I'm developing a private web application for a company and they ask me to use their server to host it. I would like to prevent them the access to the source code. How can i do that? Their server is running debian and they have the root access..

I found some solution like packaging the application in one executable file but the application have lot's of dependency and I'm using loopback.io framework; this make packaging very difficult..

Any different solution?

The answer is no, you cannot prevent them from seeing the source-code. If they own the source-code, then it is even unethic to want something like this. If you own the source-code, then minify it. But before you do that, think about it. Will it raise the trust of your client in you? Even binary source-codes can be reverse-engineered. With interpreted languages, like Javascript, you cannot even do that. If you are afraid they will not pay you unless you protect the source-code, then implement the project on a local server and create a video to back up your claim that the project is completed. Although, everything depends on the actual agreement, which, you understandably will not share with us.

You can't prevent them from seeing the source code, but you can make it harder to read with browserify and uglifyjs:

browserify index.js --no-bundle-external --node | uglifyjs -c > bundle.js

This unfortunately won't preserve the original stack trace of errors and will make it harder to debug.