DEV Community

Mathieu Ferment
Mathieu Ferment

Posted on

Using a programming language is not (entirely) free

During the latest PHP storm, I was participating in the chaos on Twitter and mentioned something that I think is worth exploring.

So today I wanted to say that using a programming language is not entirely free.

Nowadays, plenty of amazing programming languages are available to build applications. You can pick your favorite! I can mention Python, Go, Ruby and my personal favorite PHP. There are dozens of others, naturally. Each of the languages I listed is free, which has two meanings

  • free as in freedom: these programming languages are developed under an open source license, making them freely usable and distributable
  • free as in no money: you can get these programming languages source and executables for zero dollar, no need to purchase them

Did you consider how amazing this is? Not only are these programming languages awesome, they are also available for free and even better: regular new releases are published providing new bug fixes and features, again for free! So... the cost of building an application on top of one of these programming language is zero dollar, right?

This is what I want to correct today.

Using a programming language is not entirely free.

Let us follow the journey of Matt. Matt is a developer and wants to launch a startup. He wants to build an amazing SaaS product on PHP. He starts today, so he builds his application on the latest stable version of PHP: PHP 8.0.
The SaaS product of Matt launches and he gets a few customers so his business can start growing, that is nice! And so far the cost of building this product on PHP is zero dollars (hosting provider fees excluded).

Now fast forward to October 2023. This is an important date because in November 2023, PHP 8.0 will be truly End-of-life. Truly, because it was End-of-life from the 26th of November 2022, but security patches were still being released until November 2023.

Matt’s business grew, and I'm really happy for him! He thinks it's a good time to upgrade from PHP 8.0 to PHP8.2 as 8.2 was released a few months ago. But... Now that Matt analyzes the changelog, it looks like between PHP 8.0 and PHP 8.2, some breaking changes have been introduced and the consequence is that Matt’s codebase, which is now quite large, does not run on PHP8.2.
Matt now needs to invest time (thus money) in exploring these changes in order to make his SaaS product run on PHP8.2 . Woops. The cost of building his product on PHP is not zero dollars, now.

But Matt’s business is still in the early years, each dollar is important. So he really doesn't want to spend money on this upgrade if he doesn't see a clear benefit. He doesn't need the new features of PHP8.2 and he sees no bug fixes in the changelog that apply to his use case. So... upgrading from PHP8.0 to PHP8.2 looks like a clear loss of money for Matt.

He tries to understand, but really, this seems weird. What's the point of upgrading to a new version if it costs money but brings nothing in return? That's a bad ROI, and in business, bad ROI means bad decision.

This situation happened to Matt because of the illusion that using a programming PHP was free.

What happens if Matt does not upgrade? If Matt stays on PHP8.0 past November 2023?

Well, consequences will start to line up slowly, one after the other.

First, if a security issue is reported in PHP8.0 after November 2023, it will not be patched by the official PHP team. For example, if a vulnerability is found in PHP8.0, 8.1 and 8.2, only the supported versions will be patched. So by staying on PHP8.0, an unsupported version, Matt puts himself in a dangerous situation as, if a security issue is reported, there will be no official patch he can apply. Of course, he could hire a PHP expert to build the patch, but the goal was to avoid spending money, not to spend a huge amount of it.

Second, by staying behind on PHP8.0 Matt simply loses opportunities. PHP9 will arrive after PHP8, and then PHP10. These versions will bring new features, performance improvements and bug fixes. By staying on PHP8.0 Matt puts himself in a situation where he cannot benefit from the latest improvements of the language. He’s missing opportunities.

Third, as years pass, 2024 then 2025, and Matt’s application continues to run on PHP8.0, it becomes harder for Matt to hire. Developers do prefer to use the latest versions of their favorite programming languages. Similarly new libraries and tools only work with PHP9 and higher so once again Matt missed opportunities as his PHP8.0 application is not compatible with them. It becomes harder to find developers proficient in PHP8.0 so Matt needs to pay them more. Talk about saving money, right?

Fourth, very bad news! Year is now 2026 and the hosting provider of Matt tells him PHP8.0 is too old and it won't be supported anymore as a standard package. Well, if Matt pays for an upgraded - and more expensive - plan he can continue using PHP8.0, but once again that is money not well invested.

We can resume this journey: by not upgrading his codebase to more recent versions, Matt slowly dug himself into a hole. And the longer he stays in this hole, the more money he’s spending, and the harder it will be to catch up as the upgrade becomes more difficult, day after day.

That is why using a programming language is not completely free.

You can build an application using a programming language for free, sure, but once you start running this thing and you need to keep it running, you need to regularly invest in staying up-to-date with the evolution of this language in order to stay on a version that is:

  • secure
  • receives regular bug fixes
  • relevant for the developer market as you will need to hire someday

That is true for actually any technology, not only programming languages. Operating systems, frameworks, libraries, CMS... Failure to regularly update will become a threat to your business, first as missed opportunities, and finally as a maintenance burden.

So software, like everything in life, needs maintenance.

I was often puzzled by the idea that software rots as code is intemporal and can run forever, until I understood that technology is a never-finished product and that by staying in place you put yourself behind the others. So, yes, software does need maintenance and versions upgrade is a major maintenance budget.

Discussion (0)