home.social

#packagemanagers — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #packagemanagers, aggregated by home.social.

  1. " #Dependencycooldowns are a free, easy, and incredibly effective way to mitigate the large majority of open source #supplychain attacks. More individual projects should apply cooldowns (via tools like Dependabot and Renovate) to their dependencies, and packaging ecosystems should invest in first-class support for cooldowns directly in their #packagemanagers "

    blog.yossarian.net/2025/11/21/

  2. 🎁📦 Oh, look! Another riveting exposé on the perils of package managers overheating in the wild, wild west of software ecosystems. Let's pause to applaud the profound proposal of a global cooldown period—because who doesn't want their software updates to feel like waiting for their coffee to cool? ☕🔄
    nesbitt.io/2026/03/04/package- #packageManagers #softwareEcosystems #cooldownPeriod #techExposé #softwareUpdates #HackerNews #ngated

  3. 🫰 Open source package repositories face sustainability crisis

    「 So Maven and other open source repositories are considering introducing a tiered payment system. Lone developers and small groups will still be able to download the code for free, but the hogs will have to pay for every download. In other words, open source software is still free as in speech, but you can forget about being "free as in beer" going forward. 」

    theregister.com/2026/02/28/ope

    #opensource #packagemanagers #sustainability

  4. 🎉 In the riveting drama of package managers, #UV stunningly dethrones #Pip in the CI arena for #Wagtail users! 🏆 Meanwhile, the rest of the internet wonders if Wagtail is developing plans to conquer other obscure niches that nobody uses. 🙄🌱
    wagtail.org/blog/uv-overtakes- #PackageManagers #CIDrama #HackerNews #ngated

  5. You have to be shitting me. God I fucking hate npm.

    I literally spent an hour trying to diagnose why the builder was "freezeing" for several minutes, and it's because it downloads thousands of packages for a project with... 20 dependencies.

    Fuck NPM. Fuck JavaScript.

    #Programming #JavaScript #Node #NodeJS #JS #ECMAScript #NPM #PackageManagers #SoftwareDevelopment #WebDevelopment #WebDev

  6. Oh joy, another ✨ revolutionary ✨ tool to make generating OS images more complicated than assembling IKEA furniture without instructions. It's like #systemd decided to throw a party and invited all the package managers just to remind us that #Linux enthusiasts can never have too many ways to reinvent the wheel. 🚴‍♂️💨
    mkosi.systemd.io/ #OSimages #packagemanagers #techhumor #HackerNews #ngated

  7. Also:

    Dear Devs,

    If you're making a package/module manager and it has a "sorry, we can't satisfy all dependencies" error then maybe think about adding a "please explain why" option and not just a "force" option?

    Regards,

    SysAdmins and Devs

    #Puppet #SysAdmin #PackageManagers

  8. Ah, removing tensorflow 'solves' the issue.

    Another another reason why `transformers` -- and Python packaging as a whole -- sucks.

    venv (virtual environments) are not a solution either: in multi-user environments with limited disk space, you can't afford like 4 copies of 1.5GB Tensorflow/PyTorch/etc installed.

    Why python packages like these are this massive in the first place is beyond me.

    Something has to change here.

    /rant

    #Python #sucks #PackageManagers

  9. The #CloudNative landscape is thriving, but a crucial aspect remains missing: a robust package management system.

    But the wait is over! #Glasskube has arrived! #opensource

    Explore its inaugural release (v0.0.1): bit.ly/43gn1UB

    #InfoQ #Kubernetes #Containers #PackageManagers #DevOps

  10. Hey #Canonical. Stop trying to make everything a #Snap. #Snaps suck. Nobody wants them and we've already moved to #Flatpaks and #AppImages. Stop forcing your agenda on us.

    #Linux #PackageManagers #Ubuntu

  11. Package managers as verbs.

    “Just #winget it.” Works well.
    “Just #scoop it.” Great.
    “Just chocoloco… chocalaca… choco lately?” I can’t even pronounce it.
    “Just apt-get it.” The apt part is a little harsh, but overall not bad.
    “Just #pacman it.” Meh.
    “Just #flatpak it.” Pretty good.
    “Just #homebrew it.” Maybe confusing, but sounds nice.
    “Just #adb it.” Nuh.

    #Linux #Windows #MacOS #Android #CLI #PackageManagers #aptget #chocolatey

  12. I cpuld use some help about #PackageManagers for #windows

    I could use #KeePassXC and other stuff

    Should I install #Chocolatey ?

    I could use some help with that too

  13. But as with anything, it's never easy and more of a people problem. The technology is there and widely employed by package managers such as dpkg, pacman, apk, etc...
    It just never was an issue, as you'd spend more time compiling anyway.

  14. Just caught up on the @packagingcon day 1 stream. Lots of great content.

    If you're interested in package managers or supply chain security at all, and you're not attending, you're missing out!

    #PackagingCon #PackagingCon2023 #PackageManager #PackageManagers #SupplyChainSecurity #OSS #OpenSource

  15. @f00fc7c8 I know...

    Personally, I think good that do like and / are essential to maintainable distros, even if I do violate that concept with for the sake of simplicity as .

  16. @f00fc7c8 I know...

    Personally, I think good #PackageManagers that do #DependencyResolution like #apt and #yum / #dnf are essential to maintainable distros, even if I do violate that concept with #OS1337 for the sake of simplicity as #embedded #linux #distro.

  17. @f00fc7c8 I know...

    Personally, I think good #PackageManagers that do #DependencyResolution like #apt and #yum / #dnf are essential to maintainable distros, even if I do violate that concept with #OS1337 for the sake of simplicity as #embedded #linux #distro.

  18. Nala is a Neat Alternative to Apt on Ubuntu

    If there’s one command-line tool I know most of you use it’s apt, or the Advanced Package Tool. Every Debian-based Linux distro (Ubuntu included) uses apt because, well, it’s good at what it does. To quote Wikipedia, apt takes the hassle out of managing software on Linux by “automating the retrieval, configuration and installation of software packages, either from precompiled files or by compiling source code.” Whether you want to check for updates, upgrade your system, or install software from your distro’s repo, apt lets you do it quickly, do it easily, and do it relatively safely. But I’m not here to talk :sys_more_orange:
    #HowTo #Apt #Nala #PackageManagers #TerminalApps

    :sys_omgubuntu: omgubuntu.co.uk/2023/01/instal

  19. @briankrebs Interestingly they don't use or because the former's - like for - will literally deny-list known bad actors, and isn't natively supported in shitty OSes susceptible to this crap due to lack of - like and ...

  20. @briankrebs Interestingly they don't use #IFPS or #BitTorrent because the former's #Gateways - like #Tor2Web for #OnionServices - will literally deny-list known bad actors, and #BitTorrent isn't natively supported in shitty OSes susceptible to this crap due to lack of #PackageManagers - like #Windows and #macOS...

  21. @briankrebs Interestingly they don't use #IFPS or #BitTorrent because the former's #Gateways - like #Tor2Web for #OnionServices - will literally deny-list known bad actors, and #BitTorrent isn't natively supported in shitty OSes susceptible to this crap due to lack of #PackageManagers - like #Windows and #macOS...

  22. Just caught up on the @packagingcon day 1 stream. Lots of great content.

    If you're interested in package managers or supply chain security at all, and you're not attending, you're missing out!

    #PackagingCon #PackagingCon2023 #PackageManager #PackageManagers #SupplyChainSecurity #OSS #OpenSource

  23. Just caught up on the @packagingcon day 1 stream. Lots of great content.

    If you're interested in package managers or supply chain security at all, and you're not attending, you're missing out!

    #PackagingCon #PackagingCon2023 #PackageManager #PackageManagers #SupplyChainSecurity #OSS #OpenSource

  24. Just caught up on the @packagingcon day 1 stream. Lots of great content.

    If you're interested in package managers or supply chain security at all, and you're not attending, you're missing out!

    #PackagingCon #PackagingCon2023 #PackageManager #PackageManagers #SupplyChainSecurity #OSS #OpenSource

  25. Just caught up on the @packagingcon day 1 stream. Lots of great content.

    If you're interested in package managers or supply chain security at all, and you're not attending, you're missing out!

    #PackagingCon #PackagingCon2023 #PackageManager #PackageManagers #SupplyChainSecurity #OSS #OpenSource