hocuspocus icon indicating copy to clipboard operation
hocuspocus copied to clipboard
verified publisher icon ueberdosis

2.10.0 breaks provider in nodejs

Open tobowers opened this issue 1 year ago • 8 comments

Description The compiled code in 2.10.0 of the provider has these lines:

/* eslint-env browser */
const getRandomValues = crypto.getRandomValues.bind(crypto);

/**
 * Isomorphic module for true random numbers / buffers / uuids.
 *
 * Attention: falls back to Math.random if the browser does not support crypto.
 *
 * @module random
 */

const uint32 = () => getRandomValues(new Uint32Array(1))[0];

crypto does not appear in the 2.9.0 package.

crypto is not defined in the global scope so a simple `import {...} from "@hocuspocus/provider" errors with "ReferenceError: crypto is not defined"

Steps to reproduce the bug Simply import 2.10.0 provider in a nodejs environment

Expected behavior Continue to work :).

Environment?

  • operating system: macos / nodejs 18
  • browser: N/A
  • mobile/desktop:
  • Hocuspocus version: 2.10.0

Additional context Add any other context about the problem here.

tobowers avatar Feb 08 '24 08:02 tobowers

hmm, the mentioned code is coming from lib0/random and uses the crypto API (https://nodejs.org/api/crypto.html#cryptogetrandomvaluestypedarray), which should be available since node v17. I've just tried this in node20 and node18, both works, just v16 fails.

janthurau avatar Feb 08 '24 10:02 janthurau

hmm, the mentioned code is coming from lib0/random and uses the crypto API (https://nodejs.org/api/crypto.html#cryptogetrandomvaluestypedarray), which should be available since node v17. I've just tried this in node20 and node18, both works, just v16 fails.

The problem is "crypto" isn't imported.

tobowers avatar Feb 08 '24 11:02 tobowers

I should note that I'm using the esm compiled code. I didn't check the cjs

tobowers avatar Feb 08 '24 12:02 tobowers

@tobowers: Did you find a solution for this? @janthurau: I have the same problem in context with node18 and nuxt ssr...

stpietsch avatar Feb 12 '24 11:02 stpietsch

Right it's a bug and no, I just locked our version at 2.9.0

@tobowers: Did you find a solution for this? @janthurau: I have the same problem in context with node18 and nuxt ssr...

tobowers avatar Feb 12 '24 12:02 tobowers

It looks like node18 only has the crypto global if the --experimental-global-webcrypto flag is used (https://nodejs.org/docs/latest-v18.x/api/globals.html#crypto_1). In 20 it's global by default.

Need to check how to tell the bundler to add this import for backward compatibility 🤔

janthurau avatar Feb 12 '24 12:02 janthurau

It looks like node18 only has the crypto global if the --experimental-global-webcrypto flag is used (https://nodejs.org/docs/latest-v18.x/api/globals.html#crypto_1). In 20 it's global by default.

Need to check how to tell the bundler to add this import for backward compatibility 🤔

I think you can just import crypto from "crypto" at the top of the file?

tobowers avatar Apr 29 '24 13:04 tobowers

Facing the same issue, pinned version to 2.9.0 for now

mnzaki avatar Jun 12 '24 12:06 mnzaki