You Might Not Need That Provider SDK

You Might Not Need That Provider SDK

by: Manuel ⏱️ 📖 3 min read 💬 0

I was going through Reddit and found this post. I don't want to focus on the "sending email part", but I want to focus on the following comment:

Tried installing the official python sdk for one of the big email providers and it pulled in like 6 different async dependencies just to send a plain text string.

This happens quite often in Python. People need to do one thing, like sending an email, go to the provider and see that they have a nice package that we can import. When you pull all the dependencies you have a heart attack.

I'm using Python as an example, but you can think of any language that supports something similar to "packages" and the point still stands.

Some examples

SendGrid for example is not the worst:

6 dependencies to send an email is bad. Mailgun has a bit more.

Lettermint has more or less the same as the previous ones

To be fair

Some of the dependencies that you see in the examples are dependencies of requests or httpx. If you already use one of them, the real extra cost is smaller than the raw count suggests. Even so, you're usually still pulling in a few packages you never asked for, so the point of the article still stands.

We have to remember that some services don't only "send email"; they do a lot more.

If the package is complete it tries to map the features of the app and they can be far and wide, and for that we need more dependencies.

That's expected, but why not simplify?

Why not look at the API first?

But if you only want to send the email and don't want anything else, why not take a look at the API itself. Using httpx or requests you can easily do the same. Actually if you look at all of the ones we imported above it's perfectly possible that they are doing just that. The package is a "wrapper" around the API, so why import 100 things when you need 1?

The suggestion is simple.

Take a look at the API Reference and without almost any external dependencies (or using some that you already have) and do a simple POST request to do the operation that you need.

For example lettermint send is:

curl -X POST https://api.lettermint.co/v1/send \
  -H "x-lettermint-token: $LETTERMINT_PROJECT_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"from":"John Doe <john@example.com>","to":["recipient@example.com"],"subject":"Hello","text":"Sent with Lettermint."}'

You can quickly translate the above code into something decent in Python that gets the job done without much complexity.

import os
import httpx

response = httpx.post(
    "https://api.lettermint.co/v1/send",
    headers={"x-lettermint-token": os.environ["LETTERMINT_PROJECT_TOKEN"]},
    json={
        "from": "John Doe <john@example.com>",
        "to": ["recipient@example.com"],
        "subject": "Hello",
        "text": "Sent with Lettermint.",
    },
)
response.raise_for_status()

That's the whole thing. No SDK, just the "httpx" you probably already have.

It's not only simplicity that you gain

Finally, adding packages when you don't need them has downsides:

  1. Security liability. The more code you import, the higher the chance that some of it is bad or has security issues.
  2. Maintenance burden. You will need to keep track of updates and whether any of them break anything in your code.
  3. Version conflicts. It's possible that 2 different tools have the same dependency but require different versions of it. It's a nightmare to keep it straight.

To be fair, the SDK earns its weight when you need retries, token refresh, pagination, or solid error handling out of the box. If that's you, use it. But for a single POST, you're paying that price for nothing.

Simple is always better and sometimes it's not possible, but take a look nevertheless.

Final Thoughts

If you need a hammer don't buy the whole store. Just buy the hammer. I know it's obvious, but I see people uv add or pip install everything that they see online, just to do something basic.

Photo by Rohit Choudhari on Unsplash

Comments

💬

No comments yet

Be the first to share your thoughts on this article!

Leave a Comment

All comments are reviewed for spam before being displayed 5000 left
Replying to