A very common programming tip is “Don’t reinvent the wheel”. If there’s already a library that already does the task you need, why don’t you just use that library instead of writing your own solution?

Many times, it’s a sensitive thing to do: importing third-party libraries lets you focus on other tasks. Also, if you’re using a popular library that has been stable for years, it probably does the task better than you! However, using third-party components have drawbacks.

The authors might deprecate the library or even delete it. Or the library (or any of their dependencies) might have a security problem and you have to wait until the authors fix it. Or they might even decide not to fix the security issue.

In 2016, there was an NPM JS package called “left-pad”, which was used as a dependency for thousands of projects. One day, the original author deleted it and broke every single project that depended on it.

Another drawback may happen when your project changes after you used an external library. You may need to add new functionality that doesn’t work with the library you added. Generally, this kind of problem can be solved, but it adds complexity to your project.

I think “don’t reinvent the wheel” is a good approach, but you have to be careful every time you add an external library to your project:

  • If the library you’re adding is very big and you need a small part of it: it’s probably a better idea to do it yourself or look for a smaller library.
  • If the library has been popular for a long time, that’s good. If you run into problems, you’ll have a lot of documentation and help online.
  • If the task is small or simple, it’s a better idea to implement it yourself.
  • If the task is very complex, looking for a library might be a good thing to do.
  • If you have to do tasks involving security (cryptography, passwords, hashes, etc) it’s very recommended to use a trustworthy, third-party library. Cyber security is a very complex field, if you try to create your own security-related tasks, it will be insecure.

To sum up: can “don’t reinvent the wheel” be bad advice? The answer, as always, is: “it depends”.