Reading an article from a former colleague, Proliferation of Depencencies got me thinking about how we manage dependencies today. There are inherent risks to blindly taking on a dependency to solve a single point need.
The tendency toward adding a dependency rather than writing code seems to be accelerating, at least from my observations.
The recent snafu with npm is a good example of how dependencies can be a risk. When Azer Koçulu removed all his npm modules, thousands of applications were suddenly unable to build. A situation that never should have happened due to namespacing, curation, and thoughtful dependency taking, it was a wake-up call to the node community. Many projects were dependent on a single package ‘left-pad’ that was only a couple of lines of code.
Taking a dependency on someone else’s code that isn’t part of a core language framework, especially for 3-4 lines of code, is an unnecessary risk. Alternatives to consider are to write the code directly into your project, or fork the dependency you’re considering taking.
The broader consideration is around how to curate an ecosystem such as npm. Languages and code bases with a benevolent overlord such as the Linux kernel, Microsoft’s .NET CLR, or Google’s Go have the benefit of a tie-breaking entity to minimize dependency sprawl. OSS projects without a strong advisory and curation group have a higher risk of dependency sprawl.
While a Swiss Army knife solves problems, a Swiss army chainsaw can make a mess.
Years of working in IT, especially in the financial and medical industries, have made me more paranoid than most people about data privacy considerations. We’ve all seen the data breach headlines from companies like Target, Home Depot, Adobe and countless others. These are companies with dedicated security teams charged with taking important measures to secure customer data who have nevertheless failed in this effort.
While the threat of a data breach cannot be eliminated entirely, having a written policy and methodically following it will go a long way. In many jurisdictions, companies are legally obligated to have such policies in place, so why shouldn’t you?
Having a written policy keeps any decisions out of the hands of arbitrary choice.
Should you feel inclined to develop a data security policy of your own, feel free to use mine as a template. It is released under the MIT License.
Once upon a time, in an economy far far away, the measure of a company was its balance sheet alone.
While a company must be profitable in order to stay in business, focus today is shifting to a more broad collection of measures, many of which have nothing to do with the bottom line. Organizations focused on achieving long term success are adept at firmly establishing their core values, attracting and retaining talented individuals and teams who embody these values, and communicating with customers authentically and transparently.
“As individuals and companies, everything that we say and do is a symbol of who we are. And it is only when we communicate our beliefs authentically that we can attract others to our cause, and form the bonds that will empower us to achieve truly great things.”
In the more ephemeral software realm, it can be hard for a customer to differentiate between a software platform from Initech Corporation or a similar product from Hooli. There was a time when companies could remain competitive on simply the number of features offered and the price, but the relevance of those two factors alone is waning, especially as the sales price of millions of pieces of software and apps approaches zero.
In software, a bullet-proof strategy is to have an ecosystem built around an ethos. While there is more to it than the field of dreams mantra “If you build it, they will come,” with other things equal, a clearly communicated “why” will separate the passionate innovators from the rest.
Companies and organizations are a powerful force in the world, and are able to organize and operate based on the ecosystem around them. There are limitless opportunities out there for us humans, as stewards of this planet, to make it a better place. Sir Richard Branson sums this up well.
“…imagine all the good that can be done when all companies place emphasis on purpose. Many customers want to buy from businesses that share similar values to their own, so more and more consumers are aligning themselves to impactful companies that sell social or environmentally-conscious products and services.”
I encourage each of you to get out there and build successful organizations or work to effect positive change in the organizations you are a part of.
Twenty-four years might be considered a long time for a mentor-ship, but this one was unique, and started way back in 1981.
What I didn’t know at the time was that the principles and rules I had gleaned over those 24 years would continue to mature and gain new relevance during the years to follow.
Learning / Technology
I can trace my career path back to a single day, July 12, 1986 when my mentor presented me with a hunk of metal, silicone, and glass that would keep me busy for the next 30 years and counting. That Commodore 64 is still in my closet, and the last time I fired it up, it booted up just like it did all those years ago. He somehow knew that putting me in front of this strange new machine would alter the arc of my life and career in so many interesting ways. I’ve always had a stubbornly inquisitive mind, and this was the perfect way to channel it.
He taught me to be loyal, fiercely loyal, to family – which can mean your blood relatives or close friends who you consider family. Their safety is your responsibility, and it’s your job to do whatever it takes to protect them from any harm that might come their way. On multiple occasions, he would tell me, “Take care of your brother. Long after I’m gone, you two will have each other and I expect you to look out for each other.” As an infantryman in Vietnam for two tours and as a Policeman in my home town for 33 years, he was a walking example of making sacrifices of self to protect others.
Do the right thing, even when no one is watching
So many times I’ve kept myself out of trouble by remembering his words to behave “as if people are always watching what you do, and they have a camera to take pictures as evidence.” Simple as this is, this perspective has kept me on the right track many times.
Reach for the Summit, but…
When I was very young, he gave me a pewter Ram with a motto that he subtly encouraged me to follow. The meaning of “Reach for the Summit,” has changed for me over the years as I have learned it applies not only to “Charge the hill,” but also to “Charge the right hill,” and “Don’t charge the hill if it is a volcano.” Several years ago I was leading a hike on Mt. St. Helens in Washington with a couple of colleagues from Microsoft. As we neared the top, I took a hard look at the situation and realized that “Reach for the Summit,” also included re-assessing the situation during the ascent and altering the plan if necessary – even if this includes not actually reaching the summit. I had under-budgeted on water for the team, and we got a late start on the mountain due to unforeseen circumstances. When I saw that reaching the summit was indeed possible, but only at the expense of the safety of my team, I made the call to turn back. In the end, we all made it safely home, and that’s more important than reaching any summit.
Others may be more skilled, but don’t let them outwork you. Once you’ve set your mind to accomplishing a goal, you keep chipping away at it. Whether you’re slow or fast, as long as you’re moving toward your goal, you’re on the right track and every day you get closer to achieving what you set out to do. Getting discouraged is fine, but push past it. Oddly, he passes this along to me as a lesson he learned from the opposing force in the Vietnam War. While his side was under orders to fight the Viet-Cong, he respected the way they leveraged their persistence as a strength and were able to evade a more powerful army. “Know your enemy,” as Sun Tzu might say. There is much you can learn from them.
They say that time heals, but this is patently false. If someone truly made a mark on your life, there’s an indelible scar left when they’re gone and you’re never quite the same again. What time does do, is to help those scars feel less painful, and to make the voids feel less empty. Scars remind us of where we came from, and that makes them pretty important. Seldom a day has gone by in the past ten years when I haven’t thought of my Dad and how he somehow prepared me for challenges I would face, even years after he was gone.
In 2006, he checked 10-42* far too soon, but left me with a lifetime of advice that I’m constantly reminded of.
* (10-42 is a law enforcement term for end of watch)
I recently decided to set out on the somewhat mundane task of replacing my (nearly falling over) mailbox with a nicer brick one. It’s certainly not the epitome of an exciting project, but I came upon an interesting bit of insight along the way.
When I set out have something built my first instinct is to built it myself. I’ve come to learn that is a double-edged sword. Sure, I get to learn a new skill or technique and have the unique sense of pride found in having sweat equity in the end result. I love both of those aspects of DIY, which is why I tend to lean toward it. The flip side is that unless I’m going to build one of these things more than once, ever project I complete is the work of an amateur, regardless of how diligent I am in doing the best job possible.
Over the years, I’ve had to force myself to always evaluate the equation of build vs buy. This applies to projects around the house, and software at the office. There are many factors, but the main ones are these…
I’d say 95% of the time, my initial back-of-the-napkin estimates indicate that it is cheaper to build than buy. The full implication of DIY on TCO (Total Cost of Ownership) is something I sometimes willfully choose to ignore. Questions I have started asking myself to counter this are
- Do I already have the tools I need to accomplish the task? If not, and can I use them to accomplish other tasks?
- How much will the necessary tools cost?
- Will these tools be useful for other tasks?
- How much space will these tools take up in my garage
- Can I just rent the necessary tools instead of buying them?
- Would a person I hire be able to complete the task for cheaper than I can?
- Do I already possess the knowledge I need to accomplish the task?
- How long will it take to obtain this knowledge?
- Can I apply this knowledge in other parts of my life?
- Do I have time to complete the task myself? This includes any ramp up or tool and material procurement.
- Can I complete the task myself faster than hiring someone?
- How long will it take to find and hire someone to complete the task?
- If I hire someone, how long will it take them to finish the project?
- How quickly do I need the task completed? This has to balance my time vs finding and hiring someone else.
- Will I be able to hire someone that will deliver a result of sufficient quality?
- If I do it myself, will quality suffer?
- Will my perfectionist tendencies prevent me from ever completing the project?
- Am I willing to give up control of the project to someone else
- How important is having complete control – taking other factors into account such as cost, time & quality?
- Will I be able to hire someone to complete the task with autonomy?
Taking the time to do a quick evaluation of these four factors have helped choose a more effective route and achieve better results rather than just always falling back to DIY.
As much fun as it is to DIY everything that comes along, it’s not the right route for every project.
As far at the mailbox goes, I decided to hire someone instead of slinging hundreds of pounds of bricks and mortar myself. When he came out to do the estimate I could tell this guy was a craftsman, not a Jack-of-all-trades and I’m pleased with the result.
Whether you’re asked about the circumference of the Earth, the number of cups in a gallon, or the land speed velocity of an unladen Swallow – answering, “I don’t know,” is wrong 100% of the time.
While I would never advocate making up an answer in the hopes of your inquisitor not knowing the answer themselves, It’s never okay to say only “I don’t know,” and leave it at that. It is important to admit your knowledge gaps, but to not seek to fill them in is selling yourself short.
When you reach a mythical ‘Bridge of Death,’ which you must cross, the Keeper of the Bridge requires you to answer three questions. Telling this guy you don’t know the answer, is a really bad idea. After all he will cast you into the Gorge of Eternal Peril if you get it wrong or don’t know the answer.
Take your time, ask clarifying questions if need be, but if you really have no idea, the correct answer is “I’ll find out.”
Nearly every interview I’ve been on has included a question or two that I flat-out didn’t know the answer to. Each time, I made sure to remember or write down the question that had stumped me and to research the answer afterwards. With a little time and concerted effort, you can find the answer, and it’s a great opportunity to follow-up.
Ultimately, the answer to anything you don’t presently know is, “I don’t know … yet.”
This afternoon, I went out for my usual afternoon coffee at Rush Espresso in Latta Arcade. while I was walking, I was responding to a question about the specs for some servers in a test lab.
I was also formulating my order at the coffee shop and barely caught the error below just before I pressed send. This is also why I initially leave the TO: line blank and re-read almost every email I send before I press the send button.
“These machines are self-contained and we will only need access on ports 80 and 443, as well as a medium decaf latte, RDP access”
I should know better than to order a server with Java on it 🙂
As a student of both my Dad, and Sun Tzu, the following advice has proven useful to me over the years.
The English translation I prefer is:
“The best victory is when the opponent surrenders of its own accord before there are any actual hostilities… It is best to win without fighting.”
Being prepared for what is ahead, and framing your perceived position to be one of strength, can often yield a successful outcome without the need for a more involved, high-risk, confrontation.
One of the stories my Dad told me gives a great example of this…
Dad was behind a car at a traffic light and noticed the driver seemed very nervous and kept glancing in the rear view mirror. It was a long light, so he had time to run the plate to check for any abnormalities.
Sure enough, the driver had reason to be nervous, as he had just stolen a shiny new sports-car, and the marked police car behind him seemed to have figured this out.
For whatever reason, Dad ended up in a lot of car chases in the 33 years as a cop and started carrying a helmet to keep from getting banged up as much.
When the car came back stolen, he reached over, grabbed his helmet, put it on, and tightened the chin strap.
Expecting the guy was going to run as soon as the light turned green, he caught the driver looking back at his now-crash-helmeted self and gave a huge grin indicating he was ready for an epic car chase.
As soon as the light turned green, the driver went through the light and pulled over before Dad even turned on the lights and siren.
When Dad got to the window and asked him why he pulled over, the driver says…
“Sir, this car isn’t mine, and honestly I was gonna make a run for it… But when I saw you strap on a helmet, I knew you meant business.”
Posture and preparation can often provide a shortcut to the desired outcome without the struggle and risk of conflict.
Buffalo Mountain is a great short hike in Southern Virginia. I find it hard to believe that I had never been there until yesterday.
When I was a kid, my family spent a bit of time in Laurel Fork at a cabin my Grandfather built himself in the 1970’s. On the drive there, and from the top of the hill behind the cabin, you can see a tall rock face on the horizon. Just five miles away, and something I had seen hundreds of times, I didn’t know the name of this mountain until one of the locals asked if I had hiked it.
The tallest thing in several surrounding counties and I haven’t stood on top of it? This must be remedied in short order.
On a previous visit to Laurel Fork with my wife, we tried to locate a trailhead just by casually driving in the direction of the mountain. We got within a couple of miles, but there wasn’t a proper trailhead. We could get there just by following a topographical map, but crossing private property in Confederate Battle Flag country is not something I would recommend.
After more research than should have been necessary, I found the correct name (by mistake I was looking for “Bull Mountain”) and this post with plenty of great info.
If using GPS, you can plug in this address to get you most of the way there, then enter these coordinates to get you to the trailhead.
Entrance to for the road to the trailhead. Use this as your first waypoint.
890 Moles Road Southwest, Willis, VA
Parking at trailhead
There were a couple of routes to the top that I explored. The route I took up is the more travelled and better maintained route, so I’d recommend it for at least the route up. If you’re feeling a bit more adventurous on the way back down, just follow the ridge-line, don’t fall off a cliff, and you’ll find the parking lot again without much trouble. The route up is marked with red blazes and the route back is somewhat well marked with pink surveyor flags.
Note for hikers with dogs
If you have a fawn-colored pup that even remotely could be mistaken for a deer, make sure you bring an orange blaze vest of some sort for them to wear during hunting season. The season had just opened a week prior and I forgot to bring anything, so Lina got to wear this stylish grocery bag.
Unfortunately it was very foggy on this day and nothing to see further than 50 feet or so. Fortunately this is the perfect excuse to go back one day soon.
Check out my track here on GaiaGPS.