BREAKING: Build packages as both CJS and ESM #1480
Conversation
| @@ -88,7 +92,8 @@ | |||
| "web3-provider-engine>eth-sig-util>ethereumjs-abi>ethereumjs-util>keccak": false, | |||
| "web3-provider-engine>eth-sig-util>ethereumjs-abi>ethereumjs-util>secp256k1": false, | |||
| "web3-provider-engine>ethereumjs-vm>ethereumjs-util>keccak": false, | |||
| "web3-provider-engine>ethereumjs-vm>ethereumjs-util>secp256k1": false | |||
| "web3-provider-engine>ethereumjs-vm>ethereumjs-util>secp256k1": false, | |||
| "@swc/core": true | |||
There was a problem hiding this comment.
I've enabled the script for @swc/core here, since it uses native packages to build the files.
|
New dependencies detected. Learn more about Socket for GitHub ↗︎
|
|
👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎ This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored. Ignoring: Next stepsTake a deeper look at the dependencyTake a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev. Remove the packageIf you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency. Mark a package as acceptable riskTo ignore an alert, reply with a comment starting with |
|
@SocketSecurity ignore-all |
|
Apart from speed, any reason swc was picked specifically over alternatives and which were considered? (Specifically interested in why not esbuild. I'm not strongly in any camp and def appreciate getting ESM builds but introducing a non-JS builder/bundler is a pretty major architectural decision) |
I haven't looked into esbuild much, but it's mostly written in Go it seems. Other bundlers like Babel and TSC are much slower. I stumbled in to SWC because |
|
Just in case we ever pick this up again, it should be noted that the following compiler options will need to be enabled: https://swc.rs/docs/migrating-from-tsc diff --git a/tsconfig.packages.json b/tsconfig.packages.json
index 2ab65285..ef1401e9 100644
--- a/tsconfig.packages.json
+++ b/tsconfig.packages.json
@@ -2,6 +2,9 @@
"compilerOptions": {
"composite": true,
"esModuleInterop": true,
+ "isolatedModules": true,
+ "importsNotUsedAsValues": "error",
+ "useDefineForClassFields": false,
"lib": ["ES2020", "DOM"],
"module": "CommonJS",
"moduleResolution": "node", |
|
Worth noting that since this PR,
So in the interest of aligning with these repos, we should see if we can use |
|
I'm just going to close this. Will revisit once we update the Snaps repo with |
Explanation
Currently the packages in this monorepo are built as CommonJS modules. With this pull request, packages are now built both as CommonJS modules, as well as ES modules. This makes it easier for modern bundlers to tree-shake the code, and reduce bundle size, which is very useful for Snaps. Environments which do not support ES modules (e.g., Browserify) will still use the CommonJS modules.
Rather than using TypeScript's compiler to build the files, files are now built with SWC (which is an extremely fast compiler). TSC is still used to generate the declaration files, since SWC does not do type-checking (yet). Packages are built in a couple of steps:
yarn workspaces foreach ...):dist/cjsfolder.dist/esmfolder..d.ts) files are built to thedist/typesfolder.The implementation is based on MetaMask/snaps repo.
Changelog
Every package
disttodist/cjs(anddist/esm). If you are explicitly importing fromdist, you have to update the import.Checklist