ndef.dev

User Tools

Site Tools

Trace: web
dev:web

Table of Contents

Web Development Notes

This page aggregates recurring themes about web development: JavaScript, HTML/CSS, backend choices, and databases.

Frontend: JavaScript, HTML & CSS

Common frontend stack elements in the conversations:

  • Vanilla JavaScript remains the baseline:
    • Understand the event loop, promises/async, and the DOM.
    • Avoid over-relying on heavy frameworks for simple tasks.
  • Modern frameworks/libraries:
    • React and similar ecosystems appear in discussions.
    • Recommendations emphasise:
      • Componentisation.
      • Clear state management.
      • Avoid unnecessary re-renders and over-engineering.
  • HTML/CSS fundamentals:
    • Semantic HTML for accessibility.
    • CSS flexbox/grid for layout instead of deeply nested floats.
    • Use of browser dev tools to inspect layout and performance.

Prominent advice: understand the platform first (HTML/JS/CSS) before “jumping straight into framework X”.

Backend: Languages & Frameworks

No single backend was “the only one”; discussions touched on several:

  • Python with small frameworks (Flask, FastAPI).
  • Node.js for lightweight REST APIs, websockets, and real-time apps.
  • Occasional mentions of Go, Rust, or PHP frameworks.

Common backend patterns:

  • Separate business logic from HTTP handling.
  • Use environment variables or config files for secrets.
  • Keep endpoints simple and well-documented.

Databases: SQL and Relational Thinking

SQL and relational databases showed up repeatedly:

  • PostgreSQL and MySQL/MariaDB as typical choices.
  • Emphasis on:
    • Modelling data with proper normalization where appropriate.
    • Using indexes thoughtfully.
    • Writing clear, maintainable SQL instead of burying everything in ORMs.

Typical guidance:

  • Start with a simple relational schema.
  • Only introduce complex sharding/replication once you truly need it.

Basic Security Practices for Web Apps

While not always spelled out systematically in the chat, the security mindset was present:

  • Always validate and sanitize user input.
  • Protect against:
    • SQL injection (use parameterised queries).
    • XSS (encode output, use CSP when possible).
    • CSRF (tokens or same-site cookies).
  • Use HTTPS everywhere; terminate TLS at nginx or a similar proxy.

Tooling & Workflow

Recurring tools and practices:

  • Version control with Git, often via self-hosted forge software.
  • Local development setups using containers (Docker-Compose) or lightweight virtualenvs for Python.
  • Linters and formatters:
    • ESLint/Prettier for JS.
    • Black/isort/flake8 for Python backends.

The underlying trend is towards simple, well-understood stacks rather than chasing every new framework.

dev/web.txt · Last modified: by 127.0.0.1