Nimble Industries
A few months back, we coined an idea we call “dependency drift” — a metric for tracking the recency of your software dependency packages. Now we’re releasing the algorithm we use to calculate this drift, which we’re calling a Drift Score. The dependency drift concept is a way for us to track how far out of date our projects are: Are we keeping up with patch releases...
Is your software up to date? Have you been applying those gem security patches? Are you keeping up to date with python version upgrades? Have you ever been surprised at just how far behind one of your packages is? We need a metric to measure and track the age of source code dependencies. The software industry has settled on great practices like static code analysis, as well as automated...
GitHub acquired Dependabot and made it free so we tried it out. The results were better than expected. We have long been advocates for consistent software maintenance. It might seem obvious, but software simply must be maintained and kept up to date with its dependencies or it risks atrophying until it becomes an unmaintainable pile of trash. Dependabot is an excellent tool for preventing...
In custom software, the cycle of write, atrophy, rewrite is all too common. Many product owners too reluctant to embrace maintenance and sustaining engineering. A vicious cycle of expensive rewrites ensues. Businesses feel bruised by developers and experience unhealthy surges in cost and business disruption. Think hard before deciding to throw away what you have in pursuit of the greenfield:...
Nimble Industries