|
|
|
|
|
|
by pornel
148 days ago
|
|
|
Has anyone here even read the article?! All the comments here assume they're building a package manager for C! They're writing a tool to discover and index all indirect dependencies across languages, including C libraries that were smuggled inside other packages and weren't properly declared as a dependency anywhere. "Please don't" what? Please don't discover the duplicate and potentially vulnerable C libraries that are out of sight of the system package manager? |
|
|