From Tech with Love
Some Coding Principles
- Rule of three: https://en.wikipedia.org/wiki/Rule_of_three_(computer_programming)
- Clever Code Considered Harmful: https://www.joshwcomeau.com/career/clever-code-considered-harmful/
- The wrong abstraction: https://sandimetz.com/blog/2016/1/20/the-wrong-abstraction
- Stop trying to be so DRY, instead Write Everything Twice (WET): https://dev.to/wuz/stop-trying-to-be-so-dry-instead-write-everything-twice-wet-5g33
- Maintainability through colocation: https://kentcdodds.com/blog/colocation
Misc
- Comprehensive and exhaustive JavaScript & Node.js testing best practices (April 2022): https://github.com/goldbergyoni/javascript-testing-best-practices
- Naming cheat sheet: https://github.com/kettanaito/naming-cheatsheet
- Git cheat sheet: https://gist.github.com/heiso/3371d6787f8a65cda0440fecfb2e0182
- GeoHash: https://fr.m.wikipedia.org/wiki/Geohash
- ExplainShell: https://explainshell.com/
- Generate database diagrams: https://app.quickdatabasediagrams.com
- Fix a git error: http://sethrobertson.github.io/GitFixUm/fixup.html
- How To Build a Secure Login Flow With OAuth 2, OpenId, and React: https://medium.com/better-programming/building-secure-login-flow-with-oauth-2-openid-in-react-apps-ce6e8e29630a
- How a RegEx can bring your Node.js service down: https://lirantal.medium.com/node-js-pitfalls-how-a-regex-can-bring-your-system-down-cbf1dc6c4e02
- Node best practices: https://github.com/i0natan/nodebestpractices
- Check npm packages with bundlephobia: https://bundlephobia.com/
- Timing attack: https://snyk.io/blog/node-js-timing-attack-ccc-ctf
- Michael Chan - Hot Garbage Clean Code is Dead: https://www.youtube.com/watch?v=-NP_upexPFg
Graphql
- N+1 problem (dataloader): https://www.youtube.com/watch?v=uCbFMZYQbxE
- Handle GraphQL errors: https://blog.apollographql.com/full-stack-error-handling-with-graphql-apollo-5c12da407210
- GraphQL Pagination: https://dev-blog.apollodata.com/explaining-graphql-connections-c48b7c3d6976 https://graphql.org/learn/pagination/
- Query depth limitation: https://github.com/stems/graphql-depth-limit
- Query whitelisting: https://dev-blog.apollodata.com/securing-your-graphql-api-from-malicious-queries-16130a324a6b
- Mocking with graphql-faker : https://github.com/APIs-guru/graphql-faker
Dockerfile & node
If you use npm to start your app, you will lose some important intels like complete error messages relative to node. To avoid this, you should set a CMD at the end of your Dockerfile:
FROM node:alpine
CMD ["node", "index.js"]Coverage on Integration tests
In Gitlab-ci
test_integration:
stage: tests
script:
- npm ci
# Run service wrapped with nyc as a background task
- NODE_ENV=ci npx nyc node index.js &
# Store node's pid
- echo $! > pid
# Wait for our service to boot
- sleep 3
# Run tests and kill service if test fail
- NODE_ENV=ci npm test || ( ( kill -SIGINT `cat pid` || true ) && rm pid && false )
# Kill service
- ( kill -SIGINT `cat pid` || true ) && rm pid
# Wait one second to let the nyc wrapper generate coverage result
- sleep 1
artifacts:
paths:
- coverage