These are very easy questions to answer.
- Why replace my working code?
- Because I hacked something together quickly and it's probably not very robust. If there is something out there better tested, I want it. If I can't get the author to repond to problems, forking is trivial. (But see my comment below)
- Every piece of code you run gets eval'd.
- I know where my code comes from but I can't guarantee the source of that config file. It's location is set by an environment variable and I can't guarantee someone won't hand edit that file. That's a whopping huge security hole.
- Wouldn't it be faster to change the file format?
- No. It would take far longer. That config file is autogenerated. As mentioned in my post, it would take me two or three days (I hope) to rip out everything which writes to that file and replace it. Instead, I hacked a solution in a couple of hours.
I will agree though that too much reliance on external modules is problematic. For bigger things we don't have the time to do, maybe that's OK. For smaller things, maybe forking or cribbing ideas is a better bet.