Login

Recent searches

No recent searches

Search options

Only available when logged in.
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

10K
active users

fosstodon.org: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

Public
R. L. Dane :debian: :openbsd:

Dear Programming Language dev teams,

If your language has a package manager,

it NEEDS to be as fully-featured and easy-to-use as apt.

No more "use the website to search for packages"
No more "it installs, but not upgrades or uninstalls"
No more "Ok, it installs, but it isn't necessarily fully functional"
No more "It installs, but you need arcane options for the upgrade to function."

MAKE IT AS EASY AS APT,
Or don't release a package manager.

</rant>, a.k.a. Fin.

Merci.

Public
Tim Clevenger :donor:

@RL_Dane Also stop letting every dipshit with an email address upload a package. You're safer piping curl to bash than installing from npm or pypi these days.

Public
immibis
@timjclevenger @RL_Dane how else could that possibly work though? You have a committee that approves packages? There's lots of software I want to install that isn't in my distribution.
Public
R. L. Dane :debian: :openbsd:

@immibis @timjclevenger

I'm guessing do it like native packages: require a package maintainer to answer emails and do tests and such.

Public
immibis
@RL_Dane @timjclevenger if the developer nominates themselves as maintainer isn't it the same as what we have now?
Public
R. L. Dane :debian: :openbsd:

@immibis @timjclevenger

I'm not super familiar with all the work a package maintainer has to do, but I suppose they'd be more responsible for it and for things like resolving conflicts.

But yeah, I don't quite know how you'd do QA on packages, except maybe to have some kind of election or rating system.

Public
immibis
@RL_Dane @timjclevenger Traditionally, dependency QA was done by not having many dependencies and evaluating how much you trust them. When you have 3000 dependencies you can't do that. Reducing the number of dependencies would go a long way towards reducing their surface area.
R. L. Dane :debian: :openbsd:

@immibis @timjclevenger

Yeah, this trend really worries me. It's like the approach to dependency management is just "lol wtf yolo"

Nov 22, 2024, 01:46 AM·Public·tut-tui
0boosts·0favorites
Public *
R. L. Dane :debian: :openbsd:

@immibis @timjclevenger

Probably so. I've just become aware of it more recently as I've been compiling more of my own (niche) software.

Also, from hearing others bemoaning the dependency hell of node.js.

P.S., I've also been out of I.T. for 11 years, so that accounts for some of it as well ;)

ExploreLive feeds
About