@sir binary size tho .-.
with a good package manager dynamic linking is fine?
and the security updates point still stands, which is probably the most important argument for dynamic linking bc all of this other stuff is, as you said, somewhat irrelevant while we're still shipping entire browsers with our executables
@syntacticsugarglider @danyspin97 the hulking monster doesn't go away if you shove it into your libraries. Most programs *don't* share most libraries, odds are that when your program is installed most of its dependencies are also being installed for the first time - and you're probably using less than half of each.
And the importance of shipping security updates via dynamic linking is grossly overstated.
but... what? you can't just state something is "grossly overstated". how is it not a huge issue? openssl breaks constantly and if anything links statically against it it's not like it's going to get instantly rebuilt and updated and, even if it were to, you would have to redownload **every single binary** that uses it. you could say "just don't use openssl" but that's a "if things were nice they would be nice" argument
and honestly... i've heard a lot of refutation of my various arguments for why dynamic linking is advantageous
...why is static linking advantageous? because you don't need a good package manager? we have those. because you might end up with wasted space in fact if a library isn't widely used? well, as a developer one has no idea how widely a library is going to be used in the future at compile time.
@syntacticsugarglider @sir @emacsomancer @danyspin97 I'm confused. You have a vulnerability in some software, it's patched upstream, you rebuild / update it. Why is this an argument against static linking? I think I'm with Drew here, the percentage of programs depending on the same libs is too little for this to matter.
icyphox's personal mastodon instance.