Recommended
Recommended
More Related Content
Recently uploaded
Recently uploaded (20)
Featured
Featured (20)
Don't compromise on speedy delivery nor type-safety by choosing TypeScript.pdf
- 1. Don't compromise on speedy delivery nor type-safety by choosing TypeScript
- 2. I’m Jens Hello! entropitor.com Jens Claes Senior Software Engineer @ DataCamp
- 3. Agenda Quick TypeScript Introduction What makes TypeScript different Use Case 1: Type-Safe Input Validation Use Case 2: Type-Safe REST API Use Case 3: Type-Safe Access Control Evaluation 1 2 3 4 5 6
- 5. TypeScript is… ➔ JavaScript + Types ➔ Types constrains valid programs ◆ “The house eats the lake” ➔ Can be annotated / inferred
- 6. Simple types ➔ string ➔ number ➔ boolean ➔ …
- 7. Composing Types ➔ Type Alias ➔ Object types ◆ ~ object literals ➔ Union types ◆ string | number ➔ Array types ◆ number[] ◆ Array<number> ➔ Function ◆ Arrow notation
- 8. Generics ➔ Abstracting over types ➔ Example: Array ◆ ⇒ Array<number> ➔ Box is generic ➔ A box can contain ◆ a number ◆ a string ◆ a Person ➔ numberBox.setValu e(“a string”) will fail
- 9. Strings ➔ String literals in type-land ➔ Represent a single value ➔ Useful to represent enums
- 10. What makes TypeScript different? 2
- 11. No Reflection! ➔ Most languages ◆ Get type of variable at compile time (e.g. Java Annotation Processor / Rust Macros) ◆ Get type of variable at run time (e.g. Reflection) ➔ TypeScript ◆ No knowledge of types at run time ◆ Typeof in type-land ◆ Computing types from other types ◆ ⇒ Type-level programming
- 12. Type-level programming ➔ At type-level ◆ Generics are functions ◆ Take one or more types as argument ◆ Returns a new type ◆ <T1, T2, …> → TReturn
- 13. Type-level programming ➔ Type-level functions ◆ Can have type annotation
- 15. Type-level programming ➔ If-statements ➔ Syntax: A extends B ? C : D ➔ If A is a subtype of B ◆ ⇒ C ➔ Else ◆ ⇒ D
- 16. Type-level programming ➔ While = Recursion ➔ Functional Programming ➔ Tail Recursion Optimized
- 17. Type-level programming ➔ For-loop ◆ Recursion ◆ ⇒ “mapped types” ➔ Map to object ➔ Map to union
- 20. Type-level programming ➔ Idea ◆ Program with types ◆ More complex types ➔ Combination = Game Changer ◆ Inferring types from values ◆ + Conditional types ◆ + mapped types/recursion ➔ Turing Complete ➔ New paradigm but easier than macros ◆ Syntax is not ideal
- 21. Type-level programming ➔ TypeScript is spectrum ◆ JavaScript ◆ JavaScript + Types ● Similar to e.g. python, ruby, … ◆ Extremely Type Safe APIs
- 22. Use Case 1: Input Validation 3
- 23. Input Validation ➔ Goal: Validate any data crossing boundaries ➔ Risk ◆ Potential mismatch types & validation
- 24. Input Validation ➔ Solution ◆ Infer type from validator ◆ “Parse, don’t validate” ◆ Libraries ● io-ts ● zod ● @effect/schema ◆ Rust: serde
- 25. Use Case 2: Type-Safe REST API 4
- 26. Type-Safe Rest API ➔ Share types between server and frontend ➔ Solution ◆ Infer API from server / schema ◆ Libraries ● tRPC ● api-ts (internal) ◆ Rust: ● Rocket.rs servers as typed functions
- 27. api-ts ➔ Advantage ◆ No type mismatch ◆ Thinking in domain terms ◆ Free API-client ◆ Free OpenAPI / Swagger schema ➔ Disadvantage ◆ Library implementation is untyped
- 28. api-ts ➔ Inspired by Fable.Remoting (F#) ➔ Based on io-ts validation ➔ Free client ➔ Integrates with NestJS ➔ Can still be used as REST API
- 29. api-ts
- 30. Type-Safe Rest API: api-ts advanced features ➔ Path parameter validation ➔ Shared Middleware ◆ Frontend ◆ Backend ➔ Expected Errors
- 31. Type-Safe Rest API: api-ts 2 years in ➔ Just changed it ~5 times to add features ➔ TypeScript removes level of thinking ◆ Team can focus on adding value, not API problems ➔ Type-level implementation hard to read ◆ But not touching it… ◆ It’s a trade-off ◆ Good naming, Small “functions”, … ➔ Run-time implementation not type-safe ◆ Too hard to type-check ◆ Unit tested ◆ Trade-off for huge type gains in usage
- 32. Use Case 3: Type-safe Access Control 5
- 33. Access Control ➔ Goal: Who is allowed to take which action ➔ Where to check? ◆ Controller ◆ Service Classes
- 34. Access Control ➔ Goal: Who is allowed to take which action ➔ Where to check? ◆ Controller ◆ Service Classes ➔ Risk ◆ Bugs → security issues ◆ Check in both → performance 🔻 ◆ Only controller → security 🔻 → development speed 🔻 ● Accidentally calling service without permission ◆ Only services → development speed 🔻 ● unclear which permissions you need for API
- 35. Access Control
- 36. Access Control
- 37. Access Control ➔ Solution: Check once, pass token ➔ Controller ◆ Checks permission ◆ Permission Revealing ➔ Service Classes ◆ Require token with permission ◆ Could be runtime ● → development speed 🔻 ◆ Type-level token ● → development speed ⏫ ➔ In Rust ??? ➔ In Ocaml: Polymorphic variants
- 38. Evaluation 6
- 39. TypeScript Evaluation ➔ Extremely type-safe APIs ◆ Anything can be type-safe ◆ Advantages ● Faster feedback ● Stop thinking about details ◆ Downsides ● Untyped implementation ● Hard to read types
- 40. TypeScript Evaluation ➔ Limitations ◆ “Type instantiation is excessively deep and possibly infinite” ◆ Syntax really needs improvement ◆ Escape hatches ● Any type ● @ts-expect-error
- 41. Move fast, don’t break things By choosing embracing TypeScript
- 42. Resources ➔ TypeScript Exercises ◆ Free ◆ https://typescript-exercises.github.io/ ◆ Fork over at my github with 5 extra exercises (https://entropitor.github.io/typescript-exercises/) ➔ Type Level Typescript ◆ https://type-level-typescript.com/ ◆ 99 USD ➔ Total TypeScript ◆ https://www.totaltypescript.com/ ◆ 590 USD
- 43. What questions can I answer for you?
- 44. Thank you