[lelanthran]

> And then 5 years down the line it has grown into a worse version of the popular alternatives, the original developers are gone and the ones who currently maintain the mess have to pay the price.

Isn't that true for using the popular alternative too? At some point the original devs have moved on from $FRAMEWORK v1 to $FRAMEWORK v2 and now you're going to have to do a migration project and hope it doesn't break.

> When you’re working on something others won’t have to maintain years down the line, thankfully your hands aren’t tied then and you can have a bit more fun.

I think the implication is, with the in-house library, that the in-house library would be a lot easier to replace or update than a deprecated external alternative.

IMO, it's all very contextual.

[sensanaty]

No one's forcing you to upgrade when the framework does. We still have a Vue 2.7 codebase chugging along just fine and won't upgrade it unless truly necessary.

[1dom]

> No one's forcing you to upgrade when the framework does.

Many large companies have entire departments dedicated to forcing you to keep your code up to date.

[Capricorn2481]

If you're working for that kind of company then you certainly aren't getting a choice whether to use JQuery or React.

[lelanthran]

> If you're working for that kind of company then you certainly aren't getting a choice whether to use JQuery or React.

Not necessarily. There is probably a tickbox for satisfying some regulation that says "Don't use versions that aren't getting security fixes anymore".

In which case, yes, you get the choice to choose between JQuery and $SOMETHING_ELSE but not the choice to remain on unsupported versions of anything.

[Capricorn2481]

> There is probably a tickbox for satisfying some regulation that says "Don't use versions that aren't getting security fixes anymore"

In theory, yes, that would be bad. But we're talking about JS frameworks here, not C++ libraries. Go look at the CVEs for React and you will find 2-3 in the past 10 years that were patched out in minor version upgrades.

There is a difference between updates due to security and updates due to wanting to use the newest shiny tool. JS is a slow moving language and browsers are excellent sandbox environments. This combo means browsers still support old versions of a lot of libraries and they are completely secure, save a few examples.

So if you're telling me a company is forcing everyone to upgrade to the latest Angular/React/Vue for security reasons, I would say they unfortunately don't know what they're talking about.