Comment by RonaldOloo

Hey everyone, one of the co-founders here(Ronald Oloo). Just wanted to add a bit more technical context for those interested. We chose Rust for this project for its performance and, more importantly, its safety guarantees. The long-term vision for Sphere's security relies on being able to build a truly minimal, secure sandbox, and Rust's memory safety is a huge part of that foundation. The dependency system right now is simple (it just uses a local JSON index), but it's designed to be the prototype for a future federated SphereHub. The goal is to avoid the centralized pitfalls of other package managers. We know it's a long road ahead to get to true chroot/namespace-level sandboxing, but we're excited about the architecture. Happy to dive into any technical questions about the implementation!