Podcast
Get Unstuck
Laravel is free, and all of its dependencies are free as well. In fact, we sometimes might react negatively if a package we want to install isn't free and requires paid access. We're so used to the amazing package ecosystem Composer enables.
But recently I was thinking: What if every time we ran composer require some/awesome-package we had to pay a license fee for it? I think we'd approach dependencies much differently. For purposes of this thought experiment, let's limit this to top-level dependencies, things we choose to install in our project, and not dependencies of packages we install.
The fact is, each package we install does come with a cost, even if it's not financial. That new package is now something we have to keep up to date, something that might have a bug or security hole, something that might hold us back when we want to update our version of PHP or Laravel. Also, don't forget that CI pipeline minutes and server bandwidth aren't free either.
Of course, packages also can bring huge benefits: faster development, not to mention they can actually contain more secure and reliable code since it's potentially reviewed and fixed by many more people than our own internal team.
I don't have any concrete recommendations here, other than to try to be selective when installing packages. Would I still install this package if it cost $50? And as a final thought: if the answer is "yes", then it's also worth considering sponsoring the package maintainer on GitHub sponsors.
Here to help,
Joel
P.S. We all get stuck sometimes! Need a quick pairing session with a Laravel expert to get unstuck?