Would the registry try to parse the Package.swift file (for example to check which dependencies it has for the security auditing), or just check if it exist, and accept it even if it's empty or filled with garbage?
If it will parse it, what should happen when the dependency list is not constant?
.target(
name: "foo",
dependencies: [Bool.random() ? "A" : "B"]
)