On Friday, June 19, 2020 at 8:09:04 AM UTC-4, Neil Van Dyke wrote: > > For an important production system, you probably want the source of any > third-party packages on which you depend to be in Git (or another SCM > system) that you control. > > You might also want to audit those packages yourself, as well as audit > any new version changes to them, before you push to production. > > After you do those things in SCM, depending how you do it, you *might* > find it's more convenient to simply load the third-party code you need > using the module system `require` only, without an additional package > system. >
While I see some benefits of this approach, I just looked at a typical Rails project of mine, and it has over 160 packages with some packages depending on different versions of other packages, etc., so I think managing all of this myself in git might be overly burdensome. Granted, my current Racket apps have far fewer dependencies, but I expect that may increase over time. -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/racket-users/32b8f70a-4033-43db-aca3-b30b9023f3a3o%40googlegroups.com.
