|
|
|
|
|
|
by thewebguyd
217 days ago
|
|
|
Agree. We took NIH too far. You don't need to pull in a library for every little function, that's how you open yourself up to supply chain risk. The left-pad fiasco, for example. Left-pad was 11 lines of code. Literally no reason to pull in an external dependency for that. Rust is doomed to repeat the same mistakes because it also has an incredibly minimal standard library, so now we get micro-crates for simple string utilities, or scopeguard which itself is under ~400 LoC, and a much simpler RAII can be made yourself for your own project if you don't need everything in scopeguard. The industry needs to stop being terrified of writing functionality that already exists elsewhere. |
|
|
I think that like everything else this is about balance. Dependencies appear to be zero cost whereas writing something small (even 400 lines of code) costs time and appears to have a larger cost than pulling in that dependency (and it's dependencies, and so on). That cost is there, it is just much better hidden and so people fall for it. If you knew the real cost you probably would not pull in that dependency.