Criteria for selecting contributed Composer and Laravel packages vs. writing our own
Laravel core comes with a set of packages. Many more are available "in the wild". Beyond Laravel, there are other PHP packages available through Composer.
Whenever we're adding a new area of functionality, we probably have three basic options:
- Select one or more existing packages that enable or meet at least a significant portion of the need and build on them.
- Write our own custom packages.
- Write custom code not abstracted as a package.
Making good decisions on if and when to use packages and which ones to select is critically important to the long term health of the project.
Take a concrete example: user roles and permissions.
- We need them.
- Laravel core doesn't have built-in support.
- There are contributed Laravel packages available. Two are entrust and auth.
Developing a set of criteria to use can help guide the process, ensuring that we
focus custom development on just the specific work required for our
goals while relying wherever feasible on reliable and
community-contributed solutions. This could lead to at least an informal decision making tree. New requirement is identified. These are the steps to follow to select existing package(s) to build on or, as a fallback, build custom solutions.