API surfer

My first thoughts on Next.js 13 and the new app router

Luka Vidakovic — Sat, 13 Jan 2024 08:23:27 GMT

There are two good articles that touch on some of the concerns and annoyances I also share, but I'll try to cover some of my views about it.

I had a chance to use Next.js 13 for a few weeks and noticed that some things make my job a lot simpler, while others hinder my basic coding tasks. So I wanted to share my initial thoughts about the downsides I can see, while they are still fresh, mainly related to developer experience and maintainability:

it's weird working with files containing ( ) @ [ ] and all the remaining jungle in their paths inside a terminal. Also, following a file hierarchy with such names can be very hard
tedious to split up and organize components in a meaningful way. Decisions on where and how to split the server <-> client code adds overhead. It can be hard to have a good organization for where things are supposed to be without having to constantly switch their places(server component broken down into server + client component or completely promoted to client component over time). Apps can hold a bunch of UI state, and it often happens that you start with server-side components pulling in data directly, and then afterward you figure out that you need to add some UI state for interactivity... then you need to reorganize the code, and create a new hierarchy. I usually love splitting up components but with Next.js it feels like I need to spend 50% more time working and thinking about it if I want to make optimal use of RSC(if not, why even use Next.js in the first place?!). Maybe you get used to it after a couple of projects. But I can't shake the feeling that it's a trade-off no one talks about. A simple design change can lead to rehaul of multiple files.
writing 'use client' and 'use server' all over the place gets annoying and if you don't settle on a good convention for placing things you'll never know which files contain only the server-side logic and which ones only the client, or both without taking a peek at the source and for me this is tiring. Even if you manage to neatly organize it, like I said, server <–> client boundaries tend to move places over time and require you to reorganize the functions/files. The alternative is to just "leave it for later" and eventually give up on any kind of organization in this regard
there are many downsides when it comes to the data layer. It's hard to debug, understand, and keep it in a good shape. Client-only apps usually call HTTP APIs which return pure data. That is very easy to debug using browser dev tools in terms of correctness and performance. Writing tests, mocks, automation scripts, and load tests is easy. There are a bunch of well-known and battle-tested tools for doing that. Next.js and React RSC move all of this into the new and unexplored territory and no one mentions this issue. I want to be able to dissect the complete data layer at any point in time using multiple approaches, add tests, and automation scripts. It seems like a bunch of inexperienced developers are currently jumping on this hype train without really thinking things through. For a framework that intertwines so much client and the backend side, I want to be able to debug and analyze all of the things we usually do through browser and backend side dev tools and do it with comparable ease
a lot of implicit logic comes from Next.js that you are just supposed to know. Somehow reminds me of AWS cloud service pricing where you need to hire an expert to help you figure out which things are used in a suboptimal way because it wasn't clear from the start. If Next.js takes over I can easily imagine that specialized consultants and agencies will thrive because IMO inexperienced devs can create such a mess with this stack that the pure client-side-apps could only dream of
more complex servers are required which could mean higher costs in some cases. This is not only about the actual server that serves the app's content, it's also about the servers that will run CI/CD and automation tasks in general, run alternative environments to production one, etc. If everything is primarily server rendered from the start and you don't expose digestible APIs, does that mean that you can no longer rely on basic test scripts to verify data returned by the an HTTP API, but rather that you need to move everything towards more costly and less stable e2e tests because you need to digest JSX generated markup instead? OK you can still build everything with HTTP endpoints, but I'd argue that that moves you back, one step closer to good old SPAs(comparing the advertised advantages of working with data in Next.js)
if you build a web app totally behind auth + app meant for users on a good internet connection, internal use apps etc. then low cache hits between user requests, and no SEO benefits means that if you go the Next.js route you trade client-side complexity for backend/infrastructure/hosting complexity and costs for the questionably low benefit

These are my 13 cents based on my limited experience with the version of Next.js. For now, I think I'll hold off on joining the Next.js hype but who knows, I'm sure that Vercel will work hard to improve the DX and the product overall. At the same time, I have an uneasy feeling that those improvements will come through a set of proprietary tools and services that will lock everyone in with Vercel over time.

Close and tight collaboration with React team gave Vercel a head start with RSC implementation but generated a thing that is still relatively open and free. From the business perspective, there must be something else. I'm afraid that the next iterations of solutions and tools they produce for this open platform will start to be more and more cloud-based and found behind a subscription plan. At the moment they have the edge in infrastructure hosting Next.js projects, but that could change over time since Next.js is an open project. I believe that there will be something else that you will need to pay for to have the best development and hosting experience.

JS Date constructor timezone oddity

Luka Vidakovic — Wed, 10 Jan 2024 17:30:42 GMT

For a long time, I only did Date manipulation in JS via some date library that wrapped over the native Date object. There were always a lot of missing features on the native Date. But for some time now I've been listening to how date libraries are rarely necessary these days.

After my short encounter with it, I wouldn't say so. I wasn't aware of how well-protected we all were by those battle-tested date libraries. It's such an easy way to shoot yourself in the foot using plain Date objects. This example alone is enough to make you rethink some things:

new Date('2024-01-01')

What do you think this does? The date format is OK. The date should be parsed and we should get a Date object with the specified date set internally, right? Well, correct to some extent, but it depends on the time zone...

What if I told you that you could end up with a 2023-12-31 when converting that object to a string? If you don't know about Date quirks it's almost a certainty you will end up with this bug eventually.

What if I told you that you could end up with two different dates for these 2 inputs to the Date constructor:

2024-01-01
2024-01-01T00:00:00

This is the reality in which we as web devs live. It's not commonly known behavior unless you worked with something that required a deeper knowledge of the Date internals. This is something that caused a bug in my code the other day. It was reported by users that are behind the UTC. Now, why would that be the case?

It happens because Date assumes the time zone differently based on having time specified vs. the case with no time specified. And by assuming an input in the wrong time zone it ends up with the wrong date being set internally(shifted by a difference in a client's time zone offset to the UTC).

Look at this example, where I'm running the JS on the client located in the UTC+1 zone:

Do you notice any difference? :)

It's weird, it's unexpected, it's unintuitive. But, does it have some meaningful background, maybe some well-defined standard to back it up? Also no. This is a remnant of the old JS world, an error in specification that does not adhere to the ISO 8601 standard and never will because of backward compatibility issues.

new Date('2024-01-01') should do the same as new Date('2024-01-01T00:00:00') but it doesn't. Without time explicitly being set, it assumes that the input parameter('2024-01-01') is in UTC. Now if that code runs on the client that's behind UTC, for example, a western part of the globe. If the client's time zone lags for e.g. 6 hours, the Date constructor will produce a new Date object with the date/time being set to 2023-12-31T18:00:00. On the other hand, if you pass in the 2024-01-01T00:00:00 string(notice that one also doesn't specify a time zone) it won't assume UTC but rather use your local time zone offset and you will get the date object with the exact date/time for your time zone :).

This is where the bugs come from. Date constructor assumes UTC time zone for one input format while on the other hand, it uses the local time zone for the format that has time specified. Pretty unexpected. If you try to do the same inputs using moment.js you will get the expected and consistent behavior because date libraries handle so many weird cases for us out of the box.

It was a bit hard to dig out the exact reason why it behaves like this, but I eventually found the reason on MDN page:

Also, see the mentioned post on the topic and the proposal for a solution — proposed Temporal API. But at the moment this is the situation with Temporal API:

Leaving us with plenty of reasons to still choose to work with external libraries for dates. Just like the following couple of reasons:

// 1. Months are zero-indexed, while days and years are one-indexed
const date = new Date(2022, 0, 1); // January 1, 2022

// 2. Two-digit years are interpreted as 1900-1999
const y2k = new Date(99, 0, 1); // January 1, 1999

// 3. Negative years are allowed, representing years B.C.
const ancient = new Date(-44, 2, 15); // March 15, 45 B.C.

// 4. Parsing date strings can be inconsistent across browsers and locales
const parsedDate = new Date('03/15/2022'); // May not work consistently

// 5. Daylight Saving Time can cause unexpected behavior
const dst = new Date(2021, 2, 14, 2, 30); // March 14, 2021, 03:30 (skipped hour)

By the way, please consider a bit more modern options for handling dates like Day.js or date-fns. I mentioned moment.js just because it was the easiest to reach and verify the behavior, but other than that its usage is no longer recommended.

Testing complex flag conditions and ensuring complete case coverage

Luka Vidakovic — Fri, 25 Aug 2023 17:31:09 GMT

Recently I stumbled upon an interesting test case where I needed to cover many possibilities and make sure everything continues to work as intended in the future. I had 7 boolean flags that needed to be used to toggle an app functionality.

It's a bit tricky to cover this with tests and to make sure that the function triggers correctly for all the proper cases, ensuring it won't break with future changes. To make things even more serious this logic makes decisions for a critical user path during the app onboarding and could potentially break the app for new users.

Therefore tests should cover all the possibilities and lock the correct behaviour to make it future-proof. There are 2^7 = 128 flag combinations. Writing this by hand would be extremely time-consuming and error-prone. I decided to generate all the possible flag combinations in a 2D array matrix, iterate over rows and use row values to initialize flags. The test simply needs to go over all 128 rows and test for correct output based on all the input combinations.

First I needed to create a function that generates a 2D matrix with all the possible boolean combinations:

  function generateFlagCombinations() {
    const flags = [];
    const numFlags = 7;

    // Generate all possible combinations of boolean values for the flags
    // [[false, false, false, false, false, false, false], [true, false, false, false, false, false, false], ...
    for (let i = 0; i < Math.pow(2, numFlags); i++) {
      const flagCombination = [];
      for (let j = 0; j < numFlags; j++) {
        flagCombination.push(Boolean(i & (1 << j)));
      }
      flags.push(flagCombination);
    }

    return flags;
  }

For the actual test to simplify naming and focus on what's important, I'll just call the boolean flags A – G:

it('should activate in correct cases', () => {
  const flagCombinations = generateFlagCombinations();

  for (const [A,B,C,D,E,F,G] of flagCombinations) {
    const result = shouldShowProceedButton({A,B,D,E,C,F,G});

    if (E) {
      expect(result).toBe(A && !F);
    } else if (!G) {
      expect(result).toBe(false);
    } else {
      expect(result).toBe(A && (!C || (B && D && C)) && !F);
    }
  }
});

And that would be it. We've created:
- a small function that generates all the possible flag combinations — 128 rows representing 128 possible flag permutations
- a simple test that uses the generated combinations. It iterates over all the rows of a 2D matrix and uses the values to initialize the flags to test for every single possible combination

This way we can be sure that we've covered all the possibilities and that we know what to expect from a given function for every combination. This locks the function's behaviour in a way and makes it harder to accidentally change the behaviour.

By the way, I know that using so many flags to make a decision might not be the greatest strategy but sometimes you don't have other choice than to use what's already there 😶‍🌫️

Minimal example of file upload using Next.js app router

Luka Vidakovic — Sat, 19 Aug 2023 19:53:04 GMT

Some old methods of accessing uploaded file contents inside a Next.js route handler don't work anymore or at least not in a way many tutorials explain it. E.g. many outdated online examples use page router which has route handlers that receive different types of arguments.

Following is a minimal proof of concept that you can extend upon to provide better UX and save or process the file, add error handling etc. The example is intentionally bare bones and not using any libraries to get down to the gist of things. It sets up a minimal example that accepts and reads a file.

HTML side

<input type="file" />
<script>
    document
      .querySelector('input[type="file"]')
      .addEventListener('change', function(event) {
          const file = event.target.files[0];
          const formData = new FormData();
          formData.append('file', file);
          fetch(
            '/api/upload-route',
            { method: 'POST', body: formData }
          );
      })
script>

This creates a raw HTML input field with "onchange" event handler attached to it. When a file is selected, it automatically appends its content to FormData object as a file field and makes a POST request using it for the body of the request. By using FormData, we produce a multipart/form-data encoded POST request. Simply put, we are sending a specific type of message to the server that can have multiple parts(i.e. text fields, files, etc.) and they are separated by a specified boundary.

Next.js app route handler side

const readFile = (req: Request): Promise<string> =>
  new Promise(async (resolve, reject) => {
    const data = await req.formData();
    const file = data.get('file') as File | null;

    if (!file) {
      return reject('No file sent!');
    }

    const buffer = Buffer.from(await file.arrayBuffer());
    const content = buffer.toString('utf8');

    resolve(content);
  });

export async function POST(req: Request) {
  const content = await readFile(req);
  const responseBody = JSON.stringify({ content })
  return new Response(responseBody);
}

On the Next.js side, we reverse the process. We call req.formData() to get the FormData sent from the client side. Read a specific field named file by using data.get('file') and then load the binary file content into a new Buffer and decode the content as a utf8 string.
POST handler function just uses decoded file contents to loop them back to the client inside a response to this API call.

This example assumes you have a textual file being uploaded and you need to access its contents inside an API route handler function. In case the file is binary, you'd probably want to skip the "read" part and just save or transition the contents to some other place.

Thank you for reading and Godspeed!

The reason we specify type="button" for button elements

Luka Vidakovic — Sat, 19 Aug 2023 14:30:50 GMT

If you didn't have experience with the web ~10 years or more ago it might be weird to use buttons on the web, especially when you don't want them to trigger form submits. You might have asked yourself: "Why do I need to specify button type to be a button?". Shouldn't that be the default behaviour?

<button type="button">textbutton>

Historically, the primary purpose for buttons was submitting and resetting HTML forms. “submit” was always the default type since button elements were used mostly for that purpose, submitting forms.

And we used them like so:

<form action="/send" method="post">
    <input placeholder="Enter your message" />
    <button>Savebutton>
form>

Then as JS evolved and became more and more powerful, people started building dynamic interfaces and apps. HTML buttons needed to follow and mimic the behaviour we see in native apps. There was a new requirement to have them trigger various actions inside the app, even more so than submitting forms. But, at the same time web platform has always been backwards compatible. For that reason, changing the existing HTML element to default to type="button" was not an option.

type="button" was introduced to support "new" behaviour that avoids the default of submitting forms.

How long is "new" new anyway

Luka Vidakovic — Wed, 16 Aug 2023 21:24:27 GMT

Quick hint and a reminder for myself:

In programming, try not to prefix things with "new".

"New" usually doesn't stay new for very long :). It becomes especially problematic when you introduce the new stuff for the 2nd time. At that point, you have a choice of living with the OLD stuff prefixed with a "new" word and figuring out how to name the new new stuff or having to refactor a bunch of names just to avoid the confusion.

End of story. Bye, bye 🙃

PRs for Organizing File Hierarchy

Luka Vidakovic — Tue, 15 Aug 2023 22:39:58 GMT

Tldr: be swift :)

I just wanted to mention 2 things I noticed helping with file hierarchy refactors.

Stick to only file organization and imports

This makes it easier to do code reviews, check and spot import misreferences etc. It'll also make things easier to revert, or discard the work altogether

Put priority on this kind of PRs

This type of PRs can bring chaos to reviews and merge process of new branches if they stay open for too long. You typically want to do the review and merge back to the source branch as soon as possible.
The most common problem with this kind of PRs is when someone else decides to work on the same files that no longer exist under a certain path. When merging code changes with a branch that changed file paths it's too easy to overlook code changes and lose them by just accepting the file location change. This can be time-consuming to troubleshoot afterwards. It's much easier to spot this if a PR that does the file organization is merged sooner rather than later.

Project status: finished!

Luka Vidakovic — Wed, 19 Jul 2023 22:42:01 GMT

When was the last time you finished a software project? Right?

Well, I'm dealing with some legacy project and I stumbled upon moment.js' documentation that explains the purpose of the project, how it was finally achieved, and that the project is considered being finished!

It must have been a great feeling to write that chunk of text. In my career, having dozens of projects behind me it's hard to find a couple of them that I'd consider finished as in filling out their purpose and that could remain exactly the same to continue to do so. This is so hard to achieve in software engineering long term where everything is in the state of flux, but I guess scoping things and solving particular problems is the key.

Congratulations to Moment.js team and all the contributors! Your project was a massive undertaking that helped make the web a more humane place for the rest of us.