This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Tracking issue for getting 3rd party packages more SES friendly #576
Comments
|
Agoric/agoric-sdk#2575 patches problems with vega and d3, including the vega problem mentioned above reported at vega/vega#3075 Still need to report problem to d3 |
|
vega/vega#3109 would no longer fix vega/vega#3075 |
|
We need to file a bug against https://github.com/feross/buffer that their code is incompat with frozen primordials, causing Agoric/agoric-sdk#2663 |
|
vega/vega#3109 has been merged and vega/vega#3075 closed. Thanks @jheer ! |
|
#621 reports that regenerator-runtime overrides |
|
More on the regenerator problems |
|
luxon assigns to |
|
|
|
We need to file a bug on React so that #642 is no longer needed to avoid https://github.com/Agoric/dapp-token-economy/issues/159 . If we modify React to fix that bug, we should push that PR upstream. |
|
That last one is private; is there somewhere i can read about the bug? |
|
#612 is another conflict with react. Attn @rbuckton @ljharb @AidenRourke |
|
Note that @AidenRourke at #642 says
We do that as well before any of the rest of react. The need for this is yet another problem with react we need to file. |
|
React uses reflect.metadata? |
That was within the symptoms we were seeing as well. Specifically, we saw an attempt to add a |
|
As far as I can tell, react doesn't use |
|
Hey all, the error I get when trying to use |
|
@AidenRourke is this only react or some additional react packages was not familiar with wry 👀
perhaps too clever, yes |
|
@AidenRourke this global pollution should gracefully fail if you run lockdown before your dependencies that include |
|
@kumavis btw I think what you're doing with lavamoat is super cool. To answer your question, I experienced the error even with a stock create react app. Last time I tried to put the ses import and subsequent call to lockdown in the head of the index.html file, I still got the error. |
|
Any chance you have NODE_OPTIONS set? |
We don't. I grepped and the only mention of |
|
@erights meaning, you can reproduce this issue with a stock CRA, with no NODE_OPTIONS set? |
That's correct. |
lots of stuff in a stock CRA |
|
Re #576 (comment) and #612 We need to file a bug against https://github.com/benjamn/wryware/blob/569d7a6294b77aa9e71d7c7709344aca7cbb75a1/packages/context/src/slot.ts#L126-L135 . |
|
Why not stash it on the global instead, behind a symbol when available, with spaces in the name so it doesn’t show up in repl autocomplete? (https://npmjs.com/global-cache does this, fwiw) |
Cool! I did not know about that hack. Putting it on the initial global (with or without the space) is perfectly compatible with Hardened JS. It will not propagate by default to the global of constructed compartments, which is certainly ok by us. We already assume that the start compartment's global contains powerful things we do not know about. We do not remove or harden them by default. |
|
Alright, I think I might be able to use I've had many headaches over the years obtaining the global object in a reliable cross-browser/environment CSP-respecting way (people will yell at you if you resort to |
Yes. (Attn @kriskowal ) |
|
@benjamn fwiw global-cache uses |
PR-URL: #43907 Fixes: #43496 Refs: endojs/endo#576 Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Mestery <[email protected]>
Hi @benjamn , any progress on this? Anything we can do to help? Filed benjamn/wryware#347 so we can track this from your side too. Done! |
PR-URL: #43907 Fixes: #43496 Refs: endojs/endo#576 Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Mestery <[email protected]>
PR-URL: #43907 Fixes: #43496 Refs: endojs/endo#576 Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Mestery <[email protected]>
PR-URL: #43907 Fixes: #43496 Refs: endojs/endo#576 Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Mestery <[email protected]>
PR-URL: #43907 Fixes: #43496 Refs: endojs/endo#576 Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Mestery <[email protected]>
PR-URL: nodejs#43907 Fixes: nodejs#43496 Refs: endojs/endo#576 Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Mestery <[email protected]>
PR-URL: nodejs/node#43907 Fixes: nodejs/node#43496 Refs: endojs/endo#576 Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Mestery <[email protected]>
|
The stack-utils packages trips the override mistake. Patches at tapjs/stack-utils#70 and Agoric/agoric-sdk#6451 . PR at tapjs/stack-utils#71 Done! |
|
Immer See immerjs/immer#914 and #1433 See messages starting at #576 (comment) above |
|
When trying to import google-sheets, I hit stack traceThe usual axios+1.5.0.patchdiff --git a/node_modules/axios/lib/utils.js b/node_modules/axios/lib/utils.js
index a386b77..ea8bbd6 100644
--- a/node_modules/axios/lib/utils.js
+++ b/node_modules/axios/lib/utils.js
@@ -542,7 +542,7 @@ const reduceDescriptors = (obj, reducer) => {
forEach(descriptors, (descriptor, name) => {
let ret;
if ((ret = reducer(descriptor, name, obj)) !== false) {
- reducedDescriptors[name] = ret || descriptor;
+ Object.defineProperty(reducedDescriptors, name, { value: ret || descriptor });
}
}); |
|
Tracking rbuckton/reflect-metadata#130 . I should have added it to this list ages ago, but somehow forgot. |
|
I just hit some issues trying to get Relevant stack traces:Issues already mitigated by
New issue requiring taming of
|
|
See #1846 |
|
chalk@4 all versions chalk/chalk#619 |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Fear that tape overrode
Function.prototype.applycleared by @ljharb at #474Good news about JSS and enzyme Agoric/agoric-sdk#2321 (comment)
Issue filed with vega vega/vega#3075
The text was updated successfully, but these errors were encountered: