If you see something I am not understanding, or something I don't know about the linux way to do things that makes checked in dependencies a problem, please correct me.
I think the whole idea is ugly to linux users, because we don't have this problem with the dep's. For _unstable_ libraries it makes a great deal of sense to include the current working version in the tree, but for stable ones (and SDL is very stable) it is much easier to have one central library on the system that gets updated with bugfixes and stuff. I am sure I have at least 20 programs on my machine which use SDL, and they all benefit from these upgrades. If there will be a major new release of SDL, which breaks backwards compability, both the new and the old version will be maintained for years by the linux distros. However, the only truly bad thing about keeping private copies of the dependencies (that I can think of) is that developers will start to rely on bugs and undocumented behavior in the dependencies. It can be very healthy for some code to be tested against different minor versions of the same libraries (and different compilers, os etc). Of course this doesn't have to happen if people take care and update the in-tree dependencies. Another issue can be that the library versions that are tested on different platforms get out of sync. This is bad, obviously.. Ulf
