It's fun to see package management improvements move full circle—lessons from Ruby package management contributed to Rust, Rust is helping improve package management for Python, and now Python package management is inspiring improvements for Ruby!
On the one hand, it's nice to see Ruby and the Ruby tooling system getting some love.
On the other, I'm not sure if this is really needed. Most of this stuff already works fine in Ruby with Bundler. Did you know that Bundler already has a really nice syntax for inline requirements for single-file scripts?[0] Seems like a lot of people forgot. Installing Ruby hasn't generally been much of a hassle either AFAIK. Bundler also doesn't seem to have the Python venv problem - it works fine for keeping a bunch of gem versions around in the same Ruby install and only activating the specified ones. I think Gemfile and Gemfile.lock is what Python always wished they had. I guess more speed never hurt, but it never felt like bundler was painfully slow for me, even on huge codebases. So is there really a big win here?
Though I guess plenty of Python gurus probably feel the same way about the uv craze when their existing tooling works well enough for them.
I mean conceptually, venv and all that stuff, I can't wrap my head around this, why anyone would do it that way. Have a project.deb file with everything in it, done. Like everyone else does it. With Python I need to switch to that environment when I go to the directory and all of that.
This:
"Then, run the script in an isolated virtual environment"
I agree mostly, though I guess it is easier for newbies if they only have to learn one tool instead of three more focused ones (bundler/chruby/ruby-install in my case, but the latter two have mostly equivalent variants).
As someone who uses Nix and direnv to manage development environments, the additional speed will be nice for me. I don't need rv to supply a Ruby for me at all, but just a really fast Bundler would be nice.
My environment reasserts that the correct things are installed every time I change into the directory. A no-op Bundle install takes a couple hundred milliseconds, which is not great for something you want to run constantly and automatically. Getting that down to tens of milliseconds will be really nice for me!
It looks cool but I feel this kind of tool is only useful if Ruby is the only language you use. I have to manage several runtimes for most projects. I've used asdf for years and recently switched to mise: these tools already download pre compiled binaries for Ruby, plus pretty much any other language runtime.
It's likely that you get better per language features for something specific to the language though. We end up in exactly the same kind of frustration, that for some random project you need this specific tool that does dependency management of the specific runtime. asdf and mise both respect a .tool-versions file, I'd rather see things go more in that direction with some kind of standard.
A flake.nix file plus a direnv `.envrc` file with `use flake` has solved this for me.
When I cd into a project directory I get all of the tools that project needs, at the exact versions they were tested with. When I cd out of the directory, they go away. If the dependencies are well behaved (e.g. they don't do any self-modification, which is annoyingly common in the npm world) then it's often pretty easy to track all of your deps this way, imported from your npm package-lock.json or similar.
Ask your favorite LLM to write your flake.nix file for you, they're pretty good at it. I've been able to drop all of the bespoke language-specific tool versioning stuff `nvm`, `uv`, `rvm`, etc for all my personal projects, and it makes it easy to add deps from outside the language-specific package managers, like ffmpeg and lame.
If you still want to package your stuff natively for the language ecosystem, you still need all the usual metadata and you also want to specify version constraints for your dependencies and so on.
Typically I wire up something like uv or rv (or Poetry or Bundler, which are fine but slower) to shell activation using Devenv, then autogenerate the Nix package from the language-native dependency specification files.
mise is really nice in this respect in that it manages the tools and the environment, so you don't need direnv as well. It also has hooks for running arbitrary commands when you cd in (although you can do that with direnv because it basically just runs .envrc as a script).
nix manages the environment too, all direnv is doing in my setup is automatically entering and leaving environments based on my current working directory. Looks like mise does that automatically, which is neat.
mise looks nice, uses PATH manipulation rather than asdf's slow wrappers, and it supports Windows, which is a point over nix. nix only supports unixy environments like Linux, Mac, and WSL.
What might tempt a mise user to try nix are its just truly stupendous collection of packages, so more tools are available. You can also easily add your own packages, either upstream or privately. nix is bigger, more ambitious, more principled, but more complicated. You can build an entire fully-reproducible operating system from a short nix config. It's really cool! But also a lot more to learn, more surface area, more places to get confused or to spend time fiddling with configs rather than solving the actual problem.
mise uses `uv` as a backend for some python things (like python tools via `uvx`). If `rv` develops in the same direction as `uv` then it could be the default backend for `mise` ruby things.
I've been very happy with `mise` since switching from asdf, and also very happy with uv in general. I think they play nice together.
I agree with the sentiment as I also use asdf but feel at this stage this critique of the project feels more than a little unfair.
We really don’t have the features they’ve been discussing including the npx like feature and easily just run Ruby without installer headaches that it seems they’ve gone after solving.
Reframing, id like to ask that .tool-versions be supported as a place where we can define Ruby versions. Then both tools with a little tweaking could pretty much be used side by side.
I don't think I really criticized the project. I said it was cool, I had a look at it. I just put down that I think there are pros and cons to the single language approach and, for me, the cons outweigh the pros.
Wait, how do you get precompiled Rubies with mise? I still have to compile with default settings, and the docs only mention that it uses ruby-build behind the scenes: https://mise.jdx.dev/lang/ruby.html
I don't think you can. I also don't know why people care so much about it - I work full time with ruby and compiling a new version, which maybe takes 10 minutes, a couple times a year is no big deal.
I think it comes mostly from CI environments that start entirely clean before every run. 10 minutes every time a commit is pushed is not pleasant. That's not how I'd like CI to work, but sadly it seems to be the current state of things.
I've only used circleci and github actions for this, but in both cases precompiled rubies are available. On circleci you run your tests on a ruby docker image with the right version of ruby installed. On Github Actions I use https://github.com/ruby/setup-ruby, which installs an compiled ruby in a second or two, and also properly caches your gems. I think if someone's CI environment is building ruby from source they are doing it wrong.
One thing I love about Ruby is it never devolved into ?VM hell like Python did. Yes, there are a bunch of ruby version managers, but there's only one bundler no matter how you get get ruby installed. I like some ideas here, but I'm also afraid this could be step one toward that python nightmare.
It seems pretty different in that rv waited to take inspiration from a relatively clear winner in an entirely different ecosystem, after quite some time. I think it makes sense to be optimistic.
I'm sure rv is great, but am I the only one who needs one such tool not only for Ruby, but also Python, JavaScript, and Java, at least, and finds it weird to run 4+ of those?
We've been using mise since it was called rtx at $DAYJOB, and it's caused many a headache (mostly around upgrades/backcompat/etc.). We use it both on dev machines and in CI. In spite of that, it’s decent at what it does, and I wouldn’t soon replace it with individual version managers, given that we have similar needs.
However…more than once we've seen language runtimes that used to be available exclusively via plug-ins be migrated to be internal to mise, which broke everyone's setups in strange and hilarious ways, and caused countless hours of debugging.
Less bad overall than using individual runtime version managers for sure. But the next time mise costs us a bunch of hours fixing multiple engineers' setups, I intend to find another solution, even if that means writing my own. It’s burned us nearly one too many times.
Do you have any examples what tends to break? We used pyenv/rbenv/sdkman etc. individually, then moved to asdf and now arrived at mise. Not using yet for CI just developer stuff and so far didn't have issues. But this is quite recent for us, so didn't have to deal with upgrade issues yet.
We manage mise itself via homebrew. Sometimes when upgrading mise itself, it doesn’t seem to handle being upgraded gracefully, and loses track of installed runtimes even if we manually kick it in our upgrade scripts. Restarting the shell entirely seems to be the only way to fix it.
That, and with Ruby, Node, and at least one other language/tool IIRC, when support for those things moved internal, we had to make a bunch of changes to our scripts to handle that change with effectively no warning. That involved checking to see if the third-party plug-in was installed, uninstalling it if so, and then installing the language based on the built-in support. In the meantime, the error messages encountered were not super helpful in understanding what was going on.
I’m hopeful that these types of issues are behind us now that most of the things we care about are internal, but still, it’s been pretty annoying.
I think it's probably for the best to have a different tool for each language/platform. Not every language or platform matches feature for feature in that the options will already be different for each language, and you're likely to have such a "universal" tool come up short in support of one language or another.
I really appreciate cargo a lot for what it brings, even if it's calling different tools under the covers. Similarly, I appreciate deno in that it brings all the tooling and the runtime in a single executable (box). I've migrated most of my scripting to TypeScript using deno at this point because of that distributive ease. Even if the shebang itself is a bit sloppy.
Aside, would be cool to have a VS Code extension that would to file type detection based on a shebang at the top of the file. Making it easier to do extensionless script files with language support.
In theory it would be nice to have one tool for all languages but I think it's never going to be practical because programming languages can be different in arbitrary ways. I can't imagine how the same tool could ever be ergonomic for managing projects written in C++, Scheme, Haskell and Bash for example. Mise (and other tools for managing development environments like Flox and asdf – I prefer Flox myself) only implement a subset of the features of languages specific tools like cargo/uv/rv. For example cargo can do all of this out of the box (and you can also extend it with more subcommands):
* manage dependencies
* format and lint code
* publish package on crates.io
* open the project documentation
* install binaries
* build/run the project
* run tests
* run benchmarks
Uv/rv don't (yet?) do all of that but they also manage Ruby/Python versions (which is done separately by rustup in Rust).
What is the real problem being solved here? For all the issues that bundler still has, rv doesn't seem to address most of them. Bundler has been fast enough for a while now, how fast does this need to be? And do we now have to know rust to contribute?
If indirect is salty that the rubygems/bundler didn't turn out yet to be what he wanted, I wonder whether a simpler and faster alternative to bundler written in RUBY wouldn't be the answer, with incremental merges into bundler. Gel was mostly there, even if most never knew about it, but at least it got the bundler ppl to merge the pub grub resolver.
This looks like a really nice improvement to the Ruby ecosystem. Great job and thank you to those involved.
I've definitely felt the awkwardness of gems being so compartmentalized by project that using system level dev tools that I like to have available for all my projects feel out of place within my project's Bundler-centric world.
> We expect to be able to silently run equivalents of both rvm install and bundle install at the beginning of every bundle exec,
Do I understand right it doesn't use bundler code for resolving gem requirements dependency tree, but uses it's own code meant to be compatible? Hmmm.
And also producing the `Gemfile.lock`, which has had kind of a lot of churn in bundler, which bundler has had to work to keep from breaking for people even when it's assumed they're all using (different versions of) bundler.
I remember bitching to André at a conference that the Gemfile.lock format was a right hassle to deal with for literally any other tool, before I realised he was bundler maintainer at the time...
Static analysis through type hints brings plenty of benefits to a dynamic language, such as helping to eliminate bugs at runtime (albeit not perfectly) and making it easier to grok a codebase. It’s a trade off and Ruby is as dynamic as it gets. But there is a point to it
My beautiful experience with sorbet: Yeah, ducktyping? We don't do that here.
Depending on a library that uses ducktyping (like any sane library following the Ruby conventions)? Good luck writing a wrapper for it. Or just disable type checking.
This goes so much against the Ruby vibe that I advise you to just go and use Rust instead if you hate Ruby that much that you want to butcher it with types.
Sorbet has its flaws. I didn’t like it either. Having used TypeScript extensively, there is a way to do it right and a way to do it wrong. I’d classify TypeScript as the ideal way to introduce static types into a very dynamic language, given its extensive flexibility to handle dynamic features in a language (e.g. smart type inference, ‘is’ keyword, very flexible generics). Sorbet doesn’t have a lot of those features
Ruby has a strong history and tradition of TDD/unit testing. This is partially a crutch for its lack of static type analysis. Ultimately checking for bugs before running code is very useful
You use typed variables/typed function signatures when it's convenient, they give you some compile-time contracts, easy documentation and probably even speed. Otherwise they don't exist. I don't do Ruby, but Gradual Types/Type Inference is a no-brainer for dynamic languages, practically no drawback, only benefits. (And popular statically typed languages such as C/C++, Java, Rust support Type Inference, or are going there too.)
Cool. People who want gradual typing can use those and leave Ruby alone.
> I don't do Ruby
So why have an opinion?
Languages I use: Ruby, C++, Odin, R. I'm not about to to around telling Rust, Python or Typescript people they're doing their languages wrong, even if there's things I hate about those languages. I just don't use them.
Ruby already has this with Sorbet. Nobody is forcing you to use it, are they?
It seems you have a lot of opinion here without really discussing your problem with type hints though. What is it you dislike?
I use Ruby regularly, have used it for more than a decade, and I wish it had something like a TypeScript equivalent (Sorbet is sorta this but not enough). Every time I work with a Ruby codebase without Sorbet, it’s a lot of guessing and praying that test coverage is good enough. It’s not fun having to find out in prod there’s dumb bugs that would have been caught by static analysis. Something I experience virtually never in TypeScript, the other language I’ve also used for a decade
> It seems you have a lot of opinion here without really discussing your problem with type hints. What is it you dislike?
It's runtime overhead (or you make a transpiler which then makes the language less dynamic), makes metaprogramming more annoying (other languages solve this with an "any" type which just defeats the purpose), and the "problem" it solves can be solved with tests which you should be writing anyway.
I do use statically typed languages BTW, I just prefer that if I'm going to go through the rigmarole of types that I'm going to get some actual benefit, namely an order of magnitude more performance.
My opinion is probably this since I don't work for a large corporation, I have my own startup, so I value my time a lot. I'm ok with trade-offs, I just think adding type hints to a dynamic language isn't a good trade off; it's almost all downside.
Edit:
> guessing and praying that test coverage is good enough.
For me, at least with TypeScript the single biggest advantage is the hinting you get from 3rd party packages/modules. This goes for building modules as well, you can use jsdoc directly, but it's even more cumbersome than TS imo.
It's kind of annoying that static type introspection has become the norm for language servers because live environments are so much better. With Ruby you have the REPL and there have been IDEs and tools that allow runtime reflection which is just so much better (think Lisp or Smalltalk). LSPs are nice for static languages but compared to live environments they're a step down...
Even after over a decade with TypeScript, I'm still kind of mixed on it... there are a lot of times where trying to wrangle typing is more painful than it should need to be... I'll often just cast to any, then I have to add a comment to suppress the error message with the default config. I use deno a lot and tend not to mess with the default configuration there. Even with node/npm, I still don't do much with the tsconfig beyond what a minimal need is.
It's not as painful as earlier versions and is generally okay to work with... but there are definitely times you need to work around the typing as opposed to with it. For example extending/using context in hono/oak/koa so you get hinting, but want your endpoint handlers in separate modules. It gets very messy, very quickly.
Sorbet can actually make programs crash at runtime if a variable's type doesn't match its annotation, right? It's not as busted as some other gradual typing implementations.
I'm definitely in favour of gradual typing but runtime checking is already really easy to do if that's what you want. Just add a rightward assignment patten match to your method. e.g.
def somemethod(foo, bar)
foo => Integer
bar => MyBarClass
end
Personally I think the RBS-Inine format is the way forward. Sorbet has experimental support for it too.
Many smart engineers (including Guido) disagree with you, and have added static types to Python, Javascript, Dart, Elixir, Hack and surely some I'm forgetting.
not being dismissive of the effort or other tools and languages, not trying to convince anyone
After decades of Java (ant/maven), then Scala (sbt), then JS (npm), then TS, switching to Go (Make) some years ago made many problems go away.
The tooling (test, ...) inside the main tool (Rust still a little better I think), now tools/versions inside go.mod, the result of my work being a binary I can run with systemd, embedding files into the binary, all of that removed a lot of dep management issues, building issues, bundling issues, and the need for e.g. Docker for many use cases (which I feel many people only use to package .jar files or gems into something that can run in production).
Seems rv wants the same, "Our end goal is a completely new kind of management tool, [...] Not a version manager, or a dependency manager, but both of those things and more. I’m currently calling this category a “language manager”"
"Not a version manager, or a dependency manager, but both of those things and more. I’m currently calling this category a “language manager”, but if you have a better name idea, let me know!"
I go between different languages a lot so having a command line interface that is consistent with the one I use in Python (uv) would definitely be appreciated. I mostly use Ruby for single-file scripts with no dependencies, which means I don't do projects often enough to remember how to use bundle/gem/rvm/whatever. It seems to me like `rv` is not quite ready to fully replace them just yet but I'm excited to see where the project goes.
I'm also excited about `rv tool` because I've been having to re-install rubocop and ruby-lsp gems every time the minor version of the system Ruby is updated. It's just a few commands every year (and I'm sure it's a skill issue) but having things "just work" with a single `rvx rubocop` command will be sweet.
Has anyone ever actually had anything break from a Ruby version update? I know Matz basically never does breaking changes, last I remember is the 1.8.7 -> 1.9.2 update...
I've only ever just straight up downloaded the source and installed it myself, never had any issues with Ruby updates...
Depends what you mean by "break". There have been backwards-incompatible changes, but as you say, very few since the 1.8.7 to 1.9.X jump.
I can think of one meaningful breaking change going from 2.7 to 3.0, where the longtime behavior of creating an implicit "options hash" as the last argument to a method was finally removed. It was gradual though. First we got keyword arguments. Then keyword arguments got faster. Then there were two versions of warnings about the removal of the old, implicit options hash. Thus if you really wanted to kick the can down the road, you had about 5 years where you could be on a "supported" Ruby version without having fixed your code. Plus the change required was relatively simple outside of a few edge cases.
The best part was that most of the community was pretty good about upgrading gems across the years of warnings we had for this. Hats off to the maintainers and contributors for that!
On the one hand, the ruby development ecosystem is in a much better state than Python was before uv. Bundler is way better than anything Python had before uv.
On the other hand, a uv-like all-in-one for Ruby is really interesting/tempting.
You may find the fakeroot utility goes a long way to help. But never forget that binary packages are merely archives, or sometimes, archives-of-archives (as in Debian); we can unroll them anywhere.
This is cool! A frequent problem I've had with bundler is when the Gemfile lists a newer version of a gem (stringio) but the older version has already been activated. If you can get rid of such errors I would be so happy! Also I've had to frequently update bundler too often when updating a Rails site.
Yes, this is due to the effort to extract stdlib code into gems https://stdgems.org/
In your case, StringIO use to just be stdlib code so bundler (or rubygems) uses it. Later on it became a gem, so by requiring it before reading the Gemfile, bundler run into this problem of already having loaded the wrong version.
Everytime this happens the bundler team has to modify bundler, and as a user the fix is to upgrade bundler.
Rust is the new C. Go had a shot but went in an applications direction. I predict that very soon, perhaps even inside of three decades, Rust will become the dominant, first-choice systems programming language.
It's important to note that Microsoft's choice of Go for tsgo was because it would be easier to port the existing TypeScript codebase due to the structural similarity of TypeScript and Go. If writing from scratch, they likely would not have chosen Go.
Which is not to say that Go can't do well in tooling. Only that Go was not necessarily their first choice.
That is kinda my point though. None of those are kernels, device drivers, hypervisors, virtual machines, interrupt handlers, bootloaders, dynamic linkers; and writing such things in Go would be an uphill battle against the language's own design, much like the Go runtime itself. Being a GC'd language almost completely fences Go off from even being in the running for these, except for hobby projects trying to prove a point.
Universal applicability may not be necessary to write a Ruby installer, but it certainly is to have any hope of taking C's crown.
MS uses Go for tsc because they are basically doing a line by line rewrite of tsc from typescript to Go.
It's impossible to do this kind of rewrite from a GC language to a non GC one, especially Rust where the object soup of typescript will probably cause the borrow checker to explode.
I think that if MS or someone else decided to write a typescript type checker from scratch there is a high chance Rust will be chosen.
I think Go is going away. It occupies such a weird niche. People have said it's good for app backends, but you should really have exceptions (JS, Py, Java) for that sort of thing. For systems, just use Rust or worst case C++. For CLIs, it doesn't really matter. For things where portability matters like WASM, can't use Go. Bad syntax and type system on top of it.
What if Google spent all that time and money on something from the outside instead of inventing their own language? Like, Microsoft owns npm now.
I always thought of Go as a middle ground between C and Python. From C it gets simple syntax, from Python - "batteries included" part.
Deserializing JSON and XML is a breeze from my experience. And it's available out of the box. But I guess C++ will get there with reflection having been approved in C++26.
So I don't think it will go away (in the coming years at least), since a lot of tools is written in it.
It's not that bad to handle some JSON in C++ or Rust. It can get annoying if you're doing it everywhere, but that's usually that's the kind of use case where JS or Python works anyway. Yes I get that some people prefer Go, but it's not necessary enough to guarantee that it'll stick around.
Actually, I'd say this is where Go has a real advantage. Are any other mainstream languages both garbage-collected (for ease of development) and native-compiled (for ease of distribution)?
Yeah. Only ObjC and Swift, which nobody wants. But JS distribution is arguably easier than building for every platform. Google did that with Gemini CLI.
Also if you're ok being dirty, short-lived processes can just leak. Some of those Go CLIs are probably not even GCing before the program exits.
Maybe - but in this case, Ruby is written in C, it uses C extensions when performance matters, but tooling for the Ruby language itself is all in Ruby. Rust isn't replacing the use of C in the core of Ruby (yet) - it's stepping in to the area where Ruby would have been traditionally used.
Similar thing is in motion with the JS toolchains. Rewriting in Rust is easier than rewriting in C, but why didn't they previously rewrite in something like C++ or Go? I'm guessing because people were simply not interested.
He he. If this article isn't proof that people don't really want "do just one thing and do it well" (besides the million flags of ls and find), nothing is :-)
If I understand correctly, rvm/rbenv only install Ruby versions, and you use bundler to install dependencies. rv seems to manage everything (like uv in Python) – Ruby versions and dependencies, and adds things on top of that (like `rv tool` for global tools installation).
uv has been the greatest development in the python ecosystem in the last decade.
super excited about rv! PLEASE, enable sponsorship on github.com or elsewhere. I want to donate $$$!!!
As a long-time Rubyist and recent Python dabbler (due to pytorch) this is exciting! Uv and uvx certainly are great improvements in the Python ecosystem, but still have some quirks that I wonder how they will handle with rv:
- By default uv is creating isolated environments in the project directory and will download all dependencies over the network. For small stuff this isn't too bad, but re-downloading 700mb pytorch each time you clone a repo gets annoying very fast. Of course there are trade-offs with running updates less frequently (and uv has flags such as --offline and --refresh to avoid or force online access) but more sensible default behavior would be nice so that uv (and rv) keep you on the happy path during developing. Maybe updates could be run in the background by default.
- Also because the environments aren't shared in any way, each project directory consume a lot of disk space (10x checkouts = 10x pytorch on disk). More sensible caching across environments would be nice (links?).
- I am wondering if rv will support version operators such as rv install "~> 3.4.4" to get ruby ">= 3.4.4, < 3.5.0", which I think would help ensure everyone is running Ruby versions with security patches applied.
- uv includes the pip sub-command (similar to using gem install rather than bundle add) but because the environments are isolated this feels rather weird and I haven't really understood in which cases you should not just use "uv add" to update your project dependencies.
- Uv tries hard to support migration from legacy Python projects which don't have a pyproject.toml, but the Python eco-system is too fragmented for this to always work. I hope rv can avoid adding new config files, but really stick to the existing Gemfile approach.
- If a Python package includes a script with a different name than the package then the syntax is a bit annoying ('uvx --from package script' but not 'uvx script --from package' because this would get passed to the script). Uv already uses square brackets for optional project dependencies (e.g. 'uvx --from huggingface_hub[cli] hf') but since Ruby doesn't have these, maybe this would be an option for rv.
pytorch causes many headaches in the ecosystem, and a better handling of it is one thing their commercial offering, pyx, wants to fix: https://astral.sh/blog/introducing-pyx
On WSL indeed, I must mis-interpreting my issues with re-downloading to indicate that the files wouldn't be shared. I guess I must investigate that more, why I am seeing so many redownloads.
Is it really a name collision when they're effectively completely different namespaces? For example, no one thinks Rust's `cargo` might be the same thing as Ruby's obscure `cargo` library.
My lazy heuristic is to use nix-locate to search through the 100k packages in Nixpkgs, e.g.:
> nix-locate -r 'bin/uv'
Not perfect, but sort of useful for choosing names for executables for internal corporate projects, little wrapper scripts, etc. It's definitely still possible to find reasonable names!
But I've never done the analysis of such short names yet :D
