JS Ecosystem is Actually Pretty Great
Complainers are all right. JS was a terrible language. The last few years, however, have been absolutely great for it.
To start, a few notes about the language itself.
The most popular package repository, npm is absolutely a go-to resource for JS packages. Rephrasing a popular motto on mobile app stores, “there’s a package for that.”
Latest developments in web dev include edge functions and serverless applications that take care of dealing with distributed cloud infrastructure. Modern hosting providers support this tooling, providing seamless adoption of SSR frameworks, and unlocking more and more possibilities for web developers.
Speaking of hosting, services like Netlify and Vercel allow you to deploy apps to the CDN continuously on each commit, making production deployments as easy as
But innovation doesn’t stop on application and infrastructure levels. There are better and faster bundlers like Vite and Rollup, package management tools like yarn and pnpm, and even JS runtimes like Deno and Bun in the works, each improving older tools with new ideas.
Finally, while not directly tied to the JS ecosystem but pretty related to it, HTML and CSS only get better each year. Ironically, this makes it possible to not use JS where previously it was a requirement.
While backend development tools don’t evolve at the same cadence as their frontend counterparts, they also advance at a decent pace.
Prisma, a Typescript-first ORM, abstracts away writing SQL to create tables, query data, and run migrations. It’s still nascent, and lacks essential functionality when writing queries, but still better than previous generation ORMs.
For those who still prefer REST, tRPC generates a type-safe client code given server schema.
- “Frontend development reimplements itself every year or so” It definitely feels so, but it’s happening for a good reason. 20 years ago, something like Wikipedia was the state-of-the-art website. 10 years ago, Facebook was one of the most advanced web applications. Now we have things like Figma and Google Meet, running smoothly via browser. Apps become more complex and (generally) more robust. Developers have to account for data sync, offline usage, WebSockets, WebRTC, auth, and many other things. Doing this with jQuery or vanilla JS just doesn’t scale. And by the way, nobody enforces anyone to use React, NextJS, Astro, and other “shiny things”. No, people voluntarily choose it because it makes their life easier.
- “Newcomers are having a hard time.” It’s definitely harder to start web development right now than it was 5 years ago. The amount of things somebody needs to learn just to get started is astronomical. My only advice here is to learn breath-first and focus on learning a bit about every part of the ecosystem before going deep.
- “Modern web apps are bloatware.” It’s mostly true, but it has nothing to do with JS, npm, or any other part of the stack. First of all, many desktop and mobile apps are bloatware too, we just don’t notice it. Bloated apps are due to reckless use of third-party dependencies and a lack of optimizations. It’s pretty easy to avoid creating a 50 MB app, but it takes some effort. I’m trying to focus on small app sizes for personal projects. The site you’re reading this on has zero JS (besides analytics) and loads almost instantly.
- “npm security is an absolute mess.” Compromised packages are a problem indeed, but this problem is not unique to npm or JS. Python, Java, Go, PHP, and many other languages have absolutely the same attack vector. The reason why npm always hits the news is mostly due to its size and the minimalistic standard library. Things are changing for the better: static analysis tools get better at recognizing vulnerabilities, packages and end-user projects use fewer dependencies (resulting in smaller attack surface), more functionality is getting added to the standard library, and people are being generally more conscious about this kind of attack.
This all probably looks like an ad for JS, but it’s my honest impression of the space after working inside the ecosystem for the last 5 years. It’s certainly a mess, and it takes time to master all the tools, but it’s well worth it in my opinion.