site/static/medium/Dependency-Hell-a8bfb5b0d001.html

<!DOCTYPE html><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>Dependency Hell - exported from Medium</title><style>
      * {
        font-family: Georgia, Cambria, "Times New Roman", Times, serif;
      }
      html, body {
        margin: 0;
        padding: 0;
      }
      h1 {
        font-size: 50px;
        margin-bottom: 17px;
        color: #333;
      }
      h2 {
        font-size: 24px;
        line-height: 1.6;
        margin: 30px 0 0 0;
        margin-bottom: 18px;
        margin-top: 33px;
        color: #333;
      }
      h3 {
        font-size: 20px;
        margin: 10px 0 20px 0;
        color: #333;
      }
      header {
        width: 640px;
        margin: auto;
      }
      section {
        width: 640px;
        margin: auto;
      }
      section p {
        margin-bottom: 27px;
        font-size: 20px;
        line-height: 1.6;
        color: #333;
      }
      section img {
        max-width: 640px;
      }
      footer {
        padding: 0 20px;
        margin: 50px 0;
        text-align: center;
        font-size: 18px;
      }
      </style></head><body><article>
<header>
<h1>Dependency Hell</h1>
</header>
<section data-field="subtitle">
A lot of the problem that I have run into when doing development with nearly any stack I have used is dependency management. This…
</section>
<section data-field="body">
<section name="36b3" class=" section--middleCenter section-image--aspectRatioViewport is-imageBackgrounded is-backgrounded is-darkBackgrounded section--first"><div class="section-background" data-scroll="aspect-ratio-viewport"contenteditable="false" data-image-id="1*iDwB8zd_a73zWGq1XGDPvg.png" data-width="1366" data-height="768"><div class="section-backgroundImage"style="background-image: url(https://d262ilb51hltx0.cloudfront.net/max/1600/1*iDwB8zd_a73zWGq1XGDPvg.png);"></div><br></div><div class="section-doubleWidthTable u-table u-ignoreBlock"><div class="u-tableCell u-verticalAlignTop u-ignoreBlock"><div class="section-aspectRatioViewportBottomSpacer u-ignoreBlock"><div class="u-ignoreBlock" style="padding-bottom: 28.1113%;"></div></div><div class="section-doubleWidthTable u-table u-ignoreBlock"><div class="section-contentCell u-tableCell u-ignoreBlock"><div class="section-content"><div class="section-inner layoutSingleColumn"><p name="2d81" id="2d81" class="graf--p graf--empty graf--first graf--last"><br></p></div></div></div><div class="u-tableCell u-verticalAlignTop u-ignoreBlock"><div class="section-aspectRatioViewportPlaceholder u-ignoreBlock"><div class="u-ignoreBlock" style="padding-bottom: 56.2225%;"></div></div><div class="section-aspectRatioViewportBottomPlaceholder u-ignoreBlock"><div class="u-ignoreBlock" style="padding-bottom: 28.1113%;"></div></div></div></div></div><div class="u-tableCell u-ignoreBlock"><div class="section-aspectRatioViewportCropPlaceholder u-ignoreBlock"><div class="u-ignoreBlock" style="padding-bottom: 56.2225%;"></div></div></div></div><div class="section-captionContent u-ignoreBlock"></div></section><section name="ccac" class=" section--last"><div class="section-divider layoutSingleColumn"><hr class="section-divider"></div><div class="section-content"><div class="section-inner layoutSingleColumn"><h3 name="2ad8" id="2ad8" class="graf--h3 graf--first">Dependency Hell</h3><p name="4fb7" id="4fb7" class="graf--p">A lot of the problem that I have run into when doing development with nearly any stack I have used is dependency management. This relatively simple-looking problem just becomes such an evil, evil thing to tackle. There are several schools of thought to this. The first is that dependencies need to be frozen the second you ever see them and are only upgraded once in a blue moon when upstream introduces a feature you need or has a CVE released. The second is to have competent maintainers upstream that follow things like semantic versioning.</p><h3 name="a364" id="a364" class="graf--h3">Ruby</h3><p name="175c" id="175c" class="graf--p">Let’s take a look at how the Ruby community solves this problem.</p><p name="1cd9" id="1cd9" class="graf--p">One job I had made us need to install <strong class="markup--strong markup--p-strong">five </strong>versions of the Ruby interpreter in order to be compatible with all the different projects they wrote. To manage the five versions of the Ruby interpreter, they suggested using a widely known tool called <a target="_blank" href="https://github.com/sstephenson/rbenv" data-href="https://github.com/sstephenson/rbenv" class="markup--anchor markup--p-anchor" rel="nofollow">rbenv</a>.</p><figure name="33ff" id="33ff" class="graf--figure"><div class="aspectRatioPlaceholder is-locked" style="max-width: 564px; max-height: 355px;"><div class="aspect-ratio-fill" style="padding-bottom: 62.9%;"></div><img class="graf-image" data-image-id="1*X7PdatDf1DD_Pi7VOlv6YA.png" data-width="564" data-height="355" src="https://d262ilb51hltx0.cloudfront.net/max/800/1*X7PdatDf1DD_Pi7VOlv6YA.png"></div><figcaption class="imageCaption">I got 99 problems but several different entire versions of a programming language and its standard library is one.</figcaption></figure><p name="f42c" id="f42c" class="graf--p">This isn’t actually the full list of rubies that job required. I have decided not to reveal that out of interest of privacy as well as the fact that even Gentoo did not ship a version of gcc old enough to build the oldest ruby.</p><p name="bb86" id="bb86" class="g
</section>
<footer><p>Exported from <a href="https://medium.com">Medium</a> on February 1, 2015.</p><p><a href="https://medium.com/p/a8bfb5b0d001">View the original</a></p></footer></article>

</body></html>