A priori I'm not too crazy about the architecture and nomenclature, but I have to say that having zero dependencies is a goal more projects should have.
The JS ecosystem is pretty fragile because every project depends on hundreds of other projects.
The other day I had to go back to a 2 year old Vue project. I found that many of the dependencies had vulnerabilities so I started updating those. Then nothing worked because the newer versions changed its API or didn't support such and such feature. In the end I had to reconfigure all the project from scratch. And this project was just 2 years old...
If you hadn't used those libraries, you would have had to implement functionality from those libraries in your own code. Presumably, your code would be subject to the same vulnerabilities and probably require even more work to update. After all, API changes are generally easier to handle than design changes.
</advocacy>
I do agree that tiny, insignificant libraries like "left-pad" are bad. Imo, a good dependency is one that significantly reduces the design complexity of a project.
The problem is that you need one function and you're pulling an entire library. Also you have some limited use-case (e.g. you don't have to support IE 6), but libraries tend to accumulate all the cruft in the world over the years, so you're pulling and executing lots of unnecessary code. JavaScript is too dynamic to reliably delete unused code, so even approaches like tree shaking, etc do not work well. And left-pad style libraries has its own problems, yeah.
There are universal utility libraries. jQuery for DOM, underscore for general utilities. It's OK to use them, because everyone knows them. But if you miss some tiny function, just write it yourself. DRY principle often brings more harm than good.
For real, zero dependencies is as much an extreme view as infinite dependencies. There's something to be said about delegating some of the hard but ultimately not relevant problems to a library. I'm not about to roll my own datetime library or my own crypto library.
This. It's not that I want to avoid any dependency -- I'm more than happy to use a well-crafted library or tool that provides an abstraction that neatly covers a problem domain. But at some point the depth and complexity of the dependency tree can make it difficult for a package manager to keep in a correct state, which speaks to the opacity anyone who attempts to manually map it is going to end up confronting.
There are also bigger libraries like lodash that are often included for the use of a single feature.
I must admit I have the same aversion as OC. I love the ubiquity, resources and portability of JavaScript, but the rats nest of dependencies feels extremely brittle.
It depends on what you're developing. If you're developing an ~app, feel free to use what you want. If you're developing a library
- have few dependencies
- favor dependencies that, themselves, have few dependencies
- favor dependencies that have a single purpose
- favor well-understood stable libraries
- favor libraries that handle breaking changes well. A good Java example is commons-lang 2 vs 3 where the package name was changed so they can coexist. A bad example is Guava.
NPM makes it possible to release new minor/patch versions even for older majors. You just need to specify in your package.json that you want that specific major version (and not any newer, which is of course common best practice) and you'll get them.
If there is any time when "more haste, less speed" is appropriate, developing software is probably it.
There is no need for the library ecosystem and dependency culture around a popular programming language to be as fragile as JavaScript's. Other popular programming languages manage not to have this problem to anything like the same degree.
Exactly. It's more of a problem of it's community.
I don't mean offense, but JavaScript is just so accessible and easy to get into, that's it's flooded with people who haven't had time to learn the instincts that make a senior dev a "senior". The author of seems to really "get it", as do many others.
yeah there's plenty libraries out there that do a great job at providing a stable API across the years. the problem is not using libraries, but it's using unproven libraries.
to an extent that's why I don't understand the jQuery hate from modern JavaScript devs, jQuery had a stable API for years both externally and internally, so that not only it easy to upgrade it but it also easy to upgrade whatever plugin you were using.
sure it's not a framework so it doesn't really reduce how much code you write, but it's a solid foundation library
This is a real problem. It's one thing for apps under continual development because you can generally stay fairly current as a matter of course. Everything changes when you're working with the kind of app that hums along unchanged for years until out of nowhere, years removed from anyone even familiar with the original devs being around, some change is needed that requires unraveling the whole sweater. This is a problem for consultants, agencies, etc. who are especially ill suited to deal with this sort of valueless labor.
> In the first version of the software, there were 70 full copies of 4 different OpenSSL versions, ranging from 0.9.8 to 1.0.2k (including one from a vendor SDK) with partial copies of 14 versions, ranging from 0.9.7d to 1.0.2k, those partial copies numbering 304. Fragments of 10 versions, ranging from 0.9.6 to 1.0.2k, were also found across the codebase, with these normally being small sets of files that had been copied to import some particular functionality.
One thing zero dependencies bring is the size would become huge.
Another thing is people either:
1. Use their own boring abstraction every time, and every abstraction might be different.
2. Not using abstraction at all, this makes JavaScript more like C code base.
Of course, I'm not saying it's not fragile now. But probably the answer is not as simple as dependency free. Some dialect provides interfaces (like TypeScript), type-classes (yet to be seen in mainstream dialects but I believe this really helps when dealing with fragility because Java could also be fragile because of nominal typing without having type-class) might help in the future.
That means throwing away thousands of hours of hundreds of programming time, just to reinvent the wheel and use untested, vulnerable, and I assume buggy (from lack of testing in real world) code.
1. usually a library has a wider range of features than you need. So you don't have to rewrite the whole library, just the bits you need, and you end up writing much less code because don't have to integrate the bits you need with the bits you don't need.
2. you do have to spend a lot of time understanding the interface of the imported library and writing integration code to use it correctly.
3. (as others have said) there's a lot of time spent auditing the library (and all its dependencies) to make sure it's not doing bad things. And that auditing work needs to be repeated every time any dependency of the library updates a version.
This is especially important if you're doing anything with customer information involved - you're liable if you import a library that imports a dependency that quietly sends your customer's personal information to a url in Russia.
4. you may have to make architectural compromises to fit the library in; it might not support concurrent access, or idempotent calls, and that may cause more time loss in the long run than just writing what you need yourself.
5. the library becomes a black box, and your code becomes plumbing connecting the black boxes together. Trying to debug your application, or improve performance, or make it more robust, is impossible because you can't change any of the black boxes and your plumbing code does nothing important.
that's most of why I prefer to roll my own code rather than import a dependency in most cases (crypto being the notable exception).
Studying the dependencies, esp for JS, takes a lot of time as well. Before including a library, I want to know if it is maintained, if it has no known sec flaws and if the author dies I have a chance of taking it up ourselves, at least for audits and sec fixes. If you are doing npm install and further ignoring those implications, then yes, you are right, but it will bite you in the end as software outlives it’s initial intended lifespan sometimes by decades; how much VB6 is running production that was ‘just a little tool for a few months until we ...’? ... how much PHP? personally I know 1000s of those running across companies we work with. With VB6 and PHP ‘oldskool’ (meaning little or no deps in the form of downloaded libs and components) people have no issue maintaining it. But if you have to do some fixes in 2029 on a node.js API you finished yesterday, you would not be happy. With 10000s of libs that will not exist anymore, many of those having massive security issues, many API’s they call out to having changed, you would need to study and work on the entire tree that affects the changes. If you did not set this up with this in mind (which seems some kind of JS plague as you indeed also suggest), this is what will happen in many occasions.
In general; many deps is a bad idea for longevity of software. How can you know if it does not all crash and burn if the author changes jobs? Personally I want to know I have the sources and understand them enough to be able to support them with our team; in reality, for the JS ecosystem, that often means it is less work (those hours you mention) to write it yourself because it was trivial to begin with anyway and the npm solution has 1000 dependencies yours does not (for instance, they use deps like left-pad to implement something that can be implemented in 100 lines of pure JS, now needing still 100 lines but of rancid (unsupported?) one liner ‘libraries’ which is absolutely insane)
Managers usually are not programmers nor have technical background: once something works, they might not allocate time for you/your team to touch it for many years. You probably left or enjoying your pension (many anecdotes about that: a lot of companies are running on software that was done by one employee and he retired, years ago), while some poor junior who does not know what JS is, is holding your turd. At least with 20 year old PHP it still runs and without knowing PHP beforehand, it is not hard to change/fix for a capable programmer.
I have seen this with larger node.js and with Rails projects; not so much with Java and .NET projects; the latter seem to be fine many year later (maybe with some tiny migrations), even when updating libraries or runtimes.
It is a compromise ofcourse; I am not against reuse, but only to the limit we could possibly handle maintenance and updates ourselves of all imported libs. Otherwise it is a no-go.
it's not just the lib, the whole ecosystem is fucked. trying to compile a two year old gulp project is madness because all tooling have all kind of incompatibilities with their own file format and other tools invocations.
many of these only work when installed globally and conflict each other version to the point the only way to work at project of different ages are chroots or flat out vms. whomever ever thought that -g was a good idea should never work at a tooling system again.
heck, some years ago you could push a library change to npm updating a version number that already existed there, the place is a mad house.
> Studying the dependencies, esp for JS, takes a lot of time as well. Before including a library, I want to know if it is maintained, if it has no known sec flaws and if the author dies I have a chance of taking it up ourselves, at least for audits and sec fixes.
Sure, but a lot less time that planning, programming, debugging, maintaining your own library.
> In general; many deps is a bad idea for longevity of software. How can you know if it does not all crash and burn if the author changes jobs?
Many many times if a library doesn't work there are about 100 other ones that do the same thing.
> At least with 20 year old PHP it still runs and without knowing PHP beforehand, it is not hard to change/fix for a capable programmer.
How does it run? It's not even maintained anymore nor installable in any modern server. You can run it, and be exposed to all kinds of security holes.
> It is a compromise ofcourse; I am not against reuse, but only to the limit we could possibly handle maintenance and updates ourselves of all imported libs. Otherwise it is a no-go.
There's a much higher change of a single developer falling out of love/not having time for a project anymore than a major library becoming unmaintained or having a serious bug unfixed.
If that happens, you just swap it with another one. It takes 1/100th of the time compared to do everything yourself.
A lot of C programmers build this "utils" folder that they carry around every project, I'm sure they keep refining the content of this folder through the years with things they find and adapt to their taste, or refinements of their own implementations of different algorithms and data structures.
Seems like you did something similar with regards to building web applications (5 years working on this framework). Good for you! And if you can convince others to use your stuff, all the better!
I'm trying to focus on writing my own tools too for the kinds of projects I work on, including fronted development (instead of always be trying to catch-up with the latest frameworks) [1]. Can't completely ignore the trends or fashions, though, sadly. A hard balance!
I do the same thing, but it doesn't play nicely with the modern JS ecosystem. I have a library of re-usable JS/HTML/CSS components that I can sling around at will. But I can't use them on React of Vue projects so easily.
One of the selling points of React/Vue was that components were portable. But I have seen so few people actually re-use anything in the real world and you didn't need a library to make re-usable components to begin with.
I believe that re-usability isn't a language or framework feature, it has to be a personal or team choice to prioritize it. It could be as simple as a utils folder or as organised as a bunch of modularized git repos but ultimately you have to choose to organise that way.
Ruby got started like that. Matz was a C programmer in the 80s, and just wrote a bunch of helper code that helped him write C more consistently, and eventually it just became Ruby.
I'd love to have this sort of confidence in my ability to foresee everyone's future needs, but I don't. I mean, I agree that having to do full rewrites every time your framework's version bumps, but promising no changes ever seems more constricting than necessary.
Sure this is a major restriction but there are lots of systems out there with architectures that never changed. I think accepting major changes from framework authors is something we learnt over time, from projects with lots of people who have lots of ideas and the project ends up swinging in all directions.
Maybe it's not so much a problem related to future needs, than it is about discipline. Design an architecture for a framework, if the time comes when it doesn't work make a new framework instead of changing the architecture.
Look at jQuery. We are now in a new paradigm and jQuery hasn't changed, and should not change.
> No revisions to the architecture, ever. Code shouldn’t have to be completely rewritten to be compatible with the next major version of Typescene. We all have better things to do.
The full quote. Note the words "completely rewritten".
You're misrepresenting what the author said (arguably the lead in was slightly exaggerated or just poorly written) when you seem to agree that full rewrites are bad.
This is a neat project. Personally, I can't wrap my head around 100% code "views". A million years ago, I wrote some (almost) vanilla JavaScript projects where I would do a lot of document.createElement('...') and I never really liked it, but it got the job done, and it only required that I understood JavaScript and the DOM. I could make helper classes in individual libraries that fit my needs. But I would not want them in a framework. Or at least, if I'm honest, I might want them in "MY" framework, but never one that I would think ideologically could be used broadly by a variety of developers.
I like template engines to some degree, and I love binding like you find in Angular. But the first few times I read Angular code, I didn't "get" it, because it seemed like there was some magic somewhere. Some automatic things that happen without being explicit. (This was particularly prevalent in AngularJS, in my opinion.) Never a fan of that. So an explicit coded view would be preferable. But I think it's probably going too far towards trying to make web views in code. Similarly, I dislike React for that reason. I'm not religiously opposed to markup... HTML and CSS from being controlled in your code. But I still struggle with it, and prefer to do what I can to keep them inside templates, as HTML and CSS, and not some abstraction.
I do love TypeScript, so for my purposes, I'll happily use Angular 8, having never lived through the original AngularJS 1.x -> Angular 2.0 transition that made so many developers unhappy. But I appreciate what you've done, as well as respect the work and time you've put into the documentation web site. Cool stuff!
Thanks for sharing your views. The way templates are implemented is definitely a matter of personal preference, I personally don't like mixing two different languages, always seemed like kind of a hack to me. With this restriction Typescene is more like Flutter and SwiftUI, these ended up being very similar. Can't really compare to React and Vue or even Angular, but I can see that some people do prefer looking at XML and that's fine :)
Writing XML like structures is way faster then creating the same structures programmaly. But abstractions make up for it, and I prefer code over mixing code/XML.
Cool project, but I dislike the semi-arrogant tone taken by the author.
> Have you ever opened a years-old project that used the favorite Web framework-du-jour, and tried to make sense of it now? Would you be able to maintain such a piece of software?
Yes? Even if the answer were no, why would this framework be any different? The author seems to suggest that his perspective on "maintainable" is universal when it's actually just his opinion. Having strong opinions is fine, we all have opinions, but trying to play up your own framework as if it's objectively more maintainable is eye-roll worthy, especially in the context of JS land.
> Who will remember the (hypothetical) peculiarities of the willUpdate method in version 14.2.132 of framework X?
This is a banal criticism that can be applied to any piece of software that introduces breaking changes. The idea that the author will never release breaking changes is absurd, especially on the web.
> Code shouldn’t have to be completely rewritten to be compatible with the next major version of Typescene
"completely" and "compatible" are pretty vague caveats. Is it a complete rewrite if I have to rewrite 25% of code? 50%? 60%? I'm sure someone can point out an example of a framework that required "a complete rewrite" in order to be "compatible" with the next major version, but this isn't typical.
> you’ll only need external modules to import complex UI components or application behaviors that aren’t included in the framework itself.
You'll only need external modules for complex UI and behaviors that aren't included in a minimalist framework... So, just like every other framework out there.
> Most importantly, Typescene hasn’t been invented overnight, it’s not a Minimum Viable Product that introduces some clever new paradigm
What is an example of a framework that was "invented overnight" that introduces some clever new paradigm?
I'm not trying to come down on the author, and I'm not making a technical criticism of the project, but the "everyone else's shit stinks but mine smells like roses" is a turn off, for me personally.
It didn't really bother me, but I might be reading it more strongly in the context of this being a single-person job. If a project took a strongly hyped tone while also having a large amount of money backing it, I might be annoyed (heck, this isn't a hypothetical, it happens all the time from Facebook/Google/Amazon!), but this is some random individual who is trying to explain why their project has advantages, when other frameworks are mostly backed by large corporations. In that context my reaction is more, "hey, good hustle, we'll see how it pans out". Maybe it's good, maybe it's not, but if it's not, it hardly threatens me, because there's no money and little manpower behind it anyway. There are other strategies to take with a more humble tone, but I'm not really offended by this strategy, and there's a risk that a more modest strategy would result in nobody giving it a second thought even if it did have significant pros. Not that my reaction is correct or anything, just thought I'd add a subjective reply.
Sure thing. I'm not suggesting that there is anything wrong with the framework, and just because I find the tone of the blog somewhat arrogant doesn't mean that I'm offended by it; sometimes arrogance has a reasonable explanation, I just don't see that here.
> trying to explain why their project has advantages
IMO you can do that without the tacit suggestion that the competition produces unmaintanble code, or at least, explain why this framework is objectively more maintainable and not just one's particular opinion of what is maintainable.
> if a project took an arrogant tone while also having a large amount of money backing it, I might be annoyed
I'm not really annoyed either way, but in my totally subjective opinion a lone developer should take a more humble tone, it's not as if backing by a large corporation correlates with non-
maintainability.
Totally understand how this could rub someone the wrong way, but my intention here is mostly to clarify my own thought process. Not so much "everyone else's shit stinks but mine smells like roses", but rather "my own shit used to stink, so here are my goals for developing something that might work better".
Not saying that HTML isn't also readable (although... once the number of attributes grows larger I always end up with a bit of a mess, but that might just be me).
The real feat here is getting rid of the hacky way that XML and/or template strings and JS are mixed together in the compiler, without sacrificing readability per se.
If it would be 2013 the "hacky" way would be acceptable, but JSX is a de-facto standard that is supported by all tools used in production (incl. TypeScript, Babel, your favorite colorizer, language server extensions, ...).
Imho the proposed way sacrifices readability a lot (what does "with" do? is it like the infamous JS with? what is the first, second, third, ... argument?).
Just read it like natural language. Where it says UIButton.with({ label: "OK" }), that's a Button With a Label of OK. Editors with TypeScript-aware autocomplete (e.g. VS Code) will suggest most of the identifiers here, and tell you what the arguments are for so in practice this works better than you might think.
JSX is a de-facto standard, and it might be convenient in the way that PHP is convenient, but that doesn't mean it's not inherently a hack :) ...
So many frameworks do this, and I can’t understand why [1]:
onClick: "checkTodoItem()"
Why? What compells people to go ahead and say: yes, we’re writing everything in JS/TS which has perfectly fine support for actual functions. That’s why we’re going to arbitrarily use strings that evaluate to function calls in some parts of our framework.
The onClick event handler refers to a method on an object that exists when the component is rendered, not when the template is parsed by the JS interpreter. So, to refer to the method itself you'd need to do something crazy like go through .prototype or something.
Anyway, yes Typescene does let you supply an actual function in place of the string here, but for me that ruins the 'neat' flow of the view and starts mixing views with logic.
First time I've seen that (haven't used any JS frameworks in anger), this seems a little crazy, especially after espousing the benefits of TypeScript elsewhere. What other frameworks do this?
I don't think it's in good taste to use a reserved word like "with" in the API either. And it feels like it's being used in places where a plain function call would suffice (you call a function "with" params).
I don't know if it's because I've been reading and writing HTML for 20 years... but this looks very difficult to parse. I have to pay much more attention to what's going on.
Where's the app that you built with it? If you have not actually used your own "framework" to build a meaningful app, I'd argue you've spent 5 years poised crouching at the starting block waiting to hear the gun go off. Otherwise, you can't possibly even begin to understand the realities of working with it. This is why popular frameworks tend to come out of large active shops that have real problems to solve.
I can run Clojure libs that are 5+ years old on the latest clojure with no code changes. I applaud the author for designing a framework that keeps devs off the absolute waste of time that is the upgrade treadmill.
Even less with Common Lisp, in my experience. There's some rot, sure, and some dependencies that have disappeared — but there's a lot of things that are no longer under development because they're finished.
I've mostly made this for use with my actual (paid) project work, so the idea was I 'might as well share'. Turned out to be much more work than I anticipated :) Definitely not a hobby project though, I'm hoping eventually a big enough community might pick this up.
> I've mostly made this for use with my actual (paid) project work, so the idea was I 'might as well share'.
Have you made sure you got authorisation to release the code, or that you were in a case where you didn't need such authorisation? Because in a lot of cases the code is not the developer's property, it belongs to the company who paid him to develop it.
The article sure hypes it up but the code doesn't really solve many problems for you. It's about the same level of a framework as Backbone.js but with way less features.
This looks really nice! The class structure reminds me a lot of UIKit in iOS, which I really like. Having that layer of abstraction to build UI components for the web looks quite appealing. Nice job!
> a mission to build the most elegant framework ever
The only elegant thing I find about this framework is that it has no deps. A TypeScript-first framework would be a plus but I find the Typed API particularly inelegant with its usage of static methods to compose the UI which is particularly non idiomatic for JavaScript.
There doesn't appear to be any live examples you can experiment with which is a notable shortcoming for a modern JS framework and the only complete stand-alone example I can find is something called "first project" that was contributed 19 days ago:
The name doesn't fill me with confidence and the only example I could find has a webpack dependency which kind of throws out its "no deps" USP. I don't find anything compelling in that example that would entice me to use it over React, Vue or even just Vanilla JS - which I'd prefer to implement this particular example of which I'm not clear what value it adds that would justify adding a dependency to this JS FX.
The benefit of using TypeScript is that all these values could be typed to assist during development and type-checked to validate any runtime errors.
Magic strings are even being used for callbacks that looks like it uses its own unknown DSL in different APIs of which is going to be unknown to anyone but the author:
The docs are particularly lacking in working examples of which the bulk looks like an API class dump which isn't a useful onboarding experience for anyone who wants to learn and use the framework.
Honestly if headline didn't say it took "5 years" to implement I would've guessed its a few months effort max - nothing like the refined, battle-tested, real-world validated framework this article proclaims it to be.
Why provide a layer of indirection between the developer and the DOM? I already know HTML elements and the DOM API, why should I want to learn a hole new framework to construct them?
It's not abstraction it's indirection. You're not using <a> or <button> you're using UIButton and UILink and whatever a UIExpandedLabel or a UISelectionController does.
> a mission to build the most elegant framework ever
This is where it lost me. Why is elegance a priority? What problem is elegance trying to solve here? Elegance is just a feature, that ill-suits many people who might be better served by others. Also seeing the examples in the homepage don't seem very "elegant":
// A first Activity, similar to the Controller in an MVC approach
export class MainActivity extends
PageViewActivity.with(view) {
Examples aside, here's how I think about elegance. Sometimes you run across, or imagine in your head, or accidentally stumble into writing some Especially Good Code. The code just seems to work, extends easily, repels bugs, scales appropriately, etc etc.
I think what's happened in these cases is, typically by luck, you've written code that matches up very simply and beautifully with an undescribed and perhaps indescribable pattern that's present in a larger problem domain. Like poetry, your code expresses the nuances of that problem in a way that prose simply can't (efficiently). You can't always tell or explain what's so great about it, but working with it is a pleasure, and it rarely lets you down. To me, that's the ideal of elegant code.
So basically what this does is that instead of writing HTML I can now write everything in Javascript, i.e <buttton> becomes "new Button" and then I can write nested JavaScript code like I write nested elements in HTML.. is that it?
Yes, for the View part. There are also other components that handle logic and your data model.
Writing 'new Button' for every single UI component would be really cumbersome, that's why there's also a 'template' syntax which uses static methods (Button.with(...) which creates a button factory).
0 dependancy project! That is a worthy goal. Think all projects should have a live counter of how many dependencies they have and highlight the highest risk ones
I guess a good rule of thumb would be if you don't see the benefit of using a framework for your project, you probably don't need a framework in the first place :)
I'm not shopping frameworks, I just found it peculiar that the marketing is all about what the framework doesn't do. It seems like you think that the word framework in itself describe the purpose.
Imagine if he spent 5 years becoming an heroin addict.
There is so tremendous judgmental attitude in your comment. Let me guess, have you been changing the world and/or fighting cancer in the last 5 years?
The JS ecosystem is pretty fragile because every project depends on hundreds of other projects.
The other day I had to go back to a 2 year old Vue project. I found that many of the dependencies had vulnerabilities so I started updating those. Then nothing worked because the newer versions changed its API or didn't support such and such feature. In the end I had to reconfigure all the project from scratch. And this project was just 2 years old...