All Articles

My advice for security-critical TS apps

Matt Pocock
Matt PocockMatt is a well-regarded TypeScript expert known for his ability to demystify complex TypeScript concepts.

TypeScript is taking over the world. It’s now the most popular language on GitHub, having overtaken JavaScript in the number of PR’s/week. But TypeScript can feel totally different to JavaScript.

The strange syntax, the arcane rules of inference, the generics.

It’s extremely tempting to just ignore the errors and slap on an ‘any’.

The vast majority of TypeScript application code out there is written under severe time constraints.

That’s how most apps get built - blood, sweat and ‘as any’.

As TypeScript gobbles up more and more market share, TypeScript wizards are going to be more and more in-demand.

Having the knowledge to transform any’s into safe types will save your team bugs.

This wizardry makes your skills even more valuable.

But it’s not just about cleaning up legacy code. Some wizardry under your belt lets you come up with wonderful, startling DX improvements that can accelerate your team.

Want a custom form abstraction? A type-safe REST API endpoint creator? A flexible Table component?

You’ll need to know some wizardry.

The more you can enable your teammates to develop faster, the faster you’ll rise up the ladder.

What’s more, it’s satisfying, engrossing work. You’ll be designing and implementing API’s that help folks code faster.

For example, If I were building an app where security was critical, I’d use the crap out of branded types.

Check out this Twitter thread I wrote on branded types (and give me a follow if you haven’t yet!)

Matt's signature

Share this article with your friends

`any` Considered Harmful, Except For These Cases

Discover when it's appropriate to use TypeScript's any type despite its risks. Learn about legitimate cases where any is necessary.

Matt Pocock
Matt Pocock