this post was submitted on 30 Sep 2025
663 points (98.5% liked)

Programmer Humor

26713 readers
948 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
Feyter@programming.dev
anzo@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
663
How Docker was born (infosec.pub)
submitted 4 days ago by cm0002@lemmy.world to c/programmer_humor@programming.dev
30 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] Whelks_chance@lemmy.world 9 points 4 days ago (3 children)

And the discussion on whether or not to pin versions.

Pinned, these packages work together, but don't automatically pull in security updates.

Don't pin, things randomly change on each build, best of luck debugging things.

[–] mesamunefire@piefed.social 8 points 4 days ago

Oh yeah those are fun. Ive come across projects just 6 months after creation that cant work if they have a small version update. So it just sits there for a LONG time before a senior dev (mostly me) decides to get grumpy and fix the dang thing.

CI/CD builds can help....but you have to have someone keep an eye out for potential issues and, in best case, have a development deploy actually test the dang things.

[–] kionay@lemmy.world 2 points 3 days ago

I had success running unit tests for software deployments in pairs, one with pinned versions (error on a failed build) and one unpinned (warning on a failed build)

so at least you get forewarning when an upstream dependency messes everything up, and if the software changes are somewhat regular than each log of pipeline runs should show incremental changes making it easier to spot the package that started breaking everything

[–] Natanael 1 points 4 days ago

Pin API / ABI versions.

If you're able to track that...