Towards a Pixel to Metal Perspective

[This is an excerpt of my review published in ACM's on January 29, 2015.]

Becoming proficient at web application development involves a very steep learning curve and is often a never-ending, career-long endeavor. And yet a newbie has to start somewhere. When getting started, it’s easy to become overwhelmed by the vast array of concepts, technologies, and tools one has to master.

Often, even proficient web application developers have blinders on when it comes to having a broad perspective on web application development. In general, most developers are adequately familiar with only one or two of the following aspects of web application development: client-side programming, middleware programming, server-side programming, text editors/integrated development environments (IDEs), source/version control systems, data stores, operating systems, network programming, and hardware configurations. Few developers have a broad enough perspective--or what I call a 360-degree “pixel to metal (P2M)” worldview--of web application development.

That’s why Semmy Purewal’s new book is a highly welcome and valuable contribution. Along similar lines, at the New England Java Users Group (NEJUG, Boston), in August 2013, I presented a technology stack and sample application with source code for end-to-end web application development. After my presentation, I had wished to write a book similar to this one. Alas, I had neither the time nor the energy to see it through. However, the stack I presented was a polyglot stack, including JavaScript for client-side development, Java for server-side development, and a relational database. Purewal’s book somewhat simplifies the learning curve, to the extent that’s possible, by choosing an entirely JavaScript-based stack.

At less than 300 pages, Purewal’s book may seem short, but it manages to introduce the reader to a surprisingly wide array of concepts, technologies, and tools. And in doing so, the author does a great job of spending just the right amount of time on each topic, gradually building on previously explained topics to construct increasingly sophisticated web application snippets in each successive chapter.

Here’s a listing of the concepts, technologies, and tools this book introduces: Sublime, Git, GitHub, Chrome, Linux, Hypertext Markup Language (HTML), cascading style sheets (CSS), JavaScript, jQuery, JSON, Ajax, VirtualBox, Vagrant, Node.js, Express, PuTTY, hypertext transfer protocol (HTTP), Redis, MongoDB, Mongoose, and Cloud Foundry. As a result, it is not only ideal for novices, but also helpful for experienced developers looking to plug gaps in their P2M perspective of web application development.

This is a very thoughtfully put together book. There are very few typographical errors or inconsistencies, which is difficult to achieve in a book on programming. Exercises at the end of each chapter stimulate the reader to take on additional challenges, and some of the exercise results are leveraged in future chapters (for example, finding the number of occurrences of a string in an array of strings). There are useful pointers to further reading at the end of each chapter. Most of the book’s code is available on GitHub, organized by chapter.

The author uses two major themes for most of the exercises and code examples. The first is a to-do list that the user can build, tag, and categorize by tags. The second is a poker hand evaluator that is used to demonstrate how best to leverage some of JavaScript’s built-in functions. Other smaller examples involve consuming JSON feeds from Yahoo, Flickr, and Twitter. I got some of the harder exercises working on my machine, and found the code examples to be accurate and helpful. The author follows a certain discipline for each project, including checking code into GitHub at regular intervals, which is good for developers to emulate.

Along the way, the author manages to impart useful information on programming best practices, especially with respect to JavaScript, which is central to the programming environment that this book is sculpted around.

A few words of caution. If you’re using the Internet Explorer browser (for example, because your employer only allows IE), you won’t get the full experience. IE’s JavaScript console is much inferior to that of Chrome. On IE 9, for example, I was not able to drill down into JavaScript objects in the way that Chrome permits. Also, many of the longstanding Node.js modules, for example, Express, have been broken up into their component modules, which have to be installed and linked separately. So, the code in the book isn’t going to work as is, but it will point you in the right direction.

Unfortunately, past chapter 6 (on Node.js) things start to get a bit light on details. On page 229, we connect to the Amazerrific data store in Mongo, but we never created the data store! Also, on GitHub, the code only goes up to chapter 6. So, at this crucial juncture, the reader is left to his or her own devices. We have a pretty decent to-dos app, but it has no ability to persist the to-dos. So, the next time you launch the app, all your to-dos are gone! (So, I took it upon myself to address the gaps--Google my GitHub to see a working demo with source code.)

Whereas the author champions RESTful application programming interfaces (APIs), working through a project as I did will surely cause you to realize the shortcomings of an approach that attempts to use HTTP methods to imply which CRUD operation is taking place. A fundamental gap is that the four HTTP methods don’t have uniform behavior. For example, an HTTP POST (meant to be used for updates) embeds parameters in the request body whereas an HTTP GET (meant to be used for gets or selects) places parameters on the uniform resource locator (URL). Apart from security and aesthetic considerations with placing parameters openly on the URL, it is unpleasant to not be able to work with uniform programming paradigms for these four HTTP methods either on the client side (jQuery doesn’t have a $.put() method) or on the server side (Express).

One area the author seems to omit completely is security. I don’t expect a book to be able to cover all topics, but the author does a great job of alluding to important concepts even when he isn’t planning to cover them in depth (for example, JavaScript Promise APIs). I believe readers ought to be given as complete a list of to-dos (pun intended!) required to make even a simple application production-ready. Furthermore, authentication and authorization are definitely must-haves.


Popular posts from this blog

Utility trailer buying guide

My Experiments with the PICAXE 08M2+

How to Select and Install Shelves