Using a framework can make you stupid!

Published on 2021-11-13.

During the last couple of weeks I have had the opportunity to work with a web application that required a new user management system. As most people know I am very much against using frameworks - and for good reasons. Let's talk a little about that.

During the cause of the week I got a chance to talk to a lot of different developers about the implementation of a secure login system, but to my surprise I discovered that nobody understood how these things work and even basic session and cookie management was far beyond what the average developer had any knowledge about.

Everyone had gotten so used to simply running their favorite framework that nobody understand anything about these matters any longer.

To my surprise even the basic functionality of sessions and cookies was more or less completely misunderstood. Everyone started throwing baseless statements about how this or that works, yet nobody got any of it right.

And it turns out that this is a serious problem in the industry in general.

Software developers are getting more and more ignorant because they are too lazy to do any kind of real programming. You simply press a shiny button and everything is up and running, yet you don't know anything beyond pressing that shiny button.

As developers we cannot all be mathematical geniuses and role our own custom made encryption library and we shouldn't, encryption and security are important subjects that require the collaborate work of many skillful people, however we have a very dangerous situation if the knowledge of developers have sunken to such lows that even basic security isn't understood and everyone simply relies on the framework or library to do all the work.

I decided to contact a couple of people I know in the academics and they affirmed my fears. They no longer teach these important things, instead they teach things such as frameworks and "shiny buttons".

In web development in PHP, in NodeJS, in Ruby, in Python, most people have completely stopped making real code and are all simply using frameworks.

The only major exception is in Go where most people actually understand the code they write and there is a very strong opinion against using frameworks (thank God!) and people generally take pride in understanding the code they make.

The general situation however is catastrophic and some of the predictions I made more than 15 years ago about the usage of frameworks has unfortunately come true.

If these bad habits don't stop and if developers don't begin taking responsibility for the code they produce, the future of software development looks really grim indeed. Some time in the future, if things stop working, or if major security issues are discovered, very few people will be able to solve any of the problems, and while the few who can do, everyone else is just "standing by" on the sideline not knowing or understanding anything of what is going on.

If you're a young developer reading this, please consider this with great care and seriousness. You need to try to master your field! You need to understand what you're doing. You need to develop the habit of taking pride in understanding, not just doing! If you deploy some framework or library, make sure you know exactly how it is working and why. If you don't then you will be responsible for your client or employer when "the shit hits the fan" and everything breaks down.