[imauld]

I sidestep this issue on my personal projects by using Docker w/ Python (although this is probably applicable to other languages). I use this at work in production as well although to a lesser extent as we aren't containerized for most services.

I create a base image that has all of my deps installed in a virtual env. Use that base image as the `FROM` clause in the next image. Additionally if you were to rebuild this image and a dependency went missing or broke it's trivial to go back to using a previous working image.

So, I guess technically they are checked in since a copy of the system and thus the libraries/binaries on it is stored in a Docker repo but those are separate from your code and well abstracted away. You can also easily run your own PyPi server on your network to avoid going to the web at all (this is probably also possible with other languages). You can also host your own docker registry so you can totally remove dependence on external versions of your deps if you want to.