-
Notifications
You must be signed in to change notification settings - Fork 262
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mock-aws-s3, aws-sdk, nock dependencies vs devDependencies issue #661
Comments
I've encountered the same issue while trying to compile a back-end app with webpack for limited distribution. @johnmanko's analysis definitely looks correct to me. |
I encountered this issue when depending on |
I ended up having to remove
|
I encountered this issue using nest js. I solved it by removing // I remove this block
"compilerOptions": {
"webpack": true
} |
+1 |
+1, encountered depending on node-sqlite3 |
I have encountered the same problem and opened an issue at bcrypt yesterday so they improve their README, but my bad I didn't know that was a recent |
Is there a workaround for this issue? I face this problem |
Bad workaround, add this to your webpack.config.js: const config = {
// Some other config
externals: [
{
'nock': 'commonjs2 nock',
'mock-aws-s3': 'commonjs2 mock-aws-s3'
}
],
} This will tell webpack to let the |
Downside of this is that you need to handle all the runtime errors (like nested runtime dependencies) can take a long long time |
I stumbled upon this as well when trying to bundle the DuckDB Node.js package. This additionally attempts to require Using esbuild is seemingly also not an option, as this produces incorrect builds as well, due to |
some error here... |
Hmmm. So i got same error while using bcrypt in a nuxt app. And i just kept on thinking what nuxt had to do with aws. It was frustrating. I just kept on searching online and stumbled at this |
I got this error using Vite and sqlite in an Electron.js app |
+1 with sqlite3 |
+1 with Vite and sqlite (Sveltekit app) |
+1 electron + sqlite |
I solved it by adding externals: ['nock', 'mock-aws-s3', 'aws-sdk'], in webpack config |
I guess that won‘t help you if the code is actually run, because then the dependencies are missing IMO |
Having the same issue depending on bcrypt inside of an Astro project. |
+1 with sqlite3 |
+1 depending on |
+1 sqlite3 |
+1 sqlite3. send help |
This issue has caused me an incredible amount of lost time trying to work around it. There are some suggested solutions to get sqlite3 (which depends on this package) and vite work, but they didn't work for me. To continue the development, I am falling back into implementing a custom file storage without SQL until this is fixed and I can revert to sqlite3. I'm not mentioning this not because I think I am entitled to having this software working, but to provide visibility on the impact it's having. |
@fcanela despite Bun is in a very experimental stage, it's worth keeping an eye on it, as it has SQLite in the standard library, out of the box, without any precompiled dependency. Its standard library provides solutions to a big part of the problems described in this thread. |
A snippet for anyone if you rather just migrate from bcrypt to scrypt: import { randomBytes, scrypt, timingSafeEqual } from 'node:crypto';
/**
* https://dev.to/advename/comment/24a9e
*/
const keyLength = 32;
/**
* Has a password or a secret with a password hashing algorithm (scrypt)
* @param {string} password
* @returns {string} The salt+hash
*/
export const hash = async (password: string) => {
return new Promise((resolve, reject) => {
// generate random 16 bytes long salt - recommended by NodeJS Docs
const salt = randomBytes(16).toString('hex');
scrypt(password, salt, keyLength, (error, derivedKey) => {
if (error) reject(error);
// derivedKey is of type Buffer
resolve(`${salt}.${derivedKey.toString('hex')}`);
});
});
};
/**
* Compare a plain text password with a salt+hash password
* @param {string} password The plain text password
* @param {string} hash The hash+salt to check against
* @returns {boolean}
*/
export const compare = async (password: string, hash: string) => {
return new Promise((resolve, reject) => {
const [salt, hashKey] = hash.split('.');
// we need to pass buffer values to timingSafeEqual
const hashKeyBuff = Buffer.from(hashKey, 'hex');
scrypt(password, salt, keyLength, (error, derivedKey) => {
if (error) reject(error);
// compare the new supplied password with the hashed password using timeSafeEqual
resolve(timingSafeEqual(hashKeyBuff, derivedKey));
});
});
}; |
I use bcryptjs instead of bcrypt and it worked |
Exacly! I installed bycryptjs instead of bycrypt and the problem disappeared |
This bug looks suffer a lot of people and seems still no PR to resolve it. I think it should be easy to solve it by changing dependencies declaration. Should I try to raise the PR? |
What happens when you |
I don't get why this is still a problem. |
still having an issue since, i don't include that package in my package.json file |
@jheavejimenez what package are you using that requires |
…)" This reverts commit eaf61e6.
* fix: use typed env and styling * chore: install posthog-node * feat: identify user after logging in * feat: feature flag controls for announcement banner * fix: storybook failed build (see mapbox/node-pre-gyp/issues/661) * fix: https://nextjs.org/docs/messages/sharp-missing-in-production * fix: move feature flag evaluation to the implementation level instead of on the component level * Revert "fix: storybook failed build (see mapbox/node-pre-gyp/issues/661)" This reverts commit eaf61e6. * chore: move posthog-node code to server dir
I'm having this same issue when trying to bundle https://github.com/IBM/node-odbc via a Next app (webpack/turbopack) As it looks like it's intended for these to be in the call-stack from the comments around the requires, Is it not possible to just move these into the dependencies from dev, or is there unintended consequences I'm not seeing doing this? |
I had problems building an application in NestJs with serverless and webpack. The solution was to use bcryptjs instead of bcrypt |
Usage of
mock-aws-s3
,aws-sdk
, andnock
are used in the call stack originating fromlib/node-pre-gyp.js
(which is the packagemain
), but they are only listed in"devDependencies"
.This causes a problem with webpack:
Either those modules should be moved to
"dependencies"
, or the main call chain should never hit them.The text was updated successfully, but these errors were encountered: