At the heart of dependency management, whether we're talking about programming languages or higher level platforms such as operating systems, is people. Dependency management is a social act of people sharing and using each others work.
With people at the center of it all we have to deal with things like:
- Trust. Who trusts who and to what amount? How do we verify something came from a trusted source? What about people caring about different needs of trust?
- Accidents. People aren't perfect. We screw up. How do we handle and work with imperfect people?
- Disagreements. We are good at disagreeing. We end up putting a lot of work into trying to come together. Yet, even when we work together on specs or agree to use them there are cases where people break from them. How do we handle that?
Even before we get to any of this we need to acknowledge that people take on quite different roles in the system of dependency management. Those roles can be wildly different from each other. Sometimes we even need to talk about which role to prioritize over another when making design decision.
Yet, how often do we think of these roles and their differences? Let's take a look at them and see what we can find.