Closed WebReflection closed 7 years ago
Andrea - first of all thank you for taking the time to write this feedback. It is always valuable to receive well thought-through and well written feedback like this, whether negative or positive. Without getting in the substance of what you've written: what I would like to be able to is to decompose your feedback inti individual issues that can be discussed separately. I believe this will help make the document in question as good as it can be (which is our major priority) and will help to separate issues we can address from more general ecosystem issues that may be out of our scope. It may seem like make-work but I think it will really help. Can I ask you to do this decomposition? Otherwise I can do it. In any case, we will be taking up these issues and addressing them. Thanks, again.
The substantive issues that we have found in this text have been moved to separate issues and linked to this one. It would be useful to us if in future feedback you raise each point as an independent issue, and please also see our code of conduct.
I've been asked to provide my feedback and here I am.
Some Background
In 2006 I've written my second version of the JavaScript Standard Library, where the first one was bringing standard ECMAScript down to IE4, the one without even
try/catch
statements.I've been writing polyfills forever and I've felt like contributing to move the Web forward for the last 15 years.
When I've read this document I couldn't believe how offensive it could result for passionate developers that spent time to contribute to the Web platform.
Instead of blaming slow standardization process and admitting mistakes from same browsers vendors, this document puts all the blame to Web Developers, also advocating some non-sense or misinformed bad practice.
Hence my following reaction.
About Feature life cycle
In ECMAScript land, we eventually ended up in a list of stages, which makes it clear to anyone about the risk in adopting any of the proposed new features. It would be awesome if developers could have a central place, web page, repository, to understand the stage of a proposal for the web.
Risks of premature polyfilling
Most of the ECMAScript 5 has been agreed after one or more libraries that were polluting global objects prototypes have been adopted by the majority of the Web Developers.
This means that standard bodies eventually listened to developers and embraced their patterns, covering their most important users use cases, instead of blaming them.
This is quite the opposite scenario of what you wrote here:
You took
Mootools
as example saying that since many developers loved and used itsArray.prototype.contains
pollution, standards had problems replacing it with something else.Am I the only one seeing that the real issue is that standard bodies didn't check what user-land liked, and needed, before deciding it was OK to start shipping such method?
They've been obtrusive in the other way round and only Mootools ever took the blame for it.
I am not saying polluting globals is OK, but sometimes if something is convenient for everyone and widely adopted, it's not necessarily a bad thing or something to avoid at all costs.
This document also states that browsers vendors and teams behind are "the best" to avoid security issues and stuff.
So, developers shouldn't create polyfills because browsers vendors team "are better", but browsers vendors can seppuku new standards like
createShadowRoot
?About
requestAnimationFrame
What have Web Developers to do with the IE decision to emulate other browsers in order to not being seen as a browser that "doesn't work"?
You are telling the wrong story here, let me recap how the Web evolved in the last 10 years:
-webkit-
prefix became what IE was 10 years before-moz-
there too, indeed Firefox didn't have as many problems as IE and it also advocated against single vendors practices ... but ...... and this document seems blames Web Developers about last point?
I don't remember Chrome or Firefox, putting an
MSIE
in their UA back those days, while IE still hasMozilla
in its UA string, right?About Nomenclature
This same document is written in UK language, take recognised as example VS recognized, but the problem in this point is the confusion you have with terminology Web developers understand already.
You know, they learn daily new things by job specification so, an extra term isn't usually such a big deal (they are smarter than you think).
However, let me help you with other terms:
polyfill
, orshim
, supposes to replace 100% of native proposal/functionality, which is not always possible (WeakMap, Symbol, class)prollyfill
is something not even standard yet but possible in the futureponyfill
is a polyfill that doesn't pollute the global scope. It's funny this entire document is basically a hint to prefer ponyfill were possible and instead it kills its usage!sham
is a polyfill that doesn't fully adhere to specs due some limitation or not-so-needed part of themTelling developers they should use
ponyfill
only as a term, is helping pretty much nobody in understanding important differences between these libraries.If I can dare, you are basically causing functional analphabetism on one of the most important aspect of the Web, and its movign forward, with this single point.
About Security Concerns
This point is the one that disappointed me the most.
I'll explain you why after reminding this part:
It's about 2+ years I am polyfilling and fighting in favor of Custom Elements
is=""
attribute feature in order to keep promoting graceful enhancement, and one browser vendor is pushing back without providing any valid alternative.As a developer, I want to support every device on this planet and use graceful enhancement, but they want me to redirect, I guess behind some User Agent sniffing and on the server side, since your proposed robust feature detection goes nowhere in the real world out there.
I should provide another version so that the already slow device, with slow DNS resolution too, needs more effort for an ad-hoc site created for too old browsers, and my company has to pay extra time for its development.
This is because Custom Elements cannot, and should not, be polyfilled for too old devices but current specification requires mandatory polyfills and, on top of that, transpilers for classes that are holding back modern browsers instead.
As result, today we transpile for old browsers that will never be able to use modern Web features, requiring polyfills on top, and penalizing modern browsers that would benefit the most from not transpiled code and probably no polyfills as well.
So how about suggesting and promoting best practices such graceful enhancements instead, including the already old device friendly solution that custom elements the
is=""
proposal provides?Moreover ...
Actually they are people writing most polyfills since they are even paid by their companies for doing that.
Throwing security concern if you are "not a cool dev" is demoralizing anyone that simply needed a bloody standard feature and decided to waste time to Open Source, and publish, a library that fixes that gap and is useful for others too.
Open Source also works in a way that anyone can contribute to a library so the team number means pretty much nothing if developers collaborate.
So what is the point of telling developers if they want to polyfill something they shouldn't because they are not better than browsers vendors team?
Both Mozilla and Google use my polyfills here or there and I've never been a browser vendor developer.
About UMD
There is ES6 with its
import
andexport
and CommonJS. Everything else lost the battle every single time.UMD causes that useless extra amount of file sizes mentioned somewhere else about polyfill sizes or old devices and payed data.
I'd drop AMD and UMD; it' sabout the time the Web agrees with its own proposal,
import
and/orimport()
and eventually suggests one extra standard which is de-facto standard everywhere else outside the W3C and the front end Web browser:require
About Don't create globals with common names for speculative polyfills
The hint here is hilarious. It reads like: don't create global variables that represent a fix for an API that's been proposed at W3C, feel free to pollute the global scope with any sort of fancy name you like. Who cares about conflicts and global scope pollution, right?
How about suggesting modules and nothing else? Anyway ...
Web Developers know that global pollution is bad, period. The moment you decide to do that, is because you want to use that API that is cool but not widely implemented yet.
More on that:
There is this thing that is always painful for companies when it needs to be done: refactoring.
If companies understand something is going to be standard, they don't want to produce code that will need to change once the thing is standard.
Companies want to produce code that after N+ years will remove the single polyfill dependency needed for that bit and make everything natively fast: profit!
That is the whole purpose of a real polyfill: you have it there but you don't want to think about it until the day you just remove it (or you need an obvious update).
It's a top level ghost dependency that is transparent for everything else where code is expected to run as if it was native, without bothering more.
TL;DR: Polyfills are just like transpilers, one day you'll remove them, that's the deal!
About the short or generic names joke ...
Open your browser, go
about:blank
, open the console and type$
. If you are on Chrome, you'll see a polluted environment with stuff nobody asked for.Are browser vendors also better than normal Web Developers at deciding utilities?
And that
$
is not evenjQuery
...About Not Serving Polyfills Not Required
Pick realistically your poison:
Uh wait, that's actually what's being suggested:
So we are now telling Web developers to use UA sniffing because ... that's robust?
And this has nothing to do with the issue Microsoft and IE had when its browser was badly sniffed out, right?
About Considering Alternatives
That's, as example, is called Custom Element native extend, it's being put on hold without providing alternatives by some vendor.
That's instead holding back modern browsers and the Web, 'cause developers just transpile without targeting. Today, as example, that means that most JavaScript
class
out there are plain broken.Fair enough, but I believe this is a bad advice for PAs since it's easy at this point to say "hey, I'm following best practices so I don't need to support your cheap Android they still sell".
About Updating Polyfills
I have no idea why this point is in this document since you are suggesting
npm
, which is based onsamever
, so that we, authors, should just follow common best practices to prevent surprises like push/forcing an update to anyone else.About Collecting data
This has been proven to have mostly zero real-world effect on how standards get adopted, proposed, or implemented, unless you are part of standard bodies.
About Not bundling dependencies ...
WebComponents from Google has been delivered with highly obtrusive WeakMap broken polyfill for years now, they are those secure browsers vendors team mentioned before.
As Summary
It would be great if standard bodies would stop feeling superior and actually start confronting reality with Web Developers.
The same history of the Web is full of failures and contradictions and in this document it looks like somebody thinks it's all Web Dev fault but we all know it's not.
So, thank you for creating more reasonable, informed, humble, and improved specifications for your most valuable customers: Web Developers.
Best Regards, from a Web Standard supporter since about ever.