Shame-Driven Development, or Why I Published My MVC

This week I finally made the leap and pushed my personal MVC to a public GitHub repo. I didn't do this because I'm particular proud of the code - a good chunk of it is six years old and isn't representative of current (or past) best practices. Nor did I do it because I think other programmers will find it helpful. Instead, the main reason I published the code was to shame myself into making it better.

Before going further into this idea I want to address the most obvious negative effect of publishing an application backend in a public arena: security. Even if there are no credentials or passwords saved in the codebase (I made extra sure to clean mine out before pushing) there is complete exposure on how things work. Validation criteria, data schema, and potential loopholes are all there for any attacker to view and exploit. I'm hoping that my websites are small enough targets to avoid much notice and that there isn't anything too hackable.

Besides, there is the appeal of shame-driven development that outweighs the security risk. I used to work on this framework daily, testing out new techniques and adding features to any one of the (up to eight) different sites that were supported by the core. Over the last year I have made less than 20 commits. That's less than two changes a month. A good kick is what I need, and hopefully this publish will force me to be more active again.

One of the biggest changes I want to make is start using modern dependencies via Composer. Adding Aura.Sql would allow me to drop my outdated mysqli-based Database class and use better connection handling. Pulling in more advanced clients would simplify some of my data collection and handling for different components of my lifestream. I may even look at using a modern templating system, like Twig, though I'm reticent about adding too much extra logic in at runtime. I'm very happy with my sub-1MB memory footprint for pageloads.

Outside of replacing chunks of code and adding features I'd also like to rip out reusable pieces of logic from the MVC as standalone packages. Not all of it is that unusable. I have some logic in there about transforming timestamps into friendly "relative time" strings that would be great to have as an independent piece, as well basic form processing and content processing. These things could be useful for other developers, if not to use than at least to check out, and I'd feel a little better about giving back.

Of course, I still want to use this framework as a reason to push myself into new areas. I want to experiment with different build and deployment strategies, as well as start looking into container-based environments. The thought of creating something that will trigger on a branch change to pull in composer and gulp dependencies, run some tests, and send everything to a pre-defined environment is very exciting. And is something that I've never tried building before.

Maybe, once the code is up to current standards and everything is broken out into packages and everything has tests and there is some sort of cool container-based deployment processes built in I won't be ashamed of having this framework in a public arena any more.