DEV Community

Discussion on: SSH server with WebPack

Collapse
 
lifenautjoe profile image
Joel Hernández

WHY in the world would someone want to do this ?

The webpack DEV server is meant for ... you guessed it, development . It has no focus on security ( which you need with anything that goes on the internet ) and all your source code is readable and accesible by anyone on the internet.

Why, just why!?

Novelty? Oh yeah, another computer can run the same program you run locally wow ! And and you can upload files to it ! Wow amazing ! Incredible !

Collapse
 
romanbon profile image
rbondarenko

Well, basically, you might want to use this solution because you it saves your local resources. Huge projects will inevitably slow down your machine, and I’m sure any dev wants to do his/her stuff fast. Second, it’s great for teamwork - different developers can do different tasks from different machines, and you can see the total result.
Security was not a concern in this case. If it happens to become an issue - I guess developers can come up with a solution.

Collapse
 
lifenautjoe profile image
Joel Hernández • Edited

Great for teamwork?

1st. Do you realise that files are not built upon right? like source control systems do, so basically if someone changes it and gets uploaded and then someone else does the same at the same time, the first one will have it's changes overwritten.

2nd. Webpack dev server refreshes every-time something changes, so if the idea is to have different people working on completely different things, do you think it's nice to be seeing your screen flashing all the time when someone else changes a file? Meaning that you might be in some in depth debugging of your code a sudden file change refresh can occur and destroy your efforts, and oh man that would be frustrating to put it mildly.

Saves local resources?

I'm with @Gabriel Aumala.

Security was not a concern?

In your case I can imagine you don't care because it's not your machine nor you are paying anything for it. But a compromised docker container can cause several damage to your provider. Webpack dev server vulnerabilities HAVE been found before ( e.g. github.com/webpack/webpack-dev-ser...).

So be kind to your provider and care for the assets they are borrowing you for free.

EDIT: Oh my god I just realised you work for the docker container provider....

EDIT: For reference, Amazon's Cloud shared responsability model. aws.amazon.com/compliance/shared-r...

Thread Thread
 
romanbon profile image
rbondarenko
  1. Yes, you’re right, but then there’s the same problem with github - if several developers are working on the same thing at the same time, they will definitely have a merge conflict. But why would several developers want to do the same thing at the same time? That’s impractical and hardly imaginable.
  2. It depends on the components you use - e.g. you can get Hot Module Replacement which “exchanges, adds, or removes modules while an application is running, without a full reload”. webpack.js.org/concepts/hot-module... And since I don’t support the idea of having several devs to work on the same code, that’s not something I would be concerned about. The thing is that if you work with a team of developers, you can get an overview of the project at any time. Of course, I could just show them what I have on my local machine, but if they are not in the same office or city, that would pose a problem.
  3. Talking about resources, just as I said above - I want to use a convenient IDE, and if I use WebPack locally, it can get too heavy sometimes.

Cheers,
Roman