undefined | Better HN

0 pointsspion3y ago0 comments

> any breaking changes should be dealt with in the same change as the version bump

Does this mean that some things will never get updated, as the effort required is impossibly high?

0 comments

17 comments · 4 top-level

yongjik3y ago· 6 in thread

Effort to update something is high because there's a lot of code, not because it's in a monorepo. Updating the same code scattered across multiple repositories takes as much work in the best case. More realistically, some copy of the same code will stay unupdated because the cost to track down every repository in the company is too much.

0x6c6f6c3y ago

Can definitely feel this pain personally. Need to upgrade tooling across some dozen or so services and we're investigating how to migrate with potentially incompatible upgrades. So just suffer outage while we merge PRs across some 20 repos? The atomic changes of a monorepo are very beneficial in these cases, removing the manual orchestration of GitOps practices segmented across individual services..

skybrian3y ago

When you say it's "as much work" there's an assumption the code is still used. This was years ago, but when I was doing migrations at Google we sometimes had to deal with abandoned or understaffed and barely maintained code. (Sometimes by deleting it, but it can be unclear whether code by some other team is still useful.)

If you're not responsible for fixing downstream dependencies then you don't need to spend any time figuring that out.

dx0343y ago

Sounds great to me because you are forced to delete code that's not in use anymore. Without the monorepo, that code would still be there with old libraries that are potentially insecure.

Deleting code that is not being used anymore happens way too rarely in my opinion.

1 more reply

spionOP3y ago

But with a multi-repo, its possible to e.g. upgrade the dependency just for a single service that has an immediate need for the upgrade, isn't it?

yongjik3y ago

The flip side is that services with an immediate need will get upgraded, and others won't, and six months later you will be saying "Why am I still seeing this bug in production, I already fixed it three times!"

Of course, the problem can be mitigated by a disciplined team that understands the importance of everybody being on the same page on which version of each library one should use. On the other hand, such a team will probably have little problem using monorepo in the first place.

Whether you have a monorepo or multiple repos, a good team will make it work, and a bad team will suck at it. But multiple repos do provide more ropes for inexperienced devs to tie themselves up, in my opinion.

1 more reply

8note3y ago

Lots of code under the assumption that all the code needs to use the same version*

A big bang always sucks versus some migration over time

ywoski3y ago· 4 in thread

Almost. We had a UI library on Android that was stuck on an alpha version of the library for three or so years after the library had shipped.

Upgrading the library broke many tests across the org, and no one wanted to own going in and getting each team to fix it. Eventually, the library had a v2 release, and people started to care about being able to use it.

Ultimately, they just forked the current release and appended a v2 to the package name.

Not the norm, but it happens. The monorepo works for Google, but I wouldn't recommend it for most organizations; we have a ton of custom tooling and headcount to keep things running smoothly.

From the mobile side, it makes it super easy for us to share code across the 50+ apps we have, manage vulnerabilities quicker, and collaborate easily across teams.

coryrc3y ago

> The monorepo works for Google

Does it? Or is it stopping Google from supporting products which only make millions in revenue because of the massive burden of continually updating?

ywoski3y ago

Oh geez, that's an entirely different can of worms that isn't related to the monorepo.

Most products at Google are not dropped because the monorepo makes it difficult for them to support - and I'm not sure how it would or how you got to that association. Also, plenty of products that are killed are not in the monorepo.

They are usually dropped due to a mix of things, but a big part is just better product management.

2 more replies

mook3y ago

> Ultimately, they just forked the current release and appended a v2 to the package name.

Hmm, does that explain the golang module versioning requirement where v2 must have a different name?

rfoo3y ago

Yes.

lallysingh3y ago· 2 in thread

No you use automated systems to do the change. https://mobile.twitter.com/obeattie/status/10804969557537505...

spankalee3y ago

Even so, the cost is often outrageously high.

No to mention that if you're the first team to import a third_party library, you own it and other teams can add arbitrary cost to you updating it. You have to be very aggressive with visibility and SLAs to work around this.

admax88qqq3y ago

You're basically just describing all the pain with pulling in a dependency regardless of monorepo or not.

If the third party dependency does not add enough value to justify the cost then don't add it.

2 more replies

tho2i3u4o3i4343y ago· 1 in thread

Google's software mostly uses dependencies already in the google monorepo, so these issues don't crop up. The person/team working on library changes have to ensure that nothing breaks, or the downstream users are notified early on. Don't think this would apply to many companies.

8note3y ago

That sounds like a huge amount of effort unrelated to your current project, both for those being forced to upgrade, and those organizing the upgrade

j / k navigate · click thread line to collapse

0 comments

17 comments · 4 top-level

yongjik3y ago· 6 in thread

0x6c6f6c3y ago

skybrian3y ago

If you're not responsible for fixing downstream dependencies then you don't need to spend any time figuring that out.

dx0343y ago

Sounds great to me because you are forced to delete code that's not in use anymore. Without the monorepo, that code would still be there with old libraries that are potentially insecure.

Deleting code that is not being used anymore happens way too rarely in my opinion.

1 more reply

spionOP3y ago

But with a multi-repo, its possible to e.g. upgrade the dependency just for a single service that has an immediate need for the upgrade, isn't it?

yongjik3y ago

1 more reply

8note3y ago

Lots of code under the assumption that all the code needs to use the same version*

A big bang always sucks versus some migration over time

ywoski3y ago· 4 in thread

Almost. We had a UI library on Android that was stuck on an alpha version of the library for three or so years after the library had shipped.

Ultimately, they just forked the current release and appended a v2 to the package name.

Not the norm, but it happens. The monorepo works for Google, but I wouldn't recommend it for most organizations; we have a ton of custom tooling and headcount to keep things running smoothly.

From the mobile side, it makes it super easy for us to share code across the 50+ apps we have, manage vulnerabilities quicker, and collaborate easily across teams.

coryrc3y ago

> The monorepo works for Google

Does it? Or is it stopping Google from supporting products which only make millions in revenue because of the massive burden of continually updating?

ywoski3y ago

Oh geez, that's an entirely different can of worms that isn't related to the monorepo.

They are usually dropped due to a mix of things, but a big part is just better product management.

2 more replies

mook3y ago

> Ultimately, they just forked the current release and appended a v2 to the package name.

Hmm, does that explain the golang module versioning requirement where v2 must have a different name?

rfoo3y ago

Yes.

lallysingh3y ago· 2 in thread

No you use automated systems to do the change. https://mobile.twitter.com/obeattie/status/10804969557537505...

spankalee3y ago

Even so, the cost is often outrageously high.

admax88qqq3y ago

You're basically just describing all the pain with pulling in a dependency regardless of monorepo or not.

If the third party dependency does not add enough value to justify the cost then don't add it.

2 more replies

tho2i3u4o3i4343y ago· 1 in thread

8note3y ago

That sounds like a huge amount of effort unrelated to your current project, both for those being forced to upgrade, and those organizing the upgrade

j / k navigate · click thread line to collapse