What they say and how they behave.
I really don't believe there are a relevant number of people who can consistently say one thing and vote a completely different thing for years on end.
Maybe I'm naive, though. I really do think nearly everyone in congress does want to make the world a better place, they're just lost/confused about how to go about that, often getting caught up in the game of staying in congress rather than using their time there for good.
Ahaha I always love the calls for political violence in the US, because we've experienced so little (relative to other parts of the world). Honestly it shows how well off we've been these last decades to have the luxury to call for someone else to kill a politician for us because we're upset.
You have no concept of the injustice that would arise if "the people" begin murdering politicians in the street again.
So many books cover the hideous nature of mob justice, so-called "revolutions", and their gruesome knock-on effects, there's really no excuse to be this undereducated about what you're saying.
I would love to have whatever problems Google has, and if FOMO is how Google got to be/remain Google, please yes give me lots and lots of FOMO...
My point is that maybe one of the most successful companies on the planet might not be a good example for illustrating "disastrous company strategies".
Definitely not. They started with a good idea for search, and then they acquired a really good approach to selling ads. Everything else is a sideline, and most of those sidelines have lost money.
Oh it's not usually "fair" per se, but it's not like some people would get more than others (if done well), it's more like you don't always control all of the factors that get used to determine your bonus.
Like a QA engineer probably isn't directly tied to overall revenue, but it is a topline number that can be applied to everyone generally, so it can get used (in a general sense, I'm sure there are lots of specifics and nuances here).
Exactly. The impulse to make legislative government nimble and powerful is a strange one. Should it not be considerate and slow? "Who governs least, governs best", etc.
Waste is not "therefore" a business opportunity, especially intellectual "waste".
Part of being a free person is the ability to choose how you spend your own time. Just because you consider other people's choices to be a "waste", doesn't mean a) the time is indeed "Wasted" or b) that the people making those choices want to change their decision and can't.
I will not hire someone who holds this view, straight up. It's the only technical belief (aside from crazy things like don't care about quality) I can think of that would instantly disqualify a candidate in my mind. Everything else feels negotiable and perspective-relevant, but not this.
It's such a massive waste of time to try and rewrite functionality that already exists elsewhere, and an inability to trust other people is a huge, bright red flag when it comes to working with others on the team.
Being very selective of which libraries you use? Sure, fair. We can talk about various lines and where to draw them, but categorically denying library use? That's unacceptable.
As someone who spends an inordinate amount of time actually vetting libraries I might use actually reading their source and getting a sense of their activity and response to feedback, and by seriously considering whether I’d be better off duplicating their efforts: I agree wholeheartedly.
For folks who don’t agree wholeheartedly, I’d highly recommend spending the time to read through libraries you’d instinctively reject. It’s incredibly eye opening. The stuff you’d reject anyway is almost always easy to spot. The stuff you’d make an exception for is almost always an educational experience about the complexities of what the particular library solves, and may give you insight into its domain or a very sound warning you don’t have or want to wander into its domain.
One of the problems you are facing is code quality, which you've eloquently solved by code review (LOL), but the other, more burning matter is, you are no longer in control of your own software.
-- hey now, I DID actually read all the code we brought in
I mean, sure, that's a possibility. I don't believe you, but that's besides the point.
The point, being, and here's a news flash for you corporate peps out there who love to "manage my team of peps using stuff I learned from someone I talked to at a bar"...
Nothing is free in this world, not even code. The shortcuts you are making aren't really shortcuts. Instead, they will become your doom.
How do you find work when you only use your own bootstrapped language on your own OS using your own FPGA board? And do you find difficulties getting your colleagues to use your own VCS? /s
In all seriousness I get your point, code supply chains are volatile beasts that can blow up, but it's the only realistic way to write code nowadays. You can reduce external libraries and tools as a tradeoff for time/cost or you can fork tools to host yourself, etc... These are all tradeoffs that shouldn't be seen in black and white!
>> it's the only realistic way to write code nowadays
That's repulsive.
You could hold that position, if you wanted to, because the world seems that way, doesn't it? But i don't believe even for a fraction of a second, that you are right to say so.
We're discussing React in this thread, are we not? What's the name of that fallacy where you put emphasis on a whole other topic, so that your point still stands?
I was actually talking about code in general but then I threw the wrong card at you, because you had me cornered and I panicked. Please accept my apologies.
But I'm still in the right and you're still in the wrong. Because what you are saying is "my disciples, go into the night and depend on whatever you may, because depending on things is the way, for I will be rich if you do."
Taken to an extreme, this must also mean you only use code you write yourself, since your coworkers will probably not be able to code up to your standards. You are eternally reinventing the wheel, and missing the opportunity to work on the actual feature/app in a timely way.
If this just means being selective about dependencies, I'm sure most of us here will agree.
No, what I mean is, you, good sir or madam, is intentionally straw manning what I said in order to make it OK, in your mind, to have people depend on black boxes ("nmp packages") because that would make your boss happier.
I know this is not exactly what you said, I'm taking it to an extreme to show that relying on third party libs is not that different from relying on code your coworkers write.
Rejecting useful libraries because you "are not in control" means you're constantly reinventing the wheel, which means you're wasting time.
My boss doesn't care whether I use third party libs or my own code, and I bet yours doesn't either. They care about results. You simply cannot deliver if you write every piece of your stack from scratch.
>you are no longer in control of your own software.
In a business setting you have no control over what will happen with your software in the long run, and somebody else will take over for you, so this is an INCREDIBLY weak justification for not using libraries.
One of the major appeals of libraries is that the very fact you can figure out how to use them means that somebody else can. That’s something you can’t say about your own code as easily. If you don’t reuse other peoples code, how can you know the first thing about writing code other people can reuse? Not using other peoples libraries is akin to being a chef that will only eat their own food.
>> you have no control over what will happen with your software
Can you please go directly to your boss's office and tell him that you are not even close to being in control of the objectives he told you at the convention, that you should have, if you want that bonus we've been talking about?
I’m not a software god. I am unable to impose my will upon any codebase I have ever touched for eternity. I admit somebody is eventually going to rewrite and refactor and extend my shit code which was written with the curse of knowledge, minimal review, minimal testing, and never having to handle more than a narrow set of use cases. Code which may have been easier to write and more efficient than the libraries available but that is going to be thrown out when somebody has to maintain my handwritten JavaScript framework replacement and goes “what the fuck”.
Somebody who only uses their own code has awful taste in code.
This is a delightful rebuttal and I applaud you for it. I hereby withdraw any claims I might have made with regards to the topic at hand because you have clearly the upper hand on what is right and what is simply nonsense. I wish your upcoming corporate day to be a blissful one.
No, that last sentence was way to illfull. Sorry for inventing a new word. It means "full of ill".
The author did not make his point well because he immediately contradicts himself.
> we don’t use libraries. The only libraries we use are where [...] I know the library will continue to be maintained.
I interpreted his point more charitably as "be very selective about introducing libraries". I've had the most success with framework-agnostic, foundational libraries (tables, date-time) and with best-in-class framework libraries (state management, calendars).
I'm not a junior, I also wasn't born yesterday. To all juniors out there, I would lovingly want to tell you this:
Don't ever work for jerks. Yes, sure, it might seem like it's a great way to further your career. But then, one blissful corporate day you find that you've been working for the dark side all along and you'll soon regret it. Don't ever work for assholes. Don't ever work for people who thinks depending on crapware is a good thing. These are not good people.
I would tell juniors not to work for people who refuse to use libraries in JavaScript. You just can't do that and be productive. You'd have to build a standard lib from scratch, including unit tests.
There are lots of bad JS libraries but there are also some good ones that are mature, well-tested, and supported. Refusing to use them is a waste of time and money.
In the context of security, it's also professional malpractice.
This thread is the biggest crock of shit. It's a blog post about React, he's obviously not saying "don't use literally any libraries whatsoever".
The vast majority of libs that sit on top of React are completely useless time wasters that cost you more in dev time in the long run than writing it yourself. Just React, CSS and the Chrome dev tools is more "power" than like 99% of dev environments that have ever existed. The fact so many garbage front enders think you need to pile 80 more dependencies on top of the bog standard stuff is a joke.
Avoiding libraries as a default and knowing when to make an exception is the most important part of being a front end dev these days. Reaching for libraries as a default solution to any problem (which is what 90% of FE devs do) is a great way to fuck up every project you're on.
There is a huge class of people that aren't capable (either they're too junior or lack the ability or motivation) of writing core functionality themselves, and are only able to stitch libraries together. Is the stuff they create painful to use? Generally yea. Does it create enormous technical debt for the rest of the team? Yep. But does it tick feature boxes that people pay money for? Also yea.
I think for those folks, "prefer writing your own 'ReactFlyout' module" is literally not a path forward. Like it or not, those folks make up a large portion of the work force.
There are software organizations that live by a "prefer renting and buying over building it" tenet, for the same reasons that outsourcing made sense to the MBA types. But when you all of a sudden need to render a button differently, or a service goes down, they refuse to take any responsibility for the mess.
Even if one had a good reason to use fewer libraries in a product, his reasoning that "most libraries are written by junior developers" is a ridiculous and somewhat insulting justification.
From my experience with React and Next.js, limiting the amount of dependencies can make things easier as far as updating React versions without being locked into an older major version because of a dependency.
I've been burned by a couple of libraries namely because they didn't handle hooks properly or were creating bugs that I couldn't understand.
The conclusion the author makes (only use libraries that are well maintained by a known team) is a pretty good heuristic for which libraries to choose.
default-deny of libraries is probably a good rule of thumb for writing maintainable react code. i'm not sure we'd reject hiring someone who doesn't understand why, but it's something senior folks should learn after maintaining enough oss code in the relevant oss ecosystems, and if someone hasn't, we'd catch+teach as part of standard SDLC.
tools like snyk.io overviews of most packages show why so many are landmines you're planting, not time savers. if you've never felt that pain... that's interesting. it's odd to not be hit by their issues when things like major upgrades happen (every year or two, right, else you're outside of LTS windows!), routine scans+penchecks, and other aspects of writing code that isn't going to destroy your customers safety + team's productivity.
Especially if they want to write a custom form library. Everyone thinks this is a good idea. It's never a good idea, there are so many different features and states forms can be in, and your homebrew thing is going to be a mess.
Weird. From my perspective most React development is comprised of finding the most expressive way to use Algebraic Effects where the language wasn’t designed for it
Don't worry there's a library for that. Probably. And it might or might not have performance issues and odd behavior but that's for the next developer to solve.
This just seems extreme to me, considering how you've likely never been in this scenario and will in all likelihood not ever be in a scenario where you wouldn't give the police this information but Google would (e.g. your own home being robbed or a masked stranger ringing your doorbell).
Sometimes I think people covet privacy for its own sake, and don't think about the practicalities. The whole point of living in a collective society is that we give up some freedoms for the sake of overall increased prosperity, that's always been the tradeoff, and this is just one of those tradeoffs.
We already have that tradeoff. It’s called a warrant. If the police get one, you are forced to give them access to your otherwise-private affects.
This is a step beyond that. Warrants are granted at the discretion of a judge, the bar is high, the scope is narrow and you (theoretically) have recourse if it’s abused. Here, the discretion is Google’s, the bar is nonexistent, the scope is unlimited and you have zero recourse if you think you’ve been wronged.
This wouldn’t be an issue if people trusted Google or the police. But they don’t, and it’s pretty easy to imagine ways in which this could be abused to harm people.
Let’s say you live in Texas and get abortion pills in the mail. If the police have a warrant to search your house for something unrelated, they (theoretically) can’t see the pills and decide to charge you with an unlawful abortion (unless they were “in plain view”, etc). But if Google gives police access to footage of your house extrajudicially, police can use anything they see as evidence against you. And make no mistake — things like that will happen as a result of this policy.
I think you're taking this way further than anyone actually involved would. IF what you're saying ever did even come close to occurring, we both know Google would shut it down quickly. Not just because it's horrible, but because it's also bad for business, and they've shown a propensity to protect data when it would be used as you hypothesize here.
Google is smart enough to know that "snitching" on its users is bad for business.
Think "track a burglar as he moves through a neighborhood" not "snoop (illegally) on the contents of people's mail".
"I think you're taking this way further than anyone actually involved would"
Just because you currently seem to have a "failure of imagination" does not mean that law enforcement, corrupt/facist/dystopian government officials or even unscrupulous employees within the tech sector itself will not absure their observational powers now or in the future.
Or maybe you just haven't been paying attention to the news for the last "n" decades.
> Think "track a burglar as he moves through a neighborhood" not "snoop (illegally) on the contents of people's mail".
It’s not illegal, though. Google is (presumably) fully legally in the clear to just hand over footage to police. That means that, if Google decides to hand over your footage to the police, anything on tape can be used as evidence against you. And Nest offers indoor security cameras, so your entire house could be fair game.
> Google is smart enough to know that "snitching" on its users is bad for business.
Is it bad for business? That’s not clear. Your whole argument is that this is fine so long as you think the likelihood of abuse is low. My guess is that it actually won’t hurt Google’s business at all, even as we start to discover police misusing this.
“It only happens to a handful of people! And anyway, they were [doing drugs/stealing/etc], so they deserved it. It’ll never happen to me!”
It's illegal to go through someone else's mail, and that was the hypothetical you proposed.
My argument is not that it's fine as long as the likelihood for abuse is low, my argument is that it's fine as long as there hasn't been any actual abuse. When something does happen, we can respond to it.
Until then, it's not reasonable to go through a bunch of worst-case scenarios.
My hypothetical is that if your mail is in the footage Google turns over to the police sans warrant, they can use it as evidence against you. That’s not “going through someone else’s mail”.
All I’ll say is that I’d prefer to stop the thing that will very clearly harm someone before that actually happens, not pretend we haven’t seen a million times before what happens when you give police more power.
And I'm grateful people like you aren't actually able to implement pre-crime divisions!
It sounds arrogant, to me, to be so sure you know what the outcome will be of a given situation, considering all of the necessary ingredients for that outcome have existed for some time and what you claim is "inevitable" has still not happened.
I think we’ve reached an impasse. I’d just like to point out that advocating that companies not give police access to our private lives except when forced to by a warrant is basically the exact opposite of “pre-crime”.
It fits the very definition of a pre-crime because you don't have a problem with how they're currently using that information (sparsely to catch criminals), only with how they might, in the future, use that information.
In the vein of principals, yes, privacy for its own sake is valuable to me.
In the vein of practicalities, both Google and the justice system (USA for me) are monstrously large bureaucracies known to make difficult-to-redress errors. Google's capricious account banning, police raiding incorrect addresses, eg. The decision to share with them more information than the law requires is one I'd prefer to make myself.
>bureaucracies known to make difficult-to-redress errors
Or just plain out refusing to fix errors where they would be relatively easy to fix; compare Scalia's "it's fine to fry a provably innocent person as long as the procedures are followed" argument.
And I think this view is irrational. Privacy for its own sake is effectively hoarding, and as you clearly show, hoarding can be caused by fear, which you have for Google and the justice system.
A numerate person would know how rare these things you're afraid of are, and not let those fears drive how they live. I (hopefully) follow that path, and I recommend you check it out!
I read what you wrote in the same way I suspect you would read someone who is afraid of space because meteors have killed people (as a rough example).
It just doesn't seem like the rates at which the things you're worried about are happening in a volume that would actually matter to a society.
What was the discussion I remember seeing long ago, about two kinds of surveillance-in-society?:
Kinda-good, 1, so and so can just go check the camera that points at the central plaza fountain that anyone can access, and sees that his spouse has arrived and is waiting for him as agreed.
or Bad, 2, cameras all over that everyone has no idea who controls, watches, and/or is recording
'prosperous society' ~= convenience, less human hours wasted on boring stuff. The convenience of a video doorbell and connected home sure seem worth it to me.
Agree to disagree. Systems that frustrate the accumulation and concentration of power seem to be integral to a functional society, nevermind a prosperous one, historically speaking.
“Convenience, less human hours wasted on boring stuff” is fine as an individual consumer mindset, but does not form sufficient criteria for evaluating complex social systems.
I'm not saying they are, just that consumers are giving up privacy for some sort of return. It's not required, as there are E2E HomeKit alternatives, but it's inaccurate that 'all you do is give up privacy'.
That attitude is the start of a slippery slope. If the end always justifies the means then none of your freedoms will be protected if someone else decides it's more convenient for you to not have them. This is the major problem with the big government authoritarianism that has infected the republican party.
Slippery slope arguments are a fallacy. If something bad happens, or is proposed, we can address it when the bad thing happens or is proposed. Nothing actually bad is happening or is proposed here.
As noted above, the trade-off our society has chosen to make is search warrants. Otherwise, it might as well be "for the police to peruse at their leisure". Is Google going to rigorously vet every "emergency" request for data the police make?
Maybe I'm naive, though. I really do think nearly everyone in congress does want to make the world a better place, they're just lost/confused about how to go about that, often getting caught up in the game of staying in congress rather than using their time there for good.