Explains why running Continuous Integration daily is crucial to detect broken dependencies, even when no code changes occur.
Explains the 'Don't Mock What You Don't Own' testing principle, discussing why you should avoid mocking third-party dependencies and offering alternatives.
Critique of Semantic Versioning's practical limitations and why it can't guarantee API stability, using real-world examples like the cryptography package.
A critique of modern software's over-reliance on dependencies, sparked by a FOSDEM talk on open source sustainability and maintainer burnout.
Examines the risks and complexities of modern software dependencies, arguing that easy reuse has outpaced our understanding of best practices.
Argues for using your Linux distro's native package manager over language-specific tools like pip/npm for better system integration and deployment.
