Today I had to downgrade fastapi from 0.114.0 to 0.112.4 to make a software work. And it just hit me - what if pip didn’t support 0.112.4 anymore? We would lose a good piece of software just because of that.

Of course, we can “freeze” the packages into an executable that will run for as long as the OS supports it. Which is a lot longer. But the executable is closed source. We can’t see the code that is run from an executable.

Therefore, there is a need for an alternative to which we still have access to the packages even after the program is built. That would make it safely unnecessary for pip to store all versions of all packages forever more.

Any ideas?

  • N0x0n
    link
    fedilink
    arrow-up
    3
    ·
    4 months ago

    While I don’t know of a solution I totally get what you mean… A lot of cool projects don’t work anymore because of that…

    Something similar to the container technology, where everything is packed into an image with all it’s dependencies to the correct version. The app would probably be a security nightmare, but could still work in it’s own contained system.

    This sounds like a very neat technology that Linux is missing !