I don’t get it, the dependencies are either needed or not. If needed that are either pulled from a project or written. So how are dependencies evil , is the rage against feature bloat pulling in dependencies ? Then the issue is the bloat
Functionality is either needed or it isn't, but it doesn't need to come from an external dependency. When it does, it probably comes with functionality you didn't need too. And as soon as you have a compile/runtime dependency on external code, your compile/execution environment needs to always have access to third party code. So that's bloat and complexity. You also give up control. Hopefully it ends up saving a bunch of time over developing it internally.
Hopefully an upgrade to an external library doesn't end up including another dependancy that happens to include some backdoor that steals all the credit card information in your database. Or a crypto miner in frontend code. Or introduces a bug that stops people from being able to checkout. Or the money package starts calculating slightly differently than your payments provider... Etc. etc.
instead of CI/CD pipelines and a million dependances, why don't we just put all of the containers, like, on one single VM? and just make it a linux box or whatever?
The usual way to deploy such things is actually to create 1 VM for that application, install podman, and then run all those tons of containers in that VM. Because you cannot trust software vendors to not do or require stupid shit like requiring the docker socket, mounting overly broad volumes from the hosts filesystem, provide working and non-stupid compose/helm/...-files and things like that. Often the support contract also requires a specific version of a specific OS, a specific kubernetes distro or something like puppet/chef/... for deployment. Since for the multitude of software vendors and requirements, we couldn't easily fulfill all those at the same time on the same kubernetes cluster or infra, we just split it up into VMs.
- it is not at all surprising that when you remove cruft, code performs batter
- it is not at all surprising that this is not common enough amongst software engineers to even consider these things (competing business interests probably cause this often)
Not being connected to the work VPN already slows down my Windows to a near halt since a few unreachable network drives is all it takes to make Explorer go unresponsive.
Seems like engineers forget to test these things nowadays.
Totally agree. Why pick the one negative thing to say instead of saying “this should be done more often” for example. Just aggravating, as a behaviour.
Once again going full-circle with the industry reinventing self-hosted software. Excuse my cynicism, I'm going back to minding my own business (reinventing design systems / component libraries, lol)
This is the least surprising thing I’ve read all day.