Meteoric Thoughts

So, thanks to Peter Cooper’s excellent JavaScript Weekly we read about Meteor, which is a pretty interesting new JavaScript framework which seriously blurs the lines between server and client.

Meteor is built on top of node.js with some interesting ideas:

  • hot code push: the server seemlessly pushes code updates to all active browser clients when the developer changes anything in the project.  This in combination continuous deployment means for some really interesting user experiences.
  • synchronisation and latency compensation: whenever a client or the server changes anything all the clients who care about that data are automatically updated. Included with this functionality is the idea of “latency compensation”; when a client changes state it updates the local application state (so that the user sees the change instantly), pushes the update to the server and the server either broadcasts this change to any interested clients or pushes back corrected state (if perhaps the data failed validation).
  • fully modular stack: every part of the stack and be added and removed by the developer, meaning that if you’re not using something that meteor provides you can remove it, or add extra functionality should you need it. Meteor calls these “smart packages”.
This all sounds great (and it is!) but there are some concerns which instantly pop into our heads:
  • security: the examples provided and my reading of the documentation indicate that the browser client can execute arbitrary queries against the back-end database. This is somewhat worrisome.
  • separation of concerns: Meteor (at this stage anyway) looks like it will be great for smaller applications, the idea of writing a large project with it seems a little daunting.  At this stage the documentation for structuring your app is pretty light, but we imagine as the project matures then some convention will evolve.  Meteor at this stage makes no predictions about whether it prefers MVC, MVVM or any other pattern for structuring apps. One thing is for sure; we don’t want to go back to the spaghetti style interminglingling of concerns of the old days of PHP and RXML.

So, it’s early days for Meteor with their current release being versioned “PREVIEW 0.3.2” but given what they’ve achieved so far and the team they have behind them we’re expecting a lot of our concerns to be addressed before an eventual 1.0 release.  All we can say is that this is one to watch!