Re: concurrent installation of different pkg versions

To: debian-devel@lists.debian.org
Subject: Re: concurrent installation of different pkg versions
From: Daniel Pocock <daniel@pocock.pro>
Date: Mon, 28 Apr 2014 20:10:09 +0200
Message-id: <[🔎] 535E9981.8040208@pocock.pro>
In-reply-to: <[🔎] 20140428165929.GG44067@gwolf.org>
References: <[🔎] 535A9DEF.6050908@pocock.pro> <[🔎] CAKTje6FDb90=sBd9ybs2AtFsijGa8Y4F7_0pE31GJAD6dTL4Ag@mail.gmail.com> <[🔎] 20140428165929.GG44067@gwolf.org>


On 28/04/14 18:59, Gunnar Wolf wrote:
> Paul Wise dijo [Sat, Apr 26, 2014 at 11:41:17AM +0800]:
>>> a generalized approach is needed.
>>
>> Multiple versions of a package seems undesirable to me, for the same
>> reasons as static libraries and embedded code copies are undesirable.
>>
>> Systems that do this already exist though:
>>
>> https://nixos.org/
>> http://www.gobolinux.org/
> 
> I have long lamented that's the direction the Ruby community took with
> Gems¹.
> 
> Gems support different versions installed on a system, as well as
> depending on specific versions. It makes sense for a programmer
> keeping track of different systems with changing APIs — Not having
> coinstalability means they'd have to patch all of their systems every
> time an API changes. Which happens on a daily basis in Ruby-land.
> 
> But supporting this as a whole is a mess. We try to make sure our
> system is a coherent unit, and that security and reliabilty fixes are
> applied to all or our packages (yes, that's the reason why I spent
> most of my Debian time in the past two weeks dealing with a single
> issue in Drupal7: Waiting for the right times to upload the fixes for
> stable / unstable / testing / bpo70 / bpo60).
> 
> Were we to support coinstallable multiple versions, we would have a
> much harder time supporting security.
> 
> For some cases (i.e. Daniel's suggestion of JQuery), the installed
> base and the incompatibilities between versions mean it could very
> well make sense. Right now, we *do* ship different JQuery versions,
> because several of our packages are incompatible with the systemwide
> one... But that's a bug, not a feature.
> 

nvm for Node.js is a bit like that too

I'm not suggesting that this is a practice that should be encouraged nor
given the same level of security support in every case.

However, there are cases (e.g. hundreds of packages containing jquery)
where it becomes the lesser evil: instead of having hundreds of copies
of non-standard JavaScript dependencies, we end up with maybe 3 or 4
supported versions of each important library.

Reply to:

Follow-Ups:
- Re: concurrent installation of different pkg versions
  - From: Jonas Smedegaard <dr@jones.dk>

References:
- concurrent installation of different pkg versions
  - From: Daniel Pocock <daniel@pocock.pro>
- Re: concurrent installation of different pkg versions
  - From: Paul Wise <pabs@debian.org>
- Re: concurrent installation of different pkg versions
  - From: Gunnar Wolf <gwolf@gwolf.org>

Prev by Date: Re: New Cinnamon Maintainer, looking for help
Next by Date: Re: what to do with wayland, python3, gdm3/systemd, ...
Previous by thread: Re: concurrent installation of different pkg versions
Next by thread: Re: concurrent installation of different pkg versions
Index(es):
- Date
- Thread