←back to thread

The tragedy of running an old Node project

(abdisalan.com)
272 points abdisalan | 6 comments | 18 Nov 24 18:24 UTC | HN request time: 0.871s | source | bottom
Show context
Klonoar ◴[18 Nov 24 18:35 UTC] No.42175423[source]
You know, I ran into something similar recently with a static site engine (Zola). Was moving to a new host and figured I'd just copy and run the binary, only to have it fail due to linking OpenSSL. I had customized the internals years ago and stupidly never committed it anywhere, and attempting to build it fresh ran into issues with yanked crates.

Since it's just a binary though, I wound up grabbing the OpenSSL from the old box and patching the binary to just point to that instead. Thing runs fine after that.

This is all, of course, still totally stupid - but I did find myself thinking how much worse comparable events in JS have been for me over the years. What would have been easily an entire afternoon ended up taking 15 minutes - and a chunk of that was just double checking commands I'd long forgotten.

replies(3): >>42175501 #>>42175582 #>>42175642 #
ikawe ◴[18 Nov 24 18:50 UTC] No.42175582[source]
What’s the issue with yanked crates? It should still build from your lockfile, even if it contains yanked crates.
replies(1): >>42181118 #
1. swiftcoder ◴[19 Nov 24 08:24 UTC] No.42181118[source]
Assuming you actually committed the lockfile...
replies(1): >>42181489 #
2. mst ◴[19 Nov 24 09:26 UTC] No.42181489[source]
Never underestimate the potential of past-you to have accidentally missed a tiny but essential step in a way that won't have made a noticeable difference at the time, yeah.
replies(2): >>42183233 #>>42192391 #
3. vulcan01 ◴[19 Nov 24 13:33 UTC] No.42183233[source]
This is why Nix (with flakes), in a git repository, will refuse to use a lockfile that isn't being tracked by git.
replies(2): >>42184002 #>>42192895 #
4. pornel ◴[19 Nov 24 14:49 UTC] No.42184002{3}[source]
Nix also breaks if you try to update it, and you'll eventually have to update for security issues.

I'm stuck with a defunct Nix project I can't update, because crane and fenix flakes made breaking changes, and nix is giving me incomprehensible errors. I've spent enough time googling the errors that I'd be quicker to start over with a nix-less VM.

5. swiftcoder ◴[20 Nov 24 10:05 UTC] No.42192391[source]
I think the other foot-gun here is that the official recommendation is that library crates not check-in their lockfile (I assume because that prevents downstream crates from freely taking updates to common dependencies).

This has the unfortunate side-effect that while downstream apps might still build, the library itself (and any examples in the library repo) may not compile after some time...

6. mst ◴[20 Nov 24 11:32 UTC] No.42192895{3}[source]
Yes, that's an excellent idea, and will free up time to deal with the *other* stupid mistakes past-me made :D