Thoughts on the Resiliency of Web Projects
(aaronparecki.com)105 points by mooreds 3 days ago | 55 comments
105 points by mooreds 3 days ago | 55 comments
nox101 3 days ago | root | parent | next |
this!!! I have a site I personally use daily. it's using react 17 and is built with node 16. upgrading either breaks it and I don't have the time to fix the issues. It's got 3 components that break as well. And the CRA build script breaks if you update it as well.
I've spent several hours trying 3 different times to upgrade it but I run out of time and give up. So I limp along with tiny changes now and then. I don't know at what point it will become unmaintainable
I have a similar problem with an electron app. it's super frustrating.
I kind of wish the upstream devs got billed for all the extra work they cause. Then maybe they'll take the pain they create a little more seriously.
The latest is eslint which recently broke everything and now 15 or so projects I run will need several hours of maintenance each. work I'd like to put into new features but instead I have to waste on refactoring configuration
simonw 3 days ago | root | parent | next |
This is one of the reasons all of the little tools I've been building on https://tools.simonwillison.net/ are Vanilla JavaScript, no React or anything that needs a build tool and only using dependencies if they can't be skipped.
I'm a server-side developer by trade, but there's something REALLY neat about being able to build a useful interactive thing as static HTML+JavaScript and know that it will effectively never stop working and is entirely self-contained.
didgeoridoo 3 days ago | root | parent | next |
Hence the old African proverb: if you want to go fast, use a full-stack TypeScript framework with a highly opinionated build pipeline tied almost inextricably to a venture-backed PaaS. If you want to go far, use HTML and JavaScript.
anonzzzies 2 days ago | root | parent |
That first part is not fast either. The venture backed paas makes for a lot changes in the software (all those people need to do something right?) which you need to learn. Vanilla JS, CSS, ancient Lisp/PHP/Perl/C etc I am almost always faster with.
A tell-tale sign is that even fast moving LLMs have issues keeping up with frameworks; they already changed so when you npx bla@latest create my-coolness, the LLM already is going to do things 'wrong' or different than intended as it simply doesn't know everything change yet again for no reason anyone but the most hardcore devs care about. The rest of us just want to get our work done and have it compile 3 weeks from now still.
pdfernhout 3 days ago | root | parent | prev |
Thanks for all the neat tools!
I find Mithril simple enough to be low maintenance for Single Page Applications. We still use a version one of it on a project launched about ten years ago -- although I use version two for later things. And you can use it from plain JavaScript with no compile step. https://mithril.js.org
I also find Tachyons or similar Atomic CSS libraries to also simplify CSS issues in a more maintainable way -- also with no compile step. From 2017: https://css-tricks.com/growing-popularity-atomic-css/
heavyset_go 3 days ago | root | parent | prev | next |
I've been passing on clients' projects that use old versions of React/Node/etc.
Maybe someone enjoys fixing breaking changes in layers of dependencies, but it isn't me.
syx 3 days ago | root | parent | prev | next |
I’m having the same issue as you but for a React 16 Node 12 web app. Building it was great and good fun but after neglecting updating the dependencies it has become almost impossible to upgrade after 5 years. I really wish developer put more effort into developing web tech that would last more in time.
shepherdjerred 3 days ago | root | parent | prev | next |
> I kind of wish the upstream devs got billed for all the extra work they cause.
This is actually very easy to do!
Surely you’re already donating generous sums to these open source projects - you can simply let them know you’ll reduce your contribution until the problem is fixed.
This is a snarky reply and I’m sorry for that, but seriously why do you feel entitled to anything? Receiving any free software in the first place is more than sufficient.
nox101 3 days ago | root | parent | next |
This has nothing to do with entitlement. Nothing about my post had to do with open source. The same issues apply to proprietary API changes.
Further, I maintain 150 open source projects, 20+ of them active. I still take into account that making a change to an API effects every user downstream. You can spin this anyway you want. If you run an project (open or closed) and you make a change the costs 10s of thousands or million of hours of collective work downstream you just effectively burned down X amount of trees, put Y amount of carbon in the atmosphere, made Z number of people work late instead of being with friends and family, etc...
shepherdjerred 2 days ago | root | parent |
Your post mentioned five projects all of which are free and open source. You then mentioned that upstream devs should be billed.
How can your post be read as anything other than "open source devs should be billed"?
porridgeraisin 3 days ago | root | parent | prev |
This argument always bothered me. For me, the ethos of open source and free software is altruism.
The whole point is that the developers make the software to help users. There's nothing gained by developers thought-endingly stating that the users aren't entitled to anything.
On the other hand though, it's not like users are saints either (for example, vanishingly few donate to the developers of the software they use) so it's a bit of a race to the bottom overall and I understand such sentiment.
phendrenad2 3 days ago | root | parent | next |
Maybe I'm cynical, but after 30 years in the open-source community, I think the true ethos of open-source is self-interest, and the disregard open-source maintainers feel for their users reflects this.
shepherdjerred 2 days ago | root | parent | prev |
The point of free software is to allow users to have control over the software they use. There's no inherent connection to altruism, though that is part of why I open source the code that I can.
Plenty of individuals and companies release open source software that requires payment.
https://www.gnu.org/philosophy/free-sw.en.html
Anyway, I feel this is all tangential. My issue was mostly that the parent comment suggested that open source devs be billed for changing the software they create.
jasfi 3 days ago | root | parent | prev | next |
This is the sort of thing that LLMs should excel at. An AI coding assistant should theoretically help you move through these issues very quickly.
nox101 3 days ago | root | parent |
The LLM will just go in circles.
ME: Where do I start?
LLM: upgrade library X to v123
Me: Library Y complains it need v120
LLM: downgrade to V120
Me: I thought we were upgrading?
LLM: upgrade Library X to v123
Me: You're repeating
LLM: Sorry I couldn't help you I'm only an LLM
gr4vityWall 2 days ago | root | parent | prev | next |
I wonder what was the reasoning behind the last eslint update.
johnchristopher 3 days ago | root | parent | prev |
Can't linting just be disabled ?
burnished 3 days ago | root | parent |
I think that is one of the steps towards tacitly admitting the project is no longer maintained/maintainable
johnchristopher 2 days ago | root | parent |
My bad, I was tired and somehow thought of linting as "make that code pretty", not bug reporting.
rezmason 3 days ago | root | parent | prev | next |
One thousand times, this.
My first decade of software development was on the Flash platform. Don't get me started. When I began building what I considered "Flash-caliber" HTML+CSS+JS things in 2015, I knew to avoid everything that wasn't TIG-welded to Firefox, Webkit and Chromium. I'm reluctant even about using three.js and regl instead of rolling my own little bit of WebGL.
Docker, React and TypeScript pay my bills. But they will rip away from the world, along with everything built on top of them, as soon as discourse around WASM gels into a sexy low-sodium panacea with a meaningless two-syllable name. Web devs guzzled kool-aid before and they will again, and like hell will I toss any personal code in with it.
btbuildem 3 days ago | root | parent | prev | next |
I've spun up an old ubuntu laptop recently for.. reasons. I think the last time that machine was in use was in the late 2000s. Poking around on it, I was blown away how simple and resilient the infrastructure of some of my old projects was. Things just build, things just work -- after over a decade of being mothballed.
AznHisoka 3 days ago | root | parent |
Did the projects work in just the laptops? Or did they work elsewhere also? I think its fairly easy for existing old projects to work, as long as the hardware it lived in is easily replicated. Not so if you have to port it to modern hardware
mattgreenrocks 3 days ago | root | parent |
Probably C/C++/Java stuff. Backwards compatibility is pretty good there among all of those, and a type checker helps a lot when modernizing.
pmarreck 3 days ago | root | parent | prev | next |
Nix is a possible solution to stack rot (at least in the realm of "things breaking against each other", not "things that had critical bugs or security holes discovered later")
anothername12 3 days ago | root | parent | prev | next |
What do you mean by a flat stack? LAMP etc?
mg 3 days ago | root | parent |
Yes, Linux, Apache, MariaDB and PHP or Python are pretty good choices I would say.
For a large project (with years of manpower baked in) I would expect about a day of maintenance work per year. Assuming you have good test coverage.
mooreds 3 days ago | root | parent | prev | next |
Yeah, I've had this happen to me. I wrote a directory in cakephp and neglected to update it. Eventually the ROI to me of updating it wasn't worth the hassle.
The one exception is if you outsource the stack updating. For example, https://letterstoanewdeveloper.com/ runs on wordpress.com. In this case, I don't have to worry about stackrot, I just have to pay the bill. If/when the bill becomes too much, then I'll convert it to HTML and host it somewhere. (And yes, if I'd done it as HTML first, I wouldn't have to make the effort.)
mg 3 days ago | root | parent |
WordPress might indeed be a good choice for a CMS.
How well does self-hosted WordPress (without plugins) behave when updating? I would think that even major releases can be updated with a simple click and don't break anything?
bigiain 3 days ago | root | parent | next |
WordPress right now is very much a "Let's wait and see what happens in the Matt/WPEngine debacle before committing to any new projects" kind of choice.
There is a non zero chance that Matt/Automattic/wordpress.org will get crushed in the pending lawsuit. And even if they don't, pretty much only the lawyers are going to win there, and it's unclear just how much damage either side there are prepared toi suffer in an attempt to inflict more on the opposing side. I can't see WordPress as a brand or platform that'll have much reputation left unless Matt backs down, at least not at the corporate budget and due diligence levels of project.
Would you want to try convincing your boss or a client that it's sensible to use WordPress, when the competing proposals points out just how much control Matt has personally in the project, and that he's doing shit like this: https://www.theverge.com/2024/11/7/24290394/wordpress-coms-o... ?
One of the WordPress forks (minus the wordpress.org repo and ecosystem of plugins/themes) may end up being the WP legacy, or some alternative like Ghost could end up being a much better choice, for the 10+ year ongoing low-maintenance use case discussed in the article.
WprdPress had its time. In my opinion it's now dead, but not everybody has noticed yet/
WorldWideWebb 3 days ago | root | parent | prev | next |
With all the drama in the platform right now (caused by one of the creators), I would suggest that anyone that isn’t already deeply invested in it for whatever reason to not start now. Its future is a big question mark right now and I’m unable to recommend it as a stable solution to anyone anymore.
lemonberry 3 days ago | root | parent | prev | next |
WordPress offers automatic core and plugin updates now. This is rarely an issue with a site that has few plugins and customizations. That said, it's a really good idea to have regular offsite backups.
mooreds 3 days ago | root | parent | prev |
In my limited experience self-hosted wordpress is pretty good about upgrades. But if you pay for hosting (like I do), you won't have to worry about OS upgrades either.
wonger_ 3 days ago | root | parent | prev |
What's the stack behind gnod?
mg 3 days ago | root | parent |
Linux, Apache, MariaDB, PHP, Python, HTML, CSS, JavaScript.
Some pages still use JQuery, but I wouldn't use it in new projects. Browsers are a joy to work with these days, no more need for any libraries.
AndrewStephens 3 days ago | prev | next |
This is a problem for any project, and yet another reason to prefer static files for as much as your stack as possible and do not follow the latest tech-stack trends too closely. It is called the bleeding edge because it is covered in the blood of dead projects that cannot be maintained.
My advice is to use as few technologies in your stack as possible. Sure, your project might work best with a relational db and a dedicated document store but it might be less ongoing effort to emulate one with the other.
And freeze (or at least document) the versions of any dependencies for release. Your project runs fine with CoolTech.1.4 now but in 5 years when you come to rebuild you will find that the interface to CoolTech.6.44 is completely different.
And even then things might fail. 20+ years ago I made some Java applets that were well received and useful. Technically they still work (I think) but nobody runs Java in the browser so those projects have been unusable for years. We can be smug about our pure HTML5 static sites now but who knows what the browser landscape will be like in 2050.
anon7725 3 days ago | root | parent | next |
> We can be smug about our pure HTML5 static sites now but who knows what the browser landscape will be like in 2050.
Pure HTML probably has the best chance of surviving.
lmm 3 days ago | root | parent |
> Pure HTML probably has the best chance of surviving.
If you took that thought seriously you'd do HTML3 with nested tables and font tags, that stuff is going to last forever. But HN fashion says Javascript bad CSS good.
stackghost 3 days ago | root | parent |
>HN fashion says Javascript bad CSS good
I mean, JS is pretty objectively bad. It's a great example of the "worse is better" phenomenon.
eMPee584 3 days ago | root | parent | prev |
Regarding them java applets, it seems it's possible to make them run using webassembly or a "google web toolkit" (what the fabulous https://github.com/pfalstad/circuitjs1 simulator uses)..
quantadev 3 days ago | prev | next |
This happens to every developer once we get over like 20yrs experience doing side projects. Invariably the dependencies and technologies of any app become obsolete over time, and you either do a massive rewrite or else give it up.
I've always had one primary side project of my own that's consumed 95% of all my time over the years, and so I've rewritten it from scratch at least 5 times as technologies (libraries, databases, languages, etc) have evolved. Not many people are lucky enough to love one app so much you'll do this, so your other side projects just die off, because they're not worth a rewrite.
c0nfused 3 days ago | prev | next |
I generally agree with the thesis here.
Adjacent points: I also think that selecting mature projects for your dependencies matters significantly. My old couchdb or early node work is generally defunct. On the other hand, I have some dotnet projects that are still functional with zero updates from a decade or more ago.
Additionally, it's reasonable to keep a copy of your dependencies somewhere in case the vendor dies, the licensing changes, or something else catastrophic happens. Even if you just image dev's machines when they offboard. There have been a few times this has prevented permanent project death or rewrite emergencies for me.
bilater 3 days ago | prev | next |
I have more than 50 projects and find myself often bogged down by fixes and updates. This can creep up on you. Going back to older code bases (even ones you wrote) can be daunting and annoying. One customer email can ruin the whole day. AI has definitely made this easier but it's still challenging.
I've now started to be more ruthless in cutting older projects that aren't going anywhere (or are not 100% automated) and I also try and consolidate new project ideas as a features to existing products.
Still its hard and everything is a balance. Some of my projects in case anyone's interested: https://www.hackyexperiments.com
ww520 3 days ago | prev | next |
One of my production web-based projects managing critical transit data hit the 12 year mark. It was based on straight HTML/CSS, plain Javascript, Knockout.js (yeah, this was before ReactJS and friends), JQuery, Bootstrap CSS, and with a Play Java backend on Centos Linux against a Oracle 11 DB. It needed minimal maintenance and updates, only when the spec versions changed. It has reached its end of rope when it failed the new security audit in that the software versions being too old, i.e. Oracle, Linux and JDK being too old. The customer comes up with the funding to do a rewrite rather than spending the money in retrofitting the old code. You bet one of the main goals of the new tech stack is reducing 3rd party dependencies and choosing dependencies carefully.
pier25 3 days ago | prev | next |
That's one of the reasons I'm starting to move away from JS on the server and instead use dotnet. It's super mature and you can build something with close to zero deps. You can be certain it will still be there 10 years from now. The performance (7-10x better than JS) is the cherry on top.
Still haven't figured out which would be a good long term solution for frontend. For the moment I'll keep using Svelte which I really like but I have doubts about it's longevity.
leosanchez 11 hours ago | root | parent |
I use Vue on the frontend and dotnet at the backend.
rozenmd 3 days ago | prev | next |
I've been running a project for almost four years now, and have been vendoring/killing as many dependencies as I can.
Core functionality now relies on no libraries, and increasingly moving off Next.js towards more open frameworks like Remix.
At it's core it's React + JavaScript + SQL, aiming to run this thing for decades.
breadchris 3 days ago | prev | next |
this post is great, my mental flowchart is similar to this. Content like this reminds me of this post https://sive.rs/plaintext
treflop 3 days ago | prev | next |
Something that has worked for me, and I don’t know how to describe it any other way, is that some projects have “style.” Like I thought Docker, React, jQuery were actually cool when they came out. Elegant, pretty, fun to use and I could see the future for them.
But when I think about Backbone.js, Vagrant, AngularJS, or Dojo.js, I remember thinking how lame and ugly they were and hated how popular they had become. I thought “this is it? you got function but no form.” But in the end, those projects fell into disuse and I was happy again.
ajayvk 3 days ago | prev | next |
This is an issue I have had with web projects, especially for internal tools. Without constant maintenance, they reach a state where new changes cannot be done easily.
I am building https://github.com/claceio/clace to try and fix this for internal tools. Go, go templates, HTMX, SQLite and Starlark is the stack. A goal is that apps should be easily maintainable after six months and after six years.
pkossum 3 days ago | prev | next |
This comment section has been extremely valuable. Htmx for the win?
marcosdumay 3 days ago | root | parent |
Oh, anything that you can just include with a <script> tag and move on.
JQuery is also that way, Vue used to be usable that way...
tylerchurch 3 days ago | root | parent |
Vue still is usable that way!
It's my favorite way to slowly add some order to legacy apps that have been overcome by jQuery soup.
mg 3 days ago | next |
The one thing I learned from running https://www.gnod.com (20 years) and https://www.productchart.com (10 years):
Keep your stack flat.
Most projects of my web developer friends died after months or a few years. None survived for decades. And the reason was always stack rot.
Multiple parts of their stack became outdated and so hard to update that they quit.