Permanent Tourist

A personal website by Mark Howells-Mead

Web developers: don’t depend on dependencies

The world of web development seems to be relying ever more on an interconnected network of code and resources and dependencies. Whether it’s a CSS framework or a CDN-hosted version of jQuery, millions of websites are ready to topple if any one of these third-party solutions suddenly becomes unavailable.

An article in The Register today details what happened when a very simple piece of JavaScript code, published as an NPM dependency, was removed. Thousands of projects failed because a required function was no longer available; a situation which was made even worse because so many web projects these days are built entirely on JavaScript instead of a more semantic and stable basis. (Building a site or app in JavaScript leads to catastrophic failure – often a blank screen or slew of error messages – in the event of an uncaught coding error.)

The lesson that web developers must learn is that introducing many points of failure – in particular, through the connection of third-party dependencies – will inevitably lead to failure. The simple solution in this case is for the developer to take this very simple function – shown here on Github – and integrate it directly to the project’s own script files.