[mgkimsal]

Couple other ideas:

Optionally bundling specific versions of libs (or compiling in statically), and placing in user's home directory, setting path to look there first (maybe that's what you're saying exactly?)

Stop using the same tool for updating userland apps and system core specific stuff. Same app for updating "/bin/ls" and for "audacity" is, imo, at the core of the brokenness. These are different types of apps with different areas of responsibility, but we lump them all together in one tool and process.

[harshreality]

They need to be lumped together into one update process. The package manager for each needs to be aware of the other so it can resolve incompatibilities and not overwrite files it shouldn't. Joe User is not going to run two different package managers to keep up with security updates. What you consider to be userland apps may be core system stuff to someone else. Package dependency graphs are not simple. Sometimes there are even loops, depending on what parameters you pass to ./configure

You can use one tool and still separate different sorts of packages into different areas of responsibility. A few distros do that, or at least are capable of it. Arch has AUR. Gentoo has a bunch of 3rd party overlays.