Today I had to downgrade fastapi from 0.114.0 to 0.112.4 to make a software work. And it just hit me - what if pip didn’t support 0.112.4 anymore? We would lose a good piece of software just because of that.

Of course, we can “freeze” the packages into an executable that will run for as long as the OS supports it. Which is a lot longer. But the executable is closed source. We can’t see the code that is run from an executable.

Therefore, there is a need for an alternative to which we still have access to the packages even after the program is built. That would make it safely unnecessary for pip to store all versions of all packages forever more.

Any ideas?

  • jlow (he/him)@beehaw.org
    11·
    10 days ago

    Nixpackages or Flatpaks/Appimages(/Snaps 🙈) are a general solution to this (not in this specific case probably), no?

    • obbeel@lemmy.eco.brOP
      11·
      10 days ago

      But do Appimages make the dependencies code available? They pack everything into one working program, but what about the packages?