Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
One recommendation here...
Write in your coding guidelines that a dependency must be justified and needs approval by at least 3 persons.
Justified with concrete criteria:
- why is it needed?
- release cycle?
- number of transitive dependencies?
- long term plans (e.g. can the usage of the library be increased over time of does it just fix one problem at all)?
- alternatives - either for the dependency or to adding the dependency to the project (e.g. creating new library with this dependency and thus reducing greatly risks)
Then store it.
Whenever I made this proposal, people declared me politely to be insane. (too much effort etc.)
But it's the opposite - it's easy to add a dependency, it's insane to do it just you can - cause no dependency comes without a cost.
The 3 person rule stems from the general rule that no project should have less than 3 persons.
It's based upon the basic experience that only a set of 3 different people is enough to form a sound decision - different the keyword here.
1 person - pretty bananas (sorry, but bus factor, missing review etc is just a no no)
2 persons - just one dominant person and you only have a single decision maker
3 persons - when they have different personalities, if they make a decision with 3 voices pro, you can be sure that the decision wasn't just a formal "hush hush. Let's say yes cause it's easy"
Wonder why? No idea. It might be a psychological thing though - no knowledge here - I call it the middle child situation. Throw 3 persons with different opinions and tell them they need to form a united decision and it will be one hell of a meeting where 2 struggle and bash their heads together and the 3rd tries to balance things out. Not always, but usually like this.
That is the reason you don't let the code monkeys introduce new dependencies. They will happily add another lib just to use one trivial function of it.