But then we also thought about… Why these things take so long? It’s mostly because of the dependency hierarchy. And in C++ (to a much greater extent than Java to say) the dependency hierarchy is very uncontrolled. You include a header file, but you don’t know whether you need it or not unless you take it out and find it does not compile any more. And with all the #ifdef guards and nonsense like that, it is possible to have complete uncontrolled dependency stuff which causes things to be built many many times.
Mike Burrows, who built the Chubby server, was waiting for a build some day. (We spent a lot of time waiting for C++ builds.) He noticed that a file went by that he didn’t understand the need for in his binary. So he looked into it. And it was a file he never heard of in a package that had no business being linked in and the header file was being compiled 37 000 times.
I get frustrated by bad package managers. Users need to get an overview over packages, their dependencies and operations. It is time to define a clear set of conventions every package manager should adhere to:
- Users must be able to install packages.
- Users must be able to install packages with a specified version (default: latest version).
- All data sent between a mirror and the user is origin-integrity-verified.
- Users must be able to specify alternative sources for their packages.
- Users must be able to visualize the dependency graph of packages.
- Users must be able to list the properties of a package.
- Users must be able to dry-run package installation meaning check all requirements for package installation without installing the package.
- Users must be able to keep their system up to date if new packages are released.
- Users must be able to remove packages in a way such that no traces are left on the system.
- Package management should offer an option to distinguish between user-specific/local and system-wide/global installation.
- Package management should offer an option to claim a package is installed. Its sources are given on the system under a specified link. The sources can change at any time (and should because linking only makes sense for packages under development).
Such an implementation is not possible without well-defined version numbering handling (eg. semver), a good content delivery network and a good cryptographic toolbox.
After working on it for about 90 hours of work, I finished my article “How tux21b fixed my regex”. It provides a nice in-depth performance analysis of regular expression matchings. Basically my result is “nothing matters as much as the regex itself” and “we need to be aware how we write our regular expressions”.
Any feedback is welcome. I’m so frustrated not to get re2 up and running. After linking the library, the namespace (etc.) cannot be found anyway and my limited C++ experience did not tell me how to proceed. Any ideas?