Code Smell 138 - Packages Dependency
There's an industry trend to avoid writing code as much as possible. But this is not for free
I’m a senior software engineer loving clean code, and declarative designs. S.O.L.I.D. and agile methodologies fan.
TL;DR: Write your code unless you need an existing complex solution
Problems
Architectural complexity
Solutions
Import and implement trivial solutions
Rely on external and mature dependencies
Context
Recently, There's a trend to rely on a hard to trace dependencies.
This introduces coupling into our designs and architectural solutions.
Sample Code
Wrong
$ npm install --save is-odd
// https://www.npmjs.com/package/is-odd
// This package has about 500k weekly downloads
// https://github.com/i-voted-for-trump/is-odd/blob/master/index.js
module.exports = function isOdd(value) {
const n = Math.abs(value);
return (n % 2) === 1;
};
Right
function isOdd(value) {
const n = Math.abs(value);
return (n % 2) === 1;
};
// Just solve it inline
Detection
[X] Automatic
We can check our external dependencies and stick to the minimum.
We can also depend on a certain concrete version to avoid hijacking.
Tags
- Security
Conclusion
Lazy programmers push reuse to absurd limits.
We need a good balance between code duplication and crazy reuse.
As always, there are rules of thumb but no rigid rules.
Relations
More Info
Credits
Photo by olieman.eth on Unsplash
Thanks to Ramiro Rela for this smell
Complexity kills. It sucks the life out of developers, it makes products difficult to plan, build and test, it introduces security challenges, and it causes end-user and administrator frustration.
Ray Ozzie
This article is part of the CodeSmell Series.
