The purpose of this blog post is for me to ramble about Meteor, a new open-source platform for building JavaScript web applications in Node.js.
Likes:
Likes:
- JavaScript (Node.js) - If you know me, you know that I love JavaScript!
- Live Binding / Live Page Updates - IMHO, this is the best feature in Meteor. View templates update automatically when data in your model changes. Very cool!
- Data Synchronization - I like that the client and server communicate and synchronize data, but having database APIs on the client might not be the way to go...
- Latency Compensation - Cool
- Hot Code Pushes - A shiny new toy. It's cool, but I'm not quite sure how useful this will be to most developers.
Dislikes:
- Database APIs on the client - Okay, yes... having access to your database from any web browser can be nice for programming, but it makes it that much easier for a malicious person to compromise sensitive data. If someone gains unauthorized access to your system (i.e. someone's password was obtained), having database APIs quickly available to the "hacker" makes it much easier for them to steal your sensitive data. Instead of navigating around to each page in the web application and performing a copy/paste, the hacker has direct access to the database; running a few queries might be enough to steal everything. IMHO, security is about making it harder for "bad guys" to steal or corrupt your sensitive data. I'm not saying RESTful interfaces are the best solution either... just saying that it's not the best idea to expose direct access to the database in a client-side API.
- Smart packages - Ewww! Why not use NPM somehow? We still can't write our own smart packages?
- Deployment - The Meteor guys haven't thought this through yet? Sure you can deploy to Meteor servers, but what about your own production server?
Good and Bad:
- More code on the client - Sometimes having more source code exposed to the client means that it's easier for "bad guys" to reverse engineer your system, steal code, or find security holes in your system. In the same breath, though, more code on the client can help improve your application's responsiveness.
Comments