Software Dependency Hell

Back when I was first starting to use Linux, I made the mistake of attempt to upgrade my installation, package by package, to a newer release (I didn’t have a  CD burner at the time).  Unbeknownst to me, the newer distribution included a newer, incompatible version of the GNU C library (glibc), so when I upgraded the glibc package, every application that was dynamically linked against glibc, including the package manager itself, broke.  The system was hosed.

Fast forward to the present.  I’m attempting to install a piece of GNOME software from source on my Ubuntu installation.  But the configure script exits with an error telling me that some required library isn’t available.  So I look, discover that the library is currently installed, but it’s the wrong version.  I go download the source for the library, and start to build it, only to discover that it depends on another library, of which I currently have the wrong version installed.

After the process repeated 3 times, I gave up and went to look for a more readily available substitute piece of software (in this case a simple app for holding on-screen notes).

The basic problem, in both cases, is that in an attempt to promote code reuse and efficiency, open-source developers have left us with a very fragile system, where the failure of a single component is enough to damage or bring down the entire system.  Just installing the current version of gcc requires something of the order of 8 or 10 non-standard external libraries to support various sorts of functionality.  And each of those has its own web of dependencies.

All in all, it makes installing software on Linux rather a pain.  Granted, the approach of Windows and other systems doesn’t entirely escape this issue, but somehow it always ends up being more obvious on Linux.  Practically any nontrivial piece of software you install from source on Linux has this problem.

If open source projects want to be installable by mere mortals, as opposed to only by distribution maintainers, they need to seriously rethink the current dependency-web system.  Whether that means bundling an internal copy of less common libraries, or being more cautious about pulling in external interfaces in programs, things will certainly not improve without major changes.

Comments are closed.