Try Svelte(marcradziwill.com)
marcradziwill.com
Try Svelte
https://marcradziwill.com/blog/why-you-should-try-svelte/
43 comments
> care about privacy
Note that most don't claim that. They say "we value your privacy" which means "we can extract value from taking your privacy".
If you don't want to be tracked and sold the only way is to block the stuff yourself. Some sites won't let you in, which is fine by me I'll no doubt find the same info elsewhere.
I'd rather not block adverts, I know they pay for some half-decent free resources, but there is no way to block the tracking without also blocking the ads.
Oddly I've seen more useful adverts since actively making efforts to block tracking, less being presented with things I've already looked at but dismissed and more random "I hadn't thought of that, but maybe" promotions. I'm not sure if that is a coincidence, or a sign that the tracking isn't actually that useful for advertising purposes. If the latter then the question becomes "then why are they so intent on tracking me?" - I suspect because the other ads are part of a status quo that is desperately trying to hold on despite not being as relevant & useful as is claimed.
Note that most don't claim that. They say "we value your privacy" which means "we can extract value from taking your privacy".
If you don't want to be tracked and sold the only way is to block the stuff yourself. Some sites won't let you in, which is fine by me I'll no doubt find the same info elsewhere.
I'd rather not block adverts, I know they pay for some half-decent free resources, but there is no way to block the tracking without also blocking the ads.
Oddly I've seen more useful adverts since actively making efforts to block tracking, less being presented with things I've already looked at but dismissed and more random "I hadn't thought of that, but maybe" promotions. I'm not sure if that is a coincidence, or a sign that the tracking isn't actually that useful for advertising purposes. If the latter then the question becomes "then why are they so intent on tracking me?" - I suspect because the other ads are part of a status quo that is desperately trying to hold on despite not being as relevant & useful as is claimed.
Or have uBlock Origin on.
And since this is a login-not-required site how are the other cookies "technically required"?
And since this is a login-not-required site how are the other cookies "technically required"?
Cookie consent setting page stores 2 reasons for technical cookies:
> Stores the information as to whether the user agrees to statistical analyzes or rejects them
> Stores the information as to whether the user agrees to cookies or rejects them
As for what @capableweb said, did they update something or what? Before consenting to cookies I CAN actually open settings and... analytics cookie by default was disabled for me.
> Stores the information as to whether the user agrees to statistical analyzes or rejects them
> Stores the information as to whether the user agrees to cookies or rejects them
As for what @capableweb said, did they update something or what? Before consenting to cookies I CAN actually open settings and... analytics cookie by default was disabled for me.
> analytics cookie by default was disabled for me
I've noticed that a lot of permission boxes are disabled by default if you open the settings, but not otherwise. The optics are better that way: it makes any claim to care about your privacy look less dubious. It also catches people who go to settings and blindly click all the options to turn them off without reading the screen: they accidentally turn them on instead.
I've noticed that a lot of permission boxes are disabled by default if you open the settings, but not otherwise. The optics are better that way: it makes any claim to care about your privacy look less dubious. It also catches people who go to settings and blindly click all the options to turn them off without reading the screen: they accidentally turn them on instead.
If these are just boolean flags, there's no GDPR consent required for these. If they're a user ID that is used to look up a database of GDPR consents, then they have PII and there's a need to have another valid reason under GDPR to store them.
The issue is the flow to disable tracking cookies (maybe this is the right flow?):
Step 1: Click Accept to be tracked or settings for details
Step 2: Go to settings. Analytics is unticked. My understanding is clicking accept in the first page would still have granted permission.
Step 3: Go back?
Step 4: Click accept?
Why is clicking accept going to have a different behaviour in step 4 than if I'd clicked it in step 1? I didn't change anything, just viewed settings. Is viewing settings the opt out? Is there no behaviour and then clicking accept on step 4 _does_ allow the tracking cookies? What was the point of the settings page?
Yahoo's GDPR page has much of the same issues for me.
The issue is the flow to disable tracking cookies (maybe this is the right flow?):
Step 1: Click Accept to be tracked or settings for details
Step 2: Go to settings. Analytics is unticked. My understanding is clicking accept in the first page would still have granted permission.
Step 3: Go back?
Step 4: Click accept?
Why is clicking accept going to have a different behaviour in step 4 than if I'd clicked it in step 1? I didn't change anything, just viewed settings. Is viewing settings the opt out? Is there no behaviour and then clicking accept on step 4 _does_ allow the tracking cookies? What was the point of the settings page?
Yahoo's GDPR page has much of the same issues for me.
Or have uBlock Origin on.
I was using its feature that gets rid of cookie/GDPR permission boxes but encountered numerous pages which prevent any scrolling or interaction with page elements.. I was confused for a bit until I noticed uBlock was hiding these approval boxes but was keeping the page locked as if I hadn't yet approved them. Reluctantly I've turned off this feature and am back in GDPR box hell again.
I was using its feature that gets rid of cookie/GDPR permission boxes but encountered numerous pages which prevent any scrolling or interaction with page elements.. I was confused for a bit until I noticed uBlock was hiding these approval boxes but was keeping the page locked as if I hadn't yet approved them. Reluctantly I've turned off this feature and am back in GDPR box hell again.
Tooting my own horn here, but I think the way we've done it[1] works in the way you'd expect.
[1] https://supernotes.app
[1] https://supernotes.app
Is this always "wrong" though?
Of course if you load analytics.js from a 3th party server before consent, that's wrong. If you load it AND start tracking before consent, that's very wrong. On the other hand I don't see a problem with loading the script from a server you own and only enable the tracking after consent is given. That's how I did it in a recent project.
Of course if you load analytics.js from a 3th party server before consent, that's wrong. If you load it AND start tracking before consent, that's very wrong. On the other hand I don't see a problem with loading the script from a server you own and only enable the tracking after consent is given. That's how I did it in a recent project.
Any tool that simplifies collecting and reporting eventos on server side?
It'd be interesting to see how many sites actually honor custom settings. I have my doubts.
What if browsers had a setting that would manage cookies?
> Use server-side tracking if you really have too, and put everything client-side tracking on fire.
Why would server side tracking be any better (morally or legally) than client side tracking, assuming you are tracking the same thing? GDPR doesn’t care about the technical means. If you’re storing or processing personal data, you need a valid legal ground for doing so (see Article 6[0]), which usually means you need consent for the sort of tracking done on most websites.
[0] https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CEL...
Why would server side tracking be any better (morally or legally) than client side tracking, assuming you are tracking the same thing? GDPR doesn’t care about the technical means. If you’re storing or processing personal data, you need a valid legal ground for doing so (see Article 6[0]), which usually means you need consent for the sort of tracking done on most websites.
[0] https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CEL...
I had a bug on my site—Sry about that. I did a quick fix to reject any cookie/tracking settings quickly and that the consent won't pop-up again.
I hate these cookie pop-ups more than you could imagine, but I need to know how my site performs. And as I have my business registered in the EU, I need a cookie consent to my website. On the roadmap, I have a task to replace GA with any other analytics compliant with GDPR, CCPA, and PECR so that I won't need any cookie.
I hate these cookie pop-ups more than you could imagine, but I need to know how my site performs. And as I have my business registered in the EU, I need a cookie consent to my website. On the roadmap, I have a task to replace GA with any other analytics compliant with GDPR, CCPA, and PECR so that I won't need any cookie.
[deleted]
Accept cookies, or settings? Hm...
> For an optimal website experience, I use cookies and similar technologies (also from third parties) for statistics and tracking purposes. By clicking on By 'accept cookies', you consent to me accepting the use of these technologies.
> Via "Settings" you get more information and can read the declaration of consent.
> Without consent, I use only technically necessary cookies or cookies for statistical purposes.
“Technically necessary cookies” ... do you imagine you have readers dumb enough to believe that’s a thing?
Why do you even bother to ask?
Oh well.
Anyway, yeah, svelte is pretty interesting, but this post is 8 months old yeah?
What’s new in svelte land since then?
> For an optimal website experience, I use cookies and similar technologies (also from third parties) for statistics and tracking purposes. By clicking on By 'accept cookies', you consent to me accepting the use of these technologies.
> Via "Settings" you get more information and can read the declaration of consent.
> Without consent, I use only technically necessary cookies or cookies for statistical purposes.
“Technically necessary cookies” ... do you imagine you have readers dumb enough to believe that’s a thing?
Why do you even bother to ask?
Oh well.
Anyway, yeah, svelte is pretty interesting, but this post is 8 months old yeah?
What’s new in svelte land since then?
Also, you click on 'Settings', and then what?
There's no way to accept the settings. I mean in case I wanted to. What about the 'Accept' button then? What does it do? Accept ALL cookies? No thank you. 0/10
> What’s new in svelte land since then?
First class TypeScript support is the big one.
First class TypeScript support is the big one.
Two newer developments are official support for TypeScript, and a nice VS Code extension using the language server. Those advances are what enticed me to give Svelte a try over the summer.
> “Technically necessary cookies”
That is a thing under GDPR. In this case, they store if you consent or not.
Of course, this is another example of a non-compliant site as accepting is easier than rejecting. The site owner might as well remove the gate completely.
That is a thing under GDPR. In this case, they store if you consent or not.
Of course, this is another example of a non-compliant site as accepting is easier than rejecting. The site owner might as well remove the gate completely.
I recently experimented a bit with Svelte + TypeScript for Electron applications. When doing so I wrote down my notes in the form of a project tutorial: https://sam.elborai.me/blog/electron-svelte-3-typescript-par....
That may be of interest for some of you who would like to try Svelte.
That may be of interest for some of you who would like to try Svelte.
Are there type definitions available for svelte?
Yep!
The simplest way to get a typescript setup is via https://github.com/sveltejs/template.
The simplest way to get a typescript setup is via https://github.com/sveltejs/template.
$ npx degit sveltejs/template svelte-app
$ cd svelte-app
$ node scripts/setupTypeScript.js
$ npm install
$ npm run dev
Then you're good to go. When you define a <script></script> block in a Svelte file, just be sure to specify the attribute lang="ts". In VSCode with the svelte extension you get intellisense based on types info. <script lang="ts">
let name: string
</script>
<input bind:value={name} />Yes. Svelte 3 is built with TypeScript in mind. Although since it was not originally built with that in mind it might still have some janky stuff, like some refactoring does not work.
Not sure if my browser is acting up but I don’t want to accept all cookies and when I click on the other option, “settings”, there is no “save” button so I can never get on to the article I was planning to read.
Exactly. I tried to go back with browser's Back button, and the annoying dialog comes up again.. So effectively the only option is to accept their cookies.
I know it's not really the point here, but a workaround: use Private Browsing/Incognito and accept the cookies from there. They'll disappear when you finish your session.
But this is a technical author blogging for other techies, such hacks shouldn't be necessary in the first place.
I'm always worried that a site will treat that as acceptance of fingerprinting and then treat that as consent when they see my browser/IP again in non private browsing.
Interesting idea, I wonder if any sites do this.
Yo, React fanboy nitpicking missteps in the article here, so keep that in mind while reading this comment.
> All browsers love plain JavaScript or Vanilla JavScript because this highly efficient code can be parsed and executed faster than any other. Because it is plain JavaScript, your code changes the DOM directly. Svelte does not need a virtual DOM to simulate fast updates to the user.
Slow down. We all deploy plain JavaScript, no browser supports any other language.
Improving parsing and execution (at language level) bring very little improvement with Svelte over (for example) React. On the other hand, the absence of library functions to call may indeed flatten the call stack and give the perf boost promised by Svelte, but this requires Svelte to not being a library at all (more on that later).
This is also wording issue. It should have started with «the browser, mostly built around imperative structures, loves direct imperative changes to the DOM, and that’s how you MUST build the most efficient app interactions».
> At deployment, you get vanilla JS, that running in your browser. Fast and plain JavaScript
Again, wording!
> Apps developed are highly compatible. For example, if you develop a timer in Svelte, you can use the compiled version of your widget in any other framework. Why? Take a look at No. 1 it is VanillaJS.
(Point n. 1 being the previous quote)
This is not correct, or at least misleading. Every `.svelte` does indeed export an autonomous class that can be instantiated directly and mounted to a `target` DOM node, but that’s because Svelte is “embedded” inside the class.
In React you _can_ export a function which given a target DOM node mounts the app through `ReactDOM.render()` without the caller needing to have access to ReactDOM, it’s just not how you use components.
I have to admit that having that approach baked-in can be useful.
> The maintainers are free in their choice of the features they want to include in the framework. As Svelte itself is not in the compiled JavaScript output […]
I don’t remeber who said that but I once found this gem: «The most fantastic trick C has ever done is making everyone believe that it has no runtime».
That’s the same topic here, that’s because Svelte has a non-zero amount of shared code. Yes mostly utilities, but yet… it is shipped with yout code!
Listen, we all agree that they smartly moved a considerable amount of logic from the run-time to the build-time and we all rejoyce at this awesome competition, but this article is overlooking at how much is still happening behind the scene and how much code is still placed in the compiled output.
- - -
One final note: I know that Suspense is now a running joke in the JS world and I’m just making fun of myself here, but I really want to see how Vue and Svelte will compare to the ergonomics the new concurrency features when they’ll land in React.
> All browsers love plain JavaScript or Vanilla JavScript because this highly efficient code can be parsed and executed faster than any other. Because it is plain JavaScript, your code changes the DOM directly. Svelte does not need a virtual DOM to simulate fast updates to the user.
Slow down. We all deploy plain JavaScript, no browser supports any other language.
Improving parsing and execution (at language level) bring very little improvement with Svelte over (for example) React. On the other hand, the absence of library functions to call may indeed flatten the call stack and give the perf boost promised by Svelte, but this requires Svelte to not being a library at all (more on that later).
This is also wording issue. It should have started with «the browser, mostly built around imperative structures, loves direct imperative changes to the DOM, and that’s how you MUST build the most efficient app interactions».
> At deployment, you get vanilla JS, that running in your browser. Fast and plain JavaScript
Again, wording!
> Apps developed are highly compatible. For example, if you develop a timer in Svelte, you can use the compiled version of your widget in any other framework. Why? Take a look at No. 1 it is VanillaJS.
(Point n. 1 being the previous quote)
This is not correct, or at least misleading. Every `.svelte` does indeed export an autonomous class that can be instantiated directly and mounted to a `target` DOM node, but that’s because Svelte is “embedded” inside the class.
In React you _can_ export a function which given a target DOM node mounts the app through `ReactDOM.render()` without the caller needing to have access to ReactDOM, it’s just not how you use components.
I have to admit that having that approach baked-in can be useful.
> The maintainers are free in their choice of the features they want to include in the framework. As Svelte itself is not in the compiled JavaScript output […]
I don’t remeber who said that but I once found this gem: «The most fantastic trick C has ever done is making everyone believe that it has no runtime».
That’s the same topic here, that’s because Svelte has a non-zero amount of shared code. Yes mostly utilities, but yet… it is shipped with yout code!
Listen, we all agree that they smartly moved a considerable amount of logic from the run-time to the build-time and we all rejoyce at this awesome competition, but this article is overlooking at how much is still happening behind the scene and how much code is still placed in the compiled output.
- - -
One final note: I know that Suspense is now a running joke in the JS world and I’m just making fun of myself here, but I really want to see how Vue and Svelte will compare to the ergonomics the new concurrency features when they’ll land in React.
I really like svelte (returning to react recently after 3 months of svelte felt like a real drag) but you’re right, this article is a mess - I really hope the confusion doesn’t put people of giving it a go.
Yo yuchi, thanks for the comment ;):). I tried not to make an in-depth comparison between React and Svelte and wrote this article with a single view. I have a passion for web performance, so I like every single JS line that is not shipped.
Nevertheless, I found your comments reasonable and constructive and edited most of the parts you mentioned. I'll deploy the updated version in the next days.
Nevertheless, I found your comments reasonable and constructive and edited most of the parts you mentioned. I'll deploy the updated version in the next days.
I was scared of being a little bit too snarky, happy to see you accepted the criticism.
Nice to see you’ll address my comments. I think these are muddy waters. There’s a lot of polarization from people from different cultures, and a new player (such as Svelte) must gain its popularity without giving haters (as myself!) misconceptions to attack.
Nice to see you’ll address my comments. I think these are muddy waters. There’s a lot of polarization from people from different cultures, and a new player (such as Svelte) must gain its popularity without giving haters (as myself!) misconceptions to attack.
No way! I like good comments that are not offending even if they are challenging ;). They can only make things better. In any case, continue like this :)!
Vue is also making something similar in both name and function https://vueschool.io/articles/vuejs-tutorials/suspense-new-f... don't know about svelte...
I noticed Aurelia isn't getting any love when pushing for TypeScript.
Edit: only way you can not accept the tracking cookies is by first accepting the cookies, then manually going to https://marcradziwill.com/cookie-settings/ and uncheck it. Even if you uncheck it, site will still load Google Analytics.
Hurray for the world wide web.
Hint for people who actually care about privacy: if you're asking for consent about storing tracking cookies, you're not caring about privacy in the first place. Use server-side tracking if you really have too, and put everything client-side tracking on fire.