惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

A
About on SuperTechFans
Cloudbric
Cloudbric
C
CERT Recently Published Vulnerability Notes
G
GRAHAM CLULEY
V
Vulnerabilities – Threatpost
C
Cisco Blogs
T
Tenable Blog
P
Privacy International News Feed
T
The Exploit Database - CXSecurity.com
I
Intezer
AWS News Blog
AWS News Blog
IT之家
IT之家
博客园 - 司徒正美
C
Cybersecurity and Infrastructure Security Agency CISA
博客园 - 【当耐特】
The Hacker News
The Hacker News
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Spread Privacy
Spread Privacy
S
SegmentFault 最新的问题
博客园 - Franky
人人都是产品经理
人人都是产品经理
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
V
Visual Studio Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
H
Hacker News: Front Page
Latest news
Latest news
Scott Helme
Scott Helme
腾讯CDC
宝玉的分享
宝玉的分享
大猫的无限游戏
大猫的无限游戏
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
A
Arctic Wolf
S
Securelist
雷峰网
雷峰网
The GitHub Blog
The GitHub Blog
Project Zero
Project Zero
Google DeepMind News
Google DeepMind News
P
Palo Alto Networks Blog
F
Fortinet All Blogs
Schneier on Security
Schneier on Security
云风的 BLOG
云风的 BLOG
Security Archives - TechRepublic
Security Archives - TechRepublic
The Last Watchdog
The Last Watchdog
WordPress大学
WordPress大学
MongoDB | Blog
MongoDB | Blog
L
LINUX DO - 最新话题
S
Schneier on Security
NISL@THU
NISL@THU
Jina AI
Jina AI
M
MIT News - Artificial intelligence

Deno

Deno 2.8 | Deno Claw Patrol: an open-source security firewall for agents | Deno Fresh 2.3: Zero JS by default, View Transitions, and Temporal support | Deno Deno 2.7: Temporal API, Windows ARM, and npm overrides | Deno Build a dinosaur runner game with Deno, pt. 6 | Deno Build a dinosaur runner game with Deno, pt. 5 | Deno Deno Deploy is Generally Available | Deno Introducing Deno Sandbox | Deno Build a dinosaur runner game with Deno, pt. 4 | Deno Build a dinosaur runner game with Deno, pt. 3 | Deno Build a dinosaur runner game with Deno, pt. 2 | Deno React / Next.js Denial-of-Service Vulnerability: Deno Deploy users protected | Deno Deno 2.6: dx is the new npx | Deno Build a dinosaur runner game with Deno, pt. 1 | Deno React Server Functions / Next.js Vulnerability: Deno Deploy users protected | Deno My highlights from the new Deno Deploy | Deno Deno's Other Open Source Projects | Deno How Deno protects against npm exploits | Deno Help Us Raise $200k to Free JavaScript from Oracle | Deno Deno 2.5: Permissions in the config file | Deno Fresh 2.0 Graduates to Beta, Adds Vite Support | Deno Deno 2.4: deno bundle is back | Deno JavaScript™ Trademark Update | Deno What's coming to JavaScript | Deno A brief history of JavaScript | Deno Reports of Deno's Demise Have Been Greatly Exaggerated | Deno An Update on Fresh | Deno How Plaid migrated 100 services to a new database platform 5x faster with Deno | Deno Deno 2.3: Improved deno compile, local npm packages, and more | Deno Add JSR packages with pnpm and Yarn | Deno Zero-config Debugging with Deno and OpenTelemetry | Deno Exploring Art with TypeScript, Jupyter, Polars, and Observable Plot | Deno Deno v Oracle Update 3: Fighting the JavaScript Trademark | Deno Build a custom RAG AI agent in TypeScript and Jupyter | Deno How to get deep traces in your Node.js backend with OTel and Deno | Deno toranoana.deno #20 登録受付中(2025年3月14日) | Deno Node just added TypeScript support. What does that mean for Deno? | Deno The Dino 🦕, the Llama 🦙, and the Whale 🐋 | Deno Publish a lint rule, get a prize | Deno Deno 2.2: OpenTelemetry, Lint Plugins, node:sqlite | Deno If you're not using npm specifiers, you're doing it wrong | Deno How Deno's documentation is evolving | Deno Oracle justified its JavaScript trademark with Node.js—now it wants that ignored | Deno Introducing the JSR open governance board | Deno Intro to Wasm in Deno | Deno Announcing OpenAI on JSR | Deno Deno in 2024 | Deno Goodbye WinterCG, welcome WinterTC | Deno Build a SolidJS app with Deno | Deno Run your Next.js SSR app on Deno Deploy | Deno Solve Advent of Code 2024 with Deno and Win Prizes! | Deno Deno v. Oracle: Canceling the JavaScript Trademark | Deno Deno 2.1: Wasm Imports and other enhancements | Deno Build a Typesafe API with tRPC and Deno | Deno Self-contained Executable Programs with Deno Compile | Deno Build a Database App with Drizzle ORM and Deno | Deno Introducing your new JavaScript package manager: Deno | Deno Announcing Growthbook on JSR | Deno Build an Astro site with Deno | Deno How to convert CommonJS to ESM | Deno Announcing Deno 2 | Deno The Final Touches: What’s New In v2.0.0-rc.10 | Deno Announcing Stable V8 Bindings for Rust | Deno Deno 2.0 Release Candidate | Deno Secure, efficient private npm registries with Cloudsmith and Deno | Deno Painting the Plane as We Fly It: Designing JSR | Deno Introducing Web Cache API support on Deno Deploy | Deno Deno 1.46: The Last 1.x Release | Deno Protect your cloud spend with new Deno Deploy spend limits | Deno What we got wrong about HTTP imports | Deno Benchmarking AWS Lambda Cold Starts Across JavaScript Runtimes | Deno Announcing Supabase on JSR | Deno Deno 1.45: Workspace and Monorepo Support | Deno Introducing KV Backup for Deno Subhosting | Deno A Gentle Intro to TypeScript | Deno Announcing Hono on JSR | Deno How We Made the Deno Language Server Ten Times Faster | Deno How the Guardian uses Deno to audit accessibility and performance across their 2.7 million articles | Deno Introducing More Flexible Domain Association for Deno Subhosting | Deno The stabilization process of the Standard Library has begun | Deno Deno 1.44: Private npm registries, improved Node.js compat, and performance boosts | Deno How we built a secure, performant, multi-tenant cloud platform to run untrusted code | Deno The Deno Standard Library is now available on JSR | Deno How to document your JavaScript package | Deno Your Low Code Solution Needs an Escape Hatch | Deno Deno 1.43: Improved Language Server performance | Deno How Slack used Deno to save months of engineering effort in launching their new platform | Deno JSR Is Not Another Package Manager | Deno Announcing the Hookdeck SDK on JSR | Deno Announcing the Neon Serverless Driver on JSR | Deno An intro to TSConfig for JavaScript Developers | Deno How we built JSR | Deno How Netlify used Deno Subhosting to build a successful edge functions product | Deno Introducing Simpler Project Creation in Deno Deploy | Deno Deno 1.42: Better dependency management with JSR | Deno Introducing deployctl, the command line interface for Deno Deploy | Deno Introducing JSR - the JavaScript Registry | Deno How to add Monaco to a Next.js app and securely run untrusted user code | Deno Survey Results and Roadmap | Deno Deno 1.41: smaller deno compile binaries | Deno
Webhooks suck, but here are alternatives | Deno
2024-02-22 · via Deno

Webhooks are a foundational part of the web’s infrastructure. Coined in a blog post in 2007, webhooks were suggested as a simple way to consume asynchronous feeds with a protocol all web developers are familiar with — HTTP. It’s now 2024 and webhooks have more or less remained the same, yet they have become the de facto approach for not only one way notifications, but also integrating cloud systems.

What is the equivalent of the pipe in the age of the web?

— Tim O’Reilly

Today, webhooks are everywhere. For SaaS and API companies, webhooks are table stakes — the lowest development lift for offering an opportunity for them to integrate with other cloud software. Of the top 100 API companies according to SVIX, 83% offer webhooks. And for SaaS businesses, the first step towards offering integrations is through webhooks. So if you’re building cloud software, you should offer webhooks and call it a day, right?

Not quite.

Webhooks haven’t evolved with the times

Webhooks, originally proposed in 2007 as a standardized solution for consuming asynchronous feeds across the internet, has since evolved to server a broader purpose: a stop-gap approach to allow integrations among cloud systems.

Spongebob meme. He looks tired

With the rise of cloud software and SaaS, the utility of your data is a function of how many other systems it can exist in. Your user data is great in your analytics tool, but even better in your email tool, retargeting tool, etc. Every SaaS must offer integrations with other SaaS, and the easiest way to do so is via webhooks.

But let’s take a moment and ask ourselves: in the context of SaaS, what problem are we solving with webhooks?

The majority of developers interested in consuming SaaS webhooks are looking for customization — custom workflows, custom data transformation, custom piping into custom systems. With this criteria in mind, are webhooks still the best solution?

Developers interested in consuming webhooks to kick off a custom workflow or execute custom processing have to undergo non-trivial development work. They must:

  • create a server
  • write a route handler
  • parse the payload
  • build the custom processing
  • deploy and host the server somewhere where it’s always available
  • maintain the code
  • test and troubleshoot the code

Testing webhooks might appear straightforward until you realize that 50% of that webhook is managed by an external party. And each webhook provider have their own rules and logic. What if their webhook exhibited unconventional behavior that isn’t documented? What if there’s an error on their end? There are many pitfalls around developing, testing, and troubleshooting webhooks.

All in all, the list above is the simplest way to consume a webhook. In fact, due to the ephemeral nature of webhooks (if you do not receive the webhook, it’s impossible to get the webhook to send again), it’s widely considered best practice by many engineering teams to use queues for handling webhooks, and then to handle errors and retries on your own. However, with this more robust setup, you would need 4 new services (SQS, S3, a Publisher(s), and a Consumer(s)), just to handle a single webhook safely. This is a lot of new infrastructure, architecture, time, and effort.

The onus to successfully consume the webhook is on the developer and there are plenty of chances for them to screw up.

For customers interested in creating custom workflows in your product, consuming a webhook requires a ton of development overhead. And let’s be honest, no developer is out there setting up queues and multiple serverless infrastructure just to process a webhook.

What are the alternatives?

Users want customizeability

Users simply want to customize workflows to their needs. When viewed through this lens, there are a few alternatives to webhooks that can provide a nicer experience:

Workflow builder

We all know Zapier. They’ve done a great job turning almost any cloud software into blocks that you can connect to achieve any workflow you can imagine. Their visual workflow builder simplifies dealing with complex data sets generated from various SaaS.

building a workflow with Zapier

Zapier’s drag and drop interface makes it easy to connect over 4,000 cloud services on their platform.

But your interface doesn’t need to be as complicated as Zapier’s. In some cases, a simple HTML form can offer enough customization for your users. Instead of a sending a webhook whenever there’s a new email subscriber, an SMS marketing tool can offer a simple UI that allows the end user to build a customized text message. Or instead of sending a webhook anytime there’s a new Subscription Upgraded event, a payments processor can provide an interface for the end user to send a custom confirmation email.

You may be thinking that these workflow builders might be a tad limited in function (unless your engineers have unlimited time and coffee), so there’s the next alternative.

In-browser IDE

For the most flexibility and customization, yet while also minimizing development effort, you can offer an in-browser code editor right in your product, where your users can edit and deploy a function that has HTTP access for processing and triggering other workflows.

Twilio Functions

Twilio allows you to write functions in their UI to manipulate voice calls, invoking their REST API in response to an event, or much more.

Your developers no longer need to create and manage a piece of production level infrastructure. They also don’t need to switch contexts, as they can edit code directly in the browser. Finally, you can provide far better testing, logging, and observability now that more of the logic is on your infrastructure.

There are still other benefits. Your in-browser IDE can offer helper libraries out-of-the-box so your developer doesn’t need to look up or install anything on their own. You can also accompany your in-browser development experience with guides, tool-tips, documentation to nudge your developers in the right direction. Since you have more control over the end-to-end webhook consumption experience, there are plenty of opportunities to eliminate tedious steps or boilerplate to maximize the chance for success.

🚨️ Want to build a cloud IDE, but concerned about security around deploying and executing untrusted code? Check out Subhosting.

Imagine instead of a Wordpress webhook for a new subscribe event, there’s an in-browser editor where you can grab the subscriber info, populate and send a welcome email? Or instead of a Stripe webhook for a new customer, the in-browser IDE allows you to write a handler that populates a new record in your HubSpot?

We can do better than webhooks

Webhooks are a critical part of internet infrastructure, due to its simplicity, flexibility, and familiarity among developers. However, the internet, web developers, and end user consumers have evolved a ton since 2007, and so have their needs. Instead of processing asynchronous feeds, consumers want custom workflows so they can do their jobs easier, faster, so to better serve their consumers, and unfortunately, webhooks no longer cut it. It’s time we offer better a developer experience around customizing workflows.

HN Comments.

Don’t miss any updates — follow us on Twitter.