Put source code for dependencies within the project itself

Question

I have a project that depends on external libraries that can be installed through a package manager (pip in this case). But I do not expect my users to have knowledge of installing these dependencies or even have the package manager installed on their system. I will be using a different mode of distribution for this piece of software (maybe through a distro-specific package managers like rpm or apt).

So, would it be a very naive solution to include the relevant external files within the source tree of my project? Is this something that is frowned upon for including anything more than one or two source files? FWIW I want to include less than 10 external files.

Some web searching brought up solutions such as git subtree or git submodules. Even though I have never dealt with submodules/subtree these feel like an overkill for my small project. But then again, I would prefer the experience of an actual developer over that of a rookie (me :)

Any alternative solutions would also be helpful.

I do not intend to modify these external libraries and will be responsible enough to keep them updated from the original project with each release or major change within the project. Also you can assume there are no licensing issues (in my case).

Answer 1

Yes, this is called bundling. It has known weaknesses (for instance, you don't get security updates or bugfixes for the third-party library unless you re-import their sources, and it is probably more likely that your users understand package managers than that they understand compiling from source), but it can sometimes be the right thing to do. Whether or not this is the case depends on what the costs and benefits in your particular project context would be.