[philwelch]

Approach #1 lands you in a dependency hell where you have to maintain multiple incompatible versions of each internal library or framework, or each external library that's in use, multiplies the work involved in upgrading dependencies, and in other various ways leads to its own problems. There's no panacea but I can see the appeal of having a single shared codebase.

[Shorel]

Still, much easier to manage with branches than before git and mercurial were around.

[philwelch]

It's not a question of managing source branches, it's a question of whether you have to update your OpenSSL dependency once for the whole company or a thousand times over for each individual software package.