- IDEs and Editors
- Task Runners and Module Bundlers
- Documentation Software
- Testing Frameworks
- Linting Software
- Security Analyzers
- Package Managers
IDEs and Editors
- Visual Studio Code: Microsoft’s well-known and beloved code editor. Visual Studio Code is the most popular development environment for pretty much any type of developer. It includes support for debugging, Git control, syntax highlighting, code refactoring, and much more.
- Sublime Text: a highly customizable, cross-platform code editor. Sublime Text sits somewhere in between a fully fledged IDE and a command line editor. Despite its many features, it’s one of the fastest code editors on this list. You can install 3rd-party plugins through its package manager called Package Control.
- Atom: a text editor written by the developers over at GitHub. Atom comes with plenty of features out of the box: cross-platform editing, a built-in package manager, smart autocompletion, find and replace, etc. There are also plenty of themes to customize its look and feel to your heart’s desires.
Task Runners and Module Bundlers
- Yeoman: a scaffolding tool for modern web apps. Yeoman prescribes best practices and provides a modular architecture so you can quickly scale projects. Supports linting, testing, minification, and more.
Software without documentation is a developer’s nightmare, but software with poorly written documentation is arguably even worse. It’s tempting to consider software documentation as an afterthought. The code will speak for itself, won't it? Spoiler alert: It won't.
Writing documentation is a complex, time-consuming, and often boring process. Software documentation tools ease some of that burden by automating a large part of the process. No longer should you skimp on writing documentation, because these tools make the job significantly easier.
- Docco: a documentation generator written in Literate CoffeeScript. Docco generates an HTML document that shows your comments along with your code. All your comments are passed through Markdown while the code is passed through
- Swagger: a great tool across the entire API lifecycle, from design to documentation. Swagger uses a set of rules and tools for describing APIs. It’s language-agnostic and readable for both humans and machines.
Testing is an important part of the development process. You have to figure out if your code works under various circumstances. How else will you identify errors, gaps, or missing requirements?
- Protractor: an end-to-end test framework for Angular and AngularJS apps. Protractor runs tests in a real browser, interacting with your app like an end user would, with native events and browser-specific drivers.
Technically speaking, linting is part of testing. But it’s so important that it deserves a category of its own. Linting means running a program that checks your code for stylistic and programmatic errors.
Who doesn’t love finding and fixing bugs in code? That single comma you’ve misplaced in seven hundred lines of code? The illogical if-then statement that throws your machine into an infinite loop? The endless Googling for a solution? Oh, the joy.
Cybersecurity has become a top priority for companies and countries. Vulnerable software is now a common attack vector for hackers. As a developer, the security of anything you code should be a priority.
- Snyk: a developer-first application security analyzer used by millions of developers and companies such as Salesforce, Google, Microsoft, ASOS, and others. Snyk finds and fixes vulnerabilities for npm, Maven, NuGet, RubyGems, PyPi, and more.
- Retire.js: helps detect if you have versions of dependencies that are known to have security vulnerabilities. It's a command line scanner, has a Grunt plugin, a Chrome/Firefox extension, and a Burp/OWASP Zap plugin.
- Dependency-Check: attempts to detect publicly disclosed vulnerabilities contained within a project’s dependencies. Dependency-Check has a command line interface, a Maven plugin, an Ant task, and a Jenkins plugin.
- Acunetix: an application security testing platform for securing your websites, web apps, and APIs. Acunetix uses both black box and gray box hacking techniques to find vulnerabilities.
- OSS Index: a catalogue of open-source components and scanning tools to help developers identify vulnerabilities, understand risk, and keep their software safe. OSS Index supports multiple ecosystems, such as npm, Bower, Drupal, NuGet, and more.
A package manager is software that automatically installs, upgrades, configures, and removes the packages maintained in repositories. It also looks up your dependencies and ensures new versions of packages don’t break your code.
- Yarn: the biggest competitor of npm. Developed by Facebook and released in 2016, Yarn addressed some of the biggest shortcomings of npm at that time (although npm has caught up considerably since then).