Falsehoods Programmers Believe About Package Managers

Pre-required reads:

Packages

  1. A package has a name.
  2. A package has only one name (see #26).
  3. A package name is unique.
  4. Package names are composed of ASCII characters.
  5. A package name is the same as its ID (see #11).
  6. There is only one way to install a package.
  7. Only one version of a package is available on a system.
  8. Package upgrades can be automated.
  9. All packages have a version.
  10. Versionned packages are immutable.
  11. Packages can’t upgrade themselves.
  12. A package can be reinstalled.

Package Managers

  1. Package managers provides the latest version of packages.
  2. Package managers provides clean packages.
  3. Package managers provides stable softwares.
  4. Only one instance of a package manager exist on the system.
  5. You can downgrade packages.
  6. A package manager can update itself.
  7. A package is found under the same name in different package managers.
  8. Package managers can resolve dependencies.
  9. All dependencies are provided by the package manager.
  10. Package managers have a CLI.
  11. Package managers behave the same accross OSes and distributions.
  12. Package managers tracks installed versions.
  13. Package managers can track removed packages (see #17).
  14. Package managers are documented.
  15. A package manager has a version.
  16. A package manager check package integrity.
  17. Package managers are secure.
  18. Package managers can be unittested.
  19. Package managers can upgrade all outdated packages.
  20. Package managers are forbidden to upgrade other package managers.
  21. Packages are only managed by one package manager.
  22. Installing a package doesn’t require a reboot.
  23. Package manager output is consistent.
  24. A package manager can upgrade a package installed by the user.
  25. All users on the system have access to the package manager.
  26. Package managers do not remove user data.
  27. Package managers can bootstrap themselves.
  28. Package managers supports maultiple architectures.
  29. You only need one package manager.

Meta

  1. Implementing a meta package manager is not a futile pursuit.