https://github.com/guardrailsio/nodejs-backend-challenge
GuardRails's assignment for NodeJS Backend engineers
https://github.com/guardrailsio/nodejs-backend-challenge
Last synced: 2 months ago
JSON representation
GuardRails's assignment for NodeJS Backend engineers
- Host: GitHub
- URL: https://github.com/guardrailsio/nodejs-backend-challenge
- Owner: guardrailsio
- Created: 2023-01-23T04:02:27.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2023-02-11T08:41:20.000Z (over 2 years ago)
- Last Synced: 2025-04-02T05:13:27.718Z (7 months ago)
- Size: 4.88 KB
- Stars: 2
- Watchers: 3
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Node.js Engineer Coding Challenge
> This repository contains the coding challenge for backend engineers.
**Note:** Please don't fork this repository, create a pull request against it, or use GuardRails in the repo name. Otherwise other candidates may take inspiration from it.
## Description
Simulate a code scanning application that detects vulnerabilities in git repository.
The application must fulfil the following requirements:
- A user can trigger a scan event (POST)
- A user can view a scan result (GET)
How to do a scan:
- When a scan is triggered, there should be a worker listening and acknowledging the message.
- When the worker is being invoked:
- Sleep X (1 - 10) seconds after pick up an scan event
- Generate randomly number of vulnerabilities (0 - 5)
- Based on the vulnerabilities, using this [free API](https://names.drycodes.com/20?nameOptions=funnyWords) to get randomly names representing for the file's name contains that one
The Entity should be stored in a database of your choice and have at least the following properties:
- Result
- A unique ID
- A Scan ID foreign key
- The findings, see the following example
```json
{
"findings": [
{
"type": "sast",
"location": {
"path": ,
"positions": {
"begin": {
"line":
}
}
}
},
{
"type": "sast",
"location": {
"path": ,
"positions": {
"begin": {
"line":
}
}
}
}
]
}
```
- Scan Event
- A unique ID
- The repsository name
- The scan's status (one of "Queued" | "In Progress" | "Success" - 0 vulnerability | "Failure" - 1+ vulnerability)
- Timestamps that indicate when a scan was queued, as well as when the scan started and finished
**What we want to see:**
- Project Structure: Clear organization and structure of folders, code and functionality
- Idiomatic Code: Following established community standards, code consistency, use of linters, formatting, error handling, and anything else that shows your skills. Simple is better than complex
- Stack Knowledge: Proper use of Node.js (TypeScript) and selected frameworks / libraries with message queue
- Implementation: The implementation has to work according to the specs
- Unit Tests: Covering the core functionality with unit tests
- Proper Documentation:
- A High-Level Design for the components / infrastructure if any
- Describe how you came up with the solution and what makes it a good one for the use-case
- Describe how to configure the project, how to start it, how to test it etc
- SQL schema: proper modeling all entities and their relationship on the DB level
**Bonus points for:**
- Documentation
- Use of appropriate design patterns
- Code comments
**Things you don't have to worry about:**
- Authentication / Authorization
- CI configuration / Deployment
- APM
## Scoring
| General | Points |
|------------------------|--------|
| Project structure | 0-3 |
| Idiomatic code | 0-3 |
| Stack Knowledge | 0-3 |
| Implementation | 0-3 |
| Unit tests | 0-3 |
| README & Documentation | 0-3 |
| SQL Schema | 0/1 |
| Bonus | Points |
|-------------------|--------|
| Code Comments | 0/1 |
| Dockerization | 0/1 |
| Design Patterns | 0/1 |
Maxium points: 22