Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[fix] 9.0.0 release : increased library size due to complete lodash import #916

Closed
wants to merge 2 commits into from
Closed

[fix] 9.0.0 release : increased library size due to complete lodash import #916

wants to merge 2 commits into from

Conversation

saurabhshri
Copy link

@saurabhshri saurabhshri commented Jun 17, 2023
edited

By submitting a PR to this repository, you agree to the terms within the Auth0 Code of Conduct. Please see the contributing guidelines for how to create and submit a high-quality PR for this repo.

Description

Release 9.0.0 breached our threshold for size for cloud function deployments. Looking at commits, this PR changed the way lodash functions were imported from per-function import to complete lodash import : #852 which has resulted in significant increase in library size.

This PR reverts the imports back to modular imports.

"cost-of-modules" with modular imports :

Screenshot 2023-06-17 at 1 10 42 PM

"cost-of-modules" with complete import :

Screenshot 2023-06-17 at 1 15 14 PM

References

Checklist

  • I have added documentation for new/changed functionality in this PR or in auth0.com/docs
  • All active GitHub checks for tests, formatting, and security are passing
  • The correct base branch is being used, if not the default branch

@saurabhshri
Copy link
Author

Closes #878.

@saurabhshri saurabhshri changed the title revert back to modular lodash imports [fix] reduce library size by reverting back to modular lodash imports Jun 17, 2023
@saurabhshri saurabhshri changed the title [fix] reduce library size by reverting back to modular lodash imports [fix] 9.0.0 release : increased library size due to complete lodash import Jun 17, 2023
@joshdotblack
Copy link

This is really killing us too for the same reasons its causing issues for others - cloudfront viewer-request handlers are capped at 1mb. We're trying to update to latest jwt to clear a CVE from an earlier version, but the increase in package size the full lodash import has caused stops us doing this.

@panva @ArturKlajnerok @jakelacey2012 et al, is the approach in this PR acceptable? Looks low-risk to me but I'm not a maintainer - do you think you'd merge/release this?

@mfernandes-alcumus
Copy link

Same issue as @joshdotblack trying to do a cloudfront viewer-request which fails as it is capped for 1mb. This PR seems to reduce the bulk on this package, please @panva @ArturKlajnerok @jakelacey2012 can this be reviewed and merged?

@dj-chadlahn
Copy link

Same issue as others described, @david-renaud-okta 's update last November bringing in the full lodash package without a reason to has caused jsonwebtoken to be unusable in Lambda@Edge on Cloudfront. @CharlesRea , as you were the approver of that PR, can you approve this so we can resolve this issue?

@lukecotter lukecotter mentioned this pull request Jul 25, 2023
Closed
@jakelacey2012 jakelacey2012 mentioned this pull request Aug 25, 2023
Merged
2 tasks
@jakelacey2012
Copy link
Contributor

The fix has been merged in #933 and released as part of the 9.0.2 release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Version 9.0.0 Increased bundle size, probably due to lodash import
5 participants
@saurabhshri @joshdotblack @mfernandes-alcumus @dj-chadlahn @jakelacey2012