Fixing Ruby, Python and Node.js packaging on Debian, Redhat and variants.
Canonical URL: http://bit.ly/wtfpackages
You shouldn't be using distribution provided packages for your primary language runtime.
For you, it's your application platform, and you're the one who knows exactly which version best suits your needs. For others, it's the interpreter for another distribution-provided tool that they quite like using, such as chef or puppet. New (and stable) functionality that you wish to use happens to be saddled with changed APIs, fixed bugs and deprecated methods, all which might break those distribution-provided tools.
There is no happy middle-ground between your use case and theirs; every compromise is a poor one.
Community packages are scattered around the internet and are of varying levels of quality. One location, n versions, n languages, n distributions. Every package provided will follow the same rules (outlined below) and thus be somewhat predictable.
Community packages rarely have distribution-level support for pulling in updates. Integrate with apt & yum. Packages should be versioned/managed such that automatic system updates pull in security / bug fixes, but not entirely new versions.
Community packages often replace the distribution-provided interpreter. This causes problems with dependencies and system toolsets. Use RVM (or rbenv) and virtualenv to ensure that system Ruby & Python don't conflict with the community-provided packages.
Pre-packaging every Ruby, Python and node.js library (as distributions try to) isn't useful when you're already attaching those libraries to your application with language-specific methods.
Or, I'd rather use rubygems and bundler than dpkg to manage my application's dependencies.
Community packages age, or only work with specific distribution versions, or only work when a certain library (not listed in the dependencies) is installed. Each package's post-install script will confirm the basic behaviour of the package. Virtual machines will be used to automatically and continually install & test packages.
Use the successful homebrew + github model to manage community package contributions.
I'm not entirely sure why you include python in the list "to be fixed" .. Packaging a "normal" python library is about 60 seconds -> 5 mins work. No joke - I do it all the time.
Ruby libraries on the other hand are next to impossible to package without all sorts of hacks and patches. Anything that includes the lines:
or
is instantly impossible to package without patches.
(I've ignored node.js because I've never looked at it.. So anything I said there would be pure speculation)
Re this:
Wearing my developer hat, I agree. Development is easier with those tools. I even use them during development.
Wearing my sysadmin hat, I won't even consider installing something (other than a web site) on a production server that uses these tools. Never. Not happening. I'll find another tool.
I do get both sides of this argument. I've used both Python and Ruby, and I believe Python has actually gotten it right. While Ruby (More specifically, RubyGems) has gotten it completely wrong.
Finally - This is an US vs THEM argument. But it's not developers vs distributors. It's web developers vs "non web developers".
Web developers don't care, and don't need to care, about things like distribution. RubyGems and Bundler serve this market brilliantly.
Non-Web developers on the other hand do typically care about these things, their applications are going to be installed on more than just 1 server (or a bunch of identical servers). OS packaging is vitally important for this kind of application.