All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

The Dependency Cutout Workflow Pattern: Managing Urgent Bug Fixes in Open Source Dependencies

By

ingve

6mo ago· 15 min readen
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

Kettled twice. Extra chewy, extra trustworthy.

Score100Typehow-toSentimentneutral

Summary

The article discusses a software development workflow pattern called "Dependency Cutout" for handling bugs in open source dependencies. It presents a scenario where an application (FooApp) depends on an open source library (LibBar) that has a bug causing production issues. Since upstream fixes can take too long (quarterly releases), the pattern involves creating a local copy of the dependency code, fixing the bug there, and maintaining it as a temporary solution while still contributing the fix upstream. The article emphasizes the importance of fixing bugs in dependencies rather than just working around them, and introduces this as a practical workflow pattern for developers facing urgent production issues with open source dependencies.

Key quotes

· 4 pulled
You're working on an application. Let's call it 'FooApp'. FooApp has a dependency on an open source library, let's call it 'LibBar'. You find a bug in LibBar that affects FooApp.
FooApp is your job; LibBar is (at best) your hobby. Blocking on the full upstream contribution cycle and waiting for the next quarterly release is not an option.
It's important to be able to fix bugs in your open source dependencies, and not just work around them.
The Dependency Cutout pattern involves creating a local copy of the dependency code, fixing the bug there, and maintaining it as a temporary solution while still contributing the fix upstream.
Snippet from the RSS feed
It’s important to be able to fix bugs in your open source dependencies, and not just work around them.

You might also wanna read

Zig Devlog: Build System Rework Separates Maker and Configurer Processes

This devlog entry from the Zig programming language project announces a major rework of the build system, separating the maker process from

ziglang.org·1d ago

magiblot/tvision: A modern cross-platform port of Turbo Vision 2.0 with Unicode support

A modern, cross-platform port of Turbo Vision 2.0, the classical framework for text-based user interfaces (TUI). Originally started as a per

github.com·1mo ago

Why a Software Maintainer is Rejecting External Pull Requests

The article is a personal reflection from a software maintainer explaining why they are rejecting pull requests (PRs) from external contribu

dpc.pw·1mo ago

GitHub Repository: Chip8 Emulator Project for Virtual Machine Emulation

The article appears to be a GitHub repository page for a Chip8 emulator project called 'navid-m/chip8emu'. The content shows GitHub's interf

github.com·1mo ago

10-year-old unit test with future cookie expiry date breaks Servo browser CI system

A developer shares a story about a unit test written 10 years ago for the Servo browser engine that included a cookie expiry date of April 1

mastodon.social·1mo ago

Servo Browser Engine Releases First crates.io Version as Embeddable Library

Servo, the web browser engine written in Rust, has released its first crates.io version (v0.1.0), making it available as a library for devel

servo.org·1mo ago