My rule of thumb for pulling in an external dependency is whether or not I’d be willing to maintain a private copy myself. For most libraries, that’s a yes— they have only a few entry points that my program uses, and it’s (relatively) easy to step through the execution path from there until finding the problem.
Frameworks, on the other hand, are more troublesome. They tend to have one entry point at the top that deals with everything any user might want to do, so locating a fault involves digging through lots of code unrelated to my particular usecase.
Frameworks, on the other hand, are more troublesome. They tend to have one entry point at the top that deals with everything any user might want to do, so locating a fault involves digging through lots of code unrelated to my particular usecase.