One of the first front-end projects I wrote was in GWT (Google Web Toolkit) framework. GWT is a Java-based framework that is transpilling the code to JavaScript. I loved it because it gave me strong typings whereas JavaScript couldn’t. After some time, I needed to push the boundaries of what’s defined in the framework as I wanted to use new JavaScript language features. JavaScript was changing rapidly, and with every new release of Chrome, there were new avenues to explore. Thus, I ended up writing web platform bindings for GWT instead of focusing on the application I had in hands…


In the majority of cases, you write your code for your application that is running on your server(s). Or as a Kubernetes image running in GKE (Google Kubernetes Engine) or another platform. Sometimes, however, you run your application alongside other applications. This may happen in an enterprise environment, ERP/CRM/other systems, or even inside your organization when your application or part of some logic runs in another application. This situation may cause some trouble when not prepared. …


See a video version of this article on YouTube

Background on modularity

From the beginning of web development, we had a problem with modularity. You see, in Java, you can publish a JAR file, that is a library that can be natively used in the Java platform. You can then use Gradle or Maven to manage project dependencies. There was nothing like that for the web platform. Then, in January 2010, the first version of NPM or Node Package Manager was released. NPM was initially used to manage dependencies for server-side applications written for NodeJS. This platform is very similar to the web…


I am happy to announce that a new version of API Console is now available. It brings multiple changes and new tooling. Read more to learn what’s new in this release.

API Console is an application to automatically generates documentation for an API from a RAML or Open API definition. It is done by generating an AMF data model thanks to the AMF parser or the “webapi-parser” module. The console is built on top of web platform APIs so it can be easily integrated with every web based application. It comes in two flavors: a stand-alone application and a web…


Writing a web component that securely access, process, and renders restricted data can be a challenging task. When you are sharing a web component with others, you may start being concerned about leaking protected information to 3rd party services. This article tackles this problems and suggest some solutions.

The problem

In Salesforce cloud an application, which can be a web component build on top of Lightning Web Components, can work alongside other applications inside a single document. The platform isolates applications from each other so there’s no way to extract the data from a component by a malicious application. But imagine having…


It become challenging for REST testing tools to authenticate the user when OAuth2 authorization scheme is applied to an API. OAuth 2 is a multi-step process that requires user input, valid session on the authorization server, and transferring response data from a response to another request. Advanced REST Client has request actions and cookie sessions that allows to automate this process so you will spend less time managing sessions and tokens, and do more with APIs.

In short summary, OAuth2 requires you to have a valid session on the authentication server, then you have to obtain authorization token using one…


Recently I was working on an API for my application. At first it was read only and open API so no authentication scheme was necessary. After a while I decided to add an option to create a thing using the API. I’ve added Passport with Google auth to my Express application. After few minutes setup I was able to login the user and allow him to make authenticated request. This works nice in the browser but then I wanted to use ARC to make authenticated calls without actually being in the browser. Because sessions between the browser and ARC are…


Last year the CTO of MuleSoft, Uri Sarid, announced that the company is joining the Open API Initiative of the Linux Foundation. This extended MuleSoft’s investment in open specs (RAML) and open source API tooling to also embrace the Open API specification (OAS), as part of its investment in modeling any domain via the Anything Modeling Language (AML) and the open source AML Modeling Framework (AMF). AMF provides automatic interoperability between RAML, which is optimized for modeling HTTP APIs, and OAS, which is a ubiquitous description format for HTTP APIs.

Today I am proud to announce that MuleSoft’s open source…


Recently, at Chrome Dev Summit, Gray Norton was talking about a new proposal for the web platform (a set of specifications for how browsers render web pages): Layered APIs. It was a great talk about how we can standardise high level APIs using ES6 modules. At the end of the talk Gray asked if anyone had an idea for new primitives or modules for the web. I am answering that call.

At MuleSoft, I create tools to make REST API development easier for developers. I’ve spent the last 3 years creating a set of web components dedicated to API documentation…


Almost a year ago I said that React’s days are counted. I still believe in this statement.This is how all frameworks end. However I wasn’t right about the timing. Back then I said it is a matter of a year or two. I might have underestimated some factors. Now I have more understanding on the reasons why developers moved to React. MuleSoft uses Facebook’s framework in most of our UIs. Because of that I had to learn to use React. It’s a minimal knowledge, I admit, but enough to understand concepts and workflow. …

Pawel Psztyc

Front end developer, designer, educator. Author of many developer tools. I built 3 ecosystems of web components.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store