Linked by Thom Holwerda on Sun 15th Oct 2006 11:02 UTC, submitted by michuk
GNU, GPL, Open Source "There is one huge difference between the free and non-free software that has some very practical implications in the way we use it. One of those implications are the dependencies between single software packages in the free software model. What do they have to do with the free software philosophy and why should not you be afraid of them? Read on to find this out."
Permalink for comment 171871
To read all comments associated with this story, please click here.
Dependency hell comes down to linking ...
by MacTO on Sun 15th Oct 2006 15:29 UTC
Member since:

Yes, I know that there are at least two different types of dependency in the Linux world -- but I am going to focus on programs that link against external libraries.

There appear to be a few myths about libraries that are spread around by computer science types. And there were also a few myths added by this article. Let's look at the latter first:

1. Windows programs don't have external dependencies. Of course they have them. Windows developers simply know which components are a part of the operating system and which are likely to be a part of the operating system in the future (e.g. .Net). Windows developers also use libraries developed by third parties. It is just that they bundle the dynamic libraries with their software or use static linking. A well behaved application won't install those extra dynamic libraries as part of the system.

2. Dynamic libraries save disk space and memory. This is only true if a large number of programs use the same libraries. And I do mean a large number, because dynamic libraries are usually designed as general purpose libraries. That means that a lot of the code in the library will not be used by a given application. When you are using static linking, the linker can frequently figure out which code will not be used from a library, then discarde it. So it is not as though a statically linked program has to be excessively large.

3. Dynamic libraries can be updated to fix bugs and to add security patches. If there is a known bug with a library, third party developers will usually write their own code to work around that bug because they cannot necessarily wait for a bug-fix. A Linux box will frequently have several versions of the same libraries because of incompatabilities. Those old versions are rarely updated to account for bugs or security patches anyway. So this effect is limited.

Yes there are times when dynamic linking is good. Core operating system components that have a stable API is one such case because you can make extensive use of the shared code aspect and you can have updates without breaking stuff. Which, incidently, is what happens in the Windows world (for the most part). The Linux world doesn't fit into that model very well, which is why Linux is known as having dependency hell.

Edit: wrong choice of a word.

Edited 2006-10-15 15:30

Reply Score: 5