One of the biggest questions in software design is deciding how to reuse code. There’s no question that it’s necessary; if we rewrote everything from scratch every time, then nothing would ever get built. In general, there are two approaches:
Package the reused code within your application’s executable. This is called static linking, because the reused code is stuck in place and can’t be used by anyone else.
Place the shared code in a location where anyone can access it. This is dynamic linking, because the reused code can be changed and updated independently of who uses it.
There are pros and cons to each approach. Static linking increases program size (in some cases, by quite a lot) but also increases program reliability. Dynamic linking reduces the size of each program, but opens up a new class of problems related to missing libraries and version issues. Windows programs tend to be statically linked and Linux programs tend to be dynamically linked.
This may not be a new idea, but I’ve thought of a possible compromise that would deliver the best of both worlds. Note that this is just an idea, and would require a good amount of work to even develop a proof-of-concept.
Here’s how I see a typical install working:
Along with the executables and other files that are unique to your application, the installer also provides a list of dependencies in the form of hash values. Which hashing algorithm is used is irrelevant, as long as it can reliably turn a binary file’s contents (say, a shared library) into a unique identifier.
For each dependency, the installer looks to see if it is installed on the system. Ideally it could do a direct lookup like
/usr/lib/<hash>, but again, the exact implementation isn’t a necessary detail.
If the dependency was found, great, use it! If not, then install it, either by fetching it from an online repository or extracting it from the install package. The idea is to reduce the size of the final installation on disk, not the installer.
There are two ideas here. First is that the installer will selectively install dependencies, something that is already done on most systems with a package manager. The second is that dependencies would be located by a hash value, not by name. This eliminates version issues and could also double as a check of the file’s integrity.