From the top of my head, you'll also need libraries for:
- Background jobs
- Validation
- Translations/i18n
- CSRF and other common security considerations
- Testing (and integration testing) tools
- Logging
- Email sending
- File uploads (S3 storage, etc)
- Websockets
And then write the glue code to make all of this work seamlessly, document it for others to understand how you made it work together, ensure there are no security holes and battle test it in production.
Saying that Next + Prisma "is Rails for Node" is like saying a moth is an airplane just because both can fly.
Well said. There are a million starter projects and examples each with a different mix of tools hooked up all in very different ways with tons of files and config. And lots of them with bugs or out of date.
The problem with the JS world is they can never coagulate around one solution. Everyone has this insatiable desire to roll their own. Next only works because it leaves out a bunch of stuff.
Instead of the examples/ directory they should build a plugin interface and roll out official integrations with lots of tools. This is the closest we would come to Rails.
I think a big part of this is because of the the popular teachers and bloggers/youtubers which are not more than undercover (and some not even undercover) marketers for companies or solutions promoting the use of their platforms.
So many "Look how easy it is to build a blog with Next.js/Remix/Nuxt.js/Whatever", and it is true. That's really easy and cool and has a really good DX and we all love it.
But in real life you need a ton more things to make things robust and secure. And when people start to patch together stuff to get, let's say, authorization or authentication, into their apps, is when things go wrong and you end up getting emails of "data breaches" from services you signed up to.
Had you used a battle proven full stack framework, 90% of the problems would have been solved in standard, well documented, secure and proven ways.
In the node ecosystem, the opportunities are right there. From what I've seen and tried, Adonis.js is the best thing that has happened in this regard. A real "full stack" framework following Laravel's ideas. It's opinionated, fully featured and well integrated as every feature works nicely with each other. And you're not handed over 40 decisions to make about the ORM, the templating system or how to do permissions. It's all there ready and documented. As with Laravel or Rails.
We just need to have people understand that there's a *very common* set of features every single non-trivial web application needs and that it makes no sense to rewrite it from scratch on every single project.
What scares me the most is all of those people saying that implementing all of this themselves or by tying together 10s of libraries every single time is easy. To me they just don't know what they're doing and what they're getting into.
Thanks for the pointer to
adonis.js. I have been playing with just nextjs and nextauth and getting those to play well is a bit of a headache (middleware doesn’t seem to work). I assume an all in one solution stuff has been tested together!
From the top of my head, you'll also need libraries for:
- Background jobs - Validation - Translations/i18n - CSRF and other common security considerations - Testing (and integration testing) tools - Logging - Email sending - File uploads (S3 storage, etc) - Websockets
And then write the glue code to make all of this work seamlessly, document it for others to understand how you made it work together, ensure there are no security holes and battle test it in production.
Saying that Next + Prisma "is Rails for Node" is like saying a moth is an airplane just because both can fly.