Zoidberg
Zoi's official package registry.
Zoidberg is the official package registry for Zoi. It is a Git repository that contains the definitions for all the official packages.
Installing a Package
To use Zoidberg packages, you must first have Zoi installed. Zoidberg is the default registry for Zoi.
1. Sync the Registry
Before installing any packages, ensure your local database is up to date:
zoi sync2. Install a Package
You can install packages using the @repo/name syntax. For example, to install hello from the zillowe repository:
zoi install @zillowe/helloUsing Mirrors
If you wish to use one of the official Zoidberg mirrors (GitHub or Codeberg), you can change your active registry:
# Set to GitHub mirror
zoi sync set github
# Set to Codeberg mirror
zoi sync set codeberg
# Revert to default
zoi sync set defaultAfter changing the mirror, run zoi sync to update your local metadata.
Security & PGP Keys
If you are using an unofficial Zoi binary or wish to manually verify the Zoidberg registry, you should import the maintainer's PGP key:
zoi pgp add https://zillowe.pages.dev/keys/zillowez.ascRepository Tiers
Zoidberg organizes packages into tiers. These tiers help to indicate the stability and maintenance status of a package.
| Repository | Purpose |
|---|---|
core | Essential packages and libraries; very common and well-maintained. |
main | Important packages that don't fit in core but are essential for most users. |
extra | New or niche packages; less common and may be less actively maintained. |
community | User-submitted packages. New entries start here and may graduate to higher tiers. |
test | Testing ground for new Zoi features and packages prior to release. |
archive | Archived packages that are no longer maintained. |
zillowe | Zillowe's own official packages. |
Note: Packages from community, test, and archive may carry higher risk. Zoi prints warnings where appropriate.
For details on how to use and manage repositories, see the Repositories guide.
Reporting Security Issues
We take the security of Zoidberg packages seriously. If you discover a vulnerability in a package, please report it by opening a Merge Request with a security advisory file.
- Create an Advisory: Add a
.sec.yamlfile to the package directory. - Use Temporary ID: Name it
ZSA-YYYY-TEMP.sec.yaml. - Submit MR: Open a Merge Request on GitLab.
For more details, see the Security Advisories guide.
2026 © All Rights Reserved.
- All the content is available under CC BY-SA 4.0, expect where otherwise stated.
- Source code is available on GitLab, licensed under Apache 2.0.
Last updated on