Well, i could see that "solving the problem" is the hard part, once the problem is no longer hard then you just have to type the logic out. There are plenty of people where using arrays are hard, but once you know how arrays work it's trivial.
It becomes irrelevant since you know you can build anything with what you currently use anyway. Once you know the tool well, then you know that everything is yet another permutation of abstraction on the same base JS language. If I need to write a complex UI in plain JS, then I can happily do that as well, I used to output thousands of lines of that thing.
No wonder websites and browser caches are bloated if you need over 1 MB for each website. For a lot of projects and sites you could fit well within 1 MB with both backend, frontend and all styling.
If you want to do that, then you raw dawg some plain JS. I used to write thousands of line of that thing and it was still tiny. Or at most react with no other dependencies, those can be painful.
@@Leonhart_93 You know whats most infuriating? It's when you see something like jQuery or something being used to do the most trivial s**t ever, and the only reason it's used is because a) it was the first thing that came up on Google and b) the person has little clue about Vanilla JS and the DOM... It's a new version of Cargo cult programming, but now instead of including something that does nothing, you include something for every little piece of work that needs to be done.
I realized after returning home from a three week cross-country driving journey that I needed to organize my tasks, but my kanban instance has been broken for a few months, so I thought "I should make some kind of app". Then I realized that I didn't have 20 hours to spare before getting shit done, so I thought "I should just use an Android to-do app". But then I realized that fixing my phone was one of the tasks and might involve a data wipe, so a to-do app would not work (and besides, they all suck). Finally, I had an epiphany: I grabbed a piece of paper and a pen. This mental clarity would not have been possible had I not given up writing JavaScript.
I will admit that I googled a bunch of the things he mentioned, mostly because a part of me didn't believe that some of them were actually real. I then realized that I honestly had no interest in using any of them or really reading the docs for curiosity's sake, closed the browser tab, and moved on....
@@ThePrimeTimeagen We're using them all, pretty much. Even as a Junior, I'm familiar with most of these names. Not saying I'm enjoying it, truth to be told
Very good advice. I've been building a project for the past three years. Sticking with it consistently has changed who I am so much that I can't even begin to compare what I knew starting out to what I've experienced in these years. I used to leave a lot of projects unfinished, jumping on many different tangents. But once I stuck to this particular passion project, it really started to pay off. (By the way, the project will soon go public and hit v1.0.0!)
Amazing advice. I’m a senior CS student and have been doing web dev on my own for around 8 months now. Abstraction will hurt you if you don’t know what is going on behind the scenes
The analogy of the boiling frog is perfect. To try to combat this I have been learning how to build website/apps limiting myself to tech that was available at a certain time period and progressively adding newer and newer technologies. Hopefully this will help me understand the "why" of each abstraction layer that has been added over the years.
I just find it fascinating that every single new JS framework is always just compromised in some way. Like, it works all good, but then you encounter your first "bubble gum solution" the framework has to use to do its thing. Then another. Then another. So much of JS libraries feel extremely hacky and like they're going to explode any second.
@@Leonhart_93 Yes /kinda e.g the npm has nobody who really looks and kicks out trivial implementation and then every one reference this implementation and then in the next iteration everyone creates their own packet manger which makes dependency hell worse. Its just so since roughly around 2008 web development is a buzzword and marketing circus unlike any other software development . Web development had since then the tone of that some devs want to cave out their own space in it with tools , frameworks and so on Open source make this very easy . Why they doing this ? Because a LAMP stack even a highschooler can use and would be for more then 90% of the internet good enough. Even Wikipedia one of the most visited sides still runs on it
This is the perfect analogy lol. But dam…how do you make a fast, optimized websites for people with MBAs that think websites are magic lol? You really don’t have a choice but to make a glass cannon website held together with some gum unless it’s your own website.
I am embedded systems engineer and my new hobby is web apps. At work, I debug very low level issues, designing my own graphics pixel by pixel, etc... For my hobby project I use JS, React and Strapi. All I do in that project so far is to read documentation and figure out how to plug in things, what library to use, etc... I have fun, but I feel similar to 10 years ago when I was just using Arduino libraries, very far from knowing why it is the way it is.
The solution is simple. Almost painfully so. Just use the same tools you have been using for the past few years. They work just fine, nothing is all that better or worse about other new stuff. The language is the same, everyone just adds their own flavor of abstraction on top. Ignore everything new and shiny, they just distract you from mastery.
If you use any npm package over a week old you get a million CVEs reported though. If you use the new ones the vulnerabilities still exist but they haven't had time to get reported yet so you can make snyk stfu for a few minutes.
@@georgehelyar I was talking about frontend JS, the framework craze is about frontend. And there aren't significant security concerns when designing an UI, all of that depends on the requests themselves which can be a completely separate matter. For frontend I like to go as pure as possible, the more bloat you add, the more that bundle size increases needlessly.
@@Leonhart_93my comment was mostly a joke, but actually if you use a security scanner like snyk, the number of CVEs you get in modern frontend is insane, because a hello world app is hundreds/thousands of packages. The joke was that it's basically impossible to get rid of them all but if you keep updating you can keep ahead of the scanner. Or just use jQuery or vanilla JS (or wasm)
My environment uses JS ES5, has no way to import stuff from repositories (unless I wrote an npm client in the system and implemented my own include system), and is barely capable of importing scripts from its own window. It's mostly okay to use, except I keep having to check whether the solutions mentioned on SO are old enough to be supported on ES5. And all the answers assume a browser, my environment is a test and measurement automation system. Beats doing the tests by hand.
Dammit, when I saw the title I thought you actually interviewed the guy, which would have been amazing. Imagine Prime interviewing him while he remains in his character as js dev, that would be top content right there
To anyone looking to role their own auth, there’s an amazing chapter in “Let’s Go” that details how one would go about it using Go. After reading the chapter Auth just made sense and it’s no longer scary.
learning how stuff works is always a very good thing to do. be careful not to fall into the noob trap afterwards of rolling your own auth in production.
His monologue at the end is 100% correct. Literally got my current job by talking about a crappy hardware project I was working on to solve something in my life, nothing to do with the software job the interview was for.
Really appreciate the reflection at the end. Very often I get the urge to really try to learn and know about everything in the dev world... and I forget that it's just as imposible as useless.
Yeah just learn the layers that all of the web stands on. Things like how the server and the client communicates, what is a runtime, HTTP, SSL, what's the role of the bundler etc. and you're golden!
I once sat in a meeting with the Senior and Lead once. They were planning for a new project and they were discussing all these new technologies that I haven’t even heard of and some which I heard but haven’t used. Suffice to say, I was sitting there staring blankly at the whiteboard. I have never felt that out of place ever 😂
My favourite thing is getting interviewed by a junior dev that bluffed their way into a lead role at a startup and gets excited to show off their technology-specific trivia questions only to be shocked at getting “i dont care” as a response to the questions lol
@@jan.tichavsky That's why newer versions of Laravel are moving towards a "batteries are opt-in and not included by default" type of approach. I am not sure if this is already the case in version 11 or if it will come in a later version. But Taylor Otwell already said that this is their goal.
Backwards compatibility and maintenance is so underrated. Though I hate wordpress backwards compatibility is what they do right. You rarely have to change your plugin just because of a new Wordpress version. Laravel does it right as well.
The "Don't write this down, it will be different next week" ten minutes into this insanity was so amazing. It is at times like this I am happy I am a C dev professionally. We just upgraded to C23 at work. With that we got like 4 new really cool things (some of which I had already learned to love from coding Zig in my free time), and like 2 interesting things that I am not sure what I think about yet. That is it for like 10 years. Then we just go ahead and write software (and try not to create any memory issues or UB, I know I know...).
The best way to write C is to write it in sex-pressions use LISP macros with quasiquoting to generate your C code and then if anyone gets suspicious show them the C-code derived from S-expression tree. Also the next best way is to write code in say Python/c#, and then run a Python -> C cross compiler, as you can edit your program while its still running in Python.
when i started programming, i thought I was goin to have my head down while typing out php or javascript to create websites. now, its more about picking the right package/framework and managing dependencies and breaking changes and working around package limitations. for reference, I learned on LAMP stack, then learned MERN.
that analogy with the boiled frog is exactly how i described it as an SRE talking about all the tools that are just layered abstractions one on top of each other. good to know im not the only one who sees it that way.
Javascript is easy to ship under 1MB on the edge thanks to tools like webpack and esbuild. Split every route of your API into its own bundle and they sit around 500kb
Tbh it's absolutely the same in the backend / devops world. Almost none of the libs, tools or frameworks I used 10 years ago are still available or a good idea due to continue using. Only language itself prevails but that doesn't mean much because it also changed.
I can't believe he's not able to sort tearing out in the longest time. It's not that hard, just read the Arch Wiki, all the info is there, and work even on non Arch based distros.
I'm a JS dev with 15+ years experience. I rolled my own auth back in the day. The problem these days is (team) scale and people outside your scope. You ever tell a seccy with a scanning tool that their flag has no access to anything? Throw in a client that has a contract with security assurances rolled into it (which in reality are mostly just box ticks and have no real world significance, but they can see a red X.) In short I too understand why Clerk and oAuth are necessary :)
without a diagram just a simple list of the stack of ~5 or so libraries is pretty great. and the miracle is theyre all mostly interopable with each other
re: rolling your own auth -- I did the same when I was just a hobbyist. Not hard at all, and I'd rather spend time learning the fundamentals than the idiosyncracies of some service like cognito.
@@godowskygodowsky1155 accounted for. I get the perspective, and in mission-critical software, yeah -- know what you're doing or be safe. But you don't get to know what you're doing without doing it, and I'm not a fan of relying on a few people maintaining all the world's implementations of a simple thing any programmer can learn. Like, even form inputs... My client got cheap labor knowing I was green, and I got to figure out how to implement forms and fight spammers. I made honeypot submit buttons, wrote a pretty effective spam filter, and integrated captchas. It's not the best, but it works for that implementation. And you know what? It doesn't seem like magic anymore.
Every single time i hear literally anyone in the webdev industry tell me anything about webdev, it makes me more repulsed. Is there even anything fun about it? Does anyone enjoy it? At all?
idk its faster to ship and iterate so why not? tech stacks are part of coding, web has deeper stacks bc its the most used and needs to meet a lot of different requirements. a framework does the work of figuring out the right degree of modularity and separation of concerns, it gives you a way to look at a project that could otherwise be completely undoable with resource constraints
Finding something you actually want to make is the best advice you can get for learning and just coding daily. For getting a job, the thing you want to make should demonstrate your abilities to solve business problems. Since that's what they're hiring you for. If what you want to make also does that, best of both worlds. But if you're just learning or having fun, don't worry about that. Making a portfolio of projects the solve business problems is like lifting for a competition. Building projects to learn or have fun is lifting to be healthy. You do it differently for different purposes.
I would love to see Oauth done from scratch in these 50 lines of code. Not that I doubt that it can be done, I think it could be done but I've never worked in an environment where that was even an option. I think it would be cool basically.
Depends what you mean by doing oauth. Go to authorize URL then get code and go to token URL is pretty easy, but you need a server to actually do the hard part. Fortunately, that server can just be any oauth provider e.g. Microsoft or Google, and then you don't have to store passwords etc either.
@georgehelyar Pfft, first they have to show that there is ANY chance in hell they can replace even the bottom feeder devs. Nothing, and I mean nothing of what they've shown currently is capable of even touching 5% of that, everything is so very bad when they need to handle more than 10 lines of code at once.
1st world JavaScript problem. Back in Soviet Russia ... Ahem back in Kenya, it does not matter how easy clerk, vercel so long as however is paying sees > $3 You got to make it work in a shared hosting plan , which in my experience, you roll out your own everything cause external libraries are not compatible with the Node env in cPanel But sadly the delusion from the west has crept into the east, had an internal who literally asked paraphrasing.. "How do you deploy without Vercel & do auth without next auth? Can't we convince the client to pay for Vercel?" I'm happy to report that we had a lengthy the talk about ssh, scp, ftp, pm2, cookies & sessions etc etc I'll have to put a good share of blame to code camps where in 6 months you graduate as a senior developer with dollar signs on your eyes.
I'm new in programming. And no mater that I was born in 81 and wrote my first linea in Basic on Atari 65 XE. That haven't been more then a few simple programs. Later in 2010's I was doing some VBS coding. Recently I've been learning JavaScript, PHP, HTML+CSS. I've build my first site for myself witch is a base of recipes that I like. Also I've created a function in JS that changes data in table into nested objects, which is used as a input data for other cool JS tool dynamically drawing interactive org chart. These was fun and useful for me and I've learnt alot whit it.
I've been doing webdev for about a year and I don't feel like a programmer, I feel like a customer of the company with the programs I use, programs written by programmers
I learned one thing developing for corpo. You choose a handfull of Frameworks and stick with them. Don't look at whats the hot shit at the moment, because that changes on a monthly bases. Just look at how many developers are on the market and choose your stack accordingly. In the end modern FE is the same patterns Back-End uses for 20+ years packaged in a million different frameworks that slightly differ from one another.
I made Snake in React as a "just make something" project. I thought I didn't want to use React since im a Chad standard web components kinda guy, but it was actually a good learning experience.
I used to know JavaScript in and out. I left it to focus on Python for a couple months and now I don't know it anymore. It changed so much and everything I used to use is now "outdated"
23:35 - From experience, almost every tech job I've gone to has had zero technical people in the interview. The one that did, the guy who hired me had already handed in his two weeks, I was just the first guy who seemed more competent than the people fresh out of school also trying to get the job. And again, this experience has had me believe that CEOs are the final arbiter of what does and doesn't happen. They always meddle, they always complain about things taking too long, they always reject expenditures or research for better solutions, they just want "whatever you know" as the final solution and then complain when it doesn't work well. And let's not get started with them taking your proof of concept, the "I made this in two weeks so I can spend time on the real one productively over the next two mo-No, please, it's not production ready!" code and showing it off to clients as a "currently working system"...
It's a lot. I recently built a little pdf viewer / archiver for my company. I did so much on my own that. AUth against active directory etc. My problem is I didn"t have the time to search for alle these libs and so on. Its rough
I started programming in 2020 and i was 16 and broke so i read study and learn fundamentals, don't have a PC don't have internet and use a phone but surprisingly made a project for a graduating cs student as my first client
I only started 2 years ago, with AlpineJS. I was writing production code immediately since I was UX with devs that were slow and shit. I think picking something small that works and going from there is fine. Coming in immediately to "make app" is stupid, and causes you to overextend and pick random things that make no sense and you don't know what anything is for.
I don't think JS is a problem. Whenever something gets popular, people try to capitalize on that and create hundreds of similar tools and frameworks to appeal to the people. Your goal as a developer is to be focused on delivering the product. In corporate world, you will be forced to use tools that you would not like - this is why you always must keep your head clean by creating your own projects if your goal to escape corporate world.
I just had to finish creating a full stack application as part of my degree. The technology that works is the technology that works. If I can spend less time thinking about what to use and more time using it, all the better
I struggle with the insanity of JS nowadays. On one hand I wish it were significantly simpler (even the build chains make we want to become a farmer), but on the other hand I recognize the power of JS frameworks when it comes to building rich user experiences. Nowadays user experience sells, even if the products themselves are fairly simple.
having had less than 6 months of experience, I have no idea what's going on. I like whatever CSS and Javascript I have. I don't know what I'm missing and I'm keeping it that way
I have yet to see a JS application where simple things like auth, connecting to the database, putting a checkbox on the page took less than 2-4 weeks for the Sr dev. That being said, using anything else, to get those same things with python, PHP, C#, JQUERY, Plain JS, Bootstrap, HTML took under a day per task. Usually under an hour. Appearance of the website was the same. Were the other languages more scalable?....depends for who? Do you have smaller servers no, but you aren't relying on your user having a beefy laptop I think the thing we screw up in the development is we are all about "do it all on the front end" or "do it all on the backend" when the reality their should be a balance. Most of these front-end frameworks seem to forget this.
Hot take I would rather go to a job with old technology but reliable, good documentation and community. Than a job which is unfamiliar with the technology they use. The one of problem with JS is that everyone wants to be the next innovator.
Rn im making a my own version of grep in go, it finds files, finds things in files. Can replace those patterns in files. Very fun. I hope I never become a webdev. Seems like most of the things you learn are inconsequential.
"making my own version of grep in go" "I hope I never become a webdev. Seems like most of the things you learn are inconsequential." Hm, interesting.. I think both of the things from the above 2 quotes are doing something equally inconsequential but are aimed at doing something because you like doing it. It may or may not help you. With that said, it's up to the person to fall into framework hell and get overwhelmed with it, not people who write the frameworks. You can get by and do just about anything with 1 or 2 libraries and ignore all of the buzzwords, and I think that's relevant in everything not just Javascript. It's important not to take meme videos literally. He's making jokes, and does with many different things outside of webdev/javascript.
I still don't understand auth. I've tried so hard looking into how it works, I feel like I understand the core concepts, but then all of these libraries like auth0 or clerk or authjs somehow make it seem like it's not able to do what I'm expecting it to do? Idk
Here's the gist of it. Every app you make that needs to connect to a service must be registered with that service. Then when you need someone to be authenticated. You just follow the library and documentation to get an access token (every authenticated user have an access token) that's it. I don't want to make this long. Unless needed.
@@asagiai4965 Thanks! Yeah I totally get that part, my issue is like in the context of sveltekit where some routes can be SSR some routes are not what to do. And I know storing JWTs in local storage is considered bad but where else are you supposed to put them so users don't have to log in every single time?
@stoched 1.) Sorry I can't answer the sveltekit part. But the method is probably the same. 2.) This is only an opinion. But token is not supposed to stay long (what I mean is like it shouldn't be save in a file) . Token expires the idea is to get another token before the old one expires (this is the reason why you can't save it in local storage). 3.) You can use some sort of session? Or state management or etc to save the token. You just have to make sure, whatever you use is secure. 4.) Most service providers don't actually allow people stay login on a service for a long time. I think, there's another system for that.
@@asagiai4965 I mean for the web app. So I have a sveltekit project as a front end web app and a C# api. My understanding is once you authenticate you need to save a refresh token somewhere so you can keep generating new access tokens (jwt's) for the external C# api. Otherwise the user has to login over and over right?
"Always better than SAML". --- 100% agreed! SAML is about "we want to create auth system but we don't believe TLS works for encryption so we roll up our own" combined with "we don't believe transmitting data between servers so we use browser redirects to transmit packages between servers". Of course, SAML requires secure "metadata updates" which are transmitted over TLS so the security still depends on TLS! The bad part is that it's *possible* to build a working system on SAML and that's why it has never been totally killed of even today. OpenID Connect wins SAML in every possible way and is really easy to implement. And even OpenID Connect has extra crap like encoding data in base64 encoded JWT packages instead of simply using JSON to transmit data.
![Interview with Senior JS Developer 2024 [NEW]](/img/n.gif)
Hot take: "Once you know everything, it is easy"
Well, i could see that "solving the problem" is the hard part, once the problem is no longer hard then you just have to type the logic out. There are plenty of people where using arrays are hard, but once you know how arrays work it's trivial.
It becomes irrelevant since you know you can build anything with what you currently use anyway.
Once you know the tool well, then you know that everything is yet another permutation of abstraction on the same base JS language.
If I need to write a complex UI in plain JS, then I can happily do that as well, I used to output thousands of lines of that thing.
0 kelvin
IDK man it looks like a very big iceberg
aka "skill issues" :D
"2024 is the year of serverlesslessness" - died
Me one month ago: *receives project plan to migrate prod DBs back on-prem 14 months after cloud migration*
@@MrSuperawesome5000cost killing you?
“How do you get a Javascript piece of code under 1MB?” The fact that this a real question that people actually have to ask hurts my feelings.
No wonder websites and browser caches are bloated if you need over 1 MB for each website. For a lot of projects and sites you could fit well within 1 MB with both backend, frontend and all styling.
@@jan.tichavskyreal
If you want to do that, then you raw dawg some plain JS. I used to write thousands of line of that thing and it was still tiny.
Or at most react with no other dependencies, those can be painful.
@@jan.tichavsky what is runtime?
@@Leonhart_93 You know whats most infuriating? It's when you see something like jQuery or something being used to do the most trivial s**t ever, and the only reason it's used is because a) it was the first thing that came up on Google and b) the person has little clue about Vanilla JS and the DOM... It's a new version of Cargo cult programming, but now instead of including something that does nothing, you include something for every little piece of work that needs to be done.
I realized after returning home from a three week cross-country driving journey that I needed to organize my tasks, but my kanban instance has been broken for a few months, so I thought "I should make some kind of app". Then I realized that I didn't have 20 hours to spare before getting shit done, so I thought "I should just use an Android to-do app". But then I realized that fixing my phone was one of the tasks and might involve a data wipe, so a to-do app would not work (and besides, they all suck). Finally, I had an epiphany: I grabbed a piece of paper and a pen.
This mental clarity would not have been possible had I not given up writing JavaScript.
ah yes
the P&P (pen and paper) stack
@@ngkksr6_ayyflexing the PP stack on these hoes
Just use Trello?
@@georgehelyar I needed something portable that did not rely upon my phone. Trello would not work.
But what if you want to view the paper at your pc and on your phone at the same time?
Idk but the T3 stack sounds pretty good to me
T3 > T4
It’s time for the T5 stack Theolo
@@LaughableTundra T5 launching in T minus 5, 4, 3, ...
Sounds... unbiased
T3-3 stack. The extra 3 is for Summer.js, Spring.js, and Autumn.js.
Who needs Winter.js? 🤢🤮
13:00 "don't write this down, next week this is all going to change" had me spit my coffee out. Lmao!
I will admit that I googled a bunch of the things he mentioned, mostly because a part of me didn't believe that some of them were actually real. I then realized that I honestly had no interest in using any of them or really reading the docs for curiosity's sake, closed the browser tab, and moved on....
an afternoon well spent
it's all real 😢
@@ThePrimeTimeagen We're using them all, pretty much. Even as a Junior, I'm familiar with most of these names. Not saying I'm enjoying it, truth to be told
"Push on save" got me good 😭
didn't know the mad villain was in chat ✊
@@jameslund6781 RIP DOOM and dont forget ALL CAPS when you spell the man name
I push before I save.
The JS ecosystem gives me so much PTSD that if I see a json file I just rename it to .lua
Or yaml lol
@@blackace72 Or toml. I use Rust now btw. 😉
Rofl
haha!
or .plist
Very good advice. I've been building a project for the past three years.
Sticking with it consistently has changed who I am so much that I can't even begin to compare what I knew starting out to what I've experienced in these years. I used to leave a lot of projects unfinished, jumping on many different tangents. But once I stuck to this particular passion project, it really started to pay off. (By the way, the project will soon go public and hit v1.0.0!)
@yektadev What's the project?
ligmatron.js framework
Amazing advice. I’m a senior CS student and have been doing web dev on my own for around 8 months now. Abstraction will hurt you if you don’t know what is going on behind the scenes
Javascript people are now not just frogs, but fully cooked in the sauce it seems.
So, sincerely asking what's the solution? Switch to Go ?
@@mazharansari7813 concrete answers always require context. but typescript exists, and is almost always preferable to raw JS.
@@mazharansari7813 Rust and compile to webassembly. :)
@@blarghblargh Typescript isn't a replacement for JS it's just an overlay for type checking lol
@@mazharansari7813 the solution is to never listen to webdevs, they're compromised
“Push on save” I nearly choked when I heard that. I love it.
Love the take towards the end of the video. Just do what keeps you coming back.
The analogy of the boiling frog is perfect. To try to combat this I have been learning how to build website/apps limiting myself to tech that was available at a certain time period and progressively adding newer and newer technologies. Hopefully this will help me understand the "why" of each abstraction layer that has been added over the years.
I love this real talk vs the internet plus positive vibes vibe thanks the primeagen!
"You've heard of 8 minute abs? Well heres my idea: 7 minute abs!"
Thats what the t3/t4 stacks immediately made me think of
I just find it fascinating that every single new JS framework is always just compromised in some way. Like, it works all good, but then you encounter your first "bubble gum solution" the framework has to use to do its thing. Then another. Then another.
So much of JS libraries feel extremely hacky and like they're going to explode any second.
That's exactly a problem with an open source environment where everyone thinks "I can do better", instead of consolidating.
@@Leonhart_93 Yes /kinda e.g the npm has nobody who really looks and kicks out trivial implementation and then every one reference this implementation and then in the next iteration everyone creates their own packet manger which makes dependency hell worse. Its just so since roughly around 2008 web development is a buzzword and marketing circus unlike any other software development . Web development had since then the tone of that some devs want to cave out their own space in it with tools , frameworks and so on Open source make this very easy . Why they doing this ? Because a LAMP stack even a highschooler can use and would be for more then 90% of the internet good enough. Even Wikipedia one of the most visited sides still runs on it
This is the perfect analogy lol. But dam…how do you make a fast, optimized websites for people with MBAs that think websites are magic lol? You really don’t have a choice but to make a glass cannon website held together with some gum unless it’s your own website.
As a junior webdev I'm very overwhelmed by these frameworks
Primes take at 20:00 was spot on. The last 2 jobs I've worked within the last 4 years both ran .NET 4 + jQuery.
best of both worlds, thought the non programming person in charge humming the hanna montana inteo song
I am embedded systems engineer and my new hobby is web apps. At work, I debug very low level issues, designing my own graphics pixel by pixel, etc...
For my hobby project I use JS, React and Strapi. All I do in that project so far is to read documentation and figure out how to plug in things, what library to use, etc...
I have fun, but I feel similar to 10 years ago when I was just using Arduino libraries, very far from knowing why it is the way it is.
Yes, except js paradigms unlike hardware paradigms change a lot. The further you are from bare metal the faster stacks and tools change.
"Support any database...If you know how to write the adapter". That made me laugh lol
The solution is simple. Almost painfully so. Just use the same tools you have been using for the past few years. They work just fine, nothing is all that better or worse about other new stuff.
The language is the same, everyone just adds their own flavor of abstraction on top. Ignore everything new and shiny, they just distract you from mastery.
If you use any npm package over a week old you get a million CVEs reported though. If you use the new ones the vulnerabilities still exist but they haven't had time to get reported yet so you can make snyk stfu for a few minutes.
@@georgehelyar I was talking about frontend JS, the framework craze is about frontend. And there aren't significant security concerns when designing an UI, all of that depends on the requests themselves which can be a completely separate matter.
For frontend I like to go as pure as possible, the more bloat you add, the more that bundle size increases needlessly.
@@Leonhart_93my comment was mostly a joke, but actually if you use a security scanner like snyk, the number of CVEs you get in modern frontend is insane, because a hello world app is hundreds/thousands of packages. The joke was that it's basically impossible to get rid of them all but if you keep updating you can keep ahead of the scanner.
Or just use jQuery or vanilla JS (or wasm)
My environment uses JS ES5, has no way to import stuff from repositories (unless I wrote an npm client in the system and implemented my own include system), and is barely capable of importing scripts from its own window. It's mostly okay to use, except I keep having to check whether the solutions mentioned on SO are old enough to be supported on ES5. And all the answers assume a browser, my environment is a test and measurement automation system.
Beats doing the tests by hand.
Dammit, when I saw the title I thought you actually interviewed the guy, which would have been amazing. Imagine Prime interviewing him while he remains in his character as js dev, that would be top content right there
To anyone looking to role their own auth, there’s an amazing chapter in “Let’s Go” that details how one would go about it using Go. After reading the chapter Auth just made sense and it’s no longer scary.
learning how stuff works is always a very good thing to do.
be careful not to fall into the noob trap afterwards of rolling your own auth in production.
His monologue at the end is 100% correct. Literally got my current job by talking about a crappy hardware project I was working on to solve something in my life, nothing to do with the software job the interview was for.
Really appreciate the reflection at the end. Very often I get the urge to really try to learn and know about everything in the dev world... and I forget that it's just as imposible as useless.
Yeah just learn the layers that all of the web stands on. Things like how the server and the client communicates, what is a runtime, HTTP, SSL, what's the role of the bundler etc. and you're golden!
I once sat in a meeting with the Senior and Lead once. They were planning for a new project and they were discussing all these new technologies that I haven’t even heard of and some which I heard but haven’t used. Suffice to say, I was sitting there staring blankly at the whiteboard. I have never felt that out of place ever 😂
That's how I feel about everything in the java ecosystem. It just makes no sense to me as a 20-plus years C++ dev.
My favourite thing is getting interviewed by a junior dev that bluffed their way into a lead role at a startup and gets excited to show off their technology-specific trivia questions only to be shocked at getting “i dont care” as a response to the questions lol
What do u thibj
We need to make ligma.js as the final JS Framework.
Ligma is the best!
ligma what ?
It would never work, somebody would fork their sugma.js from it in the space of a week
Job Requires: 10+ years of ligma.js and vanilla ligma.js
Pronounced "ligma jiss"
I dunno, I just use Laravel. It has everything I might need. I just upgraded my projects from v10 to v11 and it took under half an hour.
How many thousands of files do you start with on an empty project? I have just a dozen myself.
@@jan.tichavsky In the new v11 skeleton, very few.
@@jan.tichavsky That's why newer versions of Laravel are moving towards a "batteries are opt-in and not included by default" type of approach. I am not sure if this is already the case in version 11 or if it will come in a later version. But Taylor Otwell already said that this is their goal.
@@Voidstroyer it is. 11 even removed api routing together with sanctum
Backwards compatibility and maintenance is so underrated. Though I hate wordpress backwards compatibility is what they do right. You rarely have to change your plugin just because of a new Wordpress version. Laravel does it right as well.
The "Don't write this down, it will be different next week" ten minutes into this insanity was so amazing.
It is at times like this I am happy I am a C dev professionally. We just upgraded to C23 at work. With that we got like 4 new really cool things (some of which I had already learned to love from coding Zig in my free time), and like 2 interesting things that I am not sure what I think about yet. That is it for like 10 years. Then we just go ahead and write software (and try not to create any memory issues or UB, I know I know...).
The best way to write C is to write it in sex-pressions use LISP macros with quasiquoting to generate your C code and then if anyone gets suspicious show them the C-code derived from S-expression tree. Also the next best way is to write code in say Python/c#, and then run a Python -> C cross compiler, as you can edit your program while its still running in Python.
For behavioral interviews, I started making everything up. It felt glorious
when i started programming, i thought I was goin to have my head down while typing out php or javascript to create websites. now, its more about picking the right package/framework and managing dependencies and breaking changes and working around package limitations. for reference, I learned on LAMP stack, then learned MERN.
that analogy with the boiled frog is exactly how i described it as an SRE talking about all the tools that are just layered abstractions one on top of each other. good to know im not the only one who sees it that way.
Javascript is easy to ship under 1MB on the edge thanks to tools like webpack and esbuild. Split every route of your API into its own bundle and they sit around 500kb
No matter what people say, reinventing wheels is lot's of fun and a great way to truly learn fundamental concepts.
couldn't agree more
"don't write this down it's all going to change next week anyways"
Tbh it's absolutely the same in the backend / devops world. Almost none of the libs, tools or frameworks I used 10 years ago are still available or a good idea due to continue using. Only language itself prevails but that doesn't mean much because it also changed.
try picom for screen tearing?
that will never happen lul
he will switch to sway in February 2022
I can't believe he's not able to sort tearing out in the longest time. It's not that hard, just read the Arch Wiki, all the info is there, and work even on non Arch based distros.
"Push on save" - a new mantra for me.
'i wasted a bunch of time reinventing the wheel and why you should too'
"Prisma blocks the package, just like this companies HR Dept." 😂
I'm a JS dev with 15+ years experience. I rolled my own auth back in the day. The problem these days is (team) scale and people outside your scope. You ever tell a seccy with a scanning tool that their flag has no access to anything? Throw in a client that has a contract with security assurances rolled into it (which in reality are mostly just box ticks and have no real world significance, but they can see a red X.)
In short I too understand why Clerk and oAuth are necessary :)
zustand is real. We use it for work and I thought it was made up too. Apparently it's just German
just means "state", as in application state.
can confirm, it's just the German word for state (only this kind of state, not a nation-state)
That name is so meta 😂
It can also mean 'a (not insignificant) mess', or a deteriorated mental state. Make of this information what you will.
@@dragons_advocate Yes it can also mean that something was never meant to last 🤓 like in the video
"Dont write this down, next week all this will change. " 😅 this got me
without a diagram just a simple list of the stack of ~5 or so libraries is pretty great. and the miracle is theyre all mostly interopable with each other
re: rolling your own auth -- I did the same when I was just a hobbyist. Not hard at all, and I'd rather spend time learning the fundamentals than the idiosyncracies of some service like cognito.
Whoops, you rolled everything yourself and now your service is vulnerable to timing attacks.
@@godowskygodowsky1155 accounted for.
I get the perspective, and in mission-critical software, yeah -- know what you're doing or be safe. But you don't get to know what you're doing without doing it, and I'm not a fan of relying on a few people maintaining all the world's implementations of a simple thing any programmer can learn.
Like, even form inputs... My client got cheap labor knowing I was green, and I got to figure out how to implement forms and fight spammers. I made honeypot submit buttons, wrote a pretty effective spam filter, and integrated captchas. It's not the best, but it works for that implementation. And you know what? It doesn't seem like magic anymore.
I find it funny but understandable how shortly after the quip about chat's views on Sentry, I get a Sentry ad.
Every single time i hear literally anyone in the webdev industry tell me anything about webdev, it makes me more repulsed. Is there even anything fun about it? Does anyone enjoy it? At all?
idk its faster to ship and iterate so why not? tech stacks are part of coding, web has deeper stacks bc its the most used and needs to meet a lot of different requirements. a framework does the work of figuring out the right degree of modularity and separation of concerns, it gives you a way to look at a project that could otherwise be completely undoable with resource constraints
Link to video in description leads to wrong one (2 years ago, not the 2024 version)
The courage to reject the insanity of FE and just build something that works is the best indicator of competence when I review resumes.
Finding something you actually want to make is the best advice you can get for learning and just coding daily.
For getting a job, the thing you want to make should demonstrate your abilities to solve business problems. Since that's what they're hiring you for. If what you want to make also does that, best of both worlds.
But if you're just learning or having fun, don't worry about that. Making a portfolio of projects the solve business problems is like lifting for a competition. Building projects to learn or have fun is lifting to be healthy. You do it differently for different purposes.
I've been waiting for another one of these since you reacted to the first one!
My god this is exactly my life as a dev and I have only been working like three months in the industry. Like EXACTLY my life.
Isn’t the danger with rolling your own user/password auth really subtle bugs? Things like timing attacks and stuff like that?
What every interviewer wants to see: Passion
“We push on save” is my spirit process
100% agree on understanding the protocol before using the first library you see
Especially since there are now so many implementations
I would love to see Oauth done from scratch in these 50 lines of code. Not that I doubt that it can be done, I think it could be done but I've never worked in an environment where that was even an option. I think it would be cool basically.
Why 50 lines of code? Just do it in 200 and do it better.
Depends what you mean by doing oauth.
Go to authorize URL then get code and go to token URL is pretty easy, but you need a server to actually do the hard part. Fortunately, that server can just be any oauth provider e.g. Microsoft or Google, and then you don't have to store passwords etc either.
@georgehelyar Pfft, first they have to show that there is ANY chance in hell they can replace even the bottom feeder devs. Nothing, and I mean nothing of what they've shown currently is capable of even touching 5% of that, everything is so very bad when they need to handle more than 10 lines of code at once.
1st world JavaScript problem.
Back in Soviet Russia ...
Ahem back in Kenya, it does not matter how easy clerk, vercel so long as however is paying sees > $3
You got to make it work in a shared hosting plan , which in my experience, you roll out your own everything cause external libraries are not compatible with the Node env in cPanel
But sadly the delusion from the west has crept into the east, had an internal who literally asked paraphrasing.. "How do you deploy without Vercel & do auth without next auth? Can't we convince the client to pay for Vercel?" I'm happy to report that we had a lengthy the talk about ssh, scp, ftp, pm2, cookies & sessions etc etc
I'll have to put a good share of blame to code camps where in 6 months you graduate as a senior developer with dollar signs on your eyes.
What happens at a job is often also different of what job post states and recruiter checks.
I'm new in programming. And no mater that I was born in 81 and wrote my first linea in Basic on Atari 65 XE. That haven't been more then a few simple programs. Later in 2010's I was doing some VBS coding. Recently I've been learning JavaScript, PHP, HTML+CSS. I've build my first site for myself witch is a base of recipes that I like. Also I've created a function in JS that changes data in table into nested objects, which is used as a input data for other cool JS tool dynamically drawing interactive org chart. These was fun and useful for me and I've learnt alot whit it.
I implemented OAuth 2.0 with Authorization Grant flow, for our company and it turned out all right,! No third part libraries or services
I've been doing webdev for about a year and I don't feel like a programmer, I feel like a customer of the company with the programs I use, programs written by programmers
I learned one thing developing for corpo. You choose a handfull of Frameworks and stick with them. Don't look at whats the hot shit at the moment, because that changes on a monthly bases. Just look at how many developers are on the market and choose your stack accordingly. In the end modern FE is the same patterns Back-End uses for 20+ years packaged in a million different frameworks that slightly differ from one another.
Great ending speech🙌❤ absolutely love it
I made Snake in React as a "just make something" project. I thought I didn't want to use React since im a Chad standard web components kinda guy, but it was actually a good learning experience.
Thank you my good Sir for the eye-opening advices at the end of your video ❤
I used to know JavaScript in and out. I left it to focus on Python for a couple months and now I don't know it anymore. It changed so much and everything I used to use is now "outdated"
Serverlesslessness - brilliant! In reality, loads of job descriptions require frameworks first and then language knowledge.
23:35 - From experience, almost every tech job I've gone to has had zero technical people in the interview. The one that did, the guy who hired me had already handed in his two weeks, I was just the first guy who seemed more competent than the people fresh out of school also trying to get the job. And again, this experience has had me believe that CEOs are the final arbiter of what does and doesn't happen. They always meddle, they always complain about things taking too long, they always reject expenditures or research for better solutions, they just want "whatever you know" as the final solution and then complain when it doesn't work well. And let's not get started with them taking your proof of concept, the "I made this in two weeks so I can spend time on the real one productively over the next two mo-No, please, it's not production ready!" code and showing it off to clients as a "currently working system"...
Thanks Prime, every time I saw you, I learned something new :))
2:36 it’s like the high school kids who liked the indie bands but stop listening when they go “mainstream”
It's a lot. I recently built a little pdf viewer / archiver for my company. I did so much on my own that. AUth against active directory etc. My problem is I didn"t have the time to search for alle these libs and so on. Its rough
I started on Visual Basic, modifying the Snake game. I probably never would have gotten into programming if this was thrown at me.
I started programming in 2020 and i was 16 and broke so i read study and learn fundamentals, don't have a PC don't have internet and use a phone but surprisingly made a project for a graduating cs student as my first client
I've been learning JS, React and Typescript and I have no idea what they're talking about. I'm scared.
I only started 2 years ago, with AlpineJS. I was writing production code immediately since I was UX with devs that were slow and shit. I think picking something small that works and going from there is fine. Coming in immediately to "make app" is stupid, and causes you to overextend and pick random things that make no sense and you don't know what anything is for.
Prime is hands down the best motivational speaker. Period.
Thanks flip, never doubt our love for you.
is flip just prime with a hat on?
I don't think JS is a problem. Whenever something gets popular, people try to capitalize on that and create hundreds of similar tools and frameworks to appeal to the people. Your goal as a developer is to be focused on delivering the product. In corporate world, you will be forced to use tools that you would not like - this is why you always must keep your head clean by creating your own projects if your goal to escape corporate world.
The "serverlesslessness" always kills me lmao
Kai's recent interviews with actual founders are brilliant. Highly recommended.
I just had to finish creating a full stack application as part of my degree. The technology that works is the technology that works. If I can spend less time thinking about what to use and more time using it, all the better
Missed the live, was authoring t5
What does the "t" stand for in t5?
@@budkinThor
"your 0 users..." right in the feels
I struggle with the insanity of JS nowadays. On one hand I wish it were significantly simpler (even the build chains make we want to become a farmer), but on the other hand I recognize the power of JS frameworks when it comes to building rich user experiences. Nowadays user experience sells, even if the products themselves are fairly simple.
having had less than 6 months of experience, I have no idea what's going on. I like whatever CSS and Javascript I have. I don't know what I'm missing and I'm keeping it that way
As a junior software dev who was struggling to pick a specialization I'm thankful to primagen for making me realize that web dev is 100% not for me.
dude I'm pretty sure that's the wework in Berlin Mitte
If I drink beer today. It will make me go back to it the day after.
I have yet to see a JS application where simple things like auth, connecting to the database, putting a checkbox on the page took less than 2-4 weeks for the Sr dev. That being said, using anything else, to get those same things with python, PHP, C#, JQUERY, Plain JS, Bootstrap, HTML took under a day per task. Usually under an hour. Appearance of the website was the same.
Were the other languages more scalable?....depends for who? Do you have smaller servers no, but you aren't relying on your user having a beefy laptop
I think the thing we screw up in the development is we are all about "do it all on the front end" or "do it all on the backend" when the reality their should be a balance. Most of these front-end frameworks seem to forget this.
As a fresher, this is the first time I am hearing t3 and t4
Hot take
I would rather go to a job with old technology but reliable, good documentation and community.
Than a job which is unfamiliar with the technology they use.
The one of problem with JS is that everyone wants to be the next innovator.
Rn im making a my own version of grep in go, it finds files, finds things in files. Can replace those patterns in files. Very fun. I hope I never become a webdev. Seems like most of the things you learn are inconsequential.
"making my own version of grep in go"
"I hope I never become a webdev. Seems like most of the things you learn are inconsequential."
Hm, interesting..
I think both of the things from the above 2 quotes are doing something equally inconsequential but are aimed at doing something because you like doing it. It may or may not help you.
With that said, it's up to the person to fall into framework hell and get overwhelmed with it, not people who write the frameworks.
You can get by and do just about anything with 1 or 2 libraries and ignore all of the buzzwords, and I think that's relevant in everything not just Javascript.
It's important not to take meme videos literally. He's making jokes, and does with many different things outside of webdev/javascript.
I still don't understand auth. I've tried so hard looking into how it works, I feel like I understand the core concepts, but then all of these libraries like auth0 or clerk or authjs somehow make it seem like it's not able to do what I'm expecting it to do? Idk
Here's the gist of it.
Every app you make that needs to connect to a service must be registered with that service.
Then when you need someone to be authenticated. You just follow the library and documentation to get an access token (every authenticated user have an access token) that's it. I don't want to make this long. Unless needed.
@@asagiai4965 Thanks! Yeah I totally get that part, my issue is like in the context of sveltekit where some routes can be SSR some routes are not what to do. And I know storing JWTs in local storage is considered bad but where else are you supposed to put them so users don't have to log in every single time?
@stoched 1.) Sorry I can't answer the sveltekit part. But the method is probably the same.
2.) This is only an opinion. But token is not supposed to stay long (what I mean is like it shouldn't be save in a file) .
Token expires the idea is to get another token before the old one expires (this is the reason why you can't save it in local storage).
3.) You can use some sort of session? Or state management or etc to save the token. You just have to make sure, whatever you use is secure.
4.) Most service providers don't actually allow people stay login on a service for a long time. I think, there's another system for that.
@@stoched sorry just a question, what do you mean by stay login? On your web app or the service of your web app?
@@asagiai4965 I mean for the web app. So I have a sveltekit project as a front end web app and a C# api. My understanding is once you authenticate you need to save a refresh token somewhere so you can keep generating new access tokens (jwt's) for the external C# api. Otherwise the user has to login over and over right?
They didn’t teach me this in the boot camp
and this is why i will literally in any language from scripting to embedded to oop to functional to assembly but never anything that has JS in it
"Always better than SAML". --- 100% agreed! SAML is about "we want to create auth system but we don't believe TLS works for encryption so we roll up our own" combined with "we don't believe transmitting data between servers so we use browser redirects to transmit packages between servers". Of course, SAML requires secure "metadata updates" which are transmitted over TLS so the security still depends on TLS!
The bad part is that it's *possible* to build a working system on SAML and that's why it has never been totally killed of even today.
OpenID Connect wins SAML in every possible way and is really easy to implement. And even OpenID Connect has extra crap like encoding data in base64 encoded JWT packages instead of simply using JSON to transmit data.