Continuous Obsolescence is the all too common anti-pattern which emerges as a result of not properly managing your use of 3rd party dependencies. The problem is simple: you depend on a 3rd party solution and they do too so on and so forth. If anything in that chain changes (or fails to change), it's your problem. Security is serious business and not taking your dependencies seriously will result in serious security issues.
There are two ways dependencies can be screwed up:
- Bad implementation
- Dependency Hell
Both can be fixed but require different approaches. Architectually speaking all 3rd party dependencies should be proxied in your code through an adaptor. If you have all of your dependencies sitting behind an adaptor you shouldn't have a problem, right?
There are two ways to find yourself in Dependency Hell:
- There are no alternatives!
- Your "dependency" is an entire component library and making a bazillion adaptors isn't practical.
Awesome Dependencies is all about establishing a set of criteria for what makes a great dependency and cataloging dependencies that follow that criteria.
- Have a simple API which can be proxied/adapted
- Have zero to few transient dependencies
- Active support
TBD
TBD