// the find
santiq/bulletproof-nodejs
Implementation of a bulletproof node.js API 🛡️
A reference architecture for Express/TypeScript APIs, built around dependency injection (typedi), MongoDB/Mongoose, and a clean loader pattern that separates app initialization from route handling. It's aimed at solo devs or small teams who want a starting point with opinions baked in rather than a blank canvas. The underlying blog post is the real deliverable; the code is the companion.
The loader pattern is genuinely good — splitting database, DI container, jobs, and express setup into discrete loaders keeps app.ts clean and makes each piece independently testable. Using celebrate+Joi at the route level is the right call: schema validation lives where the route is defined, not buried in a service. Typedi integration is well-structured; injecting services into controllers via constructor DI rather than importing singletons is a meaningful improvement over most Express tutorials. The separation of subscribers/events from services is a nice touch that most boilerplates skip.
Node 14.9.0 is end-of-life as of 2023; the repo hasn't been updated since mid-2024 and has no indication it will be. The tests directory is literally empty — `tests/.gitkeep` and a sample file with no actual tests, which undercuts the 'bulletproof' claim hard. MongoDB/Mongoose is the only persistence option and it's wired in deeply, so adopting this for a Postgres project means rewriting the data layer from scratch. Agenda.js for job scheduling is a MongoDB-backed queue with known reliability issues under load; the roadmap checkbox for an Agenda dashboard has been sitting unchecked for years.