-
Notifications
You must be signed in to change notification settings - Fork 30.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
policy: cleanup to allow snapshotting #42191
Conversation
Review requested:
|
will wait and rebase after #42203 |
#42203 have landed, this needs a rebase. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM with a nit, thanks
looks like i've got to dance around no crypto builds |
@joyeecheung it looks like we still cannot include crypto in the snapshot via |
@bmeck hmm, I don’t think that is snapshot-specific - if policy still needs crypto to check integrity in non-crypto builds, how is that supposed to work? It seems some code should be added in policy to throw an error when the build has no OpenSSL instead? |
@joyeecheung anything using |
To clarify a bit, the overall goal is to get ESM/CJS loading into the snapshot and they have a transitive dependency on |
Maybe we need to rewrite node/lib/internal/policy/manifest.js Lines 32 to 37 in ceadb47
let createHash, timingSafeEqual, HashUpdate, HashDigest;
if (config.hasSSL) {
const crypto = require('crypto');
({createHash, timingSafeEqual} = crypto);
HashUpdate = uncurryThis(crypto.Hash.prototype.update);
HashDigest = uncurryThis(crypto.Hash.prototype.digest);
} That should solve the issue at hand I think. |
I think it should be fine to revert back to something like |
@joyeecheung the amount of checks would not be in policy itself, but anything consuming policy as well. I don't want to spider web out the checks throughout the codebase. |
Hi, I'm sure you've heard that the Thank you! |
This is just some cleanup/refactoring to move getOptionValue away as much as possible for snapshotting reasons and some general startup cleaning.
Since this makes it always at least init an empty policy I thought adding it to the snapshot makes sense but I'm fine leaving it out as well.
CC: @joyeecheung