krun.pro
 [ don’t_write_code_you_can’t_maintain ] [clean_code]
Concurrency is a design challenge, not just a multithreading problem.

Primitive Obsession: Why Strings are Sabotaging Your Logic

The Illusion of Simplicity

At first glance, a string is the most versatile tool in a developers kit. It can hold a name, a date, a JSON blob, or a cryptic status code. But in the world of high-stakes software engineering, versatility is often a synonym for danger. When you treat a business concept—like a TransactionId or an EmailAddress—as a raw string, you are effectively bypassing the type system. You are telling the compiler: Trust me, I know what Im doing.

The problem? You, or the dev who replaces you in six months, will eventually make a mistake. Primitive Obsession is the silent killer of maintainable codebases. It turns your logic into a fragile web of manual checks, regexes, and silent failures.

1. The Anything Goes Problem: Validation Hell

When a function accepts a string, it creates a semantic void. From the compilers perspective, "", "pizza", and "admin@krun.pro" are identical. This forces you to sprinkle validation logic everywhere the data is used.

The Architectural Cost If your email is a string, every service—Auth, Billing, Notifications—needs to check if its valid. If the validation rules change (e.g., supporting new TLDs), you have to find and update twenty different files.

TypeScript

// BAD: The function is forced to be a "policeman"
// 3-4 lines of fragile logic
function registerUser(email: string, countryCode: string) {
    if (!email.includes('@') || email.length < 5) throw new Error("Invalid email");
    if (countryCode.length !== 2) throw new Error("Invalid ISO code");
    db.save({ email, country: countryCode.toUpperCase() });
}

// GOOD: Responsibility is moved to the Type itself
// 3-4 lines of robust logic
class EmailAddress {
    constructor(private readonly val: string) {
        if (!val.match(/^[^\s@]+@[^\s@]+\.[^\s@]+$/)) throw new Error("Format error");
    }
    get value() { return this.val.toLowerCase(); }
}
function registerUser(email: EmailAddress, country: CountryCode) {
    db.save({ email: email.value, country: country.iso });
}

2. The Argument Swap Trap: The Silent Destroyer

This is the most frequent cause of middle-of-the-night production incidents. When your method signature looks like (string, string, string), you are playing Russian roulette with your data.

Imagine a function: assignProject(userId, projectId, managerId). All three are UUIDs. All three are strings. If you accidentally pass the managerId as the userId, the system wont crash. It will simply link the wrong data. The logs will look fine, the types will match, but your database is now a landfill of corrupted relationships.

JavaScript

// BAD: Positional arguments are a minefield
// 3-4 lines of implicit chaos
function transferFunds(fromId, toId, amount, currencyId) {
    console.log(`Moving ${amount} ${currencyId} from ${fromId} to ${toId}`);
}
// Calling it: (Did I swap fromId and toId? The compiler won't tell me)
transferFunds(targetAccount, sourceAccount, 500, "USD");

// GOOD: Branded Types or Objects make swapping impossible
// 3-4 lines of compiler-enforced safety
type AccountId = string & { __brand: "AccountId" };
function transferFunds(from: AccountId, to: AccountId, amount: Money) {
    // If you try to pass a UserId here, the build will fail immediately.
}

3. The Semantic Void of Status Strings

Using magic strings for state management ("pending", "active", "deleted") is an invitation for technical debt. Strings lack totality. The compiler doesnt know that "active" and "Active" are different, or that "pendnig" is a typo.

The Silent Failure Pattern When you use a string-based if check, and there is a typo, the else block often executes. This leads to logic paths that should never be taken, making debugging nightmare because no error is ever thrown.

TypeScript

// BAD: Logic based on arbitrary character sequences
// 3-4 lines of typo-prone code
function processOrder(order: any) {
    if (order.status === "paid") shipOrder(order);
    else if (order.status === "pnding") wait(order); // Typo here! 
}

// GOOD: Discriminated Unions for exhaustive checking
// 3-4 lines of type-safe state
type OrderStatus = "paid" | "pending" | "shipped";
function processOrder(order: { status: OrderStatus }) {
    switch(order.status) {
        case "paid": return ship(order);
        case "pending": return wait(order);
    }
}

4. Performance: The Hidden Tax of Repeated Parsing

Every time you take a string and turn it into something useful (a Date, a Number, an Object), you pay a performance tax. If you do this inside a high-frequency loop, you are burning CPU cycles for no reason.

Data Transformation vs. Data Transport Strings should be used for transport (API responses, DB storage). Once the data enters your business logic, it should be transformed into its rich representation and stay that way.

JavaScript

// BAD: Parsing the same string in every utility function
// 3-4 lines redundant CPU work
function getDay(dateStr) { return new Date(dateStr).getDay(); }
function getYear(dateStr) { return new Date(dateStr).getFullYear(); }
// In a loop of 50,000 items, we create 100,000 Date objects.

// GOOD: Parse once at the system boundary
// 3-4 lines of optimized flow
const date = DomainDate.parse(input); 
function getInfo(date) { 
    return { d: date.day, y: date.year }; 
}

5. Security: The Injection Vector and XSS

Primitive Obsession isnt just a clean code issue; its a security vulnerability. When everything is a string, you lose track of the taint. Is this string a safe constant from your config, or a malicious payload from a 14-year-old hacker in a basement?

The Danger of Concatenation Security breaches happen when raw strings are concatenated into sensitive contexts (SQL queries, HTML rendering, Shell commands).

JavaScript

// BAD: Treating user input as a safe string fragment
// 3-4 lines of vulnerable code
const query = "SELECT * FROM users WHERE username = '" + req.body.user + "'";
db.rawExecute(query); // Classic SQL Injection point

// GOOD: Using specialized types for sanitized data
// 3-4 lines of secure input handling
const safeId = Sanitize.id(req.body.user);
db.execute("SELECT * FROM users WHERE id = ?", [safeId]);

6. Logic Leakage: Why .split() and .substr() are Red Flags

If your business logic contains .split('_'), you have a leak. You are parsing data in the wrong place. The internal structure of an ID or a Composite Key should be encapsulated, not sliced and diced across the codebase.

The Brittle Format Problem If you decide to change the separator from an underscore to a hyphen, a string-obsessed codebase will break in a hundred places. A structured codebase will only require a change in one constructor.

JavaScript

// BAD: Extracting meaning from raw characters
// 3-4 lines of brittle parsing
function parseProductCode(code) {
    const parts = code.split(':');
    return { warehouse: parts[0], id: parts[1] };
}

// GOOD: Structured objects with domain methods
// 3-4 lines of encapsulated data
class ProductCode {
    constructor(readonly warehouse: string, readonly id: string) {}
    toString() { return `${this.warehouse}:${this.id}`; }
}

7. Memory Overhead: Small Strings, Large Scale

In modern runtimes like V8 (Node.js/Chrome) or the JVM, strings are objects. If you have a massive array of objects, and each has a repeated string property, you are bloating the heap.

Interning and Memory Optimization For high-performance systems, using Enums (which are often just integers under the hood) or Symbols is significantly more memory-efficient than storing the same USER_ROLE_ADMIN string 10,000 times.

JavaScript

// BAD: Repeating heavy strings in memory
// 3-4 lines of memory-heavy code
const users = data.map(u => ({ ...u, type: "SYSTEM_ACCOUNT_TYPE_INTERNAL" }));
// 10k objects = 10k copies of that long string.

// GOOD: Using references or constant pointers
// 3-4 lines of memory-optimized code
const TYPES = { INTERNAL: Symbol("INTERNAL") };
const users = data.map(u => ({ ...u, type: TYPES.INTERNAL }));

Deep Dive: The Value Object Pattern

To defeat Primitive Obsession, you must embrace the Value Object. A Value Object is an object whose equality is based on its value, not its identity. It encapsulates validation and logic.

For example, a Money object shouldnt just be a number. It should be a value and a currency. This prevents you from accidentally adding 100 Dollars to 100 Yen.

TypeScript

// BAD: Doing math on raw numbers
// 3-4 lines of dangerous math
const total = price + tax; // What if price is USD and tax is EUR?

// GOOD: Value objects with built-in safety
// 3-4 lines of domain-aware math
const total = price.add(tax); // Throws error if currencies mismatch

Summary: The Path to Mature Architecture

Moving away from strings requires a shift in mindset. You are no longer just writing code; you are designing a domain.

  1. Audit your DTOs: Look for strings. Ask: Can this be anything? Or is it a specific thing with rules?

  2. Enforce at the Boundary: Convert strings to Value Objects as soon as they hit your API or DB layer.

  3. Delete manual checks: If your function accepts an EmailAddress type, delete the if(!email.includes('@')) check. The type is your guarantee.

Final Takeaway: Strings are for humans. Types are for machines. If you want a machine to help you build reliable software, speak its language. Stop being a String Developer and start being a Software Architect.

Written by: