Use the fork, Luke!

Use the fork, Luke!Maxim VolginBlockedUnblockFollowFollowingFeb 6I might have a bias, but here’s what I have observed both online and offline.

And that’s a very peculiar attitude towards 3rd party dependencies.

There are opinions such as that one should refrain from using them unless they are from some well-known providers and stick to reinventing the wheel.

You might invent a better wheel, you never know.

What you do know though, is that that it will cost you time, and that the new wheel will need your support, possibly for years to come.

There are opinions that 3rd party dependencies compromise security.

This is definitely a valid concern, but here’s the rub: unless they compromise security intentionally, or you are a security expert, there is no telling whether your proprietary code is inherently more secure.

So basically the whole controversy boils down to only two factors: support and security.

Oh wait, here’s another one.

Namely, implicitly and perhaps unintentionally putting proprietary and open-source libraries into the same basket.

Let’s focus on that one and see how different the rules for both really are.

SecurityWith proprietary libraries, you basically have to trust the provider.

More often than not there is no easy way of verifying how secure they are and whether or not they are doing something funky intentionally.

With open-source libraries, it is your own responsibility to audit the product, but the code is available, all changes to it are easily traceable, and few libraries are as humongous as OpenCV, so it is rarely too hard of a task — no harder than auditing your own code.

SupportWith proprietary libraries, whenever you find a bug or need a new feature, your only option is to contact the provider and hope that they can make your concern their priority, most probably for a fee.

With open-source libraries though, this is not how it works!.Sure, you may file an issue and hope that someone will fix it.

But hey you are the mighty wheel inventor after all, so don’t shy away from pressing that Fork button, fix the issue yourself and submit a pull request to the original repository.

Most probably it will be approved and integrated within a reasonable time, and if not — well, you can just stick to your own fork.

Help yourself, and help others as you do.

That’s the whole concept, that’s the power of open-source software.

There’s more to it.

If you are using something of your own make in several projects, make a library out of it, publish it on GitHub and let others benefit from it, ridicule it, improve it.

You might get a better version for free, you never know.

Happy coding!A monument to the mighty fork, courtesy of my iPhone.

.. More details

Leave a Reply