20 Mistakes That Quietly Destroy JavaScript/TypeScript Codebases (Part 2)

Published: at 02:30 PM
(The T-Shaped Dev)

This article, the second part of a series, delves into common mistakes in JavaScript and TypeScript codebases that can lead to silent production failures. It covers runtime and code quality issues, focusing on code hygiene, asynchronous operations, performance, testing, and validation.

Code Hygiene

  • Parameter Mutation: Avoid mutating input parameters within functions. Instead, return new values. Use readonly parameter types to enforce immutability.

Async & Performance

  • Memory Leaks: Ensure proper cleanup of event listeners, intervals, and subscriptions to prevent memory leaks. Use removeEventListener, clearInterval, and unsubscribe respectively. Be cautious with .bind as it creates new function references.
  • Missing Cancellation: Implement cancellation mechanisms using AbortController for long-running operations to avoid wasted requests and stale data.
  • Missing HTTP Timeouts: Set timeouts for all outbound HTTP calls using AbortSignal.timeout(ms) to prevent indefinite waiting and resource exhaustion.
  • Sequential Operations: Use Promise.all for parallel independent operations and Promise.allSettled when some operations can fail independently. Avoid arr.forEach(async ...) for parallel async calls; use Promise.all(arr.map(...)) or for...of with await instead.
  • Blocking the Event Loop: Avoid synchronous operations like fs.readFileSync and CPU-intensive tasks in the main thread. Use worker threads or background queues for such tasks. Monitor event loop delay using perf_hooks.monitorEventLoopDelay().
  • Timezone-Unaware Dates: Use timezone-aware date libraries like Temporal (or date-fns with @date-fns/tz) to avoid timezone-related issues when parsing and storing dates.

Testing & Validation

  • Coverage vs. Value: Focus on testing behavior rather than implementation details. Tests should survive refactoring that doesn’t change behavior.
  • Input Validation: Validate all external inputs using libraries like Zod to prevent mass assignment vulnerabilities and ensure data integrity. Use parameterized queries to prevent SQL injection.

The article emphasizes the importance of addressing these mistakes to maintain code quality, prevent performance issues, and ensure the reliability and security of JavaScript/TypeScript applications.

Read the original article