starknet.js Resolve package dependency on Abi Wan

Describe the bug [email protected] - 7.7MB / 14 packages [email protected] - 123MB / 46 packages

The issue is in Abi wan CLI packages for js to ts conversion This is both security and package size issue. We want to reduce dependency graph to lowest possible footprint

To Screenshots

To Reproduce https://pkg-size.dev/[email protected] https://pkg-size.dev/[email protected]

Additional context My recommendation for fixing this is:

removing any non-essential stuff from abi-wan dependency
remove script for js -> ts conversion from abi-wan package and deploy separately to npm
script is used with npx so it doesn't need to be part of default package
fix abi one dist to only TS decoder/encoder with no additional files besides dist
use same TS versions so npm do not install both v4.9.5 and typescript v5.3.3

Feb 08 '24 12:02 tabaktoni

Hi @tabaktoni Please can this be assign to me. Thank you.

Apr 02 '24 09:04 GoSTEAN

@GoSTEAN good luck!

Apr 03 '24 09:04 ivpavici

@GoSTEAN hi! any progress?

Apr 16 '24 19:04 ivpavici

@ivpavici yes there is progress and I will be done soon. Thank you for your patience.

Apr 16 '24 20:04 GoSTEAN

ok if not done until 22nd I will offer this task on the ODHack event https://onlydust.notion.site/ODHack-Common-Guidelines-b9c6b6a4ac4146d087185568aca38a3f

Apr 19 '24 13:04 ivpavici

@ivpavici I have created a PR

Apr 20 '24 19:04 GoSTEAN

@ivpavici https://github.com/starknet-io/starknet.js/pull/1091 the PR

Apr 20 '24 19:04 GoSTEAN

Abi-wan is resolved!

But, we have 2 noble-curves versions -> check to remove the older one https://pkg-size.dev/[email protected]

Jul 15 '24 09:07 ivpavici

The duplication for the @noble libraries occurred because they are used both directly and as sub-dependencies for one of the @scure libraries where they are limited to only patch version updates.

This has been resolved by #1197. Going forward we should aim to keep them aligned.

Aug 17 '24 17:08 penovicp