Cannot find module '@noble/hashes/sha3' (Yarn PnP)

[arijoon]

Version: 5.3.1 Package manager: yarn pnp

Simply importing tronweb causes Cannot find module '@noble/hashes/sha3', required from TronWeb.node.js. All dependencies must be included within the package.json file and @noble/hashes seems to be missing

all missing packages:

"@noble/hashes": "^1.3.2"
"@noble/secp256k1": "^1.7.1"
"aes-js": "^3.1.2"

[start940315]

Are you using webpack? You have to set alias since webpack required the wrong path of noble:

config.resolve.alias['@noble/hashes/hmac'] = '@noble/hashes/esm/hmac.js';
  config.resolve.alias['@noble/hashes/sha3'] = '@noble/hashes/esm/sha3.js';
  config.resolve.alias['@noble/hashes/pbkdf2'] = '@noble/hashes/esm/pbkdf2.js';
  config.resolve.alias['@noble/hashes/ripemd160'] = '@noble/hashes/esm/ripemd160.js';
  config.resolve.alias['@noble/hashes/sha256'] = '@noble/hashes/esm/sha256.js';
  config.resolve.alias['@noble/hashes/scrypt'] = '@noble/hashes/esm/scrypt.js';
  config.resolve.alias['@noble/hashes/sha512'] = '@noble/hashes/esm/sha512.js';
  config.resolve.alias['@noble/hashes/utils'] = '@noble/hashes/esm/utils.js';
  config.resolve.alias['@noble/curves/secp256k1'] = '@noble/curves/esm/secp256k1.js';

[arijoon]

No we're on node. The paths worked fine however we use yarn berry which does not allow packages to use transient dependencies. All deps must be declared in the package.json. Seems like these 3 are missing (secp256k1 is not even in the lockfile)

[start940315]

You may need to reinstall node modules(rm -rf node_modules && yarn).

[arijoon]

You may need to reinstall node modules(rm -rf node_modules && yarn).

yarn pnp has no node_modules folder. Any dependency used within a package must be declared within its package.json file as either a dependency or a peerDepdendency. The above mentioned packages are being required from tronweb without being declared in package.json file

[start940315]

But the dependency is required by our required module, not by ourselves, we can't add it to our repository. I figure out the solution, you put the 3 dependencies in your own project.

[arijoon]

Do you know which module that is? I only checked the minified TronWeb.node.js file which was requiring this dep. If this violation is not by tronweb lets raise this on the module which is causing it. In the meantime I've patched it on our yarn config but this is not ideal for future users.

For visibility of anyone coming across this issue, add the following to .yarnrc.yml:

packageExtensions:
  tronweb@*:
    dependencies:
      "@noble/hashes": "^1.3.2"
      "@noble/secp256k1": "^1.7.1"
      "aes-js": "^3.1.2"

[start940315]

I used npm list --depth 100 to show the dep tree and @noble/hashes is required by ethereum-cryptography and ethers, aes-js is required by ethers. @noble/secp256k1 is deprecated. So you can try to reinstall all packages.

[arijoon]

Those that have them as a dep are fine, the issue is coming from some lib in the chain importing these without having them declared as a dep and these calls end up in the minified TronWeb.node.js (unless code from all libs are included in the bundle and minified). Yarn PnP does not allow a lib to access transitive dependencies.

I've not worked much with webpack, but does this mean ethers is included in the TronWeb.node.js minified file instead of being imported?

[start940315]

ethers is included in the TronWeb.node.js in order to transform it's grammar. Yesterday, we just release TronWeb v6.0.0-beta.0. You can try it.