A Rant about Software Development as a Graduate - Kevin Uriel Fonseca

LifeProgrammingTags:CSSJavaScriptmeNextJSReactJS
Lunar Tear from Nier Replicant

It’s Been a Long Road

Did you guys know the kevinfonseca platform came about 8 years ago? Either by using the .com or the most recent .me domains?. Believe it or not, WordPress has helped me a lot in my learning coding skills through these years in ways you guys have no idea, from improving my PHP and SQL knowledge to learning JavaScript and ultimately specializing in the MERN stack!.

However, as everything in life.

All things should come to an end

– Someone, somewhere

After fully working in WordPress most of my life as a “good” hobbyist developer, the majority of it took place while I was just getting started in college back in 2016 all the way up to my graduation that was just a few days ago in June 2024 during the Summer semester, I soon realized that the job market nowadays is hard for IT people.

ChatGPT has now become too popular and has been the big IT trend nowadays. Jobs that previously required a certain amount of experience in a programming language, now include experience with ML and or a level of expertise in products involving Artificial Intelligence.

Don’t get me wrong!

ChatGPT is great, I can see the potential it has and I know some people are already making big money with it, right? After all, that’s what technology is supposed to do; make money and help technology itself to improve on a daily basis.

However, what I don’t like is that most developers are now leaning more and more towards the daily use of these tools. Thus contributing to the big issue of having thousands if not millions of graduates claiming to be experts on X language. Not only that but agencies are not looking for simple PHP or SQL experience anymore but for skills that a full stack developer should have which then makes it hard for graduates to look for entry level jobs.

Furthermore, back a few years ago, JavaScript Frameworks were non-existent and the most popular and most used if any were AngularJs, ReactJs and VueJs (is that still a thing?). In today’s technology era , we have even more fancy front end libraries that sometimes it is simply hard to learn them all or to keep on track with whatever new trendy stuff is going on.

Put it this way, before the JavaScript trendy phase, what we all had were PHP and SQL, the big ones for a very  huge time, either by using WordPress, Laravel, CodeIgniter(which I love), or PHP from scratch with OOP approaches which I thought were amazing at the time as they made it possible to build complex systems with communities that were all over the place and mostly happy to support you by providing you with tutorials, guides, articles, and even sometimes, with the exact code you needed as well ❤️.

CSS frameworks are also big, Bootstrap and Materialize are not the to-go libraries anymore. However, we now have CSS in JavaScript, or the more clever ones, CSS frameworks purposely made to be run within JS files, is not it fun? There was a time in which React-Bootstrap was the most popular, then Ant-Design, then Semantic UI, Bulma, Tailwind CSS and as of today, if I’m not mistaken, ShadCN?

Moreover, those CSS frameworks are the only ones that I know or heard of. There might be even more that are not that popular yet or are in the work-in-progress phase.

All of that is just what I have experienced through my own research and what I have lived through in real life. Now think what other developers have seen? It’s such a crazy expectation to think it is good to have people knowing all this stuff prior to getting a job. What happened to the – in job training – concept?; what happened to the reasonable entry software jobs?😭.

Security with JavaScript Frameworks.

Let’s talk about security; security is a different issue that as a developers we all need to prioritize even more than before. XSS attacks are still relevant; CSRF attacks are still relevant; HTTP request/parameters pollutions are still relevant; data leaks are still relevant, and now with the thousands of ways to let X user to authenticate into an application, we now need to verify that said accounts are not bots and the data submitted is properly sanitized before being saved into Y DB platform. Things that are supposed to make life more secure are now giving us more ways to worry about stuff. Le’t keep going!.

Authentication systems work mostly by three techniques, cookies, sessions or localStorage; while each technique can be used depending on the needs of the application, all of them are useless for anyone with enough time and resources to break into your DB. That’s why sanitizing data is such a huge security protocol that needs to be enforced on every day digital tasks. However, when you notice that frameworks such as React (Next also as being React in its core) renders html coming from a texteditor instead of converting the tags into html entities, everything that you though were bigger issues become obsolete when you don’t even know why something as simple as an <input type="text" value="data" /> gets rendered for the user to manipulate. This is quite secure as long as you don’t wrap said inputs within a form element, otherwise this:

<form action="yadayada.php" method="POST">  <input type="title" value="Title" />  <button type="submit">Submit</button></form>

will in fact get displayed in your article!. Just take a look in what I mean by using the input example I previously mentioned.

In Conclusion

Bye Bye! 🙂

SIDEBAR
FOOTER