Developer Family Feud

Issue #196.June 15, 2023.2 Minute read.
Bytes

Today’s issue: Hating chatbots, winning JS buzzword bingo, and teaching teenagers to practice safe migrations.

Welcome to #196.


Eyeballs logo

The Main Thing

Steve Harvey hosting family feud

We asked 90,000 developers...

Developer Family Feud

We just got the results back from the Stack Overflow survey, which means it’s time to play everybody’s favorite game (that I just made up) — Developer Family Feud 🎊.

I’m your host, Script Harvey, and I’ve created 5 trivia questions for you based on the survey results. If you can get them all right without cheating, the CEO of Reddit promised me that he’ll change the API pricing back to what it used to be. No pressure.

Question 1: What is the most admired programming language?

Survey Says: Rust. Over 84% of the 90,000 respondents said that they admired the super fast, low-level language with no runtime or garbage collector. Not sure how many of those developers share the same admiration for the Rust Foundation, but they didn’t ask about that.

Question 2: Put these top 5 web frameworks in order from most commonly used to least common: Angular, React, jQuery, Next.js, Express, and Vue.

Survey Says: React, jQuery, Express, Angular, Next.js, Vue. It’s always a little surprising to see the staying power of the OG’s, but even more surprising to see how Next has passed Vue and is hot on Angular’s heels. At this rate, it’ll probably be #2 or #3 behind React itself by next year’s survey.

Question 3: What is the top paying technology?

Survey Says: Zig. The survey data shows that the average Zig developer makes a whopping $103,611. The only catch is that you need to get a job at Bun and work 85 hours a week 💀.

Question 4: What is the most common amount of experience for professional developers to have today? (Hint: it’s a 5-year range)

Survey Says: 5-9 years. If you fall into this range, it means that you’re probably young enough to know who Ice Spice is, but too old to understand why people like her music.

Question 5: Which programming language got the #1 spot for both the “most popular” and the “most desired” categories?

Survey Says: JavaScript, obviously. It’s not called “The Prom Queen of Programming” for nothing!

Thanks for playing, and please remember to spay and neuter your pets.

        

propelauth logo

Our Friends
(With Benefits)

Guy on motorcross bike with wheels falling off

Your auth solution after signing up your first enterprise customer.

PropelAuth is the smart way to scale your auth

You always *think* you have auth covered… and then you start signing up enterprise users 😭.

Suddenly, things start blowing up faster than my stomach after two-McFlurry Tuesdays, and you’re begging ChatGPT to help you figure out wtf RBAC means.

Should’ve used PropelAuth. They make it super easy to go live quickly, but they’re specifically designed for B2B use cases — so you get all the enterprise features you’ll ever need, right out of the box:

  • Self-service portals let your end users sign up for your product, invite coworkers, manage permissions, and set up enterprise SSO/SAML. (See the docs.)

  • It handles all transactional emails, 2FA enrollment, and RBAC.

  • Everything is hosted on your own domain, and easily integrates with any backend.

PropelAuth just works on day 1, and it keeps just working as you scale to the moon.

Check out their “Free Until Funded Plan” — it’s completely free for startups until you’ve raised $1m in funding.


Spot the Bug logo

Spot the Bug

Sponsored by Secureframe

You can get your app SOC 2 compliant in weeks instead of months, with their fully automated process. Check out the free, personalized demo today.

import db from "./db";
import admin from "firebase-admin";
import { getUserClaimsFromCookie } from "./claims";

const { arrayUnion, arrayRemove } = admin.firestore.FieldValue

export default async function updateLessonComplete(req, res) {
  try {
    const { lessonId, completed } = req.body

    if (!lessonId) {
      throw new Error("lessonId is a required parameter");
    }

    if (!completed) {
      throw new Error("completed is a required parameter");
    }

    const claims = await getUserClaimsFromCookie(req, res);

    if (!claims) {
      throw new Error('user must be logged in')
    }

    await db.collection('lessons').doc(lessonId)
      .update({
        completed: completed === true
          ? arrayUnion(claims.uid)
          : arrayRemove(claims.uid)
      })

    res.send({ status: "success" });
  } catch (e) {
    res.status(400);
    res.send({ error: { message: e.message } });
  }
}

Cool Bits logo

Cool Bits

  1. Adam Silver wrote an article about The problem with disabled buttons and what to do instead. I’m just impressed he had time to do that in between the NBA Finals and deciding how many games to suspend Ja Morant for.

  2. The Big Triangle Company just released the Vercel AI SDK. It’s an “interoperable, streaming-enabled, edge-ready software development kit for AI apps built with React and Svelte.” And with that, they just won JS buzzword bingo.

  3. The Netflix team wrote about Migrating Netflix to GraphQL Safely. It’s never too early to teach your teenager about safe migrations.

  4. BugHerd is the best tool for getting contextual website feedback from your team and users. It automatically provides technical details about the user’s browser, OS, and more so you can pinpoint the exact issue and resolve bugs quickly. [sponsored]

  5. Melange v1.0 just launched as a mature tool for compiling OCaml/ReasonML to efficient and readable JavaScript. He who controls the spice, controls the web.

  6. Angular 16.1 just dropped. It’s a pretty quiet release but had a couple of cool RFCs.

  7. Maggie Appleton wrote an article called Language Model Sketchbook, or Why I Hate Chatbots. I feel that Maggie.


Spot the Bug logo

Spot the Bug: Solution

Sponsored by Secureframe

import db from "./db";
import admin from "firebase-admin";
import { getUserClaimsFromCookie } from "./claims";

const { arrayUnion, arrayRemove } = admin.firestore.FieldValue

export default async function updateLessonComplete(req, res) {
  try {
    const { lessonId, completed } = req.body

    if (!lessonId) {
      throw new Error("lessonId is a required parameter");
    }

    if (!completed) {
      throw new Error("completed is a required parameter");
    }

    const claims = await getUserClaimsFromCookie(req, res);

    if (!claims) {
      throw new Error('user must be logged in')
    }

    await db.collection('lessons').doc(lessonId)
      .update({
        completed: completed === true
          ? arrayUnion(claims.uid)
          : arrayRemove(claims.uid)
      })

    res.send({ status: "success" });
  } catch (e) {
    res.status(400);
    res.send({ error: { message: e.message } });
  }
}

There’s a lot of misdirection here. The bug happens with our if (!completed) check. completed is a boolean, meaning when completed is false (making it falsy), our code will throw an error. Instead, we can check if completed is of type boolean, not if it’s falsy.

if (typeof completed !== 'boolean') {
  throw new Error("completed is a required parameter");
}

and before you say it, yes, I know TypeScript prevents this 🙂.