1. 9

  2. 4

    This advice is quaint but useless since the whole reason people use npm, pip, etcetera is that they are cross platform, and they have packages for libraries for that language. So far there is no development package manager that is cross platform, and has per language specificity.

    1. 1

      The one thing I hate about programming language specific package managers is that they usually don’t set any standard for what qualifies. Anyone can upload packages and they aren’t vetted. There have been many types of weaknesses – form typo squatting attacks (from our /u/hanno IIRC), to reusing deleted package names just this week.

      They also aren’t playing along with your distro’s package manager and often encourage fixed-version dependencies (and many dependencies), leading to windows-dll-hell type situations with many versions of the same library installed.

      “But what if dependencies update and break my stuff?”

      anyone seen fefe’s talk at 34c3 (german, but simultaneous translation available)? he talks about exactly these kind of antipatterns.

      1. 1

        I dunno if it is a crazy idea. But would windows C++ visual studio devs pay for a package manager? It was definitely a huge pain at my last job.