A critique of package managers

Posted by gingerBill 9/8/2025

A critique of package managers(www.gingerbill.org)

118 points | 217 commentspage 4

mark38848 9/11/2025|

Where's the discussion about package sets? Always comparing yourself to Javascript, Java, and friends is obviously easy

MangoToupe 9/8/2025||

There are three points of prioritization here: you can use other peoples' code, manually vet all the code you're running, or accept that you need to trust a social network to vet stuff for you. Pick two. This is not a solvable problem.

EDIT: I've been rate limited, so the point is: unless you're Terry Davis, you're not going to be able to write software of any real complexity. Few people are going to even bother to vet the standard library, let alone the compiler, the runtime, etc etc.

gnatmud8 9/9/2025||

if only people knew how easy it is to implement the standard library and make it way simpler than what is usually provided, everyone would be writing their own standard libraries; you can implement one with string manipulation, files, memory management, threading, and basic timing, in less than 1000loc of c code, as i have done before, and the biggest parts by far were console printing and filesystem stuff, and it's mostly because of windows utf-16 conversion nonsense

gingerBill 9/8/2025||

Use the first two, and not rely on the third at all. That's what the article is saying.

marcelr 9/8/2025||

i had this idea for vendor based “package manager”

what if packages were meant to be read, and config was set inside the file directly

what if we transitioned to think of packages as templates, rather than generic black boxes

i think it would drastically reduce dependencies, package complexity, and improve understanding

lou1306 9/8/2025|

You can do this in Python, today. Whenever you need a package, just add its code in a directory under your project's root. And good luck.

marcelr 9/20/2025||

how do you update the package?

dismalaf 9/8/2025||

Honestly, he's not wrong. I use Ruby and 99% of the gems on rubygems.org are absolute trash. I use Rails and stuff like Nokogiri or Faraday, also RubyLLM, but little else because of reasons.

NPM is even worse, you import one thing and get 1000s of trash libraries so nowadays the only JS I write is vanilla and I import ES Modules manually.

Also, Odin doesn't make adding dependencies that difficult, you can literally just throw an Odin library into your project as a folder and it's available. The Odin compiler does everything else for you.

mouse_ 9/8/2025|

is sdl2 really that bad?

krapp 9/8/2025|

It's impossible to know what issues they have, since they don't specify.

But no, for the vast majority of people, SDL2 is perfectly fine, although SDL3 is a vast improvement. It's as stable and battle-tested as a cross platform multimedia library is bound to get. Opening a window and polling input is trivial.

Then again I've never even heard of the language they're using (Odin) so maybe that doesn't play well with a C library.

gingerBill 9/11/2025||

The bugs have nothing to do with the language and exist in C too.

I'll just link to some of the bugs directly that posted as issues to SDL:

https://github.com/libsdl-org/SDL/issues/4789 (not fixed) https://github.com/libsdl-org/SDL/issues/4816 (closed) https://github.com/libsdl-org/SDL/issues/4790 (closed)

And these being the bugs we found ourselves, not other bugs that have already been found, and many marked "as not planned" since SDL2 is now finished.