It is a common sentiment that managing dependencies is always a big issue in software development and the reason why so many apps come pre-bundled with all the requirements so it reliably works on every machine.
However, I don’t actually understand why is that an issue and why people generally bash npm and the way it’s done there. Isn’t it the simplest and most practical solution to a problem - you have a file which defines which other libraries you need, which version, and then with one command you can install them and run the program?
Furthermore, those libraries and their specific versions can be stored elsewhere and shared across all apps on a system so you can easily reuse them instead of having to redownload for each program individually.
I must be missing something since if it were that easy, people would have solved it years ago and agreed on a standardized best way, so I’m wondering what is the actual issue and a cause of so many headaches.
When dependency tree grows, it is usually difficult to solve conflicts.
To allow faster development cycles, much complexity was shifted to dependency management in many modern languages. This exacerbated the “dependency hell”. To alleviate the dependency hell, much complexity was shifted to the infrastructural side (containerization, k8s, cloud, huge system requirements for memory and storage).
To address it we are shifting back complexity to code and developers (infrastructure as a code).