|
| ▲ | jitl 3 days ago | parent | next [-] |
| You're welcome to live in the 90s dark ages, I feel this attitude and the shape of the old linux distros like Debian that laboriously re-package years-old software have been one of the biggest failures of open source and squandered untold hours of human effort. It's a model that works okay for generic infrastructure but requires far too much labor and moves far too slowly with quite a poor experience for end users and developers. Why else would all modern software development (going back to perl's cpan package manager in 1995) route around it? |
|
| ▲ | zbentley 3 days ago | parent | prev | next [-] |
| Do you not use non-OS package managers? If not, do you develop software with source dependencies (go, java, node, rust, python)? If so, how do you handle acquiring those dependencies—by hand or using a tool? |
| |
| ▲ | 1718627440 3 days ago | parent | next [-] | | > Do you not use non-OS package managers? Mostly no, sometimes I give up and still use pip as a separate user. > If not, do you develop software with source dependencies (go, java, node, rust, python)? If so, how do you handle acquiring those dependencies—by hand or using a tool I haven't felt the need to use Go, the only Java software I use is in the OS repo. I don't want to use JS software for other reasons. This is one of the reasons why I don't like Rust rewrites. Python dependencies are very often in the OS repo. If there is anything else, I compile it from source and I curse when software doesn't use or adheres to the standard of the GNU build system. | | |
| ▲ | maleldil 3 days ago | parent | next [-] | | I hope you understand you are part of a very, very small minority. | |
| ▲ | zbentley 2 days ago | parent | prev [-] | | Thanks for explaining your workflow. It seems predictable, but like it really locks you into one of the few (albeit popular) programming languages that has many/most of its development libraries repackaged by your OS. There are plenty of very popular languages that don't offer that at all. Go and Rust, specifically, seem a bit odd to be allergic to. Their "package managers" are largely downloading sources into your code repository, not downloading/installing truly arbitrary stuff. How is that different from your (presumably "wget the file into my repo or include path") workflow for depending on a header-only C library from the internet which your OS doesn't repackage? I understand if your resistance to those platforms is because of how much source code things download, but that still seems qualitatively different to me from "npm install can do god-knows-what to my workstation" or "pip install can install packages that shadow system-wide trusted ones". |
| |
| ▲ | LtWorf 3 days ago | parent | prev [-] | | Personally I run "apt install whateverineed" |
|
|
| ▲ | ghshephard a day ago | parent | prev | next [-] |
| I very much appreciate the sentiment - and agree that random crap (particularly some of the insane dependency chains that you get from NPM, but also Rust) in which you go to install a simple (at least you believe) package - and the Rust/NPM manager downloads several hundred dependencies. But the problem with only using the OS package manager is that you then lock yourself out of the entire ecosystem of node, python, rust packages that have never been migrated to whatever operating system you are using - which might be very significant. How do you feel about Nix? It feels like this is a nice half-way measure between reliable/reproducible builds, but without all of the Free For all where you are downloading who-knows-what-from-where onto your OS? |
|
| ▲ | dotancohen 3 days ago | parent | prev | next [-] |
| In general I agree with you. But not for software dev packages. The package manager I use, apt on Debian, does not package many Python development repos. They've got the big ones, e.g. requests, but not e.g. uuid6. And I wouldn't want it to - I like the limited Debian dev effort to be put towards the user experience and let the Python dev devs worry about packaging Python dev dependencies. |
|
| ▲ | QuantumNomad_ 3 days ago | parent | prev | next [-] |
| What’s the point of constraining oneself to what is in the OS package manager? I like to keep my dependencies up to date. The versions in the OS package manager are much older. And let’s say you constrain yourself to your OS package manager. What about the people on different distros? Their package managers are unlikely to have the exact same versions of your deps that your OS has. |
| |
| ▲ | 1718627440 3 days ago | parent [-] | | > What’s the point of constraining oneself to what is in the OS package manager? I like to keep my dependencies up to date. The versions in the OS package manager are much older. I favor stability and the stripping of unwanted features (e.g. telemetry) by my OS vendor over cutting edge software. If I really need that I install it into /usr/local, that it what this is for after all. > And let’s say you constrain yourself to your OS package manager. What about the people on different distros? Their package managers are unlikely to have the exact same versions of your deps that your OS has. This is a reason to select the OS. Software shouldn't require exact versions, but should stick to stable interfaces. |
|
|
| ▲ | wiseowise 3 days ago | parent | prev | next [-] |
| Don't worry, gramps, pip won't trigger your tinfoil hat. |
|
| ▲ | mirekrusin 3 days ago | parent | prev | next [-] |
| Then don't use it? |
|
| ▲ | maccard 3 days ago | parent | prev | next [-] |
| Do you use pip? |
|
| ▲ | nimchimpsky 3 days ago | parent | prev [-] |
| [dead] |
