>The middleman may seem annoying to developers

which is a good thing ;)

as a Ruby app developer, it seems odd to me that I would find Ruby gems in the Fedora package manager. As a Ruby gem maintainer, I wouldn't want to burden distro maintainers every time I release a new version.

Do distro package managers even have features like version pinning? Seems like the repos are stuck with the major version that was out when the distro was released, and in a fast-moving world like web app development, you'd be hamstrung to old gem or npm versions.

I get where you're coming from, but I don't agree on the middleman with you here, @sir.

The point of the distro is not to safeguard the user from upstream misfeatures. That's not why the distros arose in the first place. A software entry barrier is a mere byproduct.

Certain distros will go beyond providing you with the base system, true. I think Debian is the one which stores patches for upstream code when the publisher avoids addressing his users' demands.

Arch and Alpine will only recommend pristine upstream software, even if that introduces hostile functionality. The rationale is that, once the program is popular enough, not having it is a strike against the distro. And they can't go the Debian way either, for that will violate the design principles.

Offhandedly, it is simply a false claim that packaging software for your distro is easy as an entrant contributor. Sure, if you lack social credit, you can go the AUR way, but that is unsupported content and therefore can't be in any way considered part of software distribution. At which point we're back at square one, if users want to get the software, they'll have to ask the upstream.

I’ve done quite a bit of packaging as a Debian developer, and inside Amazon (yes, the company uses OS packages), as a SuSE and HPE employee.

It is sad to see how uncooperative upstream developers can be, mostly due to myths around software lifecycle and the needs of end users.

Most software in the world is developed -> built -> distributed -> integrated -> deployed & mantained -> used by 4 to 6 different individuals/entities. Often different organizations.

Software distributed with shorter “chains” is the minority and the majority of software and hardware deployed in the world lives for many years.

Unfortunately there’s some disconnect between these lifecycles and the ones known by the most vocal crowd of developers on the Internet.

Compile-time and run-time dependencies should be unbundled from sources to allow maintainers and system engineers to update components independently.

Software should be modular where reasonable: allow disabling ancillary features and remove dependencies

Backward compatibility is important: hard dependencies on libraries released a week ago are painful; hard breaks on ABI/API/etc are more painful.
Gentler deprecation and upgrade paths are preferred.

One vital need operating system package repositories fill in my opinion is to keep the riff-raff, the unmantained toy projects written for educational purposes and forgotten about, out. And indexing them so apps can ask you to install the software they need, I wish more browsers did this!

I've read an anti-opensource article which in large part seemed more to be against these uncurated repos.

Why do people think computers have solved this problem? They're doing a poor job!