diff options
-rw-r--r-- | blog/dedep.md | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/blog/dedep.md b/blog/dedep.md index b546237..30a6489 100644 --- a/blog/dedep.md +++ b/blog/dedep.md @@ -15,7 +15,7 @@ In the [occasional fights] between system and language packagers, lots of things I take for granted. I install the stuff I need, occasionally upgrade the system, and everything gets updated. Vulnerability in a library used by multiple programs? Its patched version -get swapped in within a few hours (given it's not [vendored or pinned]). +gets swapped in within a few hours (given it's not [vendored or pinned]). [Most][debian] [distributions][fedora] [even][arch] [apply][opensuse] [hardening][gentoo] [flags][nixpkgs] that [some bugs aren't even exploitable in the first place][openssl]. They create a [safe place] for me to comfortably @@ -23,7 +23,7 @@ express myself at work and at home. Recently on my work computer, I've switched to Guix System, which has yet many packages. Looking into the way to package programs I use -and on-going efforts, I realized the colossal number of transitive dependencies +and ongoing efforts, I realized the colossal number of transitive dependencies of [certain software] and the impracticality for a user union (i.e. a distro) to maintain such set of [micro packages] in every language. @@ -36,8 +36,8 @@ on the other hand, ask the following questions to decide upon installing and keeping a piece of software: - Can I *trust* installing this won't do anything funny to my machine? -- How much [effort] I need to prevent people doing funny things to my machine - if the software includes [something that gets on the front page +- How much [effort] I need to prevent people from doing funny things + to my machine if the software includes [something that gets on the front page of some magazines][heartbleed] tomorrow? - How much of my limited resources will it take to run or [simply exist]? @@ -73,7 +73,7 @@ for new side projects and it actually worked for my most recent ones: Even for such simple use cases, there are still many libraries in the wild that can handle more data formats, are more convenient to use -or more performant. On the other hand the amount of maintenance needed +or more performant. On the other hand, the amount of maintenance needed to keep the programs safe indefinitely for a user is much lower thanks to the small dependency footprint. |