$30 off During Our Annual Pro Sale. View Details »

Writing CLI tools with Node

Writing CLI tools with Node

My personal notes are available at http://cl.ly/bbcA/BuildingaCLItoolwithNode.pdf

Important points I prepared for the talk, but missed:
- npm can be creepy: no software signing, no sandbox, lousy chain of trust
- npm install as dangerous as curl foo | sh due to no sandboxing
- no whitelist prior authorization / permission system to access mic, camera, file-system, etc, as in the browser. Everything granted to the user is granted to the process.
- Windows does not support sending signals.

Henrique Vicente

June 11, 2015
Tweet

More Decks by Henrique Vicente

Other Decks in Programming

Transcript

  1. Writing CLI tools with
    Node
    henvic.github.io
    1

    View Slide

  2. Read–eval–print loop
    2

    View Slide

  3. 3

    View Slide

  4. 4
    npm cheat sheet http://browsenpm.org/help

    View Slide

  5. semver
    • Semantic Versioning Specification semver.org
    • MAJOR.MINOR.PATCH
    • i.e., 1.5.2
    5

    View Slide

  6. http://browsenpm.org/package.json

    https://docs.npmjs.com/files/package.json
    6

    View Slide

  7. Node 0.12 API Stability Index
    7

    View Slide

  8. Node 0.12 improvements
    • Promise API (bye bye, callback hell)
    • child_process.execSync

    - for when async is not necessary
    8

    View Slide

  9. Environment variables
    • Global values.
    • Try other approaches before setting custom ones
    to modify your app.
    • i.e., > process.env.PAGER => 'less'
    9

    View Slide

  10. working directory
    • process.cwd();
    • process.chdir(‘~/your-new-working-dir/’);

    View Slide

  11. Name arguments

    the Unix way
    • --version | -v
    • --verbose
    • --help | -h
    • --force | -f
    • --your-command | —your-alias
    • e.g., gh pull-request -s your-reviewer --title “…”
    11

    View Slide

  12. process.argv
    12

    View Slide

  13. A filter program
    13

    View Slide

  14. 14

    View Slide

  15. stdin, stdout, stderr
    • process.stdout.write(‘Hello World!\n’);
    console.log(‘Hello World!’);

    console.assert(state === ‘enabled’);

    console.time(‘checkpoint’);
    • process.stderr.write();

    console.error(error.message);

    console.warn(‘whatever’);

    DON’T FORGET ABOUT US
    15

    View Slide

  16. Unix Signals
    • man sigaction
    • An asynchronous notification sent to a process.
    16

    View Slide

  17. View Slide

  18. Exiting
    • Exit codes: 0 - 255
    • 0 when no more async operations are pending
    • not zero means some sort of error happened
    • process.exit(code);
    18

    View Slide

  19. Config files
    • JSON is not human-friendly
    • Try something more Unix-like: .yml or .ini
    19

    View Slide

  20. Keep your config file
    structure simple
    • Dictionary approach is the best:

    key: value
    • Group params to avoid repetition
    • Don’t nest too much
    20

    View Slide

  21. Learn the internal APIs
    • assert
    • child_process
    • fs
    • net
    • http
    • path
    • process
    • stream
    21

    View Slide

  22. External Libraries
    22
    • insight
    • inquirer
    • moment
    • express
    • istanbul
    • …
    • gulp
    • commander
    • lodash
    • async
    • colors
    • cordova

    View Slide

  23. You need no decoration
    rainbows :(
    23
    ANSI escape code is not friendly with filters…

    View Slide

  24. Code Quality Tools:

    static analysis, tests, mocking…
    24
    • jscs
    • gulp
    • Travis
    • coveralls
    • rewire
    • istanbul
    • plato
    • jshint

    View Slide

  25. Final considerations
    • Slow loading dependencies are common.
    • Package installation: local, global, etc.
    • No binaries means node is a hard dependency.
    • Don’t forget to escape user input.
    • KISS principle = “Keep it simple, stupid.”
    25

    View Slide

  26. npm install -g require-time
    Avoid slow loading dependencies.


    Or require() later.
    http://funmozar.com/baby-cheetah/
    $ require-time
    5ms async
    14ms colors
    13ms github
    52ms handlebars
    125ms inquirer
    55ms insight
    12ms moment
    4ms nopt
    2ms open
    1ms truncate
    120ms update-notifier
    1ms userhome
    7ms which
    1ms wordwrap
    26

    View Slide

  27. Q&A
    27
    speakerdeck.com/henvic/writing-cli-tools-with-node

    View Slide