[DZone Research] Significant Changes in Web and Mobile Development
[DZone Research] Significant Changes in Web and Mobile Development
The most significant changes in the development of web and mobile applications has been DevOps and progressive web apps (PWAs).
Join the DZone community and get the full member experience.Join For Free
To gather insights on the current and future state of web and mobile development we talked to 19 IT executives and we asked, "What have been the most significant changes to the development of web and mobile applications in the past year?" Here's what they told us:
- Increasing focus on DevOps across a number of development teams with the promise to deliver faster and iterate quickly. Java and .NET are a challenge and not conducive to Agile. Appreciate a UI to make it easier for developers to keep up with the pace of iteration and the architectural requirements to lay out an effective data model and service level. This has led to "WaterScrumFall" and it’s not enabling true agility. We’re trying to fulfill the promise of building as you go. Architecture is pre-thought out. Don’t worry as much about architecture. Incorporate native unit testing. A lot of tools are coming together to simplify development. We’re integrating branching and merging and testing frameworks to simplify this for the developer.
- We’ve observed customers using DevOps processes nearly “by default” — incorporating automation into nearly all stages of application development. This was a trend that was considered aspirational even as recently as early 2017, but we’ve seen it become totally mainstream at this point.
- Perhaps the most significant change facing web and mobile application developers within the past year is the continued institutionalization of Agile and DevOps methodologies, which encourage faster iterations, deployment, and responses. With respect to security, this poses numerous challenges. Historically, security has been viewed very much as a quality gate that occurs late in the development lifecycle. Security testing is often performed asynchronously, meaning the team continues developing while security is occurring, as it can take "weeks" to develop more secure web and mobile applications, we need security testing technologies and processes that scale with Agile and DevOps methodologies. Otherwise, existing security processes will significantly slow development speed.
- The backend is less relevant for them. Backend development is shifting from the cloud and VMs to running on containers and using K8s. Serverless is a huge trend that will allow the developer to focus on the functions of applications and not worry about the set-up of servers. Allows for faster reaction to testing. On the front-end, people are working with React, Angular, and Vue frameworks.
- We're seeing the uniting of web and mobile applications. iOS development tools are different than Android and web testing tools. We’re starting to see PWAs that are strong and applicable to native mobile application — leaner, faster, some compromise, optimizes for each mobile device. React Native is something in the middle that allows you to use tailored native features with older React functionality. Starting to unite.
- PWAs have been one of many transformational changes. A lot of app fatigue.
- Progressive web applications are beginning to deliver on the promise of collapsing web and mobile user experiences and even, somewhat, the development effort. When combined with the development of WebAssembly, the difference between a website and a mobile application is quickly fading.
- The current crop of significant trends in the web and mobile app development space include:
- 1) Responsive Web Design - Ensuring proper layout and resolution of content, especially rich media like images and videos, is delivered to users’ devices, which vary considerably in form, factor, and device-pixel ratios.
- 2) Progressive Web Apps - Use of service workers to act as a client-side agent that controls the serving of content via smart utilization of the browser cache, improving app usability when the network is slow or flaky.
- 3) Serverless - Virtualizing backend logic at a functional level, eliminating the need for server installation/configuration and ensuring unlimited scalability and geographical independence.
- 4) Streaming - Highly interactive content that includes animation, video, and other real-time content elements that change in response to front-end and/or backend events that increasingly entail the use of third-party service providers.
- Companies have forgotten about mobile in the days of digital transformation. It’s still the wild west out there. Even with Microsoft, Apple, and Google, there aren’t any tools that help the average mobile app developer understand performance, flows, and experience. There is a hodgepodge of solutions for developers that are less than optimal. Two-to-three person teams with a solid IDE are still relying on device forms. Before releasing to the app store they were just testing on their own devices. Developers need to start relying on device clouds as they scale nationally and internationally. This is your app and how it’s performing in Nashville versus New York. Today there is no such thing as an average user because of so many devices and networks. Companies are building for the average user and that doesn’t cut it anymore. There’s no standard that anyone looks up to.
- Over the last 18 months with REST APIs, people are using WordPress as a content management data store and through the API building front-ends. People are successful in building hybrid React web and mobile applications.
- From a testing perspective, we have seen a dramatic jump in white-box frameworks (Espresso and XCUITest). Developers are now part of the test creation process and own the definition of done. On the web side, responsive applications and progressive applications are taking over. This introduces new testing requirements to ensure consistent performance across platforms.
- Frameworks are updated regularly, it’s a vibrant ecosystem. Web and mobile have done a good job of doing this in an event-based, non-polling way. Mobile has done a decent job out of necessity. Even newer web frameworks will work well with backends not doing polling that cuts down and increases the scalability of the backend.
- Everyone is trying to merge into one with HTML5 – location, photo taking, microphones, and then hybrid frameworks like React Native and Cordova. Everyone tries to merge into one for web and mobile.
- New languages – Swift from Apple and Kotlin from Android. On the Google side, instant apps are resulting in downloading fewer apps but give the developers an opportunity to try them before they download them. Access to thousands of apps. These apps have more than 100 million incidents of eavesdropping via Trust kit. The number of eavesdropping attempts has quadrupled and the highest percentage is from spyware on mobile at a rate we have not seen before. 68% from spyware. The number of apps in mobile committed to TLS/SSL pinning has really jumped. Most were in passive mode with Man in the Middle and now taking the man in the middle out. Pre-Snowden backdoors were OK. Now they are not. The development community does not want backend eavesdropping to the connection. The web represents legacy app development. Developers can do TLS pinning in mobile but not on the web. Data privacy matters. Ordering pizza is more secure on mobile than web and can be more secure than mobile banking sites. This is improving every month. Mobile can be way more secure than web.
- Quite a bit. Everyone has a mobile device with them at all times. We release a mobile front-end for our solution. It takes a lot to keep up with the environment. Looking forward to the day the mobile devices will get to the hologram and or group conferencing and collaborating. Apps are sitting on mobile. Has to be intuitive, easy to use, reliable.
- More applications. An airline has a couple of apps for customers but many for employees — at scale with ease of use. We’re able to use 10 years best practice to internal facing apps. We use Xamarin. A lot of internal developers have .NET and C# experience.
Here’s who we spoke to:
- Malcolm Ross, Vice President, Product, Appian
- Gil Sever, Co-founder and CEO, Applitools
- Adam Fingerman, Founder and Chief Experience Officer, ArcTouch
- Jon Janego, Senior Product Manager, Static Analysis, CA Veracode
- Doron Sherman, V.P. Evangelism, Cloudinary
- Himanshu Dwivedi, Founder and CEO, Doug Dooley, COO, Data Theorem
- Rimantas Benetis, Technology Director, Devbridge Group
- OJ Ngo, CTO and Co-founder, DH2i
- Nate Frechette, CTO and Co-founder, Will Bernholz, V.P. Marketing, Dropsource
- Anders Wallgren, CTO, Electric Cloud
- Lucas Vogel, Principal Consultant, Endpoint Systems
- Sriram Krishnan, Head of Product, Headspin
- Joshua Strebel, CEO and Co-founder, Pagely
- Brad Hart, Vice President of Product Management, Perfecto
- Robert Warmack, Director, Sencha
- Jeffrey Martin, Director of Product Operations, SmartBear
- Eric Sheridan, Chief Scientist, WhiteHat Security
Opinions expressed by DZone contributors are their own.