Sign up to save your podcasts
Or
Share Third party dependencies
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Third party dependencies
Send me a text
Shoutout to Jason Zurita for his article https://jasonzurita.com/the-hidden-cost-of-dependencies/
- What are third party dependencies?
- Explain the distinction between:
- 1st party, for iOS devs, anything in the iOS SDK.
- 2nd party dependencies, stuff integration from service provider you rely on. (You could call this a subset of 3rd party dependencies you really can not do without.)
- 3rd party, stuff you integrate because it saves your time or it is convenient
- Explain the distinction between:
- Risks with 3rd party code
- Complexity (thank you Jason)
- Managing versions
- Try updating a dependency in a Node’js codebase.
- Build times, more code == more waiting
- 3rd party code problems are often now your problems
- OSS frameworks only have a guarantee until the door
- 3rd party code often intertwines deeply with your implementation if you are not very careful
- REALM or other data serialization libs are a great example
- Security
- You choose to adopt all this third party code including all its warts, problems, issues and hidden problems.
- Enterprises often require a 100 percent review of any third party code. There is a reason big corps at some point try and loose as many dependencies.
- You choose to adopt all this third party code including all its warts, problems, issues and hidden problems.
- Third party dependant developer syndrome (this is a fun one)
- Not invented here syndrome should also be avoided though
- Complexity (thank you Jason)
- How to find third party dependencies
- CocoaPods index.
- Swift Package Index, mention we sponsor them. Only mention this once briefly
- We also sponsor Tuist
- Github and Google search
- Licensing an the app store
- GPL is “difficult”
- An Apache or MIT type license is reasonable
- If you are unsure, read up a bit on licenses. https://opensource.org/licenses
- How to choose to adopt a dependency
- Just link it won’t do
- Review the dependency and project health on Github.
- What quality checks does the project have in place?
- How does the support by the dev(s) look to you?
- Would you pay for this feature set if it wasn’t available for free?
- If yes, WHY ARE YOU NOT SPONSORI
Join me in Amsterdam for Do iOS 2025, tickets and details available now.
Lead Software Developer
Learn best practices for being a great lead software developer.
PodMatch Automatically Matches Ideal Podcast Guests and Hosts For Interviews
Support the show
Do iOS: https://do-ios.com
Rate me on Apple Podcasts.
Send feedback on SpeakPipe
Or contact me:
- Mastodon: https://hachyderm.io/@appforce1
- X: https://x.com/appforce1
- BlueSky: https://bsky.app/profile/appforce1.net
- LinkedIN: https://www.linkedin.com/in/leenarts/
Support my podcast with a monthly subscription, it really helps.
My book: Being a Lead Software Developer
View all episodes
By Jeroen Leenarts
5
44 ratings
Send me a text
Shoutout to Jason Zurita for his article https://jasonzurita.com/the-hidden-cost-of-dependencies/
- What are third party dependencies?
- Explain the distinction between:
- 1st party, for iOS devs, anything in the iOS SDK.
- 2nd party dependencies, stuff integration from service provider you rely on. (You could call this a subset of 3rd party dependencies you really can not do without.)
- 3rd party, stuff you integrate because it saves your time or it is convenient
- Explain the distinction between:
- Risks with 3rd party code
- Complexity (thank you Jason)
- Managing versions
- Try updating a dependency in a Node’js codebase.
- Build times, more code == more waiting
- 3rd party code problems are often now your problems
- OSS frameworks only have a guarantee until the door
- 3rd party code often intertwines deeply with your implementation if you are not very careful
- REALM or other data serialization libs are a great example
- Security
- You choose to adopt all this third party code including all its warts, problems, issues and hidden problems.
- Enterprises often require a 100 percent review of any third party code. There is a reason big corps at some point try and loose as many dependencies.
- You choose to adopt all this third party code including all its warts, problems, issues and hidden problems.
- Third party dependant developer syndrome (this is a fun one)
- Not invented here syndrome should also be avoided though
- Complexity (thank you Jason)
- How to find third party dependencies
- CocoaPods index.
- Swift Package Index, mention we sponsor them. Only mention this once briefly
- We also sponsor Tuist
- Github and Google search
- Licensing an the app store
- GPL is “difficult”
- An Apache or MIT type license is reasonable
- If you are unsure, read up a bit on licenses. https://opensource.org/licenses
- How to choose to adopt a dependency
- Just link it won’t do
- Review the dependency and project health on Github.
- What quality checks does the project have in place?
- How does the support by the dev(s) look to you?
- Would you pay for this feature set if it wasn’t available for free?
- If yes, WHY ARE YOU NOT SPONSORI
Join me in Amsterdam for Do iOS 2025, tickets and details available now.
Lead Software Developer
Learn best practices for being a great lead software developer.
PodMatch Automatically Matches Ideal Podcast Guests and Hosts For Interviews
Support the show
Do iOS: https://do-ios.com
Rate me on Apple Podcasts.
Send feedback on SpeakPipe
Or contact me:
- Mastodon: https://hachyderm.io/@appforce1
- X: https://x.com/appforce1
- BlueSky: https://bsky.app/profile/appforce1.net
- LinkedIN: https://www.linkedin.com/in/leenarts/
Support my podcast with a monthly subscription, it really helps.
My book: Being a Lead Software Developer
More shows like AppForce1 Worklog
View all
Grammar Girl Quick and Dirty Tips for Better Writing
2,846 Listeners
Under the Radar
213 Listeners