- `import shopify` makes an API request. If their API rate limits you, your server will probably crash. This happened to us in production.
- That API request gets a dynamic list of supported API versions. If the version you've hard-coded in your app (because it's what you support) is no longer in that list, it will raise a VersionNotFoundError and your app will probably fail in some significant way.
- There's no connection persistence. Every API call sets up and tears down a full connection, a noticeable performance impact.
- Internally the library uses a lot of global state, it's certainly not safe to use in async code – too easy to use the wrong credentials on a request – and I suspect it's also not thread safe.
- Despite having something called a Session, very similar in documentation to a requests.Session or httpx.Session, it's neither, it's just a container for some creds. No sessions are available at all.
- It's mostly a wrapper around Pyactiveresource, which appears to have a lot of similar issues – internal state that's hidden that causes things to not work as you expect.
I suspect that the Python library was developed by Ruby engineers, some of the practices are things I've seen in Ruby but that just don't fit into the Python ecosystem.
From what I can tell their API deprecation strategy is quite hostile to developers.
I think it would be difficult to build what I'd consider to be production-grade services on top of the library. This is in stark contrast to others such as Stripe's API/libraries which are fantastic.
Especially for a company that prides itself on great API design, this is head scratching.
‘shopify.Init()’ seems like such an obvious solution
If you're moving fast, you don't have time for this. Especially if it isn't your core competency / core product.
If you dont use a language with strong type safety the benefits are less.
For instance the OpenAPI3 (Swagger-NG) standard. It allows the typing/schema'ing of the JSON bodies. It also provides a bunch of generators[1] that can be used to generate client libs. And when the languages of the client libs permit it, those libs come with lots of type safety and greatly reduce boilerplate.
The python api doc is not good. I'm always not sure about how to call the api. I can only leave an issue on GitHub.
The ecosystem obviously leans toward react and ruby. The examples are not suitable for me most of the time. The tooling like CLI, example will not include what you need.
Use Polaris for your UI? Sorry, it's not supporting vue. You need to build it with npm. Only for react. But I want the easy way to work with CDN
Need python examples on the latest session token auth? Sorry, there is no such thing. I spent 2 - 3 weeks working on it (and still working now). What I got are the workflow diagram and step instructions. Welcome back to the uni!
But the session token auth is mandatory for all new apps. You must use it NOW!
Developer / Partner support? Please provide a store id to identify yourself. But I clicked the link INSIDE the partner portal. (Half an hour later, still got nothing. ) I spend an hour and get nothing most of the time. The worst thing is that they answer you 'Sorry, I don't know or it is not feasible' with a thousand word long email.
Yes, every 3 months you need to revisit the API. It's good and bad. It means that if you're casually developing an app, this will consume a lot of time. Good because if forces you to update and keep your app relevant.
The real question we should be asking is, is churn adding value? I understand security updates but otherwise you can only improve the wheel so many times before it just becomes a waste of time (decreasing marginal returns). Software engineering _badly_ needs a concept of finished version and mature software. Often there is very little gained from a new framework every few months besides assuaging the egos of a new generation of developers.
That's the opposite of good.
"Relevant" to whom? As long as the store is selling stuff, it's highly relevant to the buyer and seller.
That is the consumer being "good". There is nothing regarding the provider there which is good.
(Full disclosure, Saleor Head of Growth. A friend sent me this link. Yes, my account is new.)
There isn't ways to have a custom checkout (one page) with this system and subscriptions are not natively built in, relying on a third party ecosystem.
Theme development is also arcane and not the standard way web developers build a simple website.
Oh and they disallow you to use Stripe for your store and you have to go through Shopify payments instead.
Theme development is the same as any other system. It's very similar to a Drupal or Wordpress commerce. I am not sure I fully see what you mean.
Obviously they don't allow you to use another payment processor, why would they? They make money by having people use their payment processor. There is no benefit to them allowing people to bypass this and implement their own payment system.
The custom checkout can be a con, but it's also a pro. It allows your customers to feel at home in a native environment. Not having to deal with every ecommerce site completely different checkout system.
On top of that, there are applications that can have this payment flow except you need permission to accept outside payments. Shopify only gives this to established companies.
Late last year, they also got rid of unlisted applications and now all applications have to be approved even if you don't want it in their app store.
Shopify is building its moat and getting more and more restrictive. I'm very glad we abstracted all of the operations out of Shopify directly and now can use any platform or even Stripe directly. If you want to build an e-commerce store with Shopify still, use the $9/month plan and use Shopify just as a CMS and integrate with payments separately.
A single page modal checkout on the same page is the way to go these days, even Stripe's new checkout is unfortunately doing the same thing with not keeping the user on the same page.
* - May vary depending on your level of experience with GraphQL
But not natively within Shopify's UI, You have to use 3rd party apps have to make use of this API. For merchants this is useless to them if they don't want to use a 3rd party app for this feature.
I would like to see this standard described and what level of agreement you get.
* I can concur that their API is unreliable. About 1 in 5 of my CI runs fail with mysterious 500 errors. It's infuriating.
* The support channels are a wasteland. Do not expect help.
* The documentation is super thin. At first glance it looks decent - there's the objects, there's the fields those objects have. But it's missing all the details about how those fields are supposed to work. Example: A Fulfillment has a tracking_numbers array, but there doesn't seem to be any way to add multiple tracking numbers. The docs are silent, and questions about this in the support channels remain unanswered. For years.
* There are two completely different APIs (graphql and REST), which do not have equal capabilities. If Shopify is planning on deprecating one of them, they should give us guidance.
* The API is inconsistent. I count at least FIVE different representations of an Address structure, each slightly different for no apparent reason. Eg "country" vs "countryCode". This is the kind of thing that creeps into projects in dynamic languages when nobody's paying attention.
* There's a lot of overengineered stuff. The Metadata API is really unpleasant compared to Stripe's simpler approach.
* There's no way to set up common shipping scenarios like "$N for first item, $M for each additional".
I could go on. But I will say this: It's better than Etsy's API. Though Etsy is finally working on it again, so maybe that will change.
You can get variations in 2 digit country code vs 3 digit vs some other representation easily regardless of what language you're using
I see these daily, with errors that suggest the cloudflare layer is unable to connect to origin.
I’d bet very few people who work there know all the APIs that exist.
Or perhaps you are thinking about creating a carrier service, so Shopify will fetch shipping prices in realtime? That's for people on Shopify Plus plans, which costs $2k/mo+.
Actually, that's not quite true! There's a wholly undocumented option for non-plus merchants to get the carrier service feature enabled on their account for a monthly fee of something like $25. They have to reach out to support.
Everything with Shopify is like this. Great for consultants who have already internalized all this knowledge, sure.
Support is friendly and prompt but knows nothing about the apis.
Examples:
- Their default theme (provided by Shopify) has problems. Blame it on the app developer. "It's the app's fault." Yes, there are some poorly developed apps, but this lumps together the good with the bad.
- Customers use the app review system to hold developer hostage for feature requests. "Create this feature for us and I'll edit my review."
- Shopify's customer service reps says, "It must be the app that's causing this." Reading the CSR's emails, it is clear that this person does not understand the (technical) issues and is only trying to close the ticket. Customer takes what the CSR says as gospel and you, as the developer, spends a lot of time trying to fight that mindset.
I can't help but feel a big part of Shopify's early strategy was that the demographic of customers they were trying to attract just weren't a great type of customer, and that the partner program allowed them to enlist a lot of hungry developers willing to work for free (or next to nothing).
There is definitely room for improvement. I have mixed feelings about it, as their ecosystem provided me with a way to make a living many years ago. I don't depend on them anymore, but I wouldn't argue against trying your luck out there if you're starting out. Just recognize that there is a certain culture and way of practice there.
Also, Shopify's free themes are all terribly slow. Kinda ironic considering how hard they're pushing us recently with new storefront app performance requirements.
For now my apps are growing each month, but the culture and practices have left a bad taste in my mouth such that I also know that this is not for me in the long-term, and hope to someday exit their ecosystem.
To be fair this is pretty reasonable. Lets say 5 stars is highly recommend, 4 is recommend, 3 is neutral. If you’re building a new feature and it wouldn’t change anyone from being neutral about the product to recommending it, or from recommending the product to highly recommending it, maybe rethink building that feature.
This is the best bit of developing for Shopify imo, this is the CEO reading the comments and taking them on board.
So here are some more!
Good - Partner support isn't great, however, if you can figure out how to get to a named employee, which is quite easy with their Slack for partners, they are super helpful. Just this week I am migrating to React and Polaris (mostly due to third party cookies being blocked by browsers and having to move to JWTs for auth). I had a niche problem that I dreaded going through support with, so I posted in the relevant Slack channel and a dev got in touch and fixed it for me in minutes.
Bad - 20% commission is starting to look expensive now Google and Apple have dropped their fees - They only pay out in dollars to PayPal which results in a 3% fee for non-US (and Canada?) devs since December - Python API is not kept up to date - There have been numerous copycat apps that the original devs have had to kick up a huge fuss to remove
Thanks to @donutdan and this post https://news.ycombinator.com/item?id=15149528 for originally introducing me to Shopify Apps nearly 4 years ago, its been fun
While we have you ear can I repeat a long-standing request.
Set price multi currency support.
We built an Ecommerce site for a leading global brand with thousands of SKUs.
The lack of a method to set a fixed price for multiple currencies on a single product in a store has created significant complexity for us.
We have to create a store with around a thousand SKU’s for each local currency just to set the price.
The software and process gymnastics required to synchronise product information, images, inventory data, fulfillments and tracking could be avoided with local currency pricing.
Having multiple stores makes it mostly impossible to make use of third party apps that would otherwise enable the client to do more with shopify.
We manage it by our product data being in our ERP, and use Shopify as a dumb front end. The marketing people still hate it though.
Our apps are built in PHP using the polaris.css for styling components. We have some embedded apps currently (before Shopify began requiring the session token). Personally, the embedded experience is only good for simpler apps. If your app is more complex with lots of options and settings and things to show, the embedded experience is SO SMALL. Literally 40% of the screen is taken up by the Shopify admin leaving only a small portion for your app. Makes interface design more difficult when so much of the top/left part of the screen is taken up by Shopify admin.
Their API and webhooks are "fairly" reliable. We're consuming around 10k to 20k webhooks per hour and performing 20k to 50k API calls per hour. We rarely have issues. We are using their Amazon EventBridge integration to accept webhooks as a sort of buffer against them DDOSing our applications.
The largest issue with their API at scale is dealing with the API limits of 2 to 4 requests per second. Since some things require performing multiple API calls, and we deal with massive e-commerce stores that may need to perform 100,000 tasks, it can take a long time to perform the work (we have to artificially delay the API calls to not hit their limits). Also their GraphQL API has a complex limit system based on the "amount" of data returned, which makes fetching data even more complicated than their REST API.
My other big gripe with their API is that they have a GraphQL and REST API with different features. They support different filters, different fields they return, different types of objects... It's a real PITA to try and work seamlessly between two different APIs (e.g. data formatted differently). And neither API is 100% solid, depending on the features your app needs you will basically need to use both APIs.
Generally my experience has been pretty good with Shopify. Their API changes can be scary, but at least they use versioning so they don't break the current version you're using. They are constantly adding new features too.
Most ecomm businesses are more complex than connecting a front end to a payments gateway. Generally requires multiple complex systems (Product Management System, Order Management System, CRM, etc) to work together seamlessly. This is where platforms like Shopify or Magento are really valuable. They give you all the pieces you need to build your business w/o needing to reinvent the wheel.
Often platforms do a little of these themselves but lots of businesses have needs that require them to use specialised solutions that handle those aspects of their business better than Shopify does as each is a complex domain in its own right.
How did Shopify get to be the beast that it is?
Why doesn't someone else step up and into what looks like a massive opportunity, especially since Covid have push so many transactions online?
I have worked with Shopify customizing themes and adding custom functionality. It good when it great and you're within its sweetspot. But then it drops off like a cliff. The developer workflow? Shockingly dated.
I've worked with WooCommerce. Great tool. But it requires knowledge and resources.
I've taken the BigCommerce training. Felt like Shopify 3.x but I'm not sure they're positioning well for the long term.
I know there are others.
It seems to me that there's a sweetspot between Shopify and WooComm. User friends yet also developer friendly. Perhaps not easy to do. But that's not humans on Mars either, is it?
Its amazingly simple to get started. It will push the products into a shoppingCart array, do the arithmetic adding up the prices. Clearly not something you should pay for. It's one hell of a deal - for them.
I'm sure there is a special place in hell for self proclaimed developers who want to help shopify create a playstore/appstore like monopoly. I'm happy they are this terrible at everything nice.
But the getting started process is wonderful. Its all fantastic until the iron gate closes behind you and the room goes on fire.
But Shopify wants to say one thing but do another. Why do devs subject themselves to a platform with well known limitations.
Note: I like Shopify. But only for cases that are within its sweet spot.
However in practice I have found Shopify not too strict about fees charged outside of Shopify. I suppose if you were actually charging your customers specifically for the app but doing it outside Shopify to avoid the cut they would come after you.
I find BigCommerce a worse offender here. They copied Shopify's terms and constantly hound you asking for a cut of money even if you offer a free plugin with your standard service. Their method of collecting this info is also arcane, manual, and threatening. I would drop BigCommerce support in a second if they challenged us on this. So far they have backed down when we tell them we don't charge extra specifically for BigCommerce. But they still hound us monthly to submit a $0 report.
I've built on Shopify before. While they're great, you'll find that it's hard to grow your company in it (save for a few notable exceptions). And then there's the platform dependent nature of it all.
I would not build a business on top of another company's platform.
It made sense that they would take down bad actors in the community.
I've called them, my bank, and on a few occasions even tried other people's cards.
I'm declined no matter what, by Shopify. It's been this way for well over a year. Sometimes retailers will manually process a transaction, but otherwise it's infuriating for me to see Shopify grow in the market.
https://help.shopify.com/en/manual/orders/fraud-analysis#fra...
The thing where it calculates ip geolocation distance from the shipping address is a potential culprit. Maybe your IP address has a bad entry in their ip geo mapping software.
They also don't like proxies and VPNs.
* I've never had zero options for solving a problem. Ten years ago, I needed to build a customer login system on top of Shopify. (Like, before Shopify had one of its own.) I had enough room to do that in javascript, and it became an app called Gatekeeper. (Today's spiritual successor: Locksmith.)
* Whoever works on patterns at Shopify does a really, really good job. They think through things slowly and thoroughly, resulting in resource models that that are usually refined over time, instead of remodeled entirely. This is a good sign.
* This is a second bullet point to underscore the previous point about Shopify's pattern-making. I've been on this platform for a decade straight, and I don't deal with systemic inconsistency. I'm only here because Shopify is really, really good at patterns.
* This is a third pattern-related point to observe that Shopify usually defers solving a problem, rather than putting forward a fragile or brittle solution. (How long did it take for order editing to arrive?) By my reading, they'd rather take a while to land on and deliver a solution that will create a broader future, than more quickly deliver a solution that will limit the future.
* Yes, there are occasionally major/breaking API changes. Honestly, I love this. For me, it forces the whole system to stay engaged, and stay alive. Yes, I know the counter-arguments to this. :)
This is why I'm still here, ten years later. Yes, some things are short-term hard. But the things that are long-term important are all locked in.
---
Also yeah, building and sustaining an app is work. This is part of why I made https://apps.shopify.com/mechanic. I love the Shopify platform, so, so much, and also I needed a way to solve really specific problems more quickly, and keep those solutions running more sustainably. So: platform within a platform. Lots of nested similarity here, in the way that Shopify thinks about solving problems and the way Mechanic thinks about solving problems within Shopify.
Are your customers B2B mainly?
What I am trying to figure out is if Shopify is "bad" or just "warty" -- I realize that is subjective and heavily depends on what one is trying to use it for, but it's still a challenge to reason about.
On the other hand, they are doing an amazing job and constantly providing updates. Their docs are really good and improving everyday. Kudos to the shopify dev team.
My rejections in chronological order:
1. Rejected for having text in the app icon. The text was our company's name and is our logo which we had to change for Shopify...
2. Rejected because we didn't implement the GDPR webhooks. We don't operate in Europe so I didn't think they apply. I could have read this in the documentation but still...
3. My shop set up geographic restrictions for a few South East Asian countries and the shopify tester tested with a store with an Albania as the country, USD as the currency, and a fictional address. Shopify actually prevents this kind of invalid installation (that's the whole point of the geographic restriction). So when my store rejected his onboarding attempt with a generic error due to what was previously thought to be nothing more than a sanity check, he rejected my app and imposed a 2 week ban on my partner account from resubmitting.
Ultimately, I was able to appeal the decision through a different channel. We had our first customer waiting to use our app so this added an extra 10 days of delay and a whole bunch of unneeded stress in my startup.
As a Shopify store owner, I was aghast how common it was on the platform to require allowing third party apps entirely too much information about my end customers. I was very uncomfortable leaving some otherwise promising apps installed in my store, and eventually gave up on Shopify entirely.
Shopify allows non devs to easily set up an ecommerce store, that is their biggest value add. Things like inventory management, shipping, site hosting etc.
I've used this to some success in building a more robust product customization app (with functionality very specific to our business), more so than what I could find on their store. The biggest con for using the app proxy is around authentication. You can't do much special stuff with auth, basically the simplest option is to just wrap your proxied pages in a liquid check for customer.id. (Although, I can see this as a pro rather than a con, as it forces you to keep the proxy app simple.)
My biggest worry is one day Shopify just decides to discontinue app proxies. It doesn't seem like an option they try to point developers toward, so I don't trust it and am thinking about building on top of their API to avoid this.
You are free to use it as you want, it doesn't support the dynamic components obviously since it's CSS. But you can easily reimplement the parts you want.
At the time I already had a popular site based on their API. I had noticed that in general, it's a tough business to be a disconnected 3rd party developing on a closed platform. You're at the whim of the platform owner, slave to their intentions and decisions, good or bad. It's like having a remote job where nobody talks to you.
I got over API unreliability with a system to retry calls a few times. Etsy API calls could fail in several distinct ways, so my parser had a lot of stages (check for HTTP status, parse for certain strings, check if it's empty or an empty string, so forth). The calls also occasionally took much longer than usual. I implemented a caching system for the widgets.
It sounds like Shopify reliability is much worse than Etsy's at the time. Other than outages, I believe we'd get about 2% of calls failing for different reasons, which would usually work on a retry.
Changes were difficult to deal with because they could come suddenly. The worst ones were breaking changes that apparently Etsy was unaware of. I'd start getting errors and have no idea if it was a bug or an intentional change, and write workarounds only for them to fix the bug a few days later. We also experienced the removal of features with other apps. Or, one time we spent a couple months on a feature and then it turned out Etsy had been working on the same thing themselves.
This makes no sense.
Also, the reason people can't use Shopify with my system yet is that even to be approved for an unlisited application you need to allow for account creation via Shopify. I understand for listed apps in the store but if I want to have an app where they click a button on my site and I connect to their shopify system and get data I still need to support this feature I won't use. That saddened me. I just need to create time to allow for account creation via their app store and figure out what that means getting the info and how to handle user confirmation if at all.
(Shameless plug - https://www.ootliers.com)
Google actively does this with many of their APIs. Running locally, their APIs will be very unreliable. Once you're live on the domain you've configured, everything is much more reliable.
I don't know if they do it to force you to consider cases where the API returns errors, or if it's some kind of anti-scraping provision, but it can be extremely confusing and frustrating if it's your first time working with the API and you're not sure how things are going to actually work (if at all!) when you deploy.
As someone on the opposite end of this problem (I'm in custom theme development), the client wanting to install a new app is an immediate source of frustration for reasons almost completely out of your or their control.
If your app just gives us a manual install option, that's usually the best solution for me. I can make judgments as a developer as how best to incorporate your app into my theme. Furthermore, because I'm doing it manually, I get to follow all of my version control and testing practices. You see, Shopify actually promotes some very terrible development practices (not your fault). I have to avoid that by working in development themes, storing all my code in a self-hosted Git repository elsewhere, tagging all my production deploys, and using Git to tell me what files have been changed so I can be ultra-conservative in my deploys. Why do I need to do that? Well...
Some apps have automatic installers, which try to guess what theme you're using and then install files as they wish to the current production theme. Not only is that dangerous (what if the app breaks something?), even if the app does install correctly; it usually doesn't hit the developer themes and any developer working out of the Git tree is now working with stale files. I have to pull theme exports and compare changes to reverse-engineer what was added so that we don't wind up accidentally uninstalling half the app when we change a product template or something.
Part of the problem is that Shopify is specifically designed to be both "easy to use" and give it's merchants a high level of control over their storefront. This precludes a lot of otherwise obvious solutions to this problem, for various reasons:
1. You can't use Git as a deployment mechanism because it has a terrible UX and most new merchants aren't going to figure out how to use it. Even with a non-terrible UX you still need to educate users about it's various failure modes, including merge conflicts and the like. 2. It would be nice to have standard extension points between app and theme developers, but that winds up tying the hands of both a little. Part of the problem is that any level of extensibility also either takes things out of the hands of theme developers, or requires new users understand how to implement the component. I was hoping something like the new section system (which I haven't gotten a chance to play around yet) would fix this for app developers.
If Shopify was willing to go a little bit up-market (and, given how they've become the favorite platform of Facebook scammers, they should) they could fix these problems by offering ways for theme and app developers to agree on specific extension points. This kind of ruins the whole "just edit this template to get a thing on your theme" aspect of it, but Shopify's really outgrowing what it started with IMHO.
(By the way, there's a special circle of hell reserved for page builder apps that store everything in the current production theme. I recently had to deal with a client whose shop no longer allowed them to clone their main template as it was full of literally hundreds of templates and assets from this one app. After literal hours of manual garbage collection, I was able to get it to the point where a theme clone merely took 20 minutes rather than failing outright.)
