Today, Twitter starts “shutting down basic authentication”:http://countdowntooauth.com for the Twitter API. One of my favorite Twitter clients, Birdfeed, will be allowed fewer and fewer requests until finally at the end of the month it stops working. Likewise for Birdhouse and Twitterrific 2. And the same for my “Wii Codes”:http://wiitransfer.com/codes/ site, until I have a chance to update it.
“Dave Winer wrote a fairly negative essay”:http://www.scripting.com/stories/2010/04/26/theToxicCoralReef.html a few months ago on this so-called OAuthcalypse:
“When Twitter breaks all the apps in the OAuthcalypse, they will break all of mine, and I have no intention of fixing them. I don’t expect anyone to care. But what you should think about is how many of the Twitter apps that you do care about will break and how many of them will say the hell with it? And how many of them will be around for the next time Twitter breaks everything, because that’s certainly coming unless Twitter develops some kind of philosophy about itself as a developer platform.”
I didn’t want to agree with him at first — I’m a big fan of nearly everything Twitter does — but it’s a fair question to ask whether backwards compatibility is getting the attention it deserves. Software moves fast, but this kind of thing hurts users, not just developers.
In the desktop world, OS APIs are unlikely to change so severely, and if they do you always have the option to run an older version of the OS or app indefinitely. For web services, though, you can’t keep an older copy of the internet around. Web apps are forced upgrades.
I’m not sure there’s a solution to any of this. It’s just part of tech progress, like moving data from old floppy disks to CDs to hard drives to the cloud. But it’s a bummer when apps get left behind as APIs are obsoleted. Over-aggressive deprecation was common in the Rails world, and “I was not a fan”:http://www.manton.org/2009/01/rails_4_years_later.html.
So, here’s to the future, Twitter. Keep new API changes versioned and maintain the old stuff. If this OAuth switch is a one-time cost, developers can focus on what makes their apps unique instead of always playing catch-up.