@wolf480pl @novenary @icedquinn language-specific package managers cannot ever work right, which is why I avoid them like the plague.

Not to mention that pip cannot even resolve dependencies correctly and if you have any care about security, you shouldn't be using it (setup.py means arbitrary code being executed, even if you simply want to download without installing; pypi contains a whole bunch of binaries, good luck reviewing that).

The simple reason for this is because they have 0 integration with the rest of the system, for example if a library bumps ABI without breaking API, the overlay package manager has no information about it and cannot do things like automatically rebuilding. (Something you get on Gentoo for example)