Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
social.tchncs.de is one of the many independent Mastodon servers you can use to participate in the fediverse.
A friendly server from Germany – which tends to attract techy people, but welcomes everybody. This is one of the oldest Mastodon instances.

Administered by:

Server stats:

3.8K
active users

social.tchncs.de: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#dependencyManagement

0 posts0 participants0 posts today
Continued thread
Public
Kevin Bowen :xfce:

As an owner of a network, service, or application one must ALWAYS be defensive and understand why you place trust in another party.

Re-examine that trust with every update you apply. Sure, it sucks. But, that is the responsibility one assumes in owning any process. It's easy to #YOLO changes; but, know _why_ and OWN it.

A good deal of this article applies regardless of using SemVer or not. And beyond just software packages.

hynek.me/articles/semver-will-

The only person who is responsible for the health of your application is you. Your customers aren’t going to be understanding if you tell them that they can’t access their data because some teenager on a different continent broke your workflow by not adhering to SemVer as strictly as you’d like them to.
#Python#networking#dependencyManagement
Public
Thoughtworks

🔗 Struggling with evil dependencies in your codebase?

This article explores strategies to identify, manage, and minimize them—ensuring cleaner, more maintainable software. Don’t let dependencies slow you down: ter.li/7twu3v

ThoughtworksHow to tame evil dependenciesDependencies between software development teams in large organizations are an almighty problem making it important to look at dependencies holistically.
#SoftwareEngineering#TechDebt#DependencyManagement
Public
Yuna

🚨 When your code is a few KB, but your dependencies rival AAA game installations. Still believe in fairy tales of secure code?

Gigabytes of code you didn't write. Licences you didn't read. Security flaws you didn't anticipate. Yet, you trust them. Adorable.

Not just Node.js. Gradle caches, AWS libs with 400 sub-dependencies + reflection parties. In control? How cute.

I use plain Java with jlink + jpackage. Minimal. Secure. No bloat.

Fewer deps = fewer surprises. Because I care.

But hey, keep stacking that Jenga tower. Watching it fall will be fun.

Jenga tower
#MinimalismMatters#CleanCode#DependencyHell
Public
Benedikt Ritter (he/him)

🚀 New Blog Alert! 📚

Confused about 🤔 Gradle Version Catalogs vs Dependency Platforms? You're not alone! In my latest blog post, I break down:

👉 What each feature does
👉 How to define them
👉 When to use which

🔑 Key takeaway:
📜 Version Catalogs = simplify dependency declarations
🛠️ Platforms = align dependencies across your graph

📖 Read it now: britter.dev/blog/2025/01/24/ve

britter.devChoosing Between Gradle Version Catalogs and Dependency Platforms: A Guide for Application DevelopersIn this blog post we'll break down the differences between Version Catalogs and Platforms.
#Gradle#DependencyManagement#DevTips
ExploreLive feeds
About