Yes – even if it was made or supported by Google, Microsoft, or Facebook. I know I’m not the only one who encounters situations where you’re excited about working with a new tool, but it turns out it becomes an obstacle.
The main reasons for this are just from logical reasoning, and my experience exploring different libraries for small projects:
- This is my main concern with working with anything open source. To be quite frank, the majority of my encounters with security vulnerabilities have been with npm modules.
Library or Module Support
- It’s open source. Unless the maintainers are VERY passionate about keeping it up to date, continuous with 1-4 week periodic updates, good documentation, issue support, or they’re getting paid (mostly the latter), then chances are it’s going to be short-lived or you’ll mostly be on your own to fix any issues.
- Modules/Tools/Libraries may get the job done, but the way it has been implemented is something every programmer should be aware of. Otherwise, realistically, how do we know the implications using a module will have on the project (good or bad)? Whether it’s in regards to performance, security, or usability.
Honestly, I developed this realization mindset in my last semester at University. What is more interesting, is how my mindset developed since my decision to pursue software development as a career.
Fell in love at first ‘Hello World!’. Afterward, I wanted to quickly develop my skills to get a job locally here in Cayman (Quite frankly, there’s little to no entry-level positions here for software developers). So I began searching the web for java development jobs and used the required Java-related technologies and skills advertised to guide what I’d learn next.
I swore on my pride as a young programmer that Java was life and no other languages were better (oh how that changed right after Programming 2 – C++).
Having gained more experience and confidence in my work, I had a slight preference for programming tools. I loved the concept of having open-source frameworks and even ecosystems! Having the flexibility to accomplish anything, and keeping a low budget sounds wonderful to me. However, my over-thinking self couldn’t help but doubt how secure, performant, and easy (or difficult) to work with the tools would be.
At this time, I was more knowledgeable to look at the source code, README.md files, documentation, etc., to learn more about these tools. Yet, still, a bit overwhelmed by the amount of content to learn, sometimes I just couldn’t even bother! I just wanted to get the products built and functional, regardless of how it was done.
(January 2019 – Now) Working as a Full-Time Junior Software Developer – Walkers
Having to work full time, and messing with various small projects, I’ve had nothing but constant failure after failure trying to work with open source tools claiming to be ‘easy to use’, and to ‘take care of the mundane yet mandatory functionality’ within code. Some failures were due to lack of product support, poor documentation, or inability (or in some cases very difficult) to integrate with the current stack to satisfy requirements. Talk about stress! Even some of these tools were made or supported by the big tech companies like Facebook, Microsoft, and Google. Maybe it was me just not doing proper background checks in incorporating certain tools? Either way, my whole mindset of using tools has changed to what it is now.
I didn’t know much about programming concepts and different development ecosystems as I do now. It was not until I had some experience working with various technologies like Reactjs React-Native, ASP.NET, WebApi (.NET Core), Vuejs, NativeScript, etc. and working from small to medium/large projects with a team, that I realized how hyped up a lot of things are! What I can say, is that before incorporating any new tool/module/library, I usually test the tool in a sandbox environment or a small application to see its pros and cons before using in a big project (as should you also). Yes, this is going to require more work and diligence, but it’ll be worth it in the end. Personally, I’ve made a personal promise to ensure my clients get the best service or product from me, so making this extra effort is an obligation by default.
Want to add in a few additional thoughts to this? Then leave a comment below! I’d love to hear your thoughts on this!