|Don't ask to ask, just ask|
A Fit on NIHby footpad (Monsignor)
|on Jan 10, 2001 at 00:59 UTC||Need Help??|
NIH: Not invented here
As many of you saw, a rather spirited exchange appeared this morning in CB discussing, among other things, the merits of using CPAN modules versus rolling your own. Near the end of the discussion, one of the participants said something to the effect of "I don't trust code that I haven't written because I don't know what it's doing to my system."
I know many of you, like me, have heard similar remarks from many sources, including (generously) inexperienced members of our community, programmers, security admins, managers, clients, and so on.
Please *don't* fall into this trap.
You may be the hottest programmer ever to come down the pike, but it's pretty unlikely that you can:
In short, beware false hubris ("*exaggerated* pride or self-confidence").
P.S. In the case of CPAN, if you really want to know what the code is "doing to your system," then read the source. If you don't understand what's going on, then that's a signal that you may need to work on your understanding of the system, the language, and the tools involved.
P.P.S. If you're really confused about something going on in a CPAN module, post a node asking for clarification about the construct you're unclear on. Or email the author. Whichever fits.
Don't simply blow it off because you didn't write it. That's simply asking for trouble. Remember, you're supposed to break the rules...but only after you understand them and why they're there.