csh
/
playbook
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
playbook/outfitter-agents/plugins/outfitter/skills/simplify/references/decision-framework.md

9.7 KiB
Raw Blame History

Decision Framework

Comprehensive checklist before committing to complex solutions.

Requirements Check

Validate that complexity addresses real, current needs.

  • Can you state the actual requirement in one sentence?

    • If not: Requirements are unclear, gather more context
    • If yes: Proceed to verify

  • Is this requirement validated with users/stakeholders?

    • Source: User research, stakeholder approval, or product spec?
    • If assumption: Validate before building

  • Does the requirement exist today or "might exist someday"?

    • Today: Proceed with validation
    • Someday: Apply YAGNI - build when needed

  • What's the cost of being wrong about this requirement?

    • Low cost: Start simple, iterate
    • High cost: Validate thoroughly first

Alternatives Check

Ensure you've explored simpler options.

  • Have you listed at least 2 simpler alternatives?

    • Standard library solution
    • Proven third-party library
    • Simpler architectural pattern
    • Direct implementation without abstraction

  • Have you tried the simplest approach first?

    • If no: Why not? Time pressure isn't sufficient justification
    • If yes: What specific limitation did you hit?

  • Can you articulate why simpler approaches fail?

    • Vague discomfort: Not sufficient
    • "Might not scale": Measure first
    • Specific technical limitation: Document it

  • Have you checked if the problem is already solved?

    • Search npm/crates.io/PyPI for existing solutions
    • Check framework documentation for built-in features
    • Ask: "Is this a solved problem?"

Constraint Check

Verify constraints are real, not assumed.

  • What breaks with the simple approach?

    • Be specific: Which requirement? Which scenario?
    • If "nothing specific": Choose simple approach

  • Is the constraint real or assumed?

    • Real: Measured, tested, validated
    • Assumed: "Might be slow", "Could be a problem", "Best practice says"
    • Test assumptions before building for them

  • Can the constraint be changed?

    • Technical constraints: Often negotiable
    • Business constraints: Sometimes based on outdated assumptions
    • Political constraints: Navigate carefully, but challenge when appropriate

  • Who validated this constraint?

    • You: Verify with others
    • Stakeholder: Confirm understanding
    • Documentation: Check if still current
    • "Everyone knows": Verify, might be outdated

Cost Check

Evaluate long-term maintenance burden.

  • What's the maintenance burden of this complexity?

    • How many LOC?
    • How many dependencies?
    • How many edge cases?
    • How often will this need updates?

  • Do we have expertise to maintain this?

    • Team has experience: Lower risk
    • Team learning: Higher risk, needs documentation
    • Will depend on one person: Bus factor risk

  • What's the ramp-up time for new team members?

    • Simple/standard patterns: Days
    • Custom/complex patterns: Weeks or months
    • Is the complexity worth the onboarding cost?

  • What's the cost of being wrong?

    • Easy to change: Low risk, can experiment
    • Hard to change: High risk, validate thoroughly
    • Irreversible: Maximum risk, need strong justification

Reversibility Check

Prefer decisions that can be changed later.

  • Can we start simple and add complexity later?

    • Usually: Yes - this is the preferred path
    • Sometimes: Architectural decisions harder to reverse
    • Rarely: Truly irreversible (database choice, language choice)

  • What's the cost of changing direction?

    • Low (<1 day): Experiment freely
    • Medium (1 week): Validate first, change if needed
    • High (>1 week): Requires strong justification

  • Is this decision reversible?

    • Reversible: Start simple, learn, iterate
    • Irreversible: Invest in thorough validation
    • Document why if choosing complex approach for reversible decision

  • What would convince us to reverse this decision?

    • Define success/failure criteria upfront
    • Set review timeline
    • Avoid sunk cost fallacy

Scale Check

Don't optimize for scale you don't have.

  • What's the current scale?

    • Users: 10? 1,000? 1,000,000?
    • Requests/sec: 1? 100? 10,000?
    • Data size: KB? GB? TB?

  • What scale does this solution target?

    • Match current scale first
    • Optimize when measurements show need

  • What's the growth timeline?

    • Weeks: Plan for scale now
    • Months: Build for 10x current, refactor at 100x
    • Years: Build for current, refactor when needed
    • Unknown: Build for current scale

  • Have you measured the performance bottleneck?

    • No measurement: Premature optimization
    • Measured: Optimize the actual bottleneck
    • Assumed: Test assumption first

Security Check

Security complexity requires special validation.

  • What's the threat model?

    • Who are you protecting against?
    • What assets are at risk?
    • What's the impact of compromise?

  • Does this security measure address a real threat?

    • Real: Documented, likely, high-impact
    • Theoretical: Low priority
    • Paranoia: Probably unnecessary

  • Is this a solved problem in security?

    • Auth, crypto, secrets management: Use proven libraries
    • Custom security: Requires security expert review

  • What's the cost of getting security wrong?

    • User data exposure: Use proven solutions
    • Low risk: Can be more experimental
    • Regulatory: Consult compliance expert

Team Check

Complexity affects team velocity and morale.

  • Does the team understand this solution?

    • Yes: Lower risk
    • Partially: Needs documentation
    • No: Training required or consider simpler approach

  • Is this pattern used elsewhere in the codebase?

    • Yes: Consistency is valuable
    • No: Inconsistency has a cost, needs justification

  • Will the team thank you or curse you in 6 months?

    • Thank you: Clear, maintainable, appropriate
    • Curse you: Clever, complex, hard to modify

  • What happens if the expert leaves?

    • Well-documented: Manageable
    • Tribal knowledge: Bus factor risk
    • Documented externally (framework): Lower risk

Integration Check

Consider ecosystem and dependencies.

  • How many dependencies does this add?

    • 0-1: Low risk
    • 2-5: Medium, evaluate maintenance
    • 6+: High, consider consolidation

  • Are dependencies actively maintained?

    • Check last commit, issue response time
    • Consider: Age, popularity, team size
    • Unmaintained: Risk or opportunity to fork

  • What's the total dependency tree size?

    • Use npm ls or equivalent
    • Large trees = more security surface, slower installs
    • Consider: Tree-shakeable alternatives

  • Does this lock us into a specific ecosystem?

    • Framework-specific: Consider portability cost
    • Standard/portable: Easier to migrate later
    • Vendor lock-in: Requires strong business justification

Documentation Check

Complex solutions need clear documentation.

  • Can you explain why in 2 sentences?

    • Yes: Good sign
    • No: May be too complex or poorly understood

  • Is there a simpler explanation you're avoiding?

    • "It's just better": Not sufficient
    • "Best practice": For what context?
    • "More flexible": For what use case?

  • What will you document?

    • Why this approach (most important)
    • How it works
    • When to modify/extend
    • When to replace

  • Who will maintain the documentation?

    • Plan for keeping docs current
    • Outdated docs worse than no docs

The Ultimate Question

  • If you had to maintain this code for the next 5 years, would you still choose this approach?

If the answer is "no" or "I'm not sure", reconsider.

Quick Decision Matrix

Use this matrix for fast assessment:

Complexity Justification Required
Low: Standard library, proven pattern None - proceed
Medium: Well-known framework, common pattern Brief rationale in code comment
High: Custom abstraction, novel pattern ADR with alternatives considered
Very High: Custom infrastructure, security-critical ADR + external review + approval

When in Doubt

Default answers for common questions:

  • "Should we build or buy?" → Buy (unless unique requirement validated)
  • "Should we abstract this?" → Not yet (wait for 3rd use case)
  • "Should we optimize this?" → Measure first (might not be bottleneck)
  • "Should we use this new technology?" → Not for production (try in side project first)
  • "Should we make this configurable?" → No (YAGNI - add when needed)

Review Triggers

Set calendar reminders to review complex decisions:

  • 1 month: Quick check - still appropriate?
  • 3 months: Did we use the "flexibility" we built for?
  • 6 months: Is this paying off or causing pain?
  • 12 months: Keep, simplify, or replace?

Red Flags

Stop and reconsider if you hear:

  • "We might need it later"
  • "It's more flexible"
  • "It's best practice"
  • "Everyone does it this way"
  • "It's enterprise-ready"
  • "I read about it on Hacker News"
  • "It's the latest trend"
  • "It looks good on my resume"

These are rationalization, not requirements.

Green Flags

Complexity may be justified if:

  • Measured performance bottleneck
  • Proven scale requirement with timeline
  • Regulatory compliance (validated with legal)
  • Security threat model (validated with security team)
  • Integration contract (external system requirement)
  • Team expertise (already fluent, not learning)

Even then, choose the simplest solution that meets the requirement.

Remember

The best code is no code. The second best code is boring code. The worst code is clever code.

Choose boring, simple, proven solutions until you have concrete evidence otherwise.