
Don't write your own framework - brendt_gd
https://stitcher.io/blog/dont-write-your-own-framework
======
larsjanssen6
Great article!,

I've been thinking about this a lot lately, sometimes I get tired of all the
frameworks and tools that are available. I just want to build things. That's
is why I decided to make a side project with purely PHP and jquery (yes jquery
:). I am familiar with vue.js and react but lately, I notice that I am making
less progress with frameworks such as nuxt.js and next.js. At the end of the
day, you just want to get things done.

And there are quite a few examples of successful projects that don't use
frameworks. Like e.g. nomadlist by @levelsio. They develop new features so
quickly that I start to doubt frameworks more and more.

Don't get me wrong I think for many project frameworks are useful, but if you
want to get a lot done and you don't want to focus too much on the techniques,
I have doubts about your statement.

------
aforwardslash
I have mixed feelings about this. Big projects, while definitely having more
capacity (engineering efforts, documentation, etc) than your local team, also
have bugs. And sometimes serious ones. Plus, more often than not, those bugs
are exploited via automated tools. Having a good custom framework will often
be immune to these "low-hanging-fruit" scannings.

During my career, I've developed custom frameworks (way more than I wished for
- at least 4), and they all came out of specific necessities - stuff existing
frameworks either lack, or catered to the lowest common denominator that
wouldn't fit the desired approach. Most of them started on top of existing
frameworks, extending over time, upto a point where they basically replaced
most or all functionality from the base framework. They weren't perfect, they
had bugs, of course - but often worked quite better than the code they
replaced.

The one thing I learned while doing this is that it works well - you start
from a familiar, robust system, and focus your effort on what you need to
improve on your specific scope (eg. module initialization, event handling,
database extensions, templating, etc) over time and as needed and to cater
your needs, but using a holistic approach - design for big picture, implement
for a specific case that can be extended. However, there are some pitfalls
with this approach to take into account - integration with the base framework
should be well thought of, and clearly defined in a way to reduce coupling and
avoiding the situation where you have to maintain your own dogfood as well as
the integration with someone else's dogfood. This often isn't easy, and
requires a bit of planning, but it can be done.

------
ssmusoke
This is a very difficult approach in our industry as we face the challenge of
not invented here, I do not need all that complexity (which actually ends up
happening), this is just a quick project (are they ever) as many organizations
build their own tools

I personally spend lots of time looking for pre-built solutions, its almost
fanatical, after being burnt by my own home grow inventions (at the time)

------
n1vz3r
Such issues can appear everywhere. But if such bug will be found in widespread
framework or CMS, zero-days will be exploited immediately by automated
scanners (Drupal, Joomla and Wordpress had some in the history). So,
protection through obscurity is some kind of protection too.

------
qwertynik
Since more hands work on open source projects the chances for such
vulnerabilities are minimized, but not eliminated. Despite that, more secure
is better than less secure. There are some dangers to using OS as well though.
Once a vulnerability is found, it is only a matter of execution and our own
sites' security can be compromised. The idea should be to know our tools as
much as we can.

------
jaydadarkar
Thanks for sharing. But out of all frameworks out there for NodeJS, none could
meet my requirement. None are easy to adapt. Hence I did make a small
framework
[https://www.npmjs.com/package/@jaydadarkar/nitromvc](https://www.npmjs.com/package/@jaydadarkar/nitromvc)
inspired by Laravel.

------
projectaiir
its too late, i build my own PHP framework inspired by angular and built
another for API(Clean Architecture) inspired by dotnetCore Web API ->
[https://packagist.org/packages/spatial/spatial](https://packagist.org/packages/spatial/spatial)
the routing works like this
[https://packagist.org/packages/spatial/route](https://packagist.org/packages/spatial/route)
i am just waiting for PHP 8's Attribute to implement in the routing. i now use
angular with my Spatial Framework with Doctrine & Guzzle HTTP PSR

~~~
projectaiir
i (solo developer) currently have 10 apps/ apis as a single project and the
routing was killing me. so i decided to create a route template to easily
access the controllers. I personally encourage devs to write a framework just
for learning. i discovered the Refection Class because of that.

------
fevangelou
The same could have happened with any ready-made framework. You'd still have
to manually update 200 sites... :)

And even worse, a known vulnerability on a popular framework could have hit
you harder.

------
jeykeu
Does the same hold true form home-grown CMS?

