2.9 KiB
Dependency
Dependency is something your program depends on -- dependencies are bad! Unfortunately they are also unavoidable. We at least try to minimize dependencies as much as possible while keeping our program functioning as intended.
In software development context we usually talk about software dependencies, typically libraries and other software packages. However, there are many other types of dependencies we need to consider when striving for the best programs. Let us list just some of the possible types:
- software
- libraries
- compiler supporting specific language standard
- build system
- GUI capability
- operating system and its services such as presence of a window manager, desktop environment, presence of a file system etc.
- Internet connection
- hardware
- computing resources (sufficient RAM, CPU speed, ...)
- graphics card
- floating point unit and other coprocessors
- CPU features such as special instructions
- mouse, speakers and other I/O devices
- other:
- know-how/education: Your program may require specific knowledge, e.g. knowledge of advanced math to be able to meaningfully modify the program, or nonnegligiable amount of time spent studying your codebase.
- running cost: e.g. electricity, Internet connection cost
- culture: Your program may require the culture to allow what it is presenting or dealing with.
Good program will take into account all kinds of these dependencies and try to minimize them to offer freedom, stability and safety while keeping its functionality or reducing it only very little.
Why are dependencies so bad? Some of the reasons are:
- less secure (more attack surface, i.e. potential for vulnerabilities which may arise in the dependencies)
- more buggy (more fuck up surface)
- more expensive to maintain (requires someone's constant attention to just keep the dependencies up to date and keeping up with their changing API)
- less future proof and more fragile (your program dies as soon as one of its dependencies, or any dependency of these dependencies)
- less under your control (in practice it's extremely difficult to modify and maintain a library you use even if it's free, so you're typically doomed to just accept whatever it does)
- more dangerous legally (reusing work of other people requires dealing with several to many different licenses with possibly wild conditions and there's always a chance of someone starting to make trouble such as threatening to withdraw a license)
How to Avoid Them
TODO