module: change default resolver to not throw on unknown scheme

[giltayar]

This is an example toy loader that supports HTTP[S]. This code should work (in a simplistic way):

export async function load(url, context, nextLoad) {
  if (url.startsWith('http://') || url.startsWith('https://')) {
    const response = await fetch(url, {redirect: 'follow'})
    const source = await response.text()

    return {shortCircuit: true, format: 'module',source}
  }
  return await nextLoad(url, context)
}

Unfortunately, this won't work. If you use it, you will get an ERR_UNSUPPORTED_ESM_URL_SCHEME because the default Node.js resolver doesn't support HTTPS, and throws on unknown schemes. So unfortunately I had to write that this loader needs a resolver, even though the only thing it does is support loading HTTPS. And the resolver I had to wrote was non-trivial, and IIUC replicates some of what the default resolver does:

export async function resolve(specifier, context, nextResolve) {
  if (isBareSpecifier(specifier))
    return await nextResolve(specifier, context)

  const url = new URL(specifier, context.parentURL).href

  if (url.startsWith('http://') || url.startsWith('https://'))
    return {url, shortCircuit: true}

  return await nextResolve(specifier, context)
}

Thinking about it more, I realized that the only reason I need to write this resolver is that Node.js doesn't recognize the HTTP scheme in its resolver. But if Node.js would have not recognized the scheme in the loader, then I wouldn't have needed to write this resolver at all.

So my point is this: both checks for unknown scheme and unknown file extension should move from the default Node.js resolver to the default Node.js loader. This will obviate the need for some loaders to implement a resolve which mostly replicates the Node.js logic, just for the sake of avoiding these exceptions.

This PR implements exactly that.

Fixes nodejs/loaders#138

Notable change:

The ESM loader no longer throws on unknown protocol/file extension in the resolve phase, so import.meta.resolve behavior matches the behavior of other runtimes. This change is potentially for loader hooks authors that rely on the old behavior.

[nodejs-github-bot]

Review requested:

• @nodejs/loaders
• @nodejs/modules

[ljharb]

What is the resolver supposed to do exactly if it's not even checking for a valid scheme?

[giltayar]

@ljhard roughly new URL(specifier, context.parentURL) if not bare specifier. If it is a bare specifier, then what it always did.

I reflected this in the documentation, which descibes what the Node.js resolver does.

[giltayar]

@ljharb All this PR does is move the "oneliner" that throws if unknown scheme from the resolver to the loader. In some ways, it makes sense: the Node.js resolver can resolve any URL (by absolutization). It doesn't care what the scheme is. The Node.js loader, OTOH, should care about the scheme, because it's goal is to read the code from there.

[ljharb]

Right, I get that - i'm just confused why this kind of validation belongs in the loader instead of the resolver.

If you're providing a custom loader for a scheme node doesn't support i would expect you have to override the resolver as well as the loader.

[giltayar]

@ljharb resolving a URL is a standard algorithm: absolutize the specifier with the parent URL. It is scheme agnostic. This is why the default Node.js resolver shouldn't care about the scheme. And as I said earlier: the loader, because it needs to load from the URL, should care about the URL scheme.

So there is no reason most loaders that support loading from a certain scheme/url should need to replicate the logic for resolving a url given a specifier and an absolute parent url. It's not their domain and better left to the Node.js resolver.

[GeoffreyBooth]

If we’re moving the check for unsupported schemes into load, then we should move the check for unsupported file types/extensions into load as well (or does that already happen as part of load?)

[GeoffreyBooth]

Have you tested this code? Can you add it to the examples in https://github.com/nodejs/loaders-test?

We should probably have an example that needs to use both resolve and load, so that we demonstrate how the two hooks work together. Ideally it would be as realistic a use case as possible.

Speaking of realistic examples, another “resolve-only” use case discussed in the design docs for the loaders API was to rewrite specifiers like lodash into URLs like https://esm.sh/lodash. Perhaps this might be a better example than this “overriding loader,” as it would presumably be a lot shorter of an example.

[giltayar]

Have you tested this code? Can you add it to the examples in https://github.com/nodejs/loaders-test?

I have (in my repo that I link to in the issue), but I can definitely copy it to https://github.com/nodejs/loaders-test.

Speaking of realistic examples, another “resolve-only” use case discussed in the design docs for the loaders API was to rewrite specifiers like lodash into URLs like https://esm.sh/lodash

The example I gave is very realistic as it is a simplification of import maps, where you can map bare specifiers to specific files. I can definitely use your use-case, but I think in terms of complexity, they're roughly the same.

[giltayar]

Once this lands (hopefully...😊), I'll not only add this loader to the loaders-test, but also modify the http-loader and typescript-loader to not need resolvers.

[GeoffreyBooth]

This would be a breaking change to the resolution algorithm. cc @guybedford

I think Node could and still should throw this error, it would just be as part of resolution and loading, as opposed to just resolution. So all we really need to do is rename the section “Module resolution and loading algorithm,” and you add the steps for loading and move the error to there. From the consumer’s perspective there would be no breaking changes.

[GeoffreyBooth]

If we’re moving the check for unsupported schemes into load, then we should move the check for unsupported file types/extensions into load as well (or does that already happen as part of load?)

@GeoffreyBooth already happens today

All the more reason then to extend this algorithm definition to include the loading phase, to document which errors get thrown during that phase too.

[giltayar]

I agree. But I think this is out of scope for this issue.

[GeoffreyBooth]

I agree. But I think this is out of scope for this issue.

I don’t think so, as this PR is all about moving an error into the loading phase. The loading phase is so simple that we don’t currently define that algorithm (it’s essentially “load the source from the resolved URL”) so it’s really just adding the validation checks that happen before that step.

[MoLow]

@GeoffreyBooth arent loaders still experimental?
the docs on the resolve hook are pretty clear https://nodejs.org/api/esm.html#resolvespecifier-context-nextresolve

The loaders API is being redesigned. This hook may disappear or its signature may change. Do not rely on the API described below.

so I think it should ok to land this and adjust the docs in a follow-up PR

[giltayar]

We should probably have an example that needs to use both resolve and load, so that we demonstrate how the two hooks work together. Ideally it would be as realistic a use case as possible.

My ESM mocking loader has both, but I don't think this can be put in an example in the docs. It's too large, even if I simplify it.

[GeoffreyBooth]

arent loaders still experimental?

Loaders are experimental, but the built-in ESM Loader’s resolution algorithm is stable and has been such for years. What we document about it here is the basis for bundlers that replicate the algorithm, so it’s important that the documentation be complete. Those other tools replicate the error flows too.

If this PR ships without the follow-up that fixes the docs, those other tools might think we’re no longer erroring on invalid schemes, which is wrong. The point of spelling out the algorithm here is to provide a “spec” for other tools to match, and for our own code to be judged against (so that Node’s internal code isn’t itself “the spec” when it might have bugs).

[giltayar]

I'll write it down, as suggested by @GeoffreyBooth (by looking at the code and trying to replicate the same "algorithm style" as in the resolver algorithm).

[giltayar]

If we’re moving the check for unsupported schemes into load, then we should move the check for unsupported file types/extensions into load as well (or does that already happen as part of load?)

@GeoffreyBooth already happens today

[aduh95]

nit: I suggest to not use file extensions (because there are no actual files behind that anyway, and it seems interesting to test that loaders can skip file extensions if they need to), and to simplify the naming using numbers only.

nit: does uyyt means anything? Should we use e.g. byop: for Bring Your Own Protocol?

[aduh95]

Suggested change

	case 'uyyt://1/index.mjs':
	return {
	source: 'console.log("index.mjs!")',
	case 'uyyt://0/0':
	case 'uyyt://1/1':
	return {
	source: 'console.log(import.meta.url)',

[MoLow]

LGTM.
+1 on #47824 (review)

[giltayar]

I implemented @aduh95's suggestion about checking extensions too, but as a separate test, so that it'll be clearer to the reader.

[aduh95]

Suggested change

	const { imports } = JSON.parse(await fs.readFile('import-map.json'));
	const { imports } = JSON.parse(await fs.readFile(new URL('./import-map.json', import.meta.url)));

[giltayar]

The import-map.json should be given by the user of the loader, so it should be taken from current working directory and not next to the source code of the loader. So I would prefer leaving it like this and not accepting your suggestion. Having said that, I don't feel strongly about it, as this is demo code, so just say the word and I'll commit the suggestion.

(obviously, cwd is naive and there should be an env variable or some such, but this is naive code for demo purpose only)

[GeoffreyBooth]

Why not just make the example the esm.sh one then? That’s much simpler and involves only one file, so the overall example would also be shorter.

[aduh95]

Can you wrap it in path.resolve and/or add a comment? Without that, it’s a bit confusing IMO.

Why not just make the example the esm.sh one then? That’s much simpler and involves only one file, so the overall example would also be shorter.

We would have trouble with Windows compatibility, right?

[GeoffreyBooth]

Why not just make the example the esm.sh one then? That’s much simpler and involves only one file, so the overall example would also be shorter.

We would have trouble with Windows compatibility, right?

That example I had in mind was to rewrite all bare specifiers like lodash to https://esm.sh/lodash, and that’s it. Add a comment that load would fail without --experimental-network-imports, or without chaining the example HTTPS loader, and call it a day. It should be like a five-line example I’d think.

It’s still a bit contrived as presumably you wouldn’t always want to load the latest version of every dependency, but for an example I think it gets the idea across and then real-world implementations can fill in details.

[ljharb]

It seems unwise for node docs to bless an arbitrary site in the ecosystem by including it in examples.