Semver in Retrograde
Source: Dev.to
DEV April Fools Challenge Submission
Project: Semver‑in‑Retrograde – a “dependency‑analysis” tool that delivers executive‑grade reports about a project’s emotional state.
Live demo:
Repository:
What It Does
Paste a
package.json.Click “Analyze my dependency aura.”
A serious‑looking dashboard appears, delivering a dead‑serious executive reading that includes:
- Aura Stability
- Chaos Index
- Peer Dependency Tension
- Mercury Status
- The Dependency “Big 3”
- Prophecy
- Lucky command
- Share card (ready for an internal quarterly review)
The contrast between the corporate UI and the mystic output is the joke.
Bonus feature: If the uploaded file looks like a
requirements.txtor aGemfile, the app returns 418 I’m a teapot – “Wrong ecosystem, wrong beverage.”
Technical Overview
| Layer | Responsibility |
|---|---|
| Local code | Parses the manifest, extracts features, computes deterministic scores. |
| Gemini (server‑side) | Turns the extracted numbers into a polished, executive‑style narrative (summary, sun/moon/rising, red flags, prophecy, lucky command, share caption). |
| Zod | Validates the structured JSON returned from Gemini before rendering. |
| Next.js + TypeScript + Tailwind CSS | Front‑end & routing. |
| Gemini API (disabled in prod) | Used only in development/eval; production serves a fixed “budget‑committee safe mode” statement to avoid unlimited API costs. |
Feature Extraction (deterministic)
- Dependency counts (regular, dev, peer, optional)
- Version ranges (wildcards,
latest, exact) - Overrides / resolutions
- Lifecycle scripts (
pre*,post*,postinstall, etc.) - Package‑manager hints (npm, yarn, pnpm)
- Framework / test / build tool fingerprints
These feed a weighted scoring model that produces the following metrics:
| Metric | What Influences It |
|---|---|
| Aura Stability | Pinned versions ↑, wildcards/latest ↓ |
| Chaos Index | Loose ranges, many lifecycle scripts, workspace sprawl ↑ |
| Peer Dependency Tension | High number of peerDependencies ↑ |
| Boundary Issues | Overrides, resolutions, workspace hints ↑ |
| Trust Issues | Private packages, postinstall, suspicious scripts ↑ |
| Mercury Status | Severity of lifecycle scripts (especially pre*, post*, postinstall) ↑ |
All scores are deterministic – the same manifest always yields the same numbers.
Gemini‑Generated Content (tone only)
- Executive summary
- Sun / moon / rising interpretations
- Red‑flag commentary
- Prophecy
- Lucky shell command
- Share caption
Gemini receives the extracted features and the computed numbers, then produces the final narrative. It never decides the scores.
Development & Evaluation Setup
- Promptfoo harness around the reading endpoint → ensures structured‑output contract.
- Two‑layer eval:
- Deterministic checks (JSON shape, live‑mode fixture, no drift into engineering advice, lucky command format, signal reflection).
- LLM‑as‑judge rubrics (tone, sincerity‑based humor, grounding in fixture).
- Runner hits the actual Next.js app over HTTP, so the eval path mirrors the real product path.
Saved eval run:
- ID:
eval-qw8-2026-04-08T00:18:21 - Public report:
- Raw JSON:
Design Goal
“This should look like a compliance product that got trapped in a spiritual crisis.”
The UI mimics a serious corporate audit dashboard, while the output is a deterministic, mystic‑flavored executive report.
Quick Demo Flow
- Paste a
package.json. - Click “Analyze my dependency aura.”
- Watch the dashboard appear, ready to audit your org.
- Realize it’s talking about your project’s emotional instability.
Final Notes
- The public deployment does not call Gemini; it serves a fixed, budget‑conscious executive statement.
- The full Gemini path is used locally and during evaluation.
- The 418‑teapot response for non‑Node manifests is intentionally useless, correct, and deeply satisfying.
Test Run Summary
That run used:
- promptfoo
- 4 manifest fixtures
- 8 expanded test cases
- concurrency set to 1
light retrying around transient model-availability issues
Gemini as the judge model
Result:
8 / 8 passing
0 failures
0 errors
runtime: about 133 secondsFixtures
The fixtures cover four different dependency personalities:
- a mildly over‑governed Next.js workspace
- a commitment‑avoidant Vite app with latest and wildcard ranges
- a haunted library with overrides, resolutions, and lifecycle weirdness
- a relatively boring steady package that should not be over‑dramatised
That last case mattered. A joke product can always get louder. The harder part is keeping it funny without inventing drama the manifest did not earn.
Submission
I am submitting this for Best Google AI Usage.
Google AI is central to the project. Gemini runs the narrative layer on the server, returns structured JSON instead of free‑form prose, gets validated before display, and sits behind evals that check both hard constraints and tone. The product only works because of that split between deterministic scoring and AI‑generated corporate mysticism.
That is the role I wanted the model to play. It does not own the critical logic. It owns the polished nonsense.
If your JavaScript project has unresolved dependency feelings, Semver in Retrograde is ready to misinterpret them at enterprise scale.