Arduino's library manager has no dependency version pinning, so a library update by any author can silently break every project that depends on it and there's no lockfile to revert to

The Arduino Library Manager installs libraries globally and always updates to the latest version. There is no equivalent of package-lock.json, Cargo.lock, or requirements.txt. When a hobbyist's project uses Library A version 1.2 and Library B version 3.0, and Library A's author pushes version 1.3 with a breaking API change, every sketch that includes Library A breaks on the next compile — often with cryptic C++ template errors that give no indication that a library update was the cause. On ESP32 boards, this compounds with the board support package (BSP) version: ESP32 Arduino Core 3.x introduced breaking changes from 2.x, and libraries that work on one version fail on the other with hundreds of compilation errors. This matters because Arduino's entire value proposition is accessibility: you should be able to open a sketch, hit compile, and it works. When a project that compiled fine last week now throws 47 errors because an upstream library changed, the hobbyist has no idea what changed, no way to roll back (the old version was overwritten), and no diagnostic tool to identify which library update caused the breakage. The troubleshooting process — manually downgrading libraries one by one, searching forums for version compatibility matrices, trying random combinations — can consume an entire weekend for what should be a non-issue. For educators using Arduino in classrooms, this is devastating: a lesson plan that worked in September may not compile in October. The root cause is that Arduino IDE was designed in an era when libraries were simple, single-file affairs with stable APIs. The library manager was bolted on later without the dependency resolution infrastructure that every modern package manager considers table stakes. PlatformIO solves this with platformio.ini version pinning, but PlatformIO's learning curve and IDE requirements push it beyond what casual hobbyists want to deal with. Arduino's own IDE roadmap has not prioritized lockfiles or version pinning, and the library ecosystem has no mechanism for library authors to declare compatible version ranges of their dependencies.