| HN Mirror

Y	Hacker News new \| ask \| show \| jobs


	by geegoo 2504 days ago
	There are pros and cons to this. One con is that the next developer might have to spend considerable time buying into your ecosystem to be productive. A pro is that it is easily maintainable by you since you built it; which is also a con since it's not generally feasible for a single developer to cover all the in's and out's of a web ecosystem. Lets say you pass away tomorrow, and a week from now a major security vulnerability is announced that affects your system. If you had used a mature framework (Such as Laravel) with a auto update system in place, the issue might be patched in 1-2 weeks. Whereas in this hypothetical the company has to hire a developer that now has to ramp up on your software, be familiar with the security vulnerability, know how to patch it, and have some guarantee that your system will behave as expected. This puts the burden on both the employer who might not know how to screen the applicants because it's not their domain, and the developer. Saying software is clean because it is untangled from a larger code base is misleading for most use cases, but especially so for web development. It is also not fair to treat front end and backend code in the same context as you can easily decouple both without (since you didn't mention if the backend itself is custom built by you or not, but it seems implied)

2 comments

Roritharr 2504 days ago

From my experience, going through a vanilla php app to fix a CVE is a much better experience than praying to the Framework Powers that be to have your patch ready and non-breaking when you need it.

temac 2504 days ago

The web has nothing magic.

People have been maintaining SW developed by 3rd parties for several decades. Something like 5 or 6, probably. With all the various amount of available documentation you can imagine, and that includes no documentation and really stupid code bases, or even no source code and you have to patch a binary.

So while I recognize it can be obviously cool to e.g. have virtually no code but simply use a well-designed and currently actively-maintained third party project, it is not always possible, and if it's not then implementing (or even just configuring) anything on top of fashionable software can also be done in crappy undocumented ways.

So the key is to actually have detailed and useful documentation, regardless of 3rd party stacks (or they very relative "absence", I mean probably don't develop your own web-server nor your own database nor your own programming language nor your own operating system nor your own web-browser...)