←back to thread

A critique of package managers

(www.gingerbill.org)
109 points gingerBill | 3 comments | 08 Sep 25 12:18 UTC | HN request time: 0.411s | source
1. MangoToupe ◴[08 Sep 25 21:31 UTC] No.45174285[source]
There are three points of prioritization here: you can use other peoples' code, manually vet all the code you're running, or accept that you need to trust a social network to vet stuff for you. Pick two. This is not a solvable problem.

EDIT: I've been rate limited, so the point is: unless you're Terry Davis, you're not going to be able to write software of any real complexity. Few people are going to even bother to vet the standard library, let alone the compiler, the runtime, etc etc.

replies(2): >>45174299 #>>45187771 #
2. gingerBill ◴[08 Sep 25 21:33 UTC] No.45174299[source]
Use the first two, and not rely on the third at all. That's what the article is saying.
3. gnatmud8 ◴[09 Sep 25 19:49 UTC] No.45187771[source]
if only people knew how easy it is to implement the standard library and make it way simpler than what is usually provided, everyone would be writing their own standard libraries; you can implement one with string manipulation, files, memory management, threading, and basic timing, in less than 1000loc of c code, as i have done before, and the biggest parts by far were console printing and filesystem stuff, and it's mostly because of windows utf-16 conversion nonsense