More breakage in the Flickr API?
Monday, November 12, 2007 by Dave Winer.
A few days ago I reported here that some code that built on the Flickr API that had worked properly for months had broken. It turned out that the people at Yahoo had fixed a bug in the way the API worked. They were permitting anyone to download all sizes of a picture, when (they believed) this should only be available to the creator of the picture. My code didn't try to sign the user in (there was no need to), so all of a sudden I was getting mysterious errors from my code saying that it couldn't locate an object called "Original." It took some time to trace it down, and by searching on the net for other people who were having the same problem, and figure out how it related to my code. 
When I got to the bottom of the fix, figured out what they changed, and remembered how my code worked, it was easy to fix. But these were hours that I should have spent fixing other bugs, or creating new features for my users.
I put it behind me until it happened again, today. Some code that had worked for a long time is now broken. I spent most of today trying to understand, again, what a token is and a frob and how they relate. I have to admit, that when I first implemented this code I didn't really understand what they these things are, but I fumbled around until the code worked and moved on. But now I'm back to where I was, and wondering whether there's any point in trying to fix this problem. How long before something else breaks?
Right now I have a very small number of users, and most of them are not affected by these breaks. But what happens when there are more users, or something changes that breaks more of them. They're not going to be so understanding, I'm not going to be able to pass the buck. I'm going to be wrong, if that should happen, for choosing to build on Flickr. Is this really a position that Flickr wants to put us in??
I'm familiar with the thinking that one should fix problems in the code behind an API, that when you discover a bug it's just like a bug in normal software. The first time I made a change in Frontier that broke developers (including myself, btw) I understood why you have to live with the bugs once people have built on your API. To this day there are bugs in Frontier, lovingly preserved. If they were fixed, it would cause an unknown and therefore unacceptable amount of breakage.
I build on top of a lot of web apps, not just Flickr, and so far all has been good, until this round of breakage. It's a warning to everyone to live with your bugs. If you really must fix them, come up with new entry-points that work the way you think they should, or employ optional parameters. No matter what, breakage is not acceptable, not like this.
And also, if you're going to be in the business of breaking developers, get very very good at communicating, and explaining carefully what the change is, that way when we're down, we have a chance of picking up the pieces quickly. I don't have any idea where to go to see a log of changes made behind the Flickr API. Not saying there isn't such a place, it just needs to be more obvious where it is.
Here's what I know about today's problem. When I call flickr.auth.getToken with a frob returned by flickr.auth.getFrob, I get error code 108: Invalid frob. "The specified frob does not exist or has already been used."
I don't know where to go from here. I'm just sending back to Flickr something they sent me. As I said above, this has been working for months. Of course I've tried searching for others who have had the problem, but I still don't know where to go. Any help would be appreciated, of course.
