[davrosthedalek]

I'm not entirely convinced that this is a bad thing. The dependency-heavy environments a la Node.js gave us some interesting security nightmares.

[arcticbull]

Yes Node is a nightmare, however, you don't need to use public repositories, that much is a choice.

Similarly, Cargo in Rust is an absolute dream to work with, you just run `cargo new <project>` and then `cargo build`. That's it. If you want to add a dependency you can do so from the public crates.io repository or a sub-path or a git repository.

No language should be without this core feature, so it'd be great to see C++ get it too.

[de_watcher]

Package managers of the OS distributions just work, so many people don't see it as a "core feature" for the language.

[arcticbull]

That's not the same thing at all. Different versions, sources, etc. Should they really be he job of the OS package manager even when statically linked?

[de_watcher]

When statically linked it's even simpler: the dependency is used only during the build.

[arcticbull]

Maybe I wasn't clear, I'm advocating a solid build system and build dependency manager should be part of the core.

[umanwizard]

What does this feature have to do with programming languages? Why do I need one dependency tracking tool for Rust, a separate one for Go, a separate one for JavaScript, etc?

I already have a dependency management tool for C++; it is called the Ubuntu package repositories. I don’t need another one baked into the language.

[lonelappde]

Ubuntu and other OS package managers are years out of date and they are at the wrong layer for serious projects because they are OS layer so not good for hermetic builds on build servers.

https://repl.it/site/blog/packager

[gumby]

> No language should be without this core feature, so it'd be great to see C++ get it too.

BTW modules won't address this. I'm not sure you did but some other down thread comments implied that some people thought it would.