Most of us would probably agree that Googling is a big part of a developer’s job. We regularly browse the internet in search of tutorials, documentation and we even copy & paste code to our own projects. Copy-pasting code can be a huge time saver, but how can we be sure the code we’re copying is safe and won’t bring new problems to our software? 🤔

Here are 6 questions I ask myself before copy-pasting code into my projects:

1. How does this work?

This may sound obvious, but it may come a time when you need a solution fast and, in the rush, just copy and paste whatever works into your project without trying to understand why and how it works.

When you don’t take the time to really understand the new code, you’re:

  • Missing out on learning something new
  • Taking the risk of introducing new bugs or problems
  • Possibly going against the project’s architecture

2. How old is this code?

Or, also, which version of the framework/language does it target?

You may encounter a solution that was written for an older version of the framework or language you’re using. In the best of cases you’ll realize the code is old when the compiler fails and tells you the method doesn’t exist or was deprecated. But if it doesn’t, this could lead you to:

  • Introduce deprecated methods in your code
  • Missing out the opportunity of applying a better solution using an updated version

3. How will this code affect my project?

Does the code follow patterns that go against the architecture of the project? Will it make me introduce bad practices or anti-patterns? Was it written on a completely different context?

Here’s an example: Suppose you’re working on an android app that should be able to run on low-end devices, and the code you’re copying is not optimized for that. You could be harming your users, even if the code “works”.

4. Does the code require any dependencies?

I’m usually reluctant to introduce new dependencies just to solve a single issue, but (as I said in my post about minimalism and clean code) I understand there are times when introducing a new dependency could be necessary.

In any case, before copying and pasting the code and blindly installing whatever dependencies it comes with, we should at least understand which they are and if it’s safe to incorporate them in our code (not every dependency is trustworthy).

Here’s a great post about evaluating dependencies:

5. Is this code really necessary?

Once we understand how the code we’re considering to copy-paste actually works we should evaluate if we really need it. Maybe our project’s architecture already has a solution to our problem that we could use and we didn’t notice before.

In some cases the solution we find online helps us understand the problem, and this new level of understanding gives us the opportunity to implement our own solution that works better with our architecture and project than the code we were going to copy-paste.

6. What does the official documentation say? 📄

It’s interesting to check the official documentation of a language or framework for solutions, it usually contains best practices and nice tips that will help you get a deeper understanding about how the code works.

How do you keep your code safe when copy-pasting from online sources?

What’s your approach? Let me know if there’s anything else you do!

Some folks shared some articles about security issues that one could introduce when copy-pasting code. I honestly didn’t think about this when writing this article, but I think it’s important, so here are their comments:

This post is also available on DEV.