by Dragony on 3/19/21, 3:40 PM with 169 comments
by stickfigure on 3/19/21, 6:28 PM
* I can concur that their API is unreliable. About 1 in 5 of my CI runs fail with mysterious 500 errors. It's infuriating.
* The support channels are a wasteland. Do not expect help.
* The documentation is super thin. At first glance it looks decent - there's the objects, there's the fields those objects have. But it's missing all the details about how those fields are supposed to work. Example: A Fulfillment has a tracking_numbers array, but there doesn't seem to be any way to add multiple tracking numbers. The docs are silent, and questions about this in the support channels remain unanswered. For years.
* There are two completely different APIs (graphql and REST), which do not have equal capabilities. If Shopify is planning on deprecating one of them, they should give us guidance.
* The API is inconsistent. I count at least FIVE different representations of an Address structure, each slightly different for no apparent reason. Eg "country" vs "countryCode". This is the kind of thing that creeps into projects in dynamic languages when nobody's paying attention.
* There's a lot of overengineered stuff. The Metadata API is really unpleasant compared to Stripe's simpler approach.
* There's no way to set up common shipping scenarios like "$N for first item, $M for each additional".
I could go on. But I will say this: It's better than Etsy's API. Though Etsy is finally working on it again, so maybe that will change.
by donutdan4114 on 3/19/21, 4:34 PM
Our apps are built in PHP using the polaris.css for styling components. We have some embedded apps currently (before Shopify began requiring the session token). Personally, the embedded experience is only good for simpler apps. If your app is more complex with lots of options and settings and things to show, the embedded experience is SO SMALL. Literally 40% of the screen is taken up by the Shopify admin leaving only a small portion for your app. Makes interface design more difficult when so much of the top/left part of the screen is taken up by Shopify admin.
Their API and webhooks are "fairly" reliable. We're consuming around 10k to 20k webhooks per hour and performing 20k to 50k API calls per hour. We rarely have issues. We are using their Amazon EventBridge integration to accept webhooks as a sort of buffer against them DDOSing our applications.
The largest issue with their API at scale is dealing with the API limits of 2 to 4 requests per second. Since some things require performing multiple API calls, and we deal with massive e-commerce stores that may need to perform 100,000 tasks, it can take a long time to perform the work (we have to artificially delay the API calls to not hit their limits). Also their GraphQL API has a complex limit system based on the "amount" of data returned, which makes fetching data even more complicated than their REST API.
My other big gripe with their API is that they have a GraphQL and REST API with different features. They support different filters, different fields they return, different types of objects... It's a real PITA to try and work seamlessly between two different APIs (e.g. data formatted differently). And neither API is 100% solid, depending on the features your app needs you will basically need to use both APIs.
Generally my experience has been pretty good with Shopify. Their API changes can be scary, but at least they use versioning so they don't break the current version you're using. They are constantly adding new features too.
by drchiu on 3/19/21, 5:23 PM
Examples:
- Their default theme (provided by Shopify) has problems. Blame it on the app developer. "It's the app's fault." Yes, there are some poorly developed apps, but this lumps together the good with the bad.
- Customers use the app review system to hold developer hostage for feature requests. "Create this feature for us and I'll edit my review."
- Shopify's customer service reps says, "It must be the app that's causing this." Reading the CSR's emails, it is clear that this person does not understand the (technical) issues and is only trying to close the ticket. Customer takes what the CSR says as gospel and you, as the developer, spends a lot of time trying to fight that mindset.
I can't help but feel a big part of Shopify's early strategy was that the demographic of customers they were trying to attract just weren't a great type of customer, and that the partner program allowed them to enlist a lot of hungry developers willing to work for free (or next to nothing).
There is definitely room for improvement. I have mixed feelings about it, as their ecosystem provided me with a way to make a living many years ago. I don't depend on them anymore, but I wouldn't argue against trying your luck out there if you're starting out. Just recognize that there is a certain culture and way of practice there.
by danpalmer on 3/19/21, 5:44 PM
- `import shopify` makes an API request. If their API rate limits you, your server will probably crash. This happened to us in production.
- That API request gets a dynamic list of supported API versions. If the version you've hard-coded in your app (because it's what you support) is no longer in that list, it will raise a VersionNotFoundError and your app will probably fail in some significant way.
- There's no connection persistence. Every API call sets up and tears down a full connection, a noticeable performance impact.
- Internally the library uses a lot of global state, it's certainly not safe to use in async code – too easy to use the wrong credentials on a request – and I suspect it's also not thread safe.
- Despite having something called a Session, very similar in documentation to a requests.Session or httpx.Session, it's neither, it's just a container for some creds. No sessions are available at all.
- It's mostly a wrapper around Pyactiveresource, which appears to have a lot of similar issues – internal state that's hidden that causes things to not work as you expect.
I suspect that the Python library was developed by Ruby engineers, some of the practices are things I've seen in Ruby but that just don't fit into the Python ecosystem.
From what I can tell their API deprecation strategy is quite hostile to developers.
I think it would be difficult to build what I'd consider to be production-grade services on top of the library. This is in stark contrast to others such as Stripe's API/libraries which are fantastic.
by colesantiago on 3/19/21, 4:29 PM
There isn't ways to have a custom checkout (one page) with this system and subscriptions are not natively built in, relying on a third party ecosystem.
Theme development is also arcane and not the standard way web developers build a simple website.
Oh and they disallow you to use Stripe for your store and you have to go through Shopify payments instead.
by picodguyo on 3/19/21, 6:05 PM
by brunojppb on 3/19/21, 5:45 PM
On the other hand, they are doing an amazing job and constantly providing updates. Their docs are really good and improving everyday. Kudos to the shopify dev team.
by xal on 3/19/21, 7:59 PM
by trutannus on 3/19/21, 4:46 PM
by isoskeles on 3/19/21, 5:08 PM
I've used this to some success in building a more robust product customization app (with functionality very specific to our business), more so than what I could find on their store. The biggest con for using the app proxy is around authentication. You can't do much special stuff with auth, basically the simplest option is to just wrap your proxied pages in a liquid check for customer.id. (Although, I can see this as a pro rather than a con, as it forces you to keep the proxy app simple.)
My biggest worry is one day Shopify just decides to discontinue app proxies. It doesn't seem like an option they try to point developers toward, so I don't trust it and am thinking about building on top of their API to avoid this.
by LMYahooTFY on 3/19/21, 5:26 PM
I've called them, my bank, and on a few occasions even tried other people's cards.
I'm declined no matter what, by Shopify. It's been this way for well over a year. Sometimes retailers will manually process a transaction, but otherwise it's infuriating for me to see Shopify grow in the market.
by dubcanada on 3/19/21, 4:41 PM
You are free to use it as you want, it doesn't support the dynamic components obviously since it's CSS. But you can easily reimplement the parts you want.
by chiefalchemist on 3/19/21, 10:03 PM
How did Shopify get to be the beast that it is?
Why doesn't someone else step up and into what looks like a massive opportunity, especially since Covid have push so many transactions online?
I have worked with Shopify customizing themes and adding custom functionality. It good when it great and you're within its sweetspot. But then it drops off like a cliff. The developer workflow? Shockingly dated.
I've worked with WooCommerce. Great tool. But it requires knowledge and resources.
I've taken the BigCommerce training. Felt like Shopify 3.x but I'm not sure they're positioning well for the long term.
I know there are others.
It seems to me that there's a sweetspot between Shopify and WooComm. User friends yet also developer friendly. Perhaps not easy to do. But that's not humans on Mars either, is it?
by code_duck on 3/19/21, 9:04 PM
At the time I already had a popular site based on their API. I had noticed that in general, it's a tough business to be a disconnected 3rd party developing on a closed platform. You're at the whim of the platform owner, slave to their intentions and decisions, good or bad. It's like having a remote job where nobody talks to you.
I got over API unreliability with a system to retry calls a few times. Etsy API calls could fail in several distinct ways, so my parser had a lot of stages (check for HTTP status, parse for certain strings, check if it's empty or an empty string, so forth). The calls also occasionally took much longer than usual. I implemented a caching system for the widgets.
It sounds like Shopify reliability is much worse than Etsy's at the time. Other than outages, I believe we'd get about 2% of calls failing for different reasons, which would usually work on a retry.
Changes were difficult to deal with because they could come suddenly. The worst ones were breaking changes that apparently Etsy was unaware of. I'd start getting errors and have no idea if it was a bug or an intentional change, and write workarounds only for them to fix the bug a few days later. We also experienced the removal of features with other apps. Or, one time we spent a couple months on a feature and then it turned out Etsy had been working on the same thing themselves.
by deedubaya on 3/19/21, 4:46 PM
by isaacbowen on 3/19/21, 10:33 PM
* I've never had zero options for solving a problem. Ten years ago, I needed to build a customer login system on top of Shopify. (Like, before Shopify had one of its own.) I had enough room to do that in javascript, and it became an app called Gatekeeper. (Today's spiritual successor: Locksmith.)
* Whoever works on patterns at Shopify does a really, really good job. They think through things slowly and thoroughly, resulting in resource models that that are usually refined over time, instead of remodeled entirely. This is a good sign.
* This is a second bullet point to underscore the previous point about Shopify's pattern-making. I've been on this platform for a decade straight, and I don't deal with systemic inconsistency. I'm only here because Shopify is really, really good at patterns.
* This is a third pattern-related point to observe that Shopify usually defers solving a problem, rather than putting forward a fragile or brittle solution. (How long did it take for order editing to arrive?) By my reading, they'd rather take a while to land on and deliver a solution that will create a broader future, than more quickly deliver a solution that will limit the future.
* Yes, there are occasionally major/breaking API changes. Honestly, I love this. For me, it forces the whole system to stay engaged, and stay alive. Yes, I know the counter-arguments to this. :)
This is why I'm still here, ten years later. Yes, some things are short-term hard. But the things that are long-term important are all locked in.
---
Also yeah, building and sustaining an app is work. This is part of why I made https://apps.shopify.com/mechanic. I love the Shopify platform, so, so much, and also I needed a way to solve really specific problems more quickly, and keep those solutions running more sustainably. So: platform within a platform. Lots of nested similarity here, in the way that Shopify thinks about solving problems and the way Mechanic thinks about solving problems within Shopify.
by sarabad2021 on 3/19/21, 8:26 PM
by yowlingcat on 3/19/21, 7:40 PM
What I am trying to figure out is if Shopify is "bad" or just "warty" -- I realize that is subjective and heavily depends on what one is trying to use it for, but it's still a challenge to reason about.
by TedDoesntTalk on 3/19/21, 10:18 PM
This makes no sense.
by that_guy_iain on 3/19/21, 7:50 PM
Also, the reason people can't use Shopify with my system yet is that even to be approved for an unlisited application you need to allow for account creation via Shopify. I understand for listed apps in the store but if I want to have an app where they click a button on my site and I connect to their shopify system and get data I still need to support this feature I won't use. That saddened me. I just need to create time to allow for account creation via their app store and figure out what that means getting the info and how to handle user confirmation if at all.
(Shameless plug - https://www.ootliers.com)
by mistahenry on 3/19/21, 11:03 PM
My rejections in chronological order:
1. Rejected for having text in the app icon. The text was our company's name and is our logo which we had to change for Shopify...
2. Rejected because we didn't implement the GDPR webhooks. We don't operate in Europe so I didn't think they apply. I could have read this in the documentation but still...
3. My shop set up geographic restrictions for a few South East Asian countries and the shopify tester tested with a store with an Albania as the country, USD as the currency, and a fictional address. Shopify actually prevents this kind of invalid installation (that's the whole point of the geographic restriction). So when my store rejected his onboarding attempt with a generic error due to what was previously thought to be nothing more than a sanity check, he rejected my app and imposed a 2 week ban on my partner account from resubmitting.
Ultimately, I was able to appeal the decision through a different channel. We had our first customer waiting to use our app so this added an extra 10 days of delay and a whole bunch of unneeded stress in my startup.
by bookmarkable on 3/19/21, 7:39 PM
As a Shopify store owner, I was aghast how common it was on the platform to require allowing third party apps entirely too much information about my end customers. I was very uncomfortable leaving some otherwise promising apps installed in my store, and eventually gave up on Shopify entirely.
by moron4hire on 3/19/21, 7:00 PM
Google actively does this with many of their APIs. Running locally, their APIs will be very unreliable. Once you're live on the domain you've configured, everything is much more reliable.
I don't know if they do it to force you to consider cases where the API returns errors, or if it's some kind of anti-scraping provision, but it can be extremely confusing and frustrating if it's your first time working with the API and you're not sure how things are going to actually work (if at all!) when you deploy.
by flycatcha on 3/20/21, 7:23 PM
by tlarkworthy on 3/19/21, 11:24 PM
by matt_f on 3/21/21, 12:05 PM
by JRGC on 3/19/21, 7:12 PM
by kmeisthax on 3/20/21, 12:44 AM
As someone on the opposite end of this problem (I'm in custom theme development), the client wanting to install a new app is an immediate source of frustration for reasons almost completely out of your or their control.
If your app just gives us a manual install option, that's usually the best solution for me. I can make judgments as a developer as how best to incorporate your app into my theme. Furthermore, because I'm doing it manually, I get to follow all of my version control and testing practices. You see, Shopify actually promotes some very terrible development practices (not your fault). I have to avoid that by working in development themes, storing all my code in a self-hosted Git repository elsewhere, tagging all my production deploys, and using Git to tell me what files have been changed so I can be ultra-conservative in my deploys. Why do I need to do that? Well...
Some apps have automatic installers, which try to guess what theme you're using and then install files as they wish to the current production theme. Not only is that dangerous (what if the app breaks something?), even if the app does install correctly; it usually doesn't hit the developer themes and any developer working out of the Git tree is now working with stale files. I have to pull theme exports and compare changes to reverse-engineer what was added so that we don't wind up accidentally uninstalling half the app when we change a product template or something.
Part of the problem is that Shopify is specifically designed to be both "easy to use" and give it's merchants a high level of control over their storefront. This precludes a lot of otherwise obvious solutions to this problem, for various reasons:
1. You can't use Git as a deployment mechanism because it has a terrible UX and most new merchants aren't going to figure out how to use it. Even with a non-terrible UX you still need to educate users about it's various failure modes, including merge conflicts and the like. 2. It would be nice to have standard extension points between app and theme developers, but that winds up tying the hands of both a little. Part of the problem is that any level of extensibility also either takes things out of the hands of theme developers, or requires new users understand how to implement the component. I was hoping something like the new section system (which I haven't gotten a chance to play around yet) would fix this for app developers.
If Shopify was willing to go a little bit up-market (and, given how they've become the favorite platform of Facebook scammers, they should) they could fix these problems by offering ways for theme and app developers to agree on specific extension points. This kind of ruins the whole "just edit this template to get a thing on your theme" aspect of it, but Shopify's really outgrowing what it started with IMHO.
(By the way, there's a special circle of hell reserved for page builder apps that store everything in the current production theme. I recently had to deal with a client whose shop no longer allowed them to clone their main template as it was full of literally hundreds of templates and assets from this one app. After literal hours of manual garbage collection, I was able to get it to the point where a theme clone merely took 20 minutes rather than failing outright.)
by hahahahe on 3/19/21, 6:27 PM
by darepublic on 3/19/21, 6:54 PM
by intrasight on 3/19/21, 8:05 PM