On Sun, Jun 21, 2015 at 01:17:31PM -0400, Mark H Weaver wrote: > It's not good that hmmer bundles its own copy of easel. If we ever need > easel for another package, we should find a way to build hmmer against > the external easel library. Having multiple copies of the same library > on the system potentially means multiple copies in RAM, and more > importantly: multiple copies that need to be patched for fixes, > especially security fixes.
It is quite common in bioinformatics tools to include foreign code. One reason in favour of including the original setup that is it is THAT what the authors and others test and run. Bringing in our own dependencies is bound to open a can of worms - there often is a reason they bring in that packaged code. One reason is that they depend on an older version ;). For that reason I favor deploying what the original authors suggest. I am not too concerned about security fixes as long as the tools run in user space and do not expose network services. Most bioinformatics tools are in that category. Pj.
