Skip to content

Instantly share code, notes, and snippets.

@Miragium-code

Miragium-code/my_claim_to_guest271314.md

Last active June 8, 2025 02:00
Show Gist options
  • Save Miragium-code/520bd9e01748dda65c3a0723e88eda1d to your computer and use it in GitHub Desktop.
Save Miragium-code/520bd9e01748dda65c3a0723e88eda1d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
my_claim_to_guest271314.md

my claim to guest271314

The task

  • create a website / web API depending directly on no more than 10 packages, but depending indirectly on more than 50 packages.
  • run the project, host it online or make sure it work at least locally. This will be version A.
  • Latter, change something in the code, and deploy the project again and keep all of the dependencies at the same versions as before. Deploy this new version. This will be version B.
  • Latter again, upgrade one indirect dependencies without changing the versions of your direct dependencies. Deploy this new version. This will be version C.
  • Then upgrade one or several direct dependency. Deploy this new version. This will be version D.
  • Finally, roll back all those changes and go back to version A, and deploy this version with exactly the packages it used at the time.

Protocol

  • Once you have completed the task, you will deliver the project in a way that will allow me to access version A, B, C and D. A git repository is prefered, but any other medium is allowed as long as I can access all versions.
  • You will provide instructions as to how the project is meant to be setup, either as documentation or support.
  • Once I have access to all versions of the project I will verify the following :
    • I am able to install all the dependencies at the exact versions you used
    • I am able to create a new version of the project whith the desired versions of the dependencies
    • I am able to manage dependencies as I do on any other project. This means I have access to commands (or procedures I can do entierly in the terminal) to :
      • list all the direct dependencies on the project
      • list all dependencies on the project, direct and indirect
      • add a new dependency and install it, along with all its indirect dependencies
      • change the version of a dependency
      • re-install all dependencies to their target version in the project
      • upgrade all dependencies to their latest version

Restrictions

  • You may use any registry for you dependencies, as long as it is publicly accessible on the web.
  • You may use any Javascript runtime that is publicly accessible.
  • As is good practice, you cannot include the dependencies in the render of the project you will send me (this could break if the project was deployed on a different OS or architecture). Instead, I will reinstall them when I deploy the project.

The Claim

You will not be able to do this by downloading the packages directly, even with an import map. You are gonna need a tool to remember the versions of all the 100+ packages, either an existing tool (like a package manager) or something you have to write yourself.

Raw
package.json
{
"name": "test",
"version": "1.0.0",
"description": "",
"license": "ISC",
"author": "",
"type": "commonjs",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"dependencies": {
"bcrypt": "^6.0.0",
"ejs": "^3.1.10",
"koa": "^3.0.0",
"koa-body": "^6.0.1",
"koa-router": "^13.0.1",
"pg": "^8.16.0"
}
}
@guest271314
Copy link

Looks like bcrypt depends on .node file. So at least that file in node_modules need to be kept around outside of bundle.js.

Another detail. This is what I use with Deno to support the bare Node.js globals (global, specifically) with the original index.js file, which also fetches dependencies from NPM, when necessary, and creates the node_modules folder node and bun expect

deno -A --allow-scripts --node-modules-dir=auto index.js

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment