search

FiloSottile / typage

A TypeScript implementation of the age file encryption format, based on libsodium.
BSD 3-Clause "New" or "Revised" License
105 stars 14 forks source link

node and bun compatibility #14

Closed FiloSottile closed 1 year ago

FiloSottile commented 1 year ago

Reopening #13 which I merged by mistake.

FiloSottile commented 1 year ago

So huh, I guess the const assignment I am doing in non-test code is also not ok, but happens to work because non-crypto functions don't need to await ready. I hate this.

lgarron commented 1 year ago

So huh, I guess the const assignment I am doing in non-test code is also not ok, but happens to work because non-crypto functions don't need to await ready.

If you do the const assignment after libsodium.ready I think you should be able to destructure everything the same way you do imports. But what you have now also works (assuming `libsodium-wrappers-sumo' doesn't change instantiation semantics for the non-crypto methods).

// before
import { crypto_hash_sha256, from_hex, to_hex } from "libsodium-wrappers-sumo";
// after
import sodium from "libsodium-wrappers-sumo"

await sodium.ready
const { crypto_hash_sha256, from_hex, to_hex } = sodium; // now we can get crypto as well as non-crypto exports

Or you could just YOLO and make all your APIs async (which would have the benefit of allowing automatic offloading to a web worker for key derivation in the future if you want). 😛

FiloSottile commented 1 year ago

If you do the const assignment after libsodium.ready I think you should be able to destructure everything the same way you do imports. But what you have now also works (assuming `libsodium-wrappers-sumo' doesn't change instantiation semantics for the non-crypto methods).

I filed jedisct1/libsodium.js#327 to hopefully get even the crypto functions to be safe to assign before ready. If it doesn't get resolved that way, maybe I'll switch everything to be safe.

In the test files it's a matter of switching the order, but in format.ts will require just not destructuring, because we don't call ready ourselves.

Or you could just YOLO and make all your APIs async (which would have the benefit of allowing automatic offloading to a web worker for key derivation in the future if you want). 😛

I had that in a previous iteration and kinda hated that it gave the impression the whole operation would be async, and then we'd block for scrypt after maybe awaiting ready (the first time).

FiloSottile commented 1 year ago

Now with Puppeteer tests for esbuild! Thank you for all the pointers @lgarron. Let me know if there's anything missing from #11.