Hacker Read

joshuamorton · 2018-12-19 02:59:51+00:00

At least with most packages this can't happen anymore.

If a package owner distributes a wheel, you're good. Most packages do now.

reply

sebazzz | karma 3584 | avg karma 2.19 · | 2018-03-19 12:32:07

Yes, but they don't enforce it for new packages.

dblohm7 | karma 3941 | avg karma 4.43 · | 2019-10-23 00:09:41

Yes, distributes packages work differently.

mixmastamyk | karma 12554 | avg karma 1.22 · | 2018-10-10 01:35:39+00:00

That would still be the case if the packages weren't 1-3 years out of date.

saagarjha | karma 56017 | avg karma 2.29 · | 2020-05-22 23:32:32+00:00

Not sure about five years ago, but these days it's usually not to bad for popular packages.

olgeni | karma 337 | avg karma 0.92 · | 2014-04-15 17:51:47

As long as you don't get stale packages plagued by unfixed bugs.

lispm | karma 12407 | avg karma 2.21 · | 2014-12-09 23:36:26

What now? Too large, too small?

Packages were far from useless in my experience.

reply

ufo | karma 8588 | avg karma 2.91 · | 2022-07-25 12:48:05

Which packages are potentially affected?

rowanG077 | karma 2770 | avg karma 0.92 · | 2022-11-18 12:17:21

I would never expect them to do that without vendoring the package. Which mitigates that risk.

melvinmt | karma 3078 | avg karma 3.77 · | 2013-01-18 10:22:42

Except that in this case, you can still use the package.

stordoff | karma 4216 | avg karma 1.9 · | 2019-02-24 23:21:47+00:00

That says nothing about the distribution of the packages. That's pure speculation.

XorNot | karma 14149 | avg karma 2.13 · | 2022-04-06 06:10:51

What sorts of packages are these though? I've not had a single problem with anything practical in years.

sundarurfriend | karma 3956 | avg karma 2.99 · | 2021-10-05 00:41:51

Is that guaranteed to not leave the package environment in some messed up state?

johnmaguire | karma 3292 | avg karma 5.65 · | 2021-05-25 12:23:26+00:00

Not to mention if the package name itself changes...

vasachi | karma 334 | avg karma 3.88 · | 2023-05-26 04:19:40

Well, that is your right as an owner of the packages. By the way, what are those packages?

rufugee | karma 1843 | avg karma 2.7 · | 2012-03-15 03:07:40+00:00

My comment was in response to "avoid all the hoop jumping other distributions make you do in order to keep their package managers happy, while still giving you all the benefits". Personally, I believe those hoops to be a myth.

charcircuit | karma 2002 | avg karma 0.38 · | 2022-03-31 05:56:53

apt deciding it should yeet essential packages is not a new thing and has happened many times to many people.

schmorptron | karma 864 | avg karma 1.84 · | 2021-07-16 10:37:14

We're about 2 years out from having that work with most packages though, aren't we?

hiccuphippo | karma 1411 | avg karma 2.0 · | 2024-01-05 05:08:32

Now someone needs to make a package that conflicts with every other package and the circle will be closed.

fooey | karma 4151 | avg karma 7.45 · | 2017-08-01 20:59:00+00:00

For starters, packages should probably be considered non-transferable. If someone buys a package, they shouldn't keep the existing rankings and ratings.

It would be challenging to be proactive about it, but it was be a clear solution when they get caught.

reply