motyl.dev

Scoped Registries, Minimal APIs, and the Age Verification Mess

Published on 10.03.2026

#dailydev
#frontend
#webdev
motyl.dev<div></div></>FRONTEND

Scoped Custom Element Registries Land in Chrome 146

TLDR: Chrome 146 and Edge now ship scoped custom element registries by default, finally solving the long-standing name collision problem in the global window.customElements registry. This is a fundamental shift in how web components can coexist at scale.

If you have ever tried to ship a design system as web components and then watched it explode because two different versions of the same component tried to register with the same tag name -- congratulations, you have experienced the single biggest pain point of custom elements. The global registry was, frankly, a design flaw that the platform lived with for years.

Scoped custom element registries let developers create independent registries and attach them to a shadow root, a disconnected document, or an individual element. This means that two different versions of a <my-button> component can now live side-by-side without stepping on each other. Micro-frontends, large-scale design systems, and any application that consumes third-party web components should benefit enormously.

What is worth thinking about here is the downstream implications. This does not just solve a versioning problem -- it changes the composition model for web components entirely. Teams can now ship independently versioned component libraries without coordinating global namespace usage. That is a genuine architectural unlock. However, the article does not spend much time on the migration story. If you have existing components that rely on global registration, scoped registries do not magically retrofit themselves. You need to refactor your shadow DOM setup, and that is real work for large codebases.

The other thing missing from the conversation is browser support. Chrome and Edge are on board, but Firefox and Safari support is not addressed. For production applications that need cross-browser compatibility, this is still a "progressive enhancement" story, not a "just use it everywhere" story. Check the compatibility tables before you commit to a scoped registry architecture.

Key takeaways:

  • Scoped registries eliminate the global name collision problem for custom elements
  • They attach to shadow roots, disconnected documents, or individual elements
  • This is a major enabler for micro-frontends and independently versioned design systems
  • Cross-browser support still needs verification before going all-in
  • Migration from global registries requires deliberate refactoring

Tradeoffs: Scoped registries add flexibility but also complexity. You now have to decide where to scope your registry, manage registry lifecycle, and ensure components are registered in the correct scope. For small projects, global registration is still simpler. The real benefit shows up at scale.

Make custom elements behave with scoped registries

Minimal APIs After the Hype: What Actually Stuck

TLDR: ASP.NET Core Minimal APIs have matured past the initial excitement. The real insight is not that they replaced controllers, but that they revealed how much ceremony in traditional .NET API development was pure habit.

There is a pattern in software development where a new approach arrives, gets hyped as the replacement for everything, and then quietly settles into being the right tool for specific situations. Minimal APIs in ASP.NET Core have followed this arc almost perfectly.

The article makes a sharp observation: Minimal APIs did not win by being "better" than controllers or MVC. They won by resetting the default starting point from complexity to simplicity. When you start minimal and add structure only when you need it, every abstraction has to justify its existence. That is a fundamentally different design philosophy than starting with a full MVC scaffold and hoping you grow into it.

This is the kind of thinking that applies far beyond .NET. How many times do we reach for a framework, a pattern, or an architectural layer because "that is how you do it" rather than because the problem demands it? Minimal APIs forced .NET developers to confront that question, and many discovered that a significant portion of their traditional API ceremony was just habit dressed up as best practice.

What the article could push harder on is the inflection point. When does a minimal API become too minimal? When you need authentication middleware, request validation, response caching, API versioning, and structured error handling, at what point are you just rebuilding a controller from scratch? The answer is "it depends," but a more concrete heuristic would have been valuable.

Key takeaways:

  • Minimal APIs succeeded by changing the default from complex to simple
  • They did not replace controllers; they made developers justify complexity
  • Much of traditional .NET API ceremony turned out to be unnecessary habit
  • The real lesson applies to any framework: start simple, add structure when the problem demands it
  • Know when a minimal approach stops being minimal and becomes ad-hoc complexity

Minimal APIs After the Hype: What Remains When Boilerplate Is Gone?

Age Verification Laws: When Legislators Write Code Requirements

TLDR: California and Colorado have passed or proposed laws requiring operating systems and app stores to collect age verification data, with fines up to $7,500 per affected minor. The author argues these laws are written by people who do not understand how software actually works.

This article hits on something that should make every developer uncomfortable. Legislative bodies are writing laws that mandate specific technical implementations -- age verification at the OS and app store level -- without understanding the engineering implications, privacy tradeoffs, or even the basic feasibility of what they are requiring.

The fines are significant: up to $7,500 per affected minor for intentional violations. That is the kind of number that gets legal departments involved and engineering roadmaps derailed. But the deeper problem is the compliance model itself. Age verification at scale requires collecting sensitive personal data -- government IDs, biometric scans, or detailed personal information. You are solving a child safety problem by creating a massive surveillance and data breach risk. The cure may genuinely be worse than the disease.

What the article is right to be angry about -- but could be more precise about -- is the enforcement gap. These laws apply to platform providers (Apple, Google, Microsoft), but the actual content that minors should not access often lives behind web URLs that bypass app stores entirely. You can lock down the App Store and Play Store, and a determined teenager still opens a browser. The legislation targets the most visible, most regulated layer while leaving the actual access vectors wide open.

The piece could also dig deeper into what alternative approaches exist. Age verification does not have to mean "upload your driver's license." Zero-knowledge proof systems and privacy-preserving age attestation protocols exist. They are not mature enough for deployment at this scale, but the fact that they are not even part of the legislative conversation tells you something about the gap between policymakers and technologists.

Key takeaways:

  • Age verification mandates create massive data collection and privacy risks
  • Fines of $7,500 per minor create enormous compliance pressure on platform providers
  • These laws target app stores while leaving web browsers as an unregulated access path
  • Privacy-preserving alternatives like zero-knowledge proofs exist but are not being considered
  • The gap between legislative intent and technical feasibility is dangerously wide

Tradeoffs: There is a genuine tension between child safety and privacy. Age verification that works requires data collection that creates new risks. Platform-level enforcement misses web-based access. And overly strict compliance requirements could push developers to over-collect data "just in case," making the privacy problem worse.

Are you f**king kidding?

Ruby vs. Python: The Happiness Argument

TLDR: A personal case for Ruby over Python, arguing that Ruby's pure object-oriented design, expressive blocks and DSLs, and Rails' opinionated "omakase" philosophy make it the better choice for product builders and SaaS developers.

Let us get the obvious out of the way: Python has won the popularity contest, and it is not close. The data science and AI ecosystem alone ensures Python's dominance in raw adoption numbers. The author acknowledges this upfront, which is refreshing, and then makes the case that popularity is not the right metric for choosing a language.

The argument centers on developer happiness and productivity for a specific use case: building SaaS products and web applications. Ruby's pure object-oriented model (everything is an object, no exceptions), its block syntax for creating expressive DSLs, and the Rails framework's cohesive "omakase" philosophy -- where the framework makes opinionated choices so you do not have to -- all add up to what the author calls a more joyful development experience.

There is something honest about this argument, and also something it avoids confronting. The "happiness" metric is deeply personal and not transferable. A developer who learned Python first and thinks in Python's idioms will not suddenly find Ruby more joyful just because blocks are syntactically elegant. The article presents Ruby's expressiveness as objectively superior without acknowledging that expressiveness and readability often trade off against each other. Ruby's metaprogramming capabilities can produce beautiful, concise code -- or they can produce code that is nearly impossible to debug because the method you are calling does not exist in any file you can search for.

The piece is also silent on the ecosystem and hiring reality. If you are a solo developer building a SaaS product, sure, use whatever makes you happy. But if you need to hire a team, Python's talent pool dwarfs Ruby's. That is not a quality judgment; it is a practical constraint that the "choose happiness" framing conveniently sidesteps.

Key takeaways:

  • Ruby's pure OOP model and expressive syntax offer genuine developer ergonomics advantages
  • Rails' opinionated approach reduces decision fatigue for SaaS development
  • Python's ecosystem dominance in AI and data science is acknowledged but not treated as decisive
  • The "happiness" argument is personal and does not transfer automatically between developers
  • Hiring constraints and ecosystem size are practical factors the article understates

Ruby vs. Python: Why I Choose Happiness Over Hype

☕ Knowledge costs tokens,fuel meHelp me keep the content flowing
External Links (4)

Make custom elements behave with scoped registries

app.daily.dev

Minimal APIs After the Hype: What Remains When Boilerplate Is Gone?

app.daily.dev

Are you f**king kidding?

app.daily.dev

Ruby vs. Python: Why I Choose Happiness Over Hype

app.daily.dev

Sign in to bookmark these links
Previous
Photoshop's AI Assistant Closes the Skill Gap Between Vision and Execution
Next
The Big Three Interview Questions, AI Code Quality Reality Check, and When Standardization Actually Matters