Open kevinushey opened 1 year ago
I'm having the same issue on macOS.
This is not fixable in this organization https://github.com/zeromq/zeromq.js/issues/576
This is not fixable in this organization https://github.com/zeromq/zeromq.js/issues/576
Yeah, I read that. I'm sorry to see this happen to you. I understand the security implications mentioned, but I disagree with how the governance worked.
Best of luck!
Still in favour of merging this, so stripping out libsodium alltogether : https://github.com/zeromq/zeromq.js/pull/554
With maybe the addition to have an install option like --zmq-draft
, e.g. --zmq-curve
in which the end-user is responsible themselves for rebuilding and packaging.
As, a quick GitHub search on public repo's didn't expose one repo using the curve mechanism... Only found this one: https://github.com/tykntech/indy-zmq-lib/blob/master/src/indy-zmq-lib.ts , which is using v5 compat either way and loading/linking libsodium with https://www.npmjs.com/package/libsodium-wrappers. Maybe this could be an option to this project too ? As opposed to to TweetNaCl.js
Don't know about other private users, but e.g. another big party using ZMQ in JS is not using CURVE either: https://github.com/microsoft/vscode-jupyter
Can be closed as https://github.com/zeromq/zeromq.js/pull/554 is merged!
Great news :-)
Please keep this open as #554 is just a temporary fix.
For example, I see:
I believe this occurs because zeromq tries to link to libsodium on macOS here:
https://github.com/zeromq/zeromq.js/blob/47bb35c1941cb4fa8b510fb7da4d40b37cfa2e5f/binding.gyp#L85
But this gives the following linker flags:
And the above folder has:
Because both dynamic and static libraries are available here, the dynamic library is preferred and used during the link step instead.
If the intention here is to statically link to libsodium (I think it is?) then we can just provide the path to the static library directly with something like:
Would you accept a PR making this change?