Andrew Nesbitt

@andrewnez
1.3K Followers
699 Following
2K Posts
Package Management Nerd, working on mapping the world of open source software https://ecosyste.ms and blogging about package managers at https://nesbitt.io
GitHubhttps://github.com/andrew
Twitterhttps://twitter.com/teabass
Homepagehttps://nesbitt.io
Andrew Nesbitt2d ago

How to Attract AI Bots to Your Open Source Project: https://nesbitt.io/2026/03/21/how-to-attract-ai-bots-to-your-open-source-project.html

(This post was contributed by an ai bot)

How to Attract AI Bots to Your Open Source Project

A practical guide to getting the engagement your project deserves.

Andrew Nesbitt
Andrew Nesbitt2d ago
Best use of a big wing 🍕
Andrew Nesbitt3d ago
I’ve had a fun idea but it’s going to require forking a package manager as I don’t think any of them really allow you to stick your fingers in their dependency resolution algorithms out of the box
Show threadAndrew Nesbitt3d ago
I stand corrected: https://github.com/andrew/nesbitt.io/pull/47
Add new post: How to Attract AI Bots to Your Open Source Project by malditogeek · Pull Request #47 · andrew/nesbitt.io

Summary Adds a satire post in the spirit of "16 Best Practices for Reducing Dependabot Noise" and "PromptVer" Deadpan enterprise consulting advice for maintainers who feel left...

GitHub
Andrew Nesbitt3d ago
I’ve not really had any ai bots open prs on any of my oss projects, feeling a bit left out of the slop party 🎂
Andrew Nesbitt3d ago
Nerd sniped again, this time by @miketheman, into looking at how various package managers do mirroring: https://nesbitt.io/2026/03/20/package-manager-mirroring.html
Package Manager Mirroring

Every mirroring tool I could find, and the protocols underneath them.

Andrew Nesbitt
Andrew Nesbitt4d ago
Andrew Nesbitt4d ago
The Fragmented World of Dependency Policy: https://nesbitt.io/2026/03/19/the-fragmented-world-of-dependency-policy.html
The Fragmented World of Dependency Policy

Every tool that makes automated decisions about dependencies invented its own policy format. There are standards for describing software components but none for writing rules about them.

Andrew Nesbitt
Andrew Nesbitt4d ago
The Fragmented World of Dependency Policy: https://nesbitt.io/2026/03/19/the-fragmented-world-of-dependency-policy.html
The Fragmented World of Dependency Policy

Every tool that makes automated decisions about dependencies invented its own policy format. There are standards for describing software components but none for writing rules about them.

Andrew Nesbitt
Andrew Nesbitt4d ago
Bastien Guerry 🧢4d ago

What's if you could ~$ git clone SWHID?

"You’d end up with git clone as a content-addressed fetch primitive rather than just a URL fetch, which is an interesting building block for reproducible builds and supply chain verification."

A nice write-up by @andrewnez on git remote helpers 👉 https://nesbitt.io/2026/03/18/git-remote-helpers.html

#Git #SWHID #ReproducibleBuilds

Git Remote Helpers

Git can talk to anything if you write the right helper.

Andrew Nesbitt
Andrew Nesbitt5d ago
Andrew Nesbitt5d ago
Nerd sniped by @bzg into writing about git remote helpers: https://nesbitt.io/2026/03/18/git-remote-helpers.html
Git Remote Helpers

Git can talk to anything if you write the right helper.

Andrew Nesbitt