friggin' node dependencies

Underlying pure C library and NodeJS wrapper

Today, after two hours of debugging, my girlfriend called me to break up.

Then my backend started giving strange errors about some unmet dependencies.

I believe by the time Elon Musk sets up a colony on Mars, npm will be done installing those fucking dependencies.

When all project dependencies can be installed using apt-get...

Co Worker: "Your computer is missing a mouse!"
Me: "I require less dependencies to use a computer"

BBUUUURRRRNN

I just hate npm dependencies.

If you want to write a small website with npm dependencies (some frontend deps like Bootstrap and some development deps like gulp or babel) you will have more npm dependencies in your project than own code. It is ridiculous, how some lazy developers just add dependencies to their projects, without evaluating their dependencies. The source code of one of my projects is around 4MB (without any dependencies). If you then run yarn as required, it grows to around 80MB (where 73MB are node_modules).

This is just terrible.

I rant about this, as I made the mistake to upload my node_modules directories when restoring a backup of my server. Worst idea one could ever have.

I don't know.. I mean I'm spending so much time developing what I'm developing but.. In a couple of years, maybe the dependencies I'm using will be updated and my program will become obsolete.. what if the whole framework on which my application is based upgrades.. I don't want to have to rewrite code again because it's just too much work..

I think we need to figure out ways to future proof stuff.. like a decade into the future or so.. We shouldn't have to support prehistoric code..

A quick note about node.js security.

Decompiled Discord, a widely used chat app. Found 5 vulnerabilities (that are now reported.) Why? Severely outdated dependencies.

Cloned Mattermost, a business communication app like Slack, but open source, and (from their site) the Department of Defense uses it. Found 10 vulnerabilities (that are now reported.) Why? Severely outdated dependencies.

I get that some versions conflict, and in a fast moving enviroment, that is a huge risk - but update your damn dependencies.

Me: Well, it's time to make a new app!
* opens up VS Code *
* opens folder selection dialog *
* creates a new folder called "notes app" *
* yarn inits that folder *
* installs react and react-dom *
* installs webpack, webpack-cli, babel-core, babel-loader, babel-preset-env, babel-preset-react, style-loader, css-loader, file-loader, html-webpack-plugin and clean-webpack-plugin as a dev dependency (install is pending) *
* copies a webpack config from some other project *
* creates a babelrc file *
* copies a yarn script called "build:dev" which would launch webpack *
* dev dependencies installed *
* tries to save *
* vscode doesn't save because files differ *
* tries to copy dev dependencies *
* fail *
* tries again *
* saves *
* writes bare-bones index.jsx *
* yarn build:dev *
* opens build/index.html in firefox *
* gets satisfaction *
* writes bare-bones App.jsx which is a react component but it's an entire app *
* yarn build:dev *
* opens build/index.html in firefox *
* gets satisfaction *
-- trim --
* walks out of his room to his mom's room where's sbc is located *
* grandma plays solitare on laptop *
* i ask grandma for a laptop *
* grandma gives me laptop *
* glues all components into App.jsx *
* yarn start:dev (magic of webpack-dev-server) *
* opens localhost:8080 in firefox *
* searches how to update a component prop *
* nothing found *
* registers on devrant and verifies his email *
* writes this rant *

<rant data-type="corny">

My Gf of 3 years left me for some douche. Thus said, she "removed" her feelings before kissing him. WTF! I didn't know feeling came like dependencies...

</rant>

So today I decided to switch to angular 4(material) on a project I had done. I have to say I am shocked by the sheer size of the node modules dependencies I have to install. Why wouldn't they just ship it all in one package. 😤 I had to install the client, material SDK, animations etc and all this is happening over shit sub-saharan Africa internet speed. I have been setting up for the past 5 hours and I'm only halfway through. If anyone reading this rant has a company that works to bring internet to Africa please hurry. We need you.

Just e-mail the dependencies in a zip, that 'pip' stuff is too complicated

There is code reuse and then there is stupidity. This npm module has 4 dependents and 2 dependencies.

Saturday plan: serious switch to Linux.
1. Installs Fedora, lookin nice.
2. Let's update it, fails to boot.
3. Nouveau driver fails, lets install proprietary one.
4. dnf install dependencies, repo returns 503
5. Be stuck on a 640x480 bash.
6. Boot windows, start overwatch.

Colleague: Hey want to get access to our repo so we can see each others code, collaborate, discuss design patterns etc?

Me: Yeah sounds like a great idea. Would love to get to know a bit more about how others are building mobile apps in the company.

Colleague: Heres the link to the iOS app: xxxxxxxxxx

*Opens link*
*looks around a bit*
*Opens cocoapods folder*
*Sees 89 dependencies*

Me: .......... actually, you know what, I have major deadlines coming up. I can't look at this right now. Lets talk in the new year.

*closes slack*

Dev1: We need you to name this service
Dev2: Name it whatever
Dev1: You should name it
Dev2: Can we change it later?
Dev1: No
Dev2: Are you going to have dependencies on the name
Dev1: Yes
Dev2: Call it StupidDev1
Dev1: Ok we will name it

I want to cry.

To start, some of you know that I live in Reunion Island.
But there are a week ago, the SAFE cable is broken (one of the two cables that give us internet access), due to that, my ISP reduced a lot the connection speed.

Yesterday, I downloaded some packages in my Ubuntu computer. I left it download during the night.

So, today I was checking if it was done.

"6 926 kB downloaded in 5h 30m 9s (349 B/s)"

But it isn't the worst. I got a many "timed out" when downloading the dependencies.

😭😭😭😭😭😭😭😭😭😭

When you can't remove an app cause one of its dependencies depends on itself

Emotional roller coaster today.

+ Got first pull request! Hell yeah!

- oh, no, no no no nononono, they pushed all dependencies and temp folders...

fck sake isak, gather yourself

[14 dependencies]

"Geez this project has a lot of dependencies. I know, I should use a package manager!"

[15 dependencies]

Do you know what really annoys me?

Installing dependencies for the dependencies for the dependencies ... etc... for the libaray you are trying to use.

FUCKING FUCK JAVASCRIPT AND IT'S FUCKING 10000 DEVDEPENDENCIES.

LET ME FUCKING CODE AND WRITE TESTS AND NOT SPEND FUCKING ONE FUCKITY FUCK WEEK TRYING TO FIGURE OUT HOW TO FUCKING MAKE MOCHA AND KARMA PLAY WITH FUCKING ES6 CODE YOU FUCKING FUCKTARD PIECE OF SHIT TECH.

I NO LONGER FUCKING KNOW WHICH PACKAGES I FUCKING NEED AND WHICH I FUCKING DON'T FUCKING DUMBFUCK FUCKWIT OPEN AND HACKABLE MY BROWN ASS PIECE OF TECHNOLOGY STACK.

Welcome to javascript kids!

Dependencies here dependencies there, dependencies fucking everywhere.

Hey look, npm broke my project again. Surprise!

Code and dependencies on my local machine, all untouched for a couple of weeks, no longer works. I've no idea how it even managed that.

Oh, and `npm update` crashes.

eventually solved by upgrading npm and running `npm update --depth 500` because some arbitrary child dependencies changed without updating the parent packages, ofc. on my local machine. without me having run `npm update` for about a month.

because of course that makes sense.
Second time in two months, too.

isn't npm great?

Me and my team are working on a system where we depend on a component that was built by a different dev team and hasn't been integration tested yet, because it's that new. This is how it's going..

Oh yes, I very much like you, Mr. 1337-DevPro-Ultra-Haxxor. Thank you for using a boilerplate from github, that is bloated like some random female pr0nstar after an orgy. Oh and it is also very funky of you, that the setup scripts and tasks only work on Apple OSX, because using a simple gulpfile with 3 npm dependencies and 5 lines of code would not be trendy enough.

Some JS "devs" should be punished by drowning in their own feces aka a mix of bower, yarn, npm, brew and the crusty stuff that is left behind after running it.

When every time your coworker start a new project, they just use the template out of the box including the sass, less and other unused dependencies eventhough they don’t use it

Arguing over PRs with juniors who try to push unnecessary badly maintained dependencies, which are in fact just turds wrapped in startup hypespeak, because they're too lazy to actually invent some non-square wheels.

I draw things! I bet we all draw things, but I still think it counts as nerdy.

...unless you draw UML diagrams on whiteboards. Doesn't count.

... unless you draw stick figures battling ON those UML diagrams. Counts.

... unless those stick figures battling demonstrate dependencies or demographics. Doesn't count.

... unless you put little pirate hats on them. Counts.

... unless you're contracting for a Somali counter-piracy recon project. Doesn't count.

... unless you also include dank memes. Counts.

When you about to start a project by doing a small module, but as you code, you keep thinking about scalability, security dependencies and such....

....three hours later, you still haven't written code

We have a huge codebase, built during the last 10 years, with a lot of problems caused by legacy dependencies. We are trying to modernize this gradually but it is very challenging because we have a lot of features to maintain and test coverage is low.

Today, a guy hired three days ago just proposed to rebuilt everything from scratch stating that he did the same thing in his personal project, so it wouldn't take too much to develop what we need.

Manager gently invited him having a quick call. I would pay to listen that conversation.

Installing all the needed Latex dependencies on linux takes maybe 15 seconds, on windows I need 5GB of space and it takes forever to install.

Loaded morning dependencies 😬

Dev: Hi Guys, we've noticed on crashlytics that one of your screens has a small crash. Can you look?

Me: Ok we had a look, and it looks to us to be a memory leak issue on most of the other screens. Homepage, Search, Product page etc. all seem to have sizeable memory leaks. We have a few crashes on our screens saying iPhone 11's (which have 4gb of ram) are crashing with only 1% of ram left.

What we think is happening is that we have weak references to avoid circular dependencies. Our weak references are most likely the only things the system would be able to free up, resulting in our UI not being able to contact the controller, breaking everything. Because of the custom libraries you built that we have to use, we can't really catch this.

Theres not really a lot we can do. We are following apples recommendations to avoid circular dependencies and memory leaks. The instruments say our screens are behaving fine. I think you guys will have to fix the leaks. Sorry.

Dev 1: hhhmm, what if you create a circular dependency? Then the UI won't loose any of the data.

Dev 2: Have you tried looking at our analytics to understand how the user is getting to your screens?

=================================

I've been sitting here for 15 minutes trying to figure out how to respond before they come online. I am fucking horrified by those responses to "every one of your screens have memory leaks"

I got some work on a new project so I ran the 500, or so, unit tests and it took almost 3 minutes. Everything was mocked and no external dependencies so I got curious as to how on earth they could take so long.

I found some suspicious code doing a while loop over a date range incrementing by 1 day each time. It turned out the tests didn't initialise the start date which defaults to 01/01/0001, and there are 5 scenarios!

I got test execution down to a respectful 10s.

I fucking HATE testing JavaScript. It's such fucking bullshit. I've been struggling to test one simple functionality for multiple hours. It's probably one stupid thing I can't figure out, so I hope some sleep will grant me a fresh look tomorrow.

Also it's absolute bullshit the amount of libraries and dependencies you need to have to get some proper scalable tests going. Jasmine, Babel, ES2015, yarn/npm (because Jenkins is too fucking old to handle yarn). React, react test helpers, webpack. The list continues. FUCK OFF!

Wow!
Makefiles are SO much cooler than I thought before

$< = the first dependency file
$^ = all the dependency files
$@ = the build target

AND if I try to build something who's dependencies don't exist, it'll automatically try to build them!

I just removed a couple of packages from package.json and my compiled war went from 53 MB to 37 MB.

What the heck are you downloading node? I don't like such bloated packages.

"The hardest part in programming is installing what you need."-the guy that almost threw it's PC out of the window because he spent 2 hours installing the wrong version of opencv

$ npm install ...
$ added 10 packages from 7 contributors and audited 21813 packages.

I realized that after some point you don't even think about your project dependencies growing. Because even adding 10 packages, it looks like it doesn't even changes the total number of packages. 21813, 21920, 21980... Does it even matter? Fuck.

Never remove Python (and its dependencies) from Ubuntu.... I'm not proud...

`npx create-react-app blah`
`cdls blah && npm audit`

63 vulnerabilities.
good fucking job.

To be fair, they're all minor, but they're all *exactly* the same, caused by the same freaking package. Update your dependencies already!

------

`npm i --save formik && npm audit`
68 vulnerabilities, three of them critical.

ugh.

Who here is programming with React Native and is crying about it?

It's so volatile. Shit it has done so far:

- Randomly changed my IP location that it serves to and npm start that shows the welcome information keeps the old IP address, so I spent way too long trying to figure out why it wasn't working.

- Constantly having to rm -rf the node modules and npm i them because Expo randomly starts loading so slowly that you want to scream.

- Downgrading my react-native-scripts version in the package.json because it hangs forever on the starting packager.

- I also had to downgrade my expo dependencies because during one of my node module reinstalls, it would update the version and apparently Expo is incompatible with its own updated version.

And now I'm randomly getting an error that's apparently a known bug in one of the react dependencies and now I have to downgrade that as well.

Just. Why.

So I see some rants hating on OOP here. Lemme get the record straight: OOP is trash without SOLID principles. They're like husband and wife, Mass and Divine Office, developer and rubber ducky, cat and catnip. Car and garage. DuoLingo and push notifications.

For example, without the Liskov Substitution Principle, you'd have this god abstract class that has lots of abstract methods, some of those methods will only be used by other classes (as in filled with subclass-specific code) and remained unused by the others.

Without Dependency Inversion, your classes would be chock full of dependencies invoked at property level and you find yourself repeating the initializations of the same dependencies across classes.

SOLID is OOP's inner mainstay. Without SOLID, your OOP codebase would be this beast you have to feed that grows ever increasingly violent. You have a beef with OOP, fine. But I think it's unreasonable for a developer to hate on OOP if they do not implement some SOLID principles on top of it at first.

A Visual Studio solution that had 62 (SIXTY TWO) projects for a webpage that was like 8 user forms total was like going to a shop to buy 3 items and receiving 15 tickets for that.
PMs saying no to refactoring due to not having enough time for a months. The first task took me 2 days just by fixing cyclic dependencies among the libraries. Went home and merged all the projects to just 3, building instantly in just two hours. Fuck idiot PMs that do not know how to code, buys shit and don't listen to devs. Fuck all idiots.

So we have an API that my team is supposed send messages to in a fire and forget kind of style.

We are dependent on it. If it fails there is some annoying manual labor involved to clean that mess up. (If it even can be cleaned up, as sometimes it is also time-sensitive.)

Yet once in a while, that endpoint just crashes by letting the request vanish. No response, no error, nothing, it is just gone.

Digging through the log files of that API nothing pops up. Yet then I realize the size of the log files. About ~30GB on good old plain text log files.

It turns out that that API has taken the LOG EVERYTHING approach so much too heart that it logs to the point of its own death.

Is circular logging such a bleeding edge technology? It's not like there are external solutions for it like loggly or kibana. But oh, one might have to pay for them. Just dump it to the disk :/

This is again a combination of developers thinking "I don't need to care about space! It's cheap!" and managers thinking "100 GB should be enough for that server cluster. Let's restrict its HDD to 100GB, save some money!"

And then, here I stand trying to keep my sanity :/

unpopular opinion: javascript has broken standards, and nobody corrects it. people use these frameworks and shit with 600 dependencies, then can't figure out how to update their application when things go out of date. now people are expecting you to use NPM to make a - - > static <- - website

Time spent during a nodejs project:
- 2-4 hours trying to install modules and dependencies.
- 1 hour actual coding!

Plus 247 errors and dependencies.

When configuring a digitalocean server and install shit loads of dependencies takes less time than npm install .....

I love and hate at the same time how the dependencies of some projects can turn into projects themselves.

Working on a quite big project right now and need notifications in the form of smartphone notifications/signal messages/emails right now for that which is nearly all working but now I'm realizing that it'd be ten times more useful to write a general messaging gateway/API wich can be called through a url which handles any type of messaging/notifications I need to send out.

Love it because those kinda projects are useful and awesome imo but that'd be YET ANOTHER project 😅😥

That moment you receive an email: your CI build is failing.

Ok. What went wrong?

Three new commits that do not seem to alter anything related to the failure.

*reverts commits and tries again*

Still failing.

WTF?!

*restarts previous builds*

They now fail too.

FUCK! BASTARD! Are you kidding me?

*investigates*

Turns out that repo of dependency changed and is not compatible anymore.

Argh! Son of bitch!

If only we could only download the entire internet and cache it in a disk at home

THEN I WOULDN'T HAVE TO FUCKING RECONNECT TO READ SIMPLE DOCUMENTATION EVERY FUCKING TIME MY INTERNET DROPS

I'M NOT DOWNLOADING A MILLION DEPENDENCIES I'M JUST READING STACKOVERFLOW, FIX THE INTERNET FUCK

Node.js: 3 dependencies, 8448 depents ... GG

I've never been more glad for ubuntu on Windows. Python dependencies (through babun) were fuckin' me left, right and centre.

The reason why "it works on my machine":
Python: dependencies

You add the next language and reason

When you look through your team’s custom protocols to figure out which one you need, and someone has not only made a massive typo, they then DOUBLED DOWN on the typo and made a bunch of dependencies based on that typo.

As in, the word “downloadable” spelled three completely different ways, and EACH ONE is treated like a different class with its own attached dependencies.

AND THE COMMIT MESSAGE ATTACHED IS “lots of cool stuff.” HOW IS THAT A COMMIT MESSAGE? WHICH ONE DO I USE?!

I’m never finishing this ticket, I’m going to get fired, etc. 😡😡😡😡😡

The worst architecture I've seen is WordPress.
How can you be so drunk to design such a filthy mess?
In some way PHP might be to blame. Its API is a fucking mess as well and may have stirred WP developers in this puke around so they couldn't come up with a better CMS architecture.
Don't get me wrong. I do love PHP. But only in it's OO form with namespaces and type hints and composer dependencies.

I've seen enough of PHP functional programming and it still haunts me.

There’s no better feeling then doing a full server rebuild, modifying several projects heavily to be portable and keep working under new infrastructure and loosing access to dependent systems.

Migrating everything across, firing up Apache.... and BAM the fucker just works and ssl labs gives it an A (it was a giant F with multiple vulnerabilities yesterday on the old server)

I freakin' love this message...
Welcome to the dependencies hell.

Hey if you make an app that specifically depends on gnome and has 2 gigs of dependencies on other platforms

fuck you fuck your ancestors fuck your entire extended family fuck everything you have, do and will ever stand for, i hope you contract ever imaginable diseases to the point where existence itself pains you.

Turns out our PHP dependencies are installed with NPM instead of Composer

Great. Now I have a notice period of two months to deal with. The bloody thing. I only joined two months back and I was careful enough to not develop any dependencies on me. Yet my manager wants me to serve the full notice period.

And they want me to finish developing this new software module before I'm gone. I had the idea for it. I'm not gonna make it their property. No chance. The fuck with it. They're going to wish they left me earlier.

when the junior dev updates all npm & nuget dependencies in the project to the latest beta versions to make an impression right after joining the project...

*needs to repartition disks
*is mounted, need live usb
*download and burn gparted live, ≈20min
*reboot, usb not bootable
*try again, maybe it's corrupt...
* nope it just won't boot
*download and burn puppy Linux ≈20min
*is bootable
*installs gparted
*opens gparted
*repartition disks
*NOPE
*e2fsck failed: get a newer version of e2fsck
*already the latest version
*hmmm, maybe if I build it myself
*dependency hell
*dependency hell
*dependency hell
*give up
*download and burn Debian live ≈40min
*try to install gparted
*can't get WiFi drivers working
*give up
*download and burn Ubuntu
*opens gparted (already installed)
*partitions disk, leaves to complete overnight (it will have to move ≈60GiB)
*comes back in morning
*computer went to sleep after 10 mins
*late to work but oh well I at least got it done

- build a self-service shell script to manage your environment in all kinds of ways with a single script and different switches

- ask tech manager for a server to keep that script [and others] at so coleagues should not bother setting dependencies up on their windows workstations

- be asked to list out all use cases

- be promissed your consolidated tool will be torn apart and replaced by 8 other tools depending on use-cases. Meaning 8 different browser windows open at all times to manage your single env

- be assured that this kind of improvement will take months and is doubtful to pay off

A couple of days ago I got sent this Node.js project that hasn't been touched in a year, to see what's missing compared to the requirements and estimate the dev costs.

-> Cloned the project
-> Checked the dependencies
-> Saw a library who's github was archived 2 years ago, and the latest version is a completely redesigned fork
-> Closed the laptop
-> Cried out loud "HOHOHO Hell NO"

Guess I'll see you in 2019, you huge pile of work, you...

Dev nightmares :

- Not finding bug fix on stackoverflow/GitHub .

- Losing code that hasn't been pushed to GitHub.

- Dealing with an unclean and inconsistent database.

- Installing Node Dependencies.

- Resolving CORS and 500s.

- Training a Linear Regression Model with 700 epochs on an entry-level Laptop.

Keep appending to this list.

#devrant #devnightmares

Compiling software on Linux:

Python interpreter? Easy peasy, just some dependencies here and there. Make does a good job.

Linux kernel? Piece of cake, 20 years of development will be freshly served on your machine after one hour compiling (I have a pretty powerful computer).

Tensorflow? Fuck this shit I am outta.

What is your story with self-built software? Which piece of code has the most terrible dependency hell?

So, my challenge for this year is to build a CMS, CRM and ERP system from scratch in my free time with Python and Django.

I need to get deep in with Python and I figured this is a good way to do it. I'm going to roll my own analytics and whatever else I possibly can. Hell, what I'd really like to do eventually is do away with Django and have it as a standalone product with zero dependencies. But one thing at a time.

Here's to a good future where I finally fucking commit to finishing a project!

Getting nugets and dependencies of a big project to restore properly (most of the time the dev fcks his solution up - it works for 'him')

NPM has this cool feature called "link" which allows you to easily link local npm packages as dependencies of other local packages for developement. It's so cool in fact that everything you run npm install it deletes all your links for fuck all reason

Learning Angular, starting with a hello world example:

$ ng new wtf
added 1180 packages from 1294 contributors and audited 21849 packages in 18.753s
found 13 vulnerabilities (9 low, 4 high)

Oh, great! Broken from the get-to! But wait, there's more joy!

$ vimdiff wtf/node_modules/is-odd/node_modules/is-number/index.js wtf/node_modules/is-number/index.js

Fresh project, is-odd requires is-number, the project itself requires is-number. And is-number is there twice in two different versions. The notion of a number must have changed drastically in the last couple of years!

Seriously? Angular doesn't even give me the chance to fuck up the dependencies on my own!

Web dev in 2016:

Keep installing node dependencies until it works.

Installing some dependencies with a tool from the company
« Error »

I click on More Details.
It was blank.
Thanks. Helpful as always 👌

I don't like when depending on something, e.g. smoking or coffee, but
still have to carry on dependencies in node_modules.

The one thing more annoying than my girlfriend is the chain of mail I get from Github saying,

"One of your dependencies has a security vulnerability."

Fuck nuget, .NET and whole C#, I'm solving problem with dependencies since yesterday.

I love python, but I hate dealing with python dependencies, especially on Windows.
I was tinkering and researching with neural networks, so I wanted to try out pybrain. I wrote my project, with pybrain installed via pip, and tried to build it.
Oh, what's that? Pybrain doesn't work with python 3? Well I'll download the version that's supposed to. Oh, that version has a deprecated numpy api? Let me just install those other resources. Oh, that requires a broken module that has no publicly available source?
Let's try python 2. Oh, now that's working, I just need to export environment variables for some "bls source". Some quick Google searching and the only solution that would work is building a bunch of cywgin modules by hand. That's fine, I have an ubuntu partition.
An hour later I'm compiling FORTRAN dependencies on Ubuntu.
Coding time: 1 hour
Dependency time: 3 hours

Developers who think complex code is good.

"Oh, lookie here, I can swizzle methods and inject dependencies in the runtime!"

"Although we have no valid use case, let's use dependency injection and follow the commandory stateor patterns because I watched a video."

Just because you learn something new that looks cool does not make it practical, you tosser.

You just realize the sheer amount of dependencies spring boot has, when maven tries to resolve them while sitting in a train with bad wifi

Your "feature" just became my problem. Your "great idea" is now my migraine. What you did in 300 lines, another team was already doing in 5.

The next time you `brew install...` on your laptop, you should fucking think that the infra team has to install those dependencies, on every server, too.

In less time than it took you to create your code, I could have given you several functions to call. I could have saved all of us weeks of work. Fucking ask cross-team before you cowboy code your next big idea please.

Got a problem you need to be solved, somebody else probably solved it, just fucking ask.

Dependencies and backwards compatibility

Can shit just fucking work instead of me having to download old shit that doesnt fucking work on the newest version of the OS that I use because the fucking program can't use new dependencies?

I'm looking at you you fucks that don't want to update to VS 2019 and force me to uninstall it to download VS 2015, its 4 years old for fuck sake!

Why python can't into proper dependency management?

I Node.js we use npm. Modules are downloaded per project and packaging is easy.

In Java we use maven/gradle. Never been so easy to build and download libraries and package your project.

But in Python? No, it's not easy. You have to use virtualenv first so pip/anaconda won't download globally, then you must write setyp.py in a million different ways. Packaging and distribution to clients? Good luck with that.

I have the habit of adding //todo comments to my code whenever I need to implement something later. Very useful to just search your code for "todo" and see what is left to do.

That is all very well, but I just searched my project for "todo" and there are SO MANY //todo comments in the third party dependencies...

The joys of having NPM put all my dependencies sub-dependencies in my modules folder ☺️🔫

The way I was told to write unit tests was particularly terrible.

No mocking of objects or dependencies so the tests ran the actual code in full including updating databases and files. Then at the end of each test there was code to restore all changes back to before the test.

Each test ended up being over 100 lines. Madness.

When you want to move your site off of jQuery, but all the dependencies still use jQuery.

Also screw those services that write their client code with jQuery. Screw you all!

I miss the ease of installing shit on Windows, none of this missing dependencies nonsense!

A co-worker was running into a little permission issue with some dependencies and my reflex was to say, "chmod dat hoe!".

Wordpress updates > breaks jQuery dependencies
Requests theme update > theme update upgrades database without asking
Database upgrade breaks child theme > spending 30 mins rebuilding the filestructure and database from a backup

I'm getting caught up on my personal project because I need to generate a lot of Dynamic HTML using JS and it's just a pain. I hate adding dependencies to a project, especially personal projects with no deadlines, so tomorrow I will be writing a vanilla templating system, and hopefully that will un-funk me.

I don't consider myself a guru in JavaScript (hell I studied theoretical chemistry), but I do hate much of the rationalization behind building a Jenga stack of libraries, frameworks, dependencies... for building everything web related.

Many of the problems I see people solving with these giant stacks could be easily solved understanding how websites work (html, css, js and how interact with each other) with no dependencies giving smaller (for end users at least) and more maintainable code (in the sense it would not require updating dependencies that may be discontinued...)

I do imagine situations where these are ideal... Since there are not absolutes and developing is very context sensitive, but man if I have js article fatigue for ridiculous scenarios.

I love the simplicity of jQuery and Angular 1.0 - you just include the JS files and off you go. No additional dependencies or messing around.

I just spent my day analyzing module interdependencies in our project. Amfter comming up with a way to graph said dependencies using an analisys tool and some custom filtering, and comming up with suggestions for breaking unwanted dependencies, i get this as a review comment: " yeah, I don't reaaly trust that the graphs are showing the whole picture. Use <gradle dependencies> on each service instead". The lunatic actually expected me to sift through all of our services, by hand, and run that command and analyse the result, wich is a great wall of text.
Joke's on him though. I wrote a script that did all of that for me and captured the results. Then i just sent it to him. If he's so unsure, then he can sift through the wall of text himself.
Even funnier is the fact that tomorrow is the last day before i go on leave. He'll probably end up doing the actual cleanup himself. 😂
I don't want to seem stuck up but, at the moment, there are several other priorities higher than this refactor, yet management is insisting that this is a must have for go live, so I have to commit.
What would you rather have, an app that works, or perfectly neat and tidy, broken, code?

Aws Lambda and serverless framework. Yes FaaS is cool. Love it. But it is pain in ass when you have the only way for you deploy is zip the fucking code with all the dependencies. Comm'on AWS you can do better. Look at azure functions. Please give me a git deployment support. Please I beg. Each test iteration takes like for ever. Also no proper local emulator. Fuck you AWS. Fuck you serverless.

I hate dependencies... I'm stuck on a project because I need to wait for some one else to provide specs and access to their API.... And well I was also given a deadline...

Had a 5 hour call today, where we wanted to set up a system from one of our subcontractors in our own environment. Struggled forever to get the backend up and running.
Turns out that some dependencies were hardcoded as local file URLs...
No, our linux machine does not have C:\Users\<username> 🙄

Our company has a giant folder that you have to download every release. It contains all of the dependencies within the company and every config file.

Twice a month your workspace gets fucked...BECAUSE THESE FUCKING GENIUSES CANNOT USE FUCKING MAVEN! What the fuck?! What idiot came up with this stupid idea?

Set-up a 5 node EC2 cluster in AWS; Install my dependencies on all; Add private keys between all for handshake; Submit my Hadoop job for processing; AWS closes my instance within 10 minutes of starting a job that took me almost half an hour to set-up because the master node's spot costs have reached more than 15 USD :(

I have a serius dependencies problem. (I've never used drugs:)

You wake up early on Saturday to pee and you have a bunch of alerts in your inbox about failing dependencies in production. But you haven’t gotten any call or text from your boss. What do you do?

Well, I started browsing devRant while waiting for the next scheduled alert hoping my brethren on the other end of the systems resolve it and I wouldn’t have to login.

>ooo new thing to play with and learn, yay!
>*Installs using directions*
>Hello world program fails
>Oh I need these dependencies
>Wait the deps all need their own deps...
>But one of them is deprecated.. what do?

I love the feeling of working on something new but
I hate ending up spending more time getting a workflow setup and chasing down random bugs or hacky fixes just to get something stable so I can start working!!!

I just wanted to create a small website using PHP MVC... Haha

So I had someone question why their system was broken after they installed my software and all of its dependencies to /usr by hand... ._.

-- Who are we?
#Developers.

-- What we want?
A #stable project environment.

-- What do we say to project #dependencies?
Never again!

That moment when you realize you lost control of everything ¯\_(ツ)_/¯

One hour passed and all I did is trying to fix React Native project that is refusing to compile which was perfectly working couple of days ago. Life is fun right?

When you spend half the work day and skipping lunch to resolve dependencies and process packages for an API but realize you're using the wrong OS…

A quick rant about dependency injection.

I see far too often in projects, a huge over-reliance on dependency injection / IOC frameworks which permeate throughout the entire codebase.

I cringe every time I see a constructor annotated with @Inject and 10 params.

The benefit of these frameworks is how easy they make it to manage many dependencies. What I dislike about them, is exactly that. I feel that they make it TOO easy to manage many dependencies.

How trivial is it to simply add another constructor param? exactly. And people then wonder why their dependency tree looks insane.

I am a strong believer in injecting dependencies the traditional way, via the constructor with no fancy framework. The reason being that it forces you to think more about the dependencies you are adding to your classes, and consider if they are really all needed.

The other problem I have with it, is it basically encourages you to inject everything because its so easy. The purpose of dependency injection is inversion of control and allowing classes to depend on abstraction rather than concrete implementation. All that goes out the window when you @Inject 6 different concrete classes.

Use dependency injection for its intended purpose, not as an excuse to be lazy and avoid thinking about dependencies.

I think this DDoS attack has made a few people re-evaluate their runtime dependencies

I've sat with this shitty bug since 9:00 this morning. Just finished fixing it. What could causing such a fatal problem you may ask? Not pinning fucking dependencies.

*facepalm*

Most of the times I feel like I install stuff for longer than I code... Just random thoughts.

the dependency has a dependency with a dependency

I suck at unit testing. I really fucking suck at it.
Every time I try to write a unit test, I think to myself, what the fuck am I doing? How does this even work? What am I testing? Why do I need to new up 100 dependencies? how do I test this private behaviour from the boundaries of my object? Can I even substitute a Factory delegate? Does that even work? What if my object needs a dependency to have certain state? How do I mock that?

Does anyone have any good reading material to make me not shit at writting automated tests?

I was in charge of updating the dependencies on a microservice we have. Everything was at least 3 years old. Nice. How bad was it gonna be?

Jesus Christ, I have never felt so wrong.

A certain dependency I will hide under the name w******js allowed custom functions for a feature that accepted three arguments: paramA, paramB, paramC. The old installed version, 1.x.x, did what was intended, but for some dumb reason, 2.x.x calls the function with paramA as paramB and paramB as paramA!

It took me a god damn while to find out why shit wasn't working as expected. Who thought this was a good idea?

I was in dependency hell for two days.
Im a junior working in a team creating an ember app. Suddenly a main component refuses to work since an addon threw "EmberObject undefined"... Nobody could reproduce it and we where out of ideas, so I tried fixing it for 2days (7h total). I finally got it working after updating yarn :D
It never felt so good working again :)

rm -rf "specific versions of dependencies that have not been documented anywhere".tar.gz && make clean all

*Tries to build the .deb with the new versions of dependencies*

Result: get told to kindly fuck off.

... It was a fun weekend trying to hunt down the specific combination of versions to successfully build it.

Heck yeah,
So an old Ionic 3 project wont work on the newest CLI.
I check around for the error, update some dependencies, sure enough it starts working again, all is great or so I thought.

Later something weird starts happening, upon pushing a new view on the navCtrl, the navParams are null on the next view.
I later find out that navCtrl is becoming navParams just on the first bit of the view loading, so I do a dirty fix just to keep working on the functionality from my browser, I know very well this will cause problems later on, this is just so I can keep working on functionality.

I finish all of the functionality and I'm ready to compile for android, I run my script, the dirty fix comes to bite my butt now.
I remove the dirty fix hoping for it to work just well on the apk.
Now gradle doesn't find ddmlib.jar, some 15 minutes of troubleshooting do nothing.

Fuck it, I'll just create a new project from the CLI and drag all the code there so that navParams work as expected.

Sorry Ionic, but the world is not our oyster when subtle changes in dependencies produce such unexpected behaviour, with some fucking view parameters!.

I'm looking forward to get done with all the current projects to jump back to native.

If you are using arch and are making packages from the aur all I can say is use makepkg -s because then it will install all the dependencies for you.
Yay

when you install a module on limited internet connection and it comes with over 50 dependencies

TL;DR: if you are using using react native, use uglify-es@3.2.2, any newer version might break your project

I wonder how many react native projects the boys at Mishoo fucked up, mine included.

I spent 5 work days to find an unrelated issue on RN's git which had the solution to my issue in the comments which was totally different from what was being presented in the issue.

Fucking aye.

I love javascript, but packaging really is its downfall.

Company Infrastructure Team: We are doing away with proprietary libraries and using standard Java instead.

Also Company Infrastructure Team: Here have a fuck ton of new proprietary libraries with dozens of nested dependencies. Oh we don’t use Maven by the way because we are fucking idiots.

I tried to install a simple Python package today for a simple 10 line program and spent over an hour installing dependencies and reading documentation.

Installing 1 NPM package...

350 more dependencies installed :D

When you have assigned stories that are blocked by other dependencies being developed in the same Sprint... Oh boy, someone is not going to finish on time u.u

Installing a deb file on Manjaro. 😐

Tried Docker...over complicated
Tried dpkg... dependencies nonexistent in manjaro.

Snap packages?
Appimages?

Our Swift teacher at college manually creates a Podfile for every project and copies and pastes the basic initialization from an existing project, pastes the cocoapod dependencies and then installs them using terminal instead of just doing a pod init and then using nano or vim to paste the dependencies right inside the terminal. These are the times I genuinely feel sad for the way Indian education system is and the way we're taught coding in colleges here.

Started new internship last week, hired as dev but working qa till their next release goes up. See last 3 posts for some horror lmao. They... don't know how to use git but insist they do. 275MB single repo for entire angular frontend (no dependencies are pushed, few images) and "angular backend" (according to PM). Commits to master, bad commit messages, no testing except me on qa..... death

Hopefully at work we have successfully migrated from a combination of MySQL and Mongo to only Postgres. Also we finally split up our monolith into medium sized services, so we can actually do something interesting and update our dependencies.
And port one of the services from Java Struts to Django..
..but that is only if developers were to set the plan...if sales/management: new feature here! new feature there! sell sell sell! No time for maintenance!

I'm trying to get into react for side projects but my java and backend background in general really make things tough. Let's say I have a few data manipulation functions that I want to extract to a separate service and inject it using react hooks (since that's what everyone is using nowadays apparently). I can see it being much more elegant than props, but all the examples I can find resolve around passing state here and there, not passing actual dependencies like a stateless service. Any ideas how I should solve this?

Managing dependencies with npm or yarn feels like trying to communicate with a bunch of hipster kids. "Ugh omg I no longer hang in that namespace like that was so two weeks ago"

qt compilation 2: electric boogaloo.

$ ./configure [dozens of options]
< building qmake, blah blah, success blah blah, run make && make install, blah blah >
$ make -j 8
< works for 5 minutes, then hits an error without telling me what the error is >
$ make -j 8
< works for 5 minutes until the same error. this time i notice it rm's a directory right before using it >
$ make # multithreaded fuckery, perhaps?
< fails after 5 seconds with different error >
$ make -j 2
< same >
$ make clean # fuck it, clean up and try again
< fails after 2 minutes of cleaning >

The C/C++ infrastructure. just everything about it. and i'm not even using dependencies here.

Reading someone's legacy package.json
{
.... stuff
"licence": ....,
"dependencies": { .... },
"bugs": "run for the hills"
.....
}
what is this? am I supposed to find an issue tracker in some unnamed hills

When you download whole SDK, install lots of dependencies. Setup everything. And the moment you want to start working, your internet stop working. I would consider that a sign from a good but too bad, I am atheist.

Bought fucking nvidia gpu to test speed of some fucking machine learning models that generate speech.

6 hours wasted already for installing fucking dependencies
cuda, fucking tensorflow gpu, bezel and other shit

Fucking resetting password to download deb with cudnn,

really ??????? fucking emails are not delivered to my fucking mailbox

After mass click of send email and multiple account ban and unban I figured out I should login to nvidia website and then allow access to fucking developer every time I want to log in there - fuck shit

Uninstalling everything now looking for fucking compatible versions between software.

10 years in this business still fucking installation of dependencies is most difficult part

Fucking corporate business and their shitty installation instructions to fuck up peoples lives and switch them to the cloud.

Same was with fucking kubernetes

Fucking software dependency hell

It’s worse then ever before.

Fuck ....

Started working with a startup. They have one Dev guy, who for some reason is using both python 3 and 2 in the same git repo, and had no requirement.txt or anything to really track dependencies....

For fuck sake, the Dev guy is actually intelligent, but really freaking messy.. why can't he have this basic thing done...

- Need a module to work with PDFs
- npm install
- But wait, that requires some dependencies
- And those dependencies require more dependencies
- Python not found
- Issues with env variables and wsl
*Bajillion hours later*
- poppler-qt5 not found
What the hecc is a poppler and why do I need it?
:/

Saw a git repo that contains the node_modules folder and some dependencies and was wondering how'd fuck did this guy get this up here.... Mehn some devs can be super powerful(funny)

Am I the only one who very often creates a new project folder and copies all the code because it's easier than cleaning dependencies and such?

So some colleagues of mine really love using mocks in their tests. They mock everything - external dependencies, data transfer objects, and wait for it..., wait for it... their test subjects 🤦‍♂️.

What do you do when you are hungry/peckish and it's late?

It's 🌃 time and I don't have anything to eat (except maybe some stupid cookies)

I wish I could do
'npm i snacks'
or
'sudo apt-get snacks'

And I would receive snacks from my computer or something..

npm might also give some extra snacks plus ingredients as dependencies 😅

Maybe I can make coffee..☕?

So an update on my last rant(s) about dependencies and wasting time...

Today I finally lost it... With deadline fast approaching, i went to the big boss and he basically got everyone on his team to get their shit together and give me what I had asked for... 2 weeks ago...

It only took them 30mins.... Just the correct SQL query really...

Lesson of the day: First read installation tutorials for software on linux completely before doimg esch step without knowing the rest...

Our configuration manager is leaving for a new job and now the office is crumbling.

How do you deal with person dependencies at your workplace?

Python is really beginning to turn horrible now. Legacy codes...argh!! why don't developers move already to python3? and all those horrible third party dependencies for only 2 which somehow break after even some mending. God save them. Horrible night.

So I'm getting brought into a team for our backend services of our administration application, and they're explicitly using Flask (Python library) for their exposed API in their application and data tiers.

As I'm familiarizing myself with their code, utilities, and dependencies, I notice they're stacking 7-8 decorators on their routes from their in-house utility module.. After further investigation, I realized half of them were entirely unnecessary, and they were proofing payload responses three times for the same JSON format.

The fact that we're using Python instead of Node or GoLang for our REST services is pain enough, but these god damn in house utilities are killing me.

The real web development is optimising the shitty front end code.
The task assigned to me is optimisation of dashboard page of website which was developed by freenlancers.(end of contract from their side)
The front end is mess. Individual js files (bootstrap, popper, jQuery, jQuery ui, loader and main) loading in production inside head tag of html file
No text compression.
Every template has random number of their own js files in any block of template. Nothing structured. There will be fantastic waste of time figuring out file dependencies.
Same with css files. Some are scss, some plain css. No compression. No proper modules.
Basically, I have to go through 25-30 html files. Then understand, which template is extending which one. Go through all js and css files in each html file and again understand dependencies between them
This is gonna be real fun.

It makes my blood boil when my colleagues (who have been here for ages) know that maintaining dependencies in code is important but don't even action it because they give the excuse of having no time or the pressure of finishing it on time.

It angers me that I'm now in .dll hell and they don't even consider the time or push a valid case to fix the issue. It also frustrates me as I've realised that they have grown complacent/indifferent, not even attempting to change it.

>where is the code that is in charge of that?
>that's the infrastructure dependencies job
>oh cool. So what if I want to do X Y Z?
>the infra doesn't do that
> well who is on charge of infra?
>oh that was {guy that left 2 weeks ago} and anyway that code existed for AGES

So now I'm drowning in foreign spaghetti because people didn't want to disturb the holy infra and just made workaround in the services themselves. Good thing I got my nylon overalls for maximum shit protection

Anybody yet with Ubuntu 18.04 LTS on their server? any issues, anything that is majorly different to 16.04?

I was still starting servers with 16.04 but now that laravel needs php7.1 and install candidate seems to be 18, it would be much more handy, not having to each time add the third party ppa, for the most basic dependencies

Dear Python linters, why can't any of you implement some actual linting features? Like, say, consistent use of single or double quotes? Or dict() vs {}? How about indenting nested function calls? Forcing list / set / dict literals as multiline? Trailing commas?

And while I'm at it, why can't you handle dependencies properly? Say, separating linter & linter plugins from the remaining dependencies in a way where I don't have to manually remove them from the requirements lockfile every time?

Searching for an hour about an insanely obscure issue only to find any unclosed github thread is like some sadastic ending to a Twilight Zone episode.

"Picture this Chachi, a web developer caught in a web. Depending on broken dependencies, his employers depending on his broken dreams. Waiting for a page to load about issues with loading pages. Open source, or open mind? Is an issue ever really resolved? Or is a flag just checked? Picture Chachi, a web developer caught in the github zone."

Fuck, there‘s this cool tool react-admin. I want to use it as generic CRUD UI for my framework. Basics work already.

But fuck it this fucking react crap a PITA. Who for fuck‘s sake invented that shit? Damn facebook crackheads ..
JSX ... the worst idea ever.

I worked with vue before and then .. easy, just awesome.

But this crap is utterly unproductive, way too complex, ugly syntax, needs an unholy shit if dependencies, let alone the build system ...
Fuck u react fuck u ...

One of these days i'm gonna pop a blood vessel, trying to keep all my dotfiles organized: syncing the files themselves is easy, just shove them into git, the problem is that i have to install dependencies on different distros (Arch, Debian and Ubuntu):

The package names are different, the paths are different, fuck with Debian i need to compile from source anyway because most of the packages i need aren't available. Its taking me so much time writing distro-specific installers, just so i can deploy my setup on different machines...

Its at times like these that you appreciate just how mind-boggling fragmented Linux is as a platform :D

I fucking hate working with older software

I have a visual installer project, and it automatically finds the dependencies to make the setup file.

if I rebuild a certain reference, in which I made no changes, and then refresh the dependencies, it will add another dependency that already exists, but outside the dependency folder. So now I have two exactly fucking the same dependencies.

i can remove it, but removing it doesn't change any of my files. So there is nothing to commit. If you restart the project, its back.

And first it required me to actually add the dll to the build folder before it would build. And suddenly not anymore.

Im pretty sure its either the outdated installer software or visual studio 2013 fucking with me.

It also randomly added a dependency from blend. Which is apparently a known bug, but never got fixed in the two updates after they recognized it as a bug.
Fuxx you microsoft...

A client project came with a bunch of references missing, and nuget wasn't properly restoring them. I've just spent most of my weekend trawling through the dependencies, extracting them from their nuget packages, and putting them in the appropriate folders manually.

Slowly developing a horrid hatred of nuget...

Hmm. I've been wondering how I'll deploy an api based on a microservice style the smartest way... The general plan was to use salt to setup the base server and install dependencies and add the configuration.. Doing updates would be a git pull and pm2 restart api. I would love to know how you deploy your software ?

Do you know that lady who waits in line at the grocery store for ages and when it's finally her turn she suddenly realizes that she might need her wallet somewhere from the bottom of her bag?

That's our current business analyst managing external dependencies like a boss... :D

Fuck you Spring and your stupid cryptic, useless, no relevant information error messages.

"Oh I am crashing violently because some of my internal component cannot automagically talk to another my internal component" says spring.

Well shit, why do I let you manage your own dependencies if I still need to hunt down what garbage transitive dependency you bring in 5 time.

YOU HAD ONE JOB!!!

git add --all && git commit -m "Alright, here's a story for you. I set out to create a navigation mechanism on here, so we could have back buttons and tabs. I also wanted the ability to customise the UI elements. In order to do that, I combined two dependencies. Each one of them provides us with some of the functionalities we need and there's quite a bit of overlap between them. Moreover, each dependency creates the UI elements differently. So customising the UI is becoming a nightmare already, since it's getting harder to tell which one of them is affecting a UI element's appearance. In spite of all that, we have an app that navigates and has tabs."

How to update a react native project:
1. Run react-native-git-upgrade
2. Notice that your project dependencies are mucked up
3. Try to fix node modules and the build process
4. Find out the moon landing was a hoax, wait what?!
5. Use react-native-init to create a new (working) project
6. Copy code files and dependencies to new project
7. Wait for new version :)

Dependency hell - when you have a package you want to update and then you find out 3 other things depend on that version of that dependency and then your pretty much screwed so you just leave the original version of the package you were trying to update in place.

So I upgraded the dependencies to the latest version - and it’s all gone to hell. Of course it has...

god building ue4 for Linux takes quite a while and I'm not even up to compiling. the dependencies are 6GiBs large and my internet is only 2MiB/s

Well, I just finished resolving the problems with my Angular dependencies. It has been 3 days of trying to come up with the solution, and in the end, it was all a matter of version mismatch of three dependencies. Now I can (actually) get to work on my project.

C++ circular dependencies.. Gave up debugging on that so many times

Each time I have many dependencies in the project

Waiting for gradle to finish "Resolving dependencies..."

Thanks to my parents to create an Application Context and autowire all my Dependencies required to live a happy life.. !!! The best framework that provides IOC -- Parents.
Note: Finally understood spring framework IOC and DI concept.. many more to understand..

Taking into account the way npm manages dependencies, how many modules do you think I had to include to download the whole npm?

What if life was on git? Where you can simply create new branches of it, stash shit, remove dumb people with dependencies and finally the ability to turn back time with this version control.

If you publish a package over Composer - or in fact any package manager that allows optional dependencies - please don't make dependencies that aren't **absolutely necessary** required.

Is it a theme for your nice app? Don't make it required, some are not going to want to use this theme and don't want to deploy extra Megabytes to their servers every single time.

In fact, someone may even want to replace that dependency with a fork, like a customized version of that theme because it is not flexible enough! Forcing that dependency means it can only be replaced with hacks.

I am looking at you, `oxid-esales/oxideshop-metapackage-ce`, with your extra themes and demoshop data that makes the Deployer tool push and copy around half a Gigabyte of unused assets on a website every single deployment!!