The point about a single dev taking out multiple programs isn’t exactly wrong (relevant xkcd). But it’s a very entitled attitude. If part of the stack is that critical to you (especially for business), maybe consider supporting it or contributing to it.
The real issue is knowing when this is the case. Has anyone seen a solution for that?
a single dev taking out multiple programs isn’t exactly wrong
It’s also not unique to F/OSS. This could well happen in a business, and often does.
Has anyone seen a solution for that?
Short answer, anything that does dependency tracking and pinning. If a new release of a library comes out, you shouldn’t just upgrade to it without testing.
On a desktop Linux OS, I would expect the distro maintainers to do that testing before it gets pushed to their repos (as an example).
The point about a single dev taking out multiple programs isn’t exactly wrong (relevant xkcd). But it’s a very entitled attitude. If part of the stack is that critical to you (especially for business), maybe consider supporting it or contributing to it.
The real issue is knowing when this is the case. Has anyone seen a solution for that?
It’s also not unique to F/OSS. This could well happen in a business, and often does.
Short answer, anything that does dependency tracking and pinning. If a new release of a library comes out, you shouldn’t just upgrade to it without testing.
On a desktop Linux OS, I would expect the distro maintainers to do that testing before it gets pushed to their repos (as an example).