Dependencies (coupling) is an important concern to address, but it's only 1 of 4 criteria that I consider and it's not the most important one. I try to optimize my code around reducing state, coupling, complexity and code, in that order. I'm willing to add increased coupling if it makes my code more stateless. I'm willing to make it more complex if it reduces coupling. And I'm willing to duplicate code if it makes the code less complex. Only if it doesn't increase state, coupling or complexity do I dedup code.
The reason I put stateless code as the highest priority is it's the easiest to reason about. Stateless logic functions the same whether run normally, in parallel or distributed. It's the easiest to test, since it requires very little setup code. And it's the easiest to scale up, since you just run another copy of it. Once you introduce state, your life gets significantly harder.
I think the reason that novice programmers optimize around code reduction is that it's the easiest of the 4 to spot. The other 3 are much more subtle and subjective and so will require greater experience to spot. But learning those priorities, in that order, has made me a significantly better developer.
I don't understand this argument, but would like to.
I run https://everytwoyears.org, a political non-profit focused on ending the warrantless metadata collection of U.S. citizens' communications. From everything I know about these programs, they are _explicitly_ not collecting content of communications. These programs only collect the metadata about a communication. As citizens, we don't get to have a clear definition of "metadata" (that is classified!) but we can assume anything that isn't the message itself is at risk of being considered metadata, especially if it was shared with a service provider in the normal course of conducting business (i.e. routing a request).
For HTTP requests, I assume the body of the request would require a warrant before it can be persisted on a government server. The HTTP headers, if unencrypted, _might_ be considered metadata but I would be surprised. The IPV4 headers are more than likely metadata. DNS queries are more than likely metadata.
If you are trying to avoid _active_ surveillance, where your government has a warrant, a VPN isn't going to help you. If you are trying to avoid _active_ surveillance where your adversary doesn't need/want a warrant to search you, a VPN isn't going to help you. But if you are trying to avoid having your internet activity ending up, de-anonymized, in a metadata database that your government does bulk analysis on, a VPN does seem like it would help. It seems like it would help a lot.
The reason I put stateless code as the highest priority is it's the easiest to reason about. Stateless logic functions the same whether run normally, in parallel or distributed. It's the easiest to test, since it requires very little setup code. And it's the easiest to scale up, since you just run another copy of it. Once you introduce state, your life gets significantly harder.
I think the reason that novice programmers optimize around code reduction is that it's the easiest of the 4 to spot. The other 3 are much more subtle and subjective and so will require greater experience to spot. But learning those priorities, in that order, has made me a significantly better developer.