Advertisement

Dependencies

Started by January 25, 2005 10:19 AM
34 comments, last by metal leper 19 years, 10 months ago
Is anyone else sick of dependencies on Linux? I've been using it for about a month now and it's driving me crazy. Here's a program, but you need this and this and that and some of this. What a pain! I've gotten so, if it's a game and it needs anything more than sdl/sdl_image, I just don't bother downloading it.
ot had that much trouble myself - I use a debian based distro meaning I can just apt-get any deps I need ;)

Only thing I had trouble with was MonoDevelop - but I built that from source in the end and solved the troubles.
Advertisement
Personally I get very annoyed of the dependencies, and perhaps more so at the complacency of the Linux experts that don't consider it a problem. I was amazed that I was expected to download 136MB of kernel source just to compile a driver. I have lots and lots of libraries that I had to install for individual programs that required them.

I also don't particularly like the all-or-nothing package management that Mandrake seems to offer me: either I build it all from source, managing every tiny detail myself, or I URPMI it and it drags however many tens of megabytes from the web that it needs in terms of support libraries, providing they're compatible, providing the site is up, providing my connection is up to it. I think part of the solution to this is about providing better tools though. I'd like to be able to see at a glance what libraries something requires, and how big those libraries are (or at least were when this package was built).
There are lots of distros and package management systems out there--pick one and move on.
But what if the program you want to install is not in the package management system?
With most (all?) package managers, or at least the ones I've tried (mandrake's urpmi, debian based systems apt-get and some way in a redhat system too many years ago) you can pretty easily add sources for your package manager to look.

I'm using mepis(.org) right now and it's based on debian so I have the wonderful apt package manager.

When I was using mandrake I added some extra sources (search google for easyurpmi) and that solved that one...

But yeah, when compiling yourself etc dependencies is bitchy I agree.

Albert

Edit:link fixed
-------------------------------------------http://www.thec.org
Advertisement
I agree with many of the posters, the dependency problem on Linux is out of control.

Quote: There are lots of distros and package management systems out there--pick one and move on.


This is actually part of the problem. There are 10 billion options out there, all of which range from completely different to subtly incompatible. This makes helping people with problems extremely difficult. You get threads for what should be simple questions that run along the lines of "try this, and this, and maybe this, unless you're using Suse then do this instead, and oh if you're using Gentoo with the foobar option do that but only if you're not using kernel version 2.4.58 and it's not a monday in a month with a 'r' in it".

Experts can manage it and even find the complexity useful but it's incredibly painful to run of the mill non-technical users. I would never advise a non-technical person to use Linux in anything other than in extremely limited scenarios where they basically wouldn't touch anything once it had been set up for them.

IMHO open source, for all the benefits it brings, is a related part of the problem. In the Linux world there is an expectation that the source will be available and that users will "install from source" (i.e. compile the app themselves) - binary distribution is at best a convience. Any incompatibilities that can be #ifdef'd away are not considered important. All this means that developers can't simply include the dependencies with thier apps (as is common in the Windows world) because they probably won't work on any given users config.

They could include the source to thier dependencies and have the makefile build the world but probably that's to hard for most small developers. Especially when something goes wrong (and it always does) and they end up having to support the problem.
-Mike
I think the GPL is a lot to blame for it. No one is supposed to statically compile code, so we end up with this dependency nightmare. I don't plan on ever using a GPL or LGPL. It's making a mess out of everything. If anyone actually ends up wanting something I do, I'll just use a BSD license so they can include the code in their program and compile it and be done with it, or else just say "free as in free."
Quote:
I think the GPL is a lot to blame for it. No one is supposed to statically compile code, so we end up with this dependency nightmare. I don't plan on ever using a GPL or LGPL. It's making a mess out of everything. If anyone actually ends up wanting something I do, I'll just use a BSD license so they can include the code in their program and compile it and be done with it, or else just say "free as in free."

You don't have to use shared libraries with gpl/lgpl code unless you're using lgpl and you don't want to release your code. As long as you're program is open source you can link to gpl/lgpl libraries in any way you see fit (or atleast that's what I've gathered, don't quote me on this).
Quote: Original post by fireside
I think the GPL is a lot to blame for it. No one is supposed to statically compile code, so we end up with this dependency nightmare. I don't plan on ever using a GPL or LGPL. It's making a mess out of everything. If anyone actually ends up wanting something I do, I'll just use a BSD license so they can include the code in their program and compile it and be done with it, or else just say "free as in free."


The GPL is not the problem, the GPL hasn't got anything to do with it.

The problem is caused by the fact that developers use libraries, so that they don't have to reinvent the wheel. This is a good thing. Staticly including the code of libraries into your program is stupid, because that forces you to maintain that code too.

If a security hole gets discovered, you have to provide a patch for your program, instead of just letting the library maintainers deal with it. Suppose some low level system library has a security hole and all programs have this library staticly linked in. This would be a nightmare for the distro maintainers and for the users, because they have to patch a hell of a lot of programs instead of just one library..

Lets also not forget that dynamic linking saves a lot of memory, because only one copy of the code has to be kept in memory.

So to conclude :

dynamic linking > static linking

Anyway dependency hell has been largely solved by systems like apt-get, urpmi, portage ... .
A common system which works on all distros might be nice, but I don't see it happening.

Btw, This GPL bashing is getting annoying (don't like the license, don't use the code licensed under it, is my advice)
"THE INFORMATION CONTAINED IN THIS REPORT IS CLASSIFIED; DO NOT GO TO FOX NEWS TO READ OR OBTAIN A COPY." , the pentagon

This topic is closed to new replies.

Advertisement