New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Yarn 2 PnP #1034
Support Yarn 2 PnP #1034
Conversation
This pull request is being automatically deployed with Vercel (learn more). 🔍 Inspect: https://vercel.com/nextauthjs/next-auth/7ybp0vf4y |
Wouldn't Next.js include it for us already? I cannot say I'm entirely sure how or why this is needed. Does that mean that any package being used with Webpack 5 needs to add an additional package? Doesn't seem right. What am I missing? |
@balazsorban44 Sorry, I just checked again and it was issue with PnP not webpack 5. We don't need to add all packages used with Webpack 5. What we need to do is just specifing required dependencies explicitly. Since "process" dependencies is already required by nextjs, users won't have to download additional dependencies due to this patch. How to reproduce this error:
|
In webpack 5, automatic polyfills such as `process` has been removed. Reference: https://webpack.js.org/blog/2020-10-10-webpack-5-release/#changes-to-the-structure
857bf38
to
c25065e
Compare
webpack/nextjs sets the |
Next.js happens to add the // Makes sure `process` is polyfilled in client-side bundles (same behavior as webpack 4)
isWebpack5 &&
!isServer &&
new webpack.ProvidePlugin({ process: ['process'] }), As a result, each time you make: process.env.FOO Webpack translates it into: require('process').env.FOO As such, while you don't have explicit dependencies on // Makes sure `process` is polyfilled in client-side bundles (same behavior as webpack 4)
isWebpack5 &&
!isServer &&
new webpack.ProvidePlugin({ process: [require.resolve('process')] }), This way the |
Thanks for raising the PR and awareness of the issue, I'm rejecting this PR though. The process module is a built in function of Node.js and we should not be including it in As a built-in function it does not need to be required in Node.js. If some bundling or package management software isn't compatible with well formed Node.js applications doesn't work unless libraries do that, I suggest taking it up with the maintainers of that software. |
Just to be sure I'm completely clear: this has nothing to do with Yarn, which rightfully reports an unlisted dependency (in either Next or Next-Auth). Because the dependency isn't correctly listed, all package managers can and will generate invalid node_modules layouts. Hoisting issues aren't new in the Node world; Yarn just happens to make it very clear when it happens. More details and examples in our Rulebook, the reference on what packages must and mustn't do to be portable. |
|
Right, but this is irrelevant in this case because your code is inside a code that also gets executed inside the browser. For instance, this file in a folder aptly named Lines 25 to 26 in 416d92c
Next HAS to do some transpiling in order to make globals like Frankly, you just have to actually check the generated bundle to see the |
Only the client file (and code it includes) in this repo is isomorphic and is ever executed in the browser, most of the code isn't and is Node.js only. This PR adds a bunch of require statements to multiple files and adds a third party module called
If the original report is incorrect and it's working fine with Yarn PnP / pnpm, then it's okay for this to be closed. If the original report is correct and that it errors with some party package managers but works fine with NPM, then it's okay for this to be closed as the issue is not our problem and can be resolved in those package managers (or avoided, by using NPM). If there is an error that can be replicated with NPM (e.g. some version of Webpack) I'm very happy to explore our options. Thanks again for raising the PR @simnalamburt - if you'd like to clarify your experience further with comments please do! |
@arcanis Let me fix this issue by patching the Next.js. Thanks :) |
FYI, this error does exist and reproducible as I stated in #1034 (comment) |
ProvidePlugin replaces certain identifiers with another modules. As a result, 'buffer' and 'process' modules are added as implicit dependencies to all Next.js plugins. Which is OK for "node_modules" strategy, but problematic with "Plug'n'Play" strategy. This patch let Next.js properly handles such cases with Yarn PnP mode and PNPM's PnP mode. References: nextauthjs/next-auth#1034
Opened PR in Next.js: vercel/next.js#20971, Thanks! |
… path on webpack.ProvidePlugin (#20971) ProvidePlugin replaces certain identifiers with another modules. As a result, 'buffer' and 'process' modules are added as implicit dependencies to all Next.js plugins. This can be problematic. With "Plug'n'Play" strategy, it don't work at all since they fail-fast with implicit dependencies. With "node_modules" strategy, it might seem OK but actually it can be result into unpredictable behavior since in uses dependency [hoisting](https://yarnpkg.com/advanced/lexicon#hoisting). For example, currently users cannot use next-auth plugin with Plug'n'Play strategy: ![image](https://user-images.githubusercontent.com/4435445/103481517-d5547700-4e1e-11eb-9f23-bc2c9939418e.png) This patch let Next.js properly handles such cases with `require.resolve`. Closes #20955 ###### References: - nextauthjs/next-auth#1034
I tried to patch NextAuth.js first but they rejected it. So I'm fixing Next.js and Yarn instead. I already have fixed the Next.js side and this is the remaining piece. References: nextauthjs/next-auth#1034 vercel/next.js#20971
I tried to patch NextAuth.js first but they rejected it. So I'm fixing Next.js and Yarn instead. I already have fixed the Next.js side and this is the remaining piece. References: nextauthjs/next-auth#1034 vercel/next.js#20971
I tried to patch NextAuth.js first but they rejected it. So I'm fixing Next.js and Yarn instead. I already have fixed the Next.js side and this is the remaining piece. References: nextauthjs/next-auth#1034 vercel/next.js#20971
What: Support Yarn 2 PnP
Why: Plug'n'Play strategy is being supported by Yarn and pnpm. It's much faster than node_modules approach and used by many users.
How: With PnP, you always have to specify all dependencies explicitly. So did I.
Checklist:
Reference