DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
  1. DZone
  2. Popular
  3. Open Source
  4. The Honey Trap of Copy/Pasting Open Source Code

The Honey Trap of Copy/Pasting Open Source Code

I couldn’t agree more with Bill Sourour’s article ‘Copy.Paste.Code?’ which says that copying and pasting code snippets from sources like Google and StackOverflow is fine as long as you understand how they work. But, extra measures need to be taken if that code is open source.

Rami Sass user avatar by
Rami Sass
·
Aug. 30, 16 · Opinion
Like (5)
Save
Tweet
Share
9.49K Views

Join the DZone community and get the full member experience.

Join For Free

Image title

I couldn’t agree more with Bill Sourour’s article ‘Copy.Paste.Code?’ which says that copying and pasting code snippets from sources like Google and StackOverflow is fine as long as you understand how they work. However, the same logic can’t be applied to open source code.

When I started open source coding at the tender age of fourteen, I was none the wiser to the pitfalls of copy/pasting open source code. I took it for granted that if a particular snippet performed my desired function, I could just insert it into my code, revelling in the fact that I'd just gotten one step closer to getting my software up and running. Yet, since then, through much trial and error, I’ve learned a thing or two about how to use open source code effectively.

Don’t Let Your Open Source Usage Fall Below the Radar

As CEO of WhiteSource, I often hear the same question that many of you are probably thinking: Copy and pasting code is great. It saves us time and makes us better developers in the process. Why should open source snippets be any different? Well, in one word, the answer is "visibility."

Image title

Now, return to my fourteen-year-old self borrowing open source code... once I copied and pasted the snippet, I found out that I was unable to track its usage as I hadn’t taken its source code and dependencies along for the ride. Therefore, I was left in the dark when a software bug or security vulnerability was discovered/fixed with a patch or new version.

And, even if the code in question was flawless (And, what in this world is?), I was unable to update it when the opportunity arose as I had no idea where it was located, or I simply forgot I was using it.

Avoid Freezing Your Code

One of the things I love about open source is that things never stand still. There are always new practices to learn, projects to contribute to, and new features & improvements to benefit from. However, once you copy and paste even a few lines of open source code, you’re basically freezing it. Unable to go back if you experience compatibility issues, unable to go forward if new patches or versions are released.

Image title

This is a lesson I learned the hard way and a mistake I’ve seen many programmers make since. Therefore, maybe you should think twice the next time you get the itch to copy and paste open source snippets.

So, if you can’t simply copy and paste open source code, how can you use open source components more wisely?

#1 — Fork It 

Many, including myself, hold ‘forking’ as the poster-child of effective open source practices.

So, what is forking, exactly?

Basically, forking allows you to clone the source code from a software program and develop an entirely new program from it.

Not only that, as you are copying the snippet’s source code, you maintain a link to its original library, meaning you can modify it in the future, whether that be rolling back updates or tracking and applying updates.

For those of you want to avoid the heavy lifting of compiling and building your own package, forking may not be the way to go. However, the next option might be for you.

#2 — Managing Changes With a Facade Pattern 

If you want to use a code snippet, but don’t want to download the entire source project and all the dependencies with it, using a Facade pattern is another route you could take.

By using a Facade, you’re able to wrap the component in your own interface, allowing you to replace the library with another if the need arises. By wrapping the component, you’re also able to monitor where the wrapper is used, and you can ‘hide’ any undesirable functions. However, if you want to keep your download super lightweight, only using a specific binary library may be the way to go.

#3 — Using the Binary Library

If you only want to download the library that performs your specific function rather than the whole source project, you might want to think about only using the desired binary library.

Think about it like you would if you were upgrading a car. The suspension is fine. The steering is fine. The acceleration is fine. The only thing you need to do is replace the engine. Who would you trust more to do it? The engineers from BMW, or yourself with a rough ‘how to’ guide picked up from the internet.

Getting the Most Out of Open Source

Like Bill and his upcoming Dev Mastery project, I’m also a big believer in helping developers to fine tune their skills and boost their careers. So, if you found this post useful, please share so others don’t fall into the trap of copy/pasting open source code.

Open source has been with us for over 30 years now, and it’s certainly here to stay. And simply by following a few best practices, we can all maximize the benefits it offers us.

Open source

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • How to Create a Dockerfile?
  • Continuous Development: Building the Thing Right, to Build the Right Thing
  • Apache Kafka Introduction, Installation, and Implementation Using .NET Core 6
  • TDD: From Katas to Production Code

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: