Most package managers have some form of a lockfile which freezes the exact version of a installed libraries. This makes building the environment again reproducible (with some big caveats around system libraries) so you won’t suddenly encounter a breaking change from an upstream library or dependence changing from yesterday to today. Lockfiles don’t fix the problem of breaking changes, but it allows you to choose when you have to deal with it (at upgrade time).
Links to this note
-
A large amount of the cost (time) of maintaining code is keeping up with breaking changes and incompatability. This is multiplied by the entire ecosystem of developers and libraries.