal and moral reasons any package repository needs to allow deleting
packages. Either because the content violates some laws or because the author
decided he no longer wants to publish his stuff.

In practice removal of packages happens so rarely that it's not a problem. At
least on github you can find forks of go-bindata.

------
ogdoad
Link won't work...

~~~
JelteF
That's exactly the problem. People can just remove their Go packages.

~~~
krapp
It's not a problem - other people have the right to do what they wish with
their own projects.

Not cloning your dependency tree or maintaining a local fork precisely so
other maintainers' nonsense can't hurt you is the problem.

