MasterKale
commented
8 months ago A poll on Mastodon didn't help me choose between "change only a couple of files by keeping getWebCrypto() asynchronous" and "change a bunch of files by making getWebCrypto() synchronous because it doesn't need async anymore":
So I prepard two PRs:
-
533 makes
getWebCrypto()synchronous because it no longer needs toawait import('node:crypto'). This spiders out into the codebase because a lot of async methods that calledawait getWebCrypto()no longer need to be async, and refactoring all of these pleasesdeno lint. This includes makinggenerateRegistrationOptions()andgenerateAuthenticationOptions()synchronous, which technically makes this a breaking change (though there's no repercussion forawaiting a synchronousfunctionin JavaScript so it's not as breaking a change as going from synchronous to asynchronous.) -
535 keeps
getWebCrypto()asynchronous despite not needing toawaitanything. The scope of work is limited to getWebCrypto.ts and its corresponding getWebCrypt.test.ts.
Honestly I'm leaning towards #535 for what feels like an odd justification: not making generateRegistrationOptions() and generateAuthenticationOptions() synchronous means all four of the "core library API" methods (those two along with verifyRegistrationResponse() and verifyAuthenticationResponse()) remain asynchronous. Put another way, keeping getWebCrypto() asynchronous means there's no need to remember which core library methods need to be awaited or not because they all need to be await'd!
I'm gonna sleep on this for a few days and see what I settle on.
Describe the issue
Once #519 raises the minimum supported Node version to v20 then
getWebCrypto()can consistently accessWebCryptoatglobalThis.cryptoinstead of having torequire('node:crypto'). This is an issue to track this work while I continue working on the v10 release.Node docs related to using
globalThis.cryptoto accessWebCrypto:https://nodejs.org/docs/latest-v20.x/api/webcrypto.html#web-crypto-api