依赖项和程序包管理器之间的区别？ [英] Difference between dependency and package managers?

问题描述

实际上，这些实质上是同义词吗？还是我想念的东西？我使用了Composer（PHP），CocoaPods（Objective-C）和Bundler（Rails）。我相信他们将自己描述为依赖项管理器，但也可以将它们视为软件包管理器吗？

Practically speaking, are these essentially synonymous? Or is there something I'm missing? I've use Composer (PHP), CocoaPods (Objective-C), and Bundler (Rails). I believe they describe themselves as dependency managers but can they also be consider as package mangers?

推荐答案

我会说是的。鉴于javascript社区将这些工具（NPM和bower）的版本称为 程序包管理器 ，我认为开发社区实质上已将这些术语作为同义词。

I'd say yes. Given that the javascript community calls their version of those tools (NPM and bower) "package managers", I think that the development community has essentially synonymized those terms.

编辑，我要回溯一下。通常，我认为 package manager 一词与第三方代码的交付和安装有关。也就是说， npm 被正确命名为 node package manager 。如我所见，依赖管理器是另一回事。这是一个运行时编排工具。例如，有些依赖项管理器仅在浏览器中运行，以正确的顺序加载资产文件（请考虑requireJS，browserify，cartero等...-或认为是Symfony2或Laravel中的依赖项注入容器），但您不会打电话给那些包裹经理。软件包管理器类似于Debian的 dpkg 或节点社区的 bower ，它们实际上为您下载了第三方库（尚未包含在您的软件套件中）。现在，我认为当软件包管理器决定足够聪明地为我们解析版本号时，就会出现毛刺。因为 npm 之类的工具可确保我们声明的每个软件都具有其依赖项的所有正确版本（通过为我们下载了一系列依赖项），所以我们想调用它是一个依赖管理器。但是我认为说这是一个恰好进行版本解析的程序包管理器更为恰当。

EDIT I'm going to backtrack a bit. In general, I think the term package manager has to do with the delivery and installation of third party code. That said, npm is correctly named the node package manager. As I see it, a dependency manager is a different thing. It's an runtime orchestration tool. For example, there are dependency managers that simply run in the browser to load asset files in the proper order (think requireJS, browserify, cartero, etc... - or think a Dependency Injection container in say Symfony2 or Laravel) but you wouldn't call those package managers. A package manager would be something like Debian's dpkg or the node community's bower, which actually downloads third party libraries for you (that aren't currently in your software suite). Now, I think the burred lines come in when package managers decided to be smart enough to resolve version numbers for us. Because tools like npm make sure that each piece of software we declare has all of the proper versions of it's dependencies (by downloading a chain of dependencies for us), we want to call it a dependency manager. But I think it's more proper to say that it's a package manager that happens to do version resolution. It's really more of a delivery mechanism than a runtime tool, though.

所有这些，我想听听其他人对此有何评论。

All that to say, I'd like to hear what others have to say about this.

这篇关于依赖项和程序包管理器之间的区别？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！