August 13, 2009, 8:28 PM — I spent quite a bit of time researching Developer Tools You Don't Use — and Why You Don't Use Them. I heard from more than 30 people on every aspect of the subject, and as you might imagine, some of the comments hit the cutting room floor. Among them, alas, was the full-length response from Alice Kaerast: "I understand enough about security to feel comfortable that my code is written securely, and the beauty of open source means that there are many people actively testing and checking code, all of whom know about detecting vulnerabilities better than any software."
[ See also: Convincing the Boss to Accept FOSS ]
Her message-in-depth was too much of a tangent for the core part of my article, but it touched on two issues that were relevant to the essential "Why don't developers use these tools?" question I was burning to answer. (It says something about me that I really do get worked up about questions like this. I'm not sure if it's a good thing.) First is the underlying assumption by the open source community that FOSS code is inherently better because so many people have looked at it; I'm not going to address that here.
The second intersection with "I use open source development tools" is with developers' oft-stated reason not to use the QA tools because the software is so expensive. If open source has changed so much about the way programmers (and users!) work, from replacing Visual Studio with Eclipse to creating whole new application frameworks and content management system... shouldn't the answer to "I don't use these apps because they're so expensive" be, "So how 'bout an open source tool instead?"?
Naturally, that led me on a quest to find open source tools to reccommend (or at least identify) in the categories I'd enumerated as least used (data modeling tools, application modeling tools, load and stress test tools, refactoring tools, or performance tools, plus special-mention for security test tools, in case you weren't ready to blurt it out from memory). If nothing else, I thought, it could be a handy resource for developers who desperately want to use this kind of software but whose budget request from the corporate bean counters is answered, "You must be kidding."