Skip to navigation

malevolent design weblog

This blog is now defunct, but you can find more stuff over at my personal site

A House of Cards

Earlier this year I was contacted by someone who was concerned about their site’s maintenance bill. The developers were charging a few days per month to keep the site running (wrestling with bugs they created at the client’s expense?), another few days to maintain a couple of servers, and numerous days per year for major software upgrades. Combined with other charges, the cost of keeping everything ticking over was crippling.

To make matters worse, the site wasn’t particularly complicated yet was bug-ridden and reliant upon various fairly-obscure technologies layered upon each other. Perhaps it really did take the developers several days to get everything working when upgrading, and perhaps they had to vigilantly fight to keep the thing online, but it was a crazy, over-engineered way to build such a site and verging on defrauding the client. In the end I think they decided to stick with the devil they knew, even though the whole thing could’ve been rebuilt to be almost maintenance-free in a matter of weeks.

Whether you’re a site owner or a developer, it’s important to be wary of dependencies in your projects. Every time you rely on another framework, module, library, language, service or configuration option you’re increasing the maintenance burden and risking reliability, especially when there are layered dependencies. It won’t be much fun when your highly-customised installation of UnderappreciatedCMS 1.21b, built on top of NicheFramework 0.92 (requires ImportantModule 3.22 or higher with UndocumentedOption set to On) and ObscureDBLibrary 2.02, crashes hard when you upgrade CuttingEdgeLanguage from 1.7 to 1.71 to patch a critical security hole. Especially when you trace the problems back to ImportantModule and discover its creator has abandoned the project, lost the source code and joined an Amish community.

Stating the obvious? Maybe, but there’s a widespread attitude that you can and should piece together sites from disparate ready-made components, and often little thought is given to the future of each part or the overall complexity/fragility. I’ve encountered several small-/medium-sized projects where any sensible developer would have to charge thousands of pounds merely to set up a development server, let alone do any actual coding.


Would you say this is more a problem with using OS software? Or can developers with their own code fall into the same trap?

— Bev, 23rd Oct, 3:54pm

It's not directly related to open source projects, the same pitfalls apply to using commercial software.

A developer can certainly create similar issues with their own code by building something fragile and complex, but it's the 'quick fix' aspect of ready-made components that tends to lead to people sometimes overlooking longer term implications.

Matt Round, 24th Oct, 8:37am

Comments are now closed for this entry.