Be independent.

Watch out for the weak link.

An application typically depends on many libraries and packages to get its job done. Unfortunately, your software will only be as strong as the weakest link in the chain of dependencies that you inherit. And the more of these that you depend on, the more likely it will be that one of them will cause you trouble in the future.

So you should endeavor to reduce the number of libraries and packages that your code will need. Some of these may not be necessary; perhaps they were only used by a section of code that has since been removed. Others may do trivial things that should be implemented in your code.

Be aware that every package you bring in will be maintained at a different level of effort. It is not wise to include a package that is not properly maintained; it may become an attack vector for hackers or cause other problems. Each has to be tracked and checked for known vulnerabilities regularly.

Dependency chains in your code will increase the complexity and may force significant upgrades at inconvenient times. For example, it can be very frustrating when you want to use A, but it requires B, which requires C, which includes minor thing D, but then D is upgraded. As a result, the only way to keep using A is to a major upgrade of A, B, C, and D. And the more dependencies you have, the more of these chains will exist.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: