A package manager for AI assets (and why the lock file is per-user)

In recent years, AI development environments have become cluttered with various files such as prompts and configurations, leading to challenges in version control and distribution across teams. This issue arises from the need to repeatedly copy and update AI assets, resulting in drift and duplication, as traditional versioning tools like Git can't link copies across different repositories. To address this, a package manager named sx was developed, borrowing the manifest-and-lock model from existing package managers like npm and Cargo. However, sx introduces a unique approach where the lock file is personalized per user rather than shared, to accommodate the diverse needs of AI assets that cannot be universally applied across different teams or individuals. This system allows for dynamic resolution based on user identity, which is determined through Git configurations, and ensures that assets are installed and updated seamlessly without manual intervention. Yet, this solution also exposes limitations in access control and compatibility across different AI clients, requiring custom handlers for each. Despite these hurdles, the package manager aims to provide a scalable and reproducible way to manage AI tools and assets while maintaining flexibility and transparency in deployment.