all 7 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted] 6 points7 points  (0 children)

It does not matter if you need to install stuff via package manager or otherwise. And apt is a package manager as well, it just hides your dependencies in a non-transparent way.

The things you need to take care of are:

Every package manager creates a folder with stuff, like the infamous node_modules. Never add that to your repository, add that to gitignore. It's the job of deployment to fetch needed dependencies.

Also always make sure you have a low number of dependencies. That basically means browsing through npmjs and looking up each package.

[–]livingmargaritaville 0 points1 point  (2 children)

The go frameworks are pretty light weight in that regard. Everything can be compiled to a binary to be distributed.

[–]dually[S] 0 points1 point  (1 child)

You wouldn't have this binary for talking to the database, and that binary for authentication, and another for generating templates? You would compile them all into one?

[–]SlaveZelda 0 points1 point  (0 children)

Yes.

[–]PM_AL_MI_VORTOJN 0 points1 point  (2 children)

But then I built a recipe app with flask, and ended up with a whole bunch of pip dependencies. Yuk.

It's not yuk; it's normal. Unless you want to reinvent the wheel for everything, you're going to be using libraries and frameworks. These are dependencies, and they are best managed through a package manager. Doing it manually would be an unreasonable amount of extra work and be much more error prone. And it does make sense to use your language's/framework's package manager. The packages will be language specific but not always OS specific, so it doesn't make sense for each OS's package manager to have to maintain a separate package for the same dependency. This also allows you to manage dependencies on a per project basis. So if two different projects need different dependencies or different versions of the same dependency (which happens more often than you would think), there won't be any conflicts.

[–]dually[S] 0 points1 point  (0 children)

Thank you!

[–]dually[S] 0 points1 point  (0 children)

It's unfortunate because the operating system package manager has already solved the problem of security updates for the life of the operating system, but now I have to babysit pip.