Simple libraries do not guarantee simplicity

Published 8/19/2019

So often I see people architecturing their projects around low level routing frameworks like expressjs, hapi, koa etc. They often get advertised as "powerful" and are the main resources to develop "robust" web and mobile applications.

Sure it starts of fairly quick, but soon you will be in need of controllers, error handling, accessing a database, an ORM, authentication, authorization, sending mails, caching, validation, and at that point most definitely, a clean architecture to keep everything together. There are of course many other things that you are missing out on such as events, a repl tool, database migrations, ioc container, logging, csrf protection and a way to write tests easily.

Before you know it, you are trapped in spending a huge amount of time hacking together your own framework, rather than writing the application you wanted to build in the first place. Now I don't know what is so robust about that...

I am going to list down some high level alternatives here: (if you know more, let me know)

While the inital learning curve is definitely higher, you will benefit from it in the long run. These frameworks can teach you a lot about clean architecture and code, commonly applied concepts, keeping your application secure and how to focus only on the application you set out to build.

Don't get me wrong, I can certainly see how building everything from scratch is a good learning experience, it was for me! But after I have done it one time and wanted to start another application, I didn't really feel like doing it all over again. You should also be very careful with using your custom built authentication system on production.

Another thing would be onboarding, people familiar with the high level framework can immediately jump into coding, rather than spending a day trying to understand the architecture of the project only to fix a small bug. In case they don't know the framework yet, there is at least documentation and blog posts to read about it.

At the end of the day, we want to build applications and be confident about the code we have written.