Upgrade to 9.96.4 possibly breaks next.js builds

[szpasztor]

A recent upgrade of this library seems to break builds in repos that have it as a dependency, possibly ones that also have sharp as dependency. Please see details of partial reproducibility signs below.

Package versions:

├─┬ @react-three/drei@9.82.0
│ ├─┬ @react-spring/three@9.6.1
│ │ └── three@0.156.1 deduped
│ ├─┬ camera-controls@2.7.3
│ │ └── three@0.156.1 deduped
│ ├─┬ maath@0.6.0
│ │ └── three@0.156.1 deduped
│ ├─┬ meshline@3.1.7
│ │ └── three@0.156.1 deduped
│ ├─┬ three-mesh-bvh@0.6.8
│ │ └── three@0.156.1 deduped
│ ├─┬ three-stdlib@2.29.4
│ │ └── three@0.156.1 deduped
│ ├── three@0.156.1 deduped
│ └─┬ troika-three-text@0.47.2
│   ├── three@0.156.1 deduped
│   └─┬ troika-three-utils@0.47.2
│     └── three@0.156.1 deduped
├─┬ @react-three/fiber@8.15.15
│ └── three@0.156.1 deduped
└── three@0.156.1

• node version: v18.17.0

• npm (or yarn) version: 1.22.19

Problem description:

Build with no package.json, or code edits of any kind breaks both locally (next.js production build) and on vercel with:

...
 ✓ Compiled successfully
   Collecting page data  ...TypeError: a is not a function
    at Object.<anonymous> (.../node_modules/@react-three/drei/index.cjs.js:1:8601)
    at Module._compile (node:internal/modules/cjs/loader:1256:14)
    at Module._extensions..js (node:internal/modules/cjs/loader:1310:10)
    at Module.load (node:internal/modules/cjs/loader:1119:32)
    at Module._load (node:internal/modules/cjs/loader:960:12)
    at Module.require (node:internal/modules/cjs/loader:1143:19)
    at mod.require (.../node_modules/next/dist/server/require-hook.js:64:28)
    at require (node:internal/modules/cjs/helpers:110:18)
    at 14165 (.../.next/server/pages/landing.js:1:55084)
    at __webpack_require__ (.../.next/server/webpack-runtime.js:1:145)

> Build error occurred
Error: Failed to collect page data for /landing
    at /.../node_modules/next/dist/build/utils.js:1171:15
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
  type: 'Error'
}
error Command failed with exit code 1.

The stacktrace resolves to an obfuscated file from the package. I have narrowed down the issue based on the following:

• our team has built/deployed the project yesterday and even earlier today successfully
• in the last few hours, builds fail, even when attempting to build the identical codebase with identical package versinos to what was successfully deployed earlier
• our reference to react-three/drei was made using "@react-three/drei": "^9.82.0", – based on this, and given that a new version (9.96.4) was released two hours ago, the above package.json reference automatically evaluated to 9.96.4 via ^ (the latest non-major update)
• builds have started failing within this 2 hour window
• I have confirmed that manually pointing the package version to 9.82.0 results in a successful build (next.js production build).

We have not investigated further, and don't known the exact cause, but based on the above data points, there's likely an issue related / introduced by the new version.

Relevant code:

"dependencies": {
    "@react-three/drei": "^9.82.0", // auto-resolved to 9.96.4 today
    "@react-three/fiber": "^8.14.1",
    ...

[alessiocancian]

I'm having the same problem but I don't have sharp installed, maybe it's the right time to switch to npm ci...

[CodyJasonBennett]

Try disabling SWC minification and/or pinning to an earlier version like 14.0.1 if using newer features.

This has been a repeat issue with Next.js (e.g. most recently https://github.com/vercel/next.js/issues/58557)

[avarayr]

Quick fix

npm i --save-exact @react-three/drei@9.96.1

[CodyJasonBennett]

v9.96.4 had ce3eb7e2eb5899f9b6085d9350fb4a1e9eb3c822. cc @drcmda

[CodyJasonBennett]

I put out v9.96.5 which reverts that change.