Rules Hub
Coding Rules Library
← Back to all rules
Rule priority, scope & exceptions
Use this to align rules with the senior-level structure (P0/P1/P2, scope, exceptions/tradeoffs).
backend ruleP0universalStack: node
dependenciesreproducibilitybuild
Explicitly declare dependencies and avoid relying on global installs
Deploys should work from a clean install using only declared dependencies.
Created: Feb 10, 2026
Bad example
Old codets
| 1 | // server.ts |
| 2 | // Assumes a globally installed package exists at runtime. |
| 3 | // (This will work on your machine but fail in CI/production.) |
| 4 | // eslint-disable-next-line @typescript-eslint/no-var-requires |
| 5 | const helmet = require("helmet"); |
| 6 |
|
| 7 | import express from "express"; |
| 8 |
|
| 9 | const app = express(); |
| 10 | app.use(helmet()); |
| 11 | app.get("/health", (_req, res) => res.json({ ok: true })); |
| 12 | app.listen(3000); |
Explanation (EN)
Relying on undeclared or globally installed packages makes builds and deployments fragile and non-reproducible.
Objašnjenje (HR)
Oslanjanje na ne-deklarirane ili globalno instalirane pakete čini build i deploy krhkima i nereproducibilnima.
Good example
New codets
| 1 | // package.json |
| 2 | { |
| 3 | "dependencies": { |
| 4 | "express": "^4.19.0", |
| 5 | "helmet": "^7.1.0" |
| 6 | } |
| 7 | } |
| 8 |
|
| 9 | // server.ts |
| 10 | import express from "express"; |
| 11 | import helmet from "helmet"; |
| 12 |
|
| 13 | const app = express(); |
| 14 | app.use(helmet()); |
| 15 | app.get("/health", (_req, res) => res.json({ ok: true })); |
| 16 | app.listen(3000); |
Explanation (EN)
Declaring all dependencies makes a clean install reliable in CI and production, and keeps environments consistent.
Objašnjenje (HR)
Deklariranjem svih dependencyja osiguravaš da clean install radi u CI-u i produkciji te da su okruženja konzistentna.