What is Game Framework?
Game Framework is an enterprise-grade private package registry specifically built for Flutter teams. It provides a secure, scalable, and feature-rich platform for hosting, managing, and distributing private Flutter packages within your organization.
The Problem We Solve
Public Registry Limitations
Flutter's official package repository, pub.dev, is excellent for open-source packages but has limitations for enterprise teams:
- No Private Packages - Everything published is public
- No Access Control - Anyone can view and download public packages
- No Usage Tracking - Limited visibility into package downloads and usage
- No Compliance Features - Missing audit trails and compliance certifications
The Enterprise Need
Modern Flutter teams need:
- Proprietary Code Protection - Keep internal libraries and frameworks private
- Access Control - Control who can publish and consume packages
- Audit & Compliance - Track all actions for SOC2, HIPAA, GDPR compliance
- Multi-team Support - Separate packages by team or project
- CI/CD Integration - Automate package publishing in deployment pipelines
How Game Framework Works
graph LR
Developer[Flutter Developer]
CLI[Flutter CLI]
Registry[Game Framework Registry]
Storage[Object Storage]
Database[(PostgreSQL)]
Developer -->|pub publish| CLI
CLI -->|HTTP/REST| Registry
Registry -->|Store artifacts| Storage
Registry -->|Store metadata| Database
Developer2[Team Member]
Developer2 -->|pub get| CLI2[Flutter CLI]
CLI2 -->|Download| Registry
Registry -->|Fetch artifacts| StorageArchitecture Overview
Game Framework consists of three main components:
- Registry Server (Go) - Handles package operations, authentication, and authorization
- Object Storage (MinIO/S3) - Stores package artifacts (.tar.gz files)
- Database (PostgreSQL) - Stores package metadata, users, and permissions
Key Concepts
Workspaces
A workspace is an isolated environment for your packages. Think of it as your organization's private namespace.
- Each workspace has its own packages, members, and billing
- Members can belong to multiple workspaces
- Packages are isolated between workspaces
Packages
A package is a reusable Flutter library or application component. Each package can have multiple versions.
# pubspec.yaml
name: my_company_auth
version: 1.2.3
description: Internal authentication library
dependencies:
flutter:
sdk: flutterVersions
Each package can have multiple versions following semantic versioning (e.g., 1.2.3). Versions are immutable once published.
Artifacts
An artifact is the actual .tar.gz file containing your package code. Artifacts are stored in object storage for fast, scalable delivery.
Core Features
1. Private Package Hosting
Host unlimited private Flutter packages with full control over access and visibility.
# Configure Flutter to use your private registry
flutter pub global activate game_cli
game config set registry https://registry.yourcompany.com
# Publish a private package
cd my_package
flutter pub publish2. Role-Based Access Control (RBAC)
Fine-grained permissions with 4 built-in roles:
| Role | Permissions | Use Case |
|---|---|---|
| Owner | Full control | Workspace administrators |
| Developer | Publish, edit, delete packages | Core development team |
| Tester | Download and test packages | QA team members |
| Viewer | Read-only access | Auditors, stakeholders |
Each role has specific permissions across 8 categories: Packages, Versions, Artifacts, Webhooks, API Keys, Downloads, Workspace, Members.
Learn more about roles and permissions
3. Multi-Workspace Support
Create separate workspaces for different teams, projects, or environments:
Company A
├── Frontend Team Workspace
│ ├── ui_components
│ └── shared_widgets
├── Backend Team Workspace
│ └── api_client
└── Shared Workspace
└── common_utils4. CI/CD Integration
Automate package publishing in your CI/CD pipelines:
# GitHub Actions example
- name: Publish Package
env:
GAME_FRAMEWORK_TOKEN: ${{ secrets.GAME_FRAMEWORK_TOKEN }}
run: |
flutter pub publish --forceSupported platforms:
- GitHub Actions
- GitLab CI
- Jenkins
- CircleCI
- Bitbucket Pipelines
- Azure DevOps
5. Audit & Compliance
Complete audit trail for all package operations:
- Who performed the action (user ID, email)
- What was changed (package created, version published, etc.)
- When it happened (timestamp with timezone)
- Where it came from (IP address, user agent)
- Why (optional: change reason/ticket number)
Compliance certifications:
- SOC2 Type II
- HIPAA
- GDPR
- ISO27001
- PCI-DSS
- CCPA
6. Flexible Billing
Three pricing tiers to match your needs:
Free
- 5 packages
- 5 GB storage
- 50 GB bandwidth/month
- 5 workspace members
Pro ($49/month)
- 50 packages
- 100 GB storage
- 500 GB bandwidth/month
- 25 workspace members
Enterprise (Custom)
- Unlimited everything
- SLA guarantees
- Premium support
- Custom integrations
7. Security Features
- API Key Authentication - Secure token-based authentication
- IP Allowlisting - Restrict access to specific IP ranges
- Encryption - TLS in transit, AES-256 at rest
- Secret Scanning - Automatic detection of leaked secrets
- Vulnerability Scanning - Check dependencies for known vulnerabilities
- Two-Factor Authentication - Additional security for user accounts
8. Performance & Scalability
- CDN Integration - Fast package downloads globally
- Chunked Uploads - Efficient handling of large packages
- Caching - Redis-backed caching for metadata
- Horizontal Scaling - Scale out to handle any load
- High Availability - Multi-region deployment support
Use Cases
Enterprise Application Development
A large company with 50+ Flutter developers building multiple mobile apps:
- Challenge: Sharing common UI components and business logic across apps
- Solution: Host private packages in Game Framework with team-based access control
- Result: Reduced code duplication, faster development, better code quality
Development Agency
An agency building Flutter apps for multiple clients:
- Challenge: Reusing code between projects while keeping client work confidential
- Solution: Separate workspace per client with isolated packages
- Result: Faster project delivery, maintained client confidentiality
Regulated Industries
Healthcare or financial services company with strict compliance requirements:
- Challenge: Need complete audit trail and compliance certifications
- Solution: Use Game Framework's compliance features and audit logging
- Result: Pass compliance audits, maintain security standards
Open Source + Private
Company with both public open-source packages and private internal packages:
- Challenge: Need to publish some packages to pub.dev and keep others private
- Solution: Use dual-publishing strategy with Game Framework
- Result: Contribute to open source while protecting proprietary code
Deployment Options
Self-Hosted
Deploy on your own infrastructure for maximum control:
- Docker - Single command deployment with Docker Compose
- Kubernetes - Production-grade orchestration with Helm charts
- Cloud Providers - AWS, GCP, Azure with terraform modules
Managed Hosting (Coming Soon)
Let us handle the infrastructure:
- Multi-Region - Deploy close to your teams
- Automatic Updates - Always on the latest version
- Managed Backups - Automated backup and recovery
- 24/7 Monitoring - We handle the ops, you focus on code
Technology Stack
Game Framework is built with modern, battle-tested technologies:
- Backend: Go (Forge framework, v0.8.0)
- Database: PostgreSQL with Bun ORM
- Storage: MinIO (S3-compatible)
- Cache: Redis
- Authentication: Authsome (v0.0.7)
- Identifiers: XID (globally unique, sortable IDs)
Getting Started
Ready to get started with Game Framework?