This post is a follow up to my earlier posts on so-called fragile or spaghetti code where I made a point about reading code – not the most fun part of anyone’s day, but it generally makes code a lot less ‘fragile’ if you do it.

This idea is the equivalent of taking the time to read the instructions – you’re a lot less likely to break something if you know how you’re supposed to operate it.

This post is still about code fragility, but it is about code that actually is fragile, only it is fragile on purpose.


There are a number of reasons why this can happen, I will illustrate them from some recent work I’ve been doing, as well as some client projects. But first I am going to focus on what people mean by ‘fragile’, so it is clear what this means.

You may hear the phrase ‘this code is fragile’ and think that that means that it doesn’t work, or that there are purposes to which it is not suited. As in, ‘This vase is fragile so I probably shouldn’t fill it with chunks of broken concrete.

But this is really not what ‘fragile’ code means. Usually, it means:

  1. This code is hard to work on and it is likely to break if I do something to change it.
  2. This code may break in the future if the conditions in which it runs change.
  3. This code may break if any of our integration partners alter their API.
  4. This code does not fail gracefully.
  5. This code is not commented well and that makes it hard for me to read and understand what it doing.

As it pertains to number 1, this is just the scenario from the other article where you aren’t working hard enough to understand it. Said differently, you are really saying, “My understanding of this code is fragile.”

I put 1 and 5 at opposite ends of this list for a reason. Because 5 should not be an obstacle to reading code. It is a better excuse than 1 for your lack of progress, but it still an excuse. Poorly commented code simply means you have to spend more time reading, testing, debugging the code to understand it. No code is ever commented well enough in my opinion, so you can’t let it stop you from working on it. Code can be readable or unreadable, it can be commented or not, but that should not stop you from understanding it if you know what you are doing and that is your job. You can get a different job, but chances are you will be in the same situation there.

5 is only worth noting separately because you should plan for and avoid that situation. Try to avoid committing this sin if you can.

For both 2 and 3, a significant portion of what will happen in the future is unknowable, and so how much time you spend dealing with 2 and 3 should be carefully calibrated. You can know that a partner is going to publish an API update in 6 months if they tell you, but if you need to go live now you may simply have to deal with that change when they publish it or make it the new API available for testing.

Of course with failures and crashes (number 4) you should avoid these things and use defensive coding practices to avoid exposing your users to failures, even if they originate outside of your systems. A few examples:

  • A good NoScript section of your website.
  • Graceful handling of the offline operation.
  • Handling nulls, empty strings, and other straightforward data situations.
  • Use exception handling properly to deal with unexpected situations

Etc, etc.

But be careful of swallowing problems within the system – you may protect users and also hide them from yourself, only to have them come back and bite you later on.

It’s always surprising to me how many people present an utterly, blank empty page to the user if JavaScript is not enabled or working.


OK, so here we are. We need to do some development work. We have coding practices to deal with number 4 and 5. We’re working on a new system, so hopefully, number 1 is a non-issue. What, if anything should we do about 2 and 3?

My answer is: it depends.

Truthfully, you can’t predict the future or what your integration partner will do to update their API until they publish a specification.

We were recently working through updating a Dialogflow implementation for v2, but we couldn’t have changed anything or done anything until they published their v2 specs. It would have been guesswork.

As I’ve been working on my side project Pricekite.io, I am dealing with the billing APIs for AWS, Azure, and Google Cloud, each of which is in varying stages of development. I am faced with 2 challenges:

  1. What are they going to do in the future to update these APIs?
  2. What additional features am I going to want to add in the future?

My decision for both is to do nothing. If/when I decide to add a feature that requires me to improve code, I’ll improve it. I had to add some data storage in order to have data on hand for 1 provider (cough Azure cough) because their billing API is not the most efficient thing in the world.

I had not intended to add data storage until phase 2, but my hand was forced by the 6 seconds it took to pull and process the data. So, I call the 6-second method every 30 minutes and store the values, which can then be pulled at any time. It introduces latency to the data, but that does not matter at this juncture at all. If it turns out to matter, I simply can crank up the frequency of the polling.

So, the code is fragile. But it works, and it was able to be written by 1 person quickly, and it will be very easy to read as, for the most part, you have absolute line of sight readability in the code.