[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: What about dependency resolution à la apt?

From: Chris Marusich
Subject: Re: What about dependency resolution à la apt?
Date: Fri, 17 Mar 2017 02:07:47 -0700
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)

address@hidden (Ludovic Courtès) writes:

> Howdy Amirouche!
> Amirouche <address@hidden> skribis:
>> Le 16/03/2017 à 21:28, Tobias Geerinckx-Rice a écrit :
>>> Amirouche,
>>> On 16/03/17 19:52, Amirouche wrote:
>>>> Héllo,
>>> Hi!
>>> I'm not the most technically qualified person to answer this, nor the
>>> most articulate, but I'm mainly curious and slightly puzzled as to why
>>> this question keeps popping up.
>> Sorry!
> No problem, there’s nothing wrong with your question.
> The key point in Tobias’ message is this:
>>> But one of the many great things about functional package management à
>>> la Nix/Guix is that you don't need — or want — a dependency resolver. At
>>> all. That eliminates a lot of nasty problems, and makes others much
>>> easier to solve.
> Tools like apt allow developers to describe a (very large) set of
> possible dependency graphs, which the dependency resolver tries hard to
> narrow down to something reasonable.
> Conversely, functional package managers describe just one dependency
> graph.  The downside is the “security update” scenario, though we
> address it with grafts¹, and the huge advantage is that we get tractable
> build processes and package composition.
> HTH!
> Ludo’.
> ¹

Amirouche, your question is a perfectly natural one to ask.  If you're
hungry for additional information regarding this interesting topic,
consider reading the introduction to Eelco Dolstra's Nix thesis [1].  In
the first 17 pages, he describes the main issues in the field of
software deployment, surveys the state of the art (as of August 2006)
while pointing out the unsolved problems, and summarizes how Nix (and
thus Guix, which uses Nix) solves those problems.

Section 1.2 is of particular interest.  In it, Eelco explains why the
practice of specifying dependencies by name (even when a version is
included) is insufficient for correct deployment of software.



Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]