💭 We shouldn’t have needed lockfiles @ tonsky.me

Waylon Walker Author

August 6, 2025 1 min read

We shouldn’t have needed lockfiles

Lockfiles are an absolutely unnecessary concept that complicates things without a good reason. Dependency managers can and are working without it just the same.

tonsky.me · tonsky.me

I wholeheartedly agree that packaging is broken, semver is broken, expecting much better from a system of oss that is built on top of volunteers, passion projects, nights and weekends is a fools errand. With that I disagree that we we dont need lockfiles. Maybe its Nikki’s experience in java and my lack that puts us on this opposite spectrum, but without lockfiles the world changes underneath us as we release. One small change to your source can introduce a whole set of new features/bugs that you did not plan on without a good locking system. It can also cause you to need to do dependency resolution at application build time and not ahead of time.

Note

This post is a thought. It’s a short note that I make about someone else’s content online #thoughts

`j`	Scroll down
`k`	Scroll up
`g` `g`	Scroll to top
`Shift` `G`	Scroll to bottom
`d`	Half-page down
`u`	Half-page up

`j` / `↓`	Next post (in feeds)
`k` / `↑`	Previous post (in feeds)
`Enter` / `o`	Open highlighted post
`Shift` `O`	Open in new tab
`g` `h`	Go to home
`g` `s`	Focus search
`[`	Previous page
`]`	Next page
`s`	Toggle simple/rich feed view

`/`	Focus search input
`⌘CtrlK`	Focus search (alternative)
`y` `y`	Copy URL to clipboard
`?`	Show this help
`Esc`	Close / clear highlight

Connections

Share this post