On multiple occasions, we’ve deployed frontend code to production only to find out the backend (REST or GraphQL) hasn’t shipped their side yet. Worse yet, we expectedly find out a param name changed which may throw an error. Another example: the backend removes an API thinking that clients no longer use the removed API and the frontend crashes. If any layer of communication between frontend and backend breaks down, then we may end up with catastrophic errors.
I think the “best solution” is to use a tool like Cypress or Codecept to create a suite of integration tests which checks every API call the frontend may use. Sadly, that’s a heavyweight solution that requires significant upfront investment in developer time.
Anyway, I’m looking for simple solution to this problem. Maybe something that checks affected APIs when the frontend opens a PR and/or something that checks the frontend repo when the backend deploys to production.
Any ideas or experience solving this problem?
I have a mobile application and the Backend is hosted on a cloud provider, would like to ask feedbacks on encrypting all REST API calls that will be use to communicate with the server if we should or we shouldn’t do it.
First, I don't really know where to post it and I don't really know what to do, so I hope this is a good place to start. I used and filtered Wireshark to find client hello packets. Many of the server names that make up these packages include domains such as cdn.adsafeprotected.com, sb.scorecardresearch.com, and rtbgumgum.com. I wondered how I could prevent it.