Reply to post: write your own

How to use Google's new dependency mapping tool to find security flaws buried in your projects

captain veg Silver badge

write your own

I just don't get why people import third party libraries to do trivial stuff like string manipulation. A relational database, sure. Some kind of cool UI widget, maybe. But at the very least you should ask yourself "could I write that?".

If the answer is no then maybe you should find another career.

If the answer is "of course, but I don't have time" then the supplementary questions are (a) how long will it take to learn and master the library, (b) have you got time to read and validate the library's source code, and (c) how much additional effort will it take to get that third party thing to do exactly what I need it to do rather than what the author presumed I would need.

The "it's been tested lots and ought to work perfectly" proposition is attractive, but flies contrary to experience.

-A.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022