Node.Js worries me

There are a couple of things that concern me about it and the most pressing is security. It is just so easy to include hundreds of packages the source of which is almost impossible to track.

If those modules are maintained by people you don’t know anything about how do you know they can be trusted. How do you know if someone has not changed the code somewhere in those packages to do something malicious.

But that concern was precipitated by my very first concern. The sheer number of packages you can install without even trying to do so. Next time you play with node just check how many packages youhave just by including express and a couple of components.

And then finally perhaps the reason that appears to be the most churlish is that just because anyone can now write backend code with JS does not mean that you should. Sometimes Node just does not do the trick. If you want to create a system that processes and transforms lots of data, Node is not the right tool.

All the technologies

Do people really think that throwing every new piece of cool technology at a project will make it a success? I love new technology and used to spend time playing with new Frameworks etc so I could find a use pattern for them. But very few of them made them into projects because their was no value to be added from doing so.

I have seen so many projects where the business case for building them is based on keeping a technology stack up to date. Great if that is going to add value or provide a competitive advantage. But spending time and money to move your website to the latest and greatest JS framework is not a valid reason.

Best practice in web development???

This is not a blog post to show what is best practice in web development but a rant against those people who use the term ‘best practice’ to defend their use of a technology.

I shall explain with a couple of examples. Yesterday at work a developer said the business could not have a web page with 5 even columns on the page because they use bootstrap which uses a 12 column grid. I tried to point out this was an issue and was told using Bootstrap was ‘best practice’.

We are building a new website and it HAS to be hosted on AWS because it is ‘best practice’.

We are building a new website in PHP and we have to use a framework because that is ‘best practice’.

I have nothing against Bootstrap, AWS or PHP Frameworks but this highlights that people are building a solution before they have even looked at the requirements. Each project is unique and has unique requirements so to come to the conversation with a fixed mindset of what solutions will work is just plain wrong.

It could be that these solutions are the best thing for the project but you can’t decide that because it is ‘best practice’. You have to decide that because it is best for the project.

Keeping things Simple

When I started out in development (many years ago) I wanted to write everything myself. I did not want to use any shortcuts or use other tools that would cue the time. I wanted to write those tools. And then use them myself. This was also supported by a need. I started to develop at the age of 11 when the internet was probably just another military secret. So coding things yourself was almost essential. Books were great but only got you so far.

However, as I have got older (not convinced wiser) I have got more and more lazy and see very little merit in building something when someone else is already done most of the work for you. So on my latest project I am going for very simple metric. Write as little of your on code as possible. Less chance of you adding errors that way.

It also means that you can go quicker to market than if you are trying to hand code everything. The purist in me (buried very deep) tells me that I could probably do a better job that would suit the needs of the business better. But, and this is something that only experience brings, the business I am working for don’t actually care what the technical underpinnings of the solution are. They want their solution and they will want it to be easy to maintain.

This causes a couple of problems. One writing simple code with few lines of code is incredibly difficult to do and those young developers that work for you are going to rebel and want to move on to some other more exciting (i.e. writing more code) project. But one day I am hoping they will also see that writing all of this code is only worth it when you really have to.