Third-party libraries: What are they for? Are they reliable?
Updated: Oct 12, 2022
Developing a new application from scratch takes a lot of time and effort. For that reason developers prefer to resolve problems by using code that has been already developed and used for a particular purpose by a different person.
The dev community uses third-party components, like web servers, frameworks, or libraries to avoid ‘reinventing the wheel’ and writing common features from scratch.
Over time, the dev community has become over-dependent on, so to say, third-party libraries or open source libraries and uses them blindly trusting their authors.
Using third-party libraries brings along some advantages as well as disadvantages. Both of them should be considered when developing software.
However, the use of these libraries is a debated issue, at least in engineering circles. Especially senior developers see open source libraries skeptically and don’t like or even refuse to work with them.
Let’s take a look together at the pros and cons of using third-party libraries and what solutions there are for the dev community in order to deliver good results in the software development process.
Faster development process
The biggest advantage of using third-party libraries is that developers don’t have to write everything from scratch. The code from third-party libraries is already written and they can use it immediately.
Using third-party libraries comes with much lower costs. Some of them are even available free of charge until a certain level. Later, most probably, you will be paying a monthly fee for using the resources.
Faster launch and feedback
By accelerating the development process you can get your app faster to the market and achieve a product-market fit quicklier. When your product or MVP (Minimum Viable Product) is released faster to the market, you can quickly get the users’ feedback which will help you to build an even better app.
Many platforms that are available on the market are easy and fast to integrate. If a developer wants to implement a feature from scratch, it will take them at least several weeks. Using an open source library will take them only a few days.
Third-party libraries come with another advantage - maintenance. There is no need to maintain the code which makes the life of developers easier. The provider of the code has to do the job, not the one who is using the resource.
When you want to use third-party libraries, you are dependent on the provider. This can be risky for the stability of your software. It is recommended to write the core features of an application from scratch and use third-party solutions for non-essential features.
Another added problem with the dependency is that whenever there is a breaking update to the library, it’s the developer’s responsibility to test and make sure the necessary changes are made to ensure the continuity of the application’s service.
Using open source libraries comes with some limitations. When developers don’t want to use a default method, but would rather customize it, they would have to work hard to change it to their needs. When you want to develop a feature that is original or customized to your needs, finding the right third-party solution can be impossible.
Sometimes there are good libraries which work well for 99% of the use cases. But there is that 1% that is an edge case, and unfortunately, it is critical to the proper functioning of the system. These issues are very hard to debug as they are hidden away in parts of the library which are often hard to discover.
Last but not least, the use of third-party libraries can raise some security concerns because vulnerabilities in open source libraries are increasingly targets for hackers.
https://arstechnica.com/information-technology/2022/03/sabotage-code-added-to-popular-npm-package-wiped-files-in-russia-and-belarus/ This is a great example of one such case which might lead to a global meltdown of important systems. Imagine what will happen if such malicious code ends up in production. Fixing this will take at least several days or worse.
Find and use libraries from trustable sources. Try to verify the author and the library’s reputation and authenticity.
Libraries often come with dependencies of their own, so make sure to check those dependencies to avoid security issues introduced by external dependencies.
Understanding the pros and cons of this system is important, each library is unique and should be evaluated on its own.
Once you have a candidate library, ask yourself the following questions to see if it is suitable for your needs:
How popular is the library?
Is the author reliable?
Is the library written well?
Does the library meet your requirements?
Is it recommended?
What is the library going to be used for?
Another possible solution is to develop your own code.
This option is more time-consuming but sometimes it is the better, more secure and efficient option. It gives more flexibility and control over what each module of the application does.
Or if your competitors offer a functionality that is similar to yours, building a unique feature from scratch could be a great opportunity to differentiate your app from theirs.
. . .
Of course, not all libraries are bad. There is definitely room for out-of-the-box solutions because some are so robust and complex that it would take a lot of time, effort and money to build a suitable alternative.
So whenever you are faced with the decision, make sure you dedicate enough time to evaluate your options.
Libraries are actually a great time-saving tool. You just have to make sure you choose methodically and intelligently. By taking in consideration all advantages and disadvantages of using a third-party library as well as being careful, nothing can go wrong.
If you have any questions on how we use third-party libraries in the software development and building applications process – especially in MVP development – feel free to contact us.
Our team has many years of experience in building applications with the help of third-party solutions to achieve an optimal balance between cost, speed, and functionality.
If you have any additional thoughts on the subject, we would love to hear from you in the comments section.