Comment by checker659
1 month ago
> and not have to worry about the right libraries being installed on my system and whether I've generated a Makefile. Packages are easily searchable, hosted on popular platforms like GitHub, and I can file bugs and ask questions without having to join an obscure mailing list or deal with an unfriendly community.
Maybe it's just me, but that right there is the stuff of nightmares. What library, and written by who, is it going to pull in.
But what's changed is decisively not "Now I don't know which libraries will be used or who made this library" but instead "The library I wanted was easier to get because the tools work".
Agreed. I don’t think easy package management is the problem, though. Rather, it’s just triggered a Cambrian explosion of packages, and now security needs to catch up.