On Tue, Jul 3, 2012 at 4:30 PM, Jared Smith <[email protected]> wrote: > There are several compelling reasons not to bundle libraries, but the > one that sticks out the most in my mind is when a security problem is > found in one of the bundled libraries. You essentially have to go [snip a number of valid reasons for sysadmins to not like bundling and alien packages]
I understand the sysadmin perspective as well as anyone can who doesn't have to administer anything more than some desktop and dev boxes. I even agree with it. To a point. >From a developer's perspective, we have requirements we have to meet; features, deadlines, etc, just like sysadmins. If we have to reinvent the wheel because we're denied access to new technology--in the form of updated or new libraries--then we will effectively be forking existing code anyway, development time will increase (possibly dramatically), and it won't be anywhere near as secure or stable as the existing code we could be using, e.g., the CPAN. If sysadmins and dev's cannot come to a *reasonable* compromise then one side or the other ends up having way too much power because higher ups make arbitrary decisions, leaving the other side in a miserable situation. I agree that some things make our jobs harder, but it's not a valid reason to allow, or not allow something to happen. It's our job to make things work. -- Alan Young /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
