Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Make socket.io including dependencies esm compatible #1536

Closed
Artur- opened this issue Apr 4, 2022 · 4 comments
Closed

Make socket.io including dependencies esm compatible #1536

Artur- opened this issue Apr 4, 2022 · 4 comments
Labels
enhancement New feature or request
Milestone
4.5.0

Comments

@Artur-
Copy link

Artur- commented Apr 4, 2022

Is your feature request related to a problem? Please describe.
@web/test-runner only supports ESM imports: modernweb-dev/web#1439. It is currently not possible to use socket.io with that.

Describe the solution you'd like
All dependencies of socket.io-client should be ESM modules. Right now there are problems with at least

  • @socket.io/component-emitter
  • parseuri
  • parseqs
  • yeast
  • ws (shouldn't be loaded at all as far as I understand)
@Artur- Artur- added the enhancement New feature or request label Apr 4, 2022
@Artur-
Copy link
Author

Artur- commented Apr 4, 2022

In practice you likely need to mock socket.io in most tests which makes this a not that major issue for this use case

@darrachequesne
Copy link
Member

darrachequesne commented Apr 5, 2022
edited
Loading

That sounds reasonable 👍

Here is the list of the dependencies for the Socket.IO client:

Dependency Repository ESM?
@socket.io/component-emitter https://github.com/socketio/emitter/ ✔️ (@socket.io/component-emitter@3.1.0)
backo2 https://github.com/mokesmokes/backo
debug https://github.com/debug-js/debug
ms https://github.com/vercel/ms
engine.io-client https://github.com/socketio/engine.io-client/ ✔️
engine.io-parser https://github.com/socketio/engine.io-parser ✔️
@socket.io/base64-arraybuffer https://github.com/socketio/base64-arraybuffer ✔️
has-cors https://github.com/component/has-cors ✔️ (engine.io-client@6.2.0)
parseqs https://github.com/galkn/querystring ✔️ (engine.io-client@6.2.0)
parseuri https://github.com/galkn/parseuri ✔️ (engine.io-client@6.2.0)
yeast https://github.com/unshiftio/yeast ✔️ (engine.io-client@6.2.0)
socket.io-parser https://github.com/socketio/socket.io-parser ✔️

Both ws and xmlhttprequest-ssl are only needed for Node.js, so I think they can be ignored in that case.

From: https://socket.io/docs/v4/client-installation/#dependency-tree

darrachequesne added a commit to socketio/engine.io-client that referenced this issue Apr 13, 2022
@darrachequesne
refactor: import single-file 3rd party modules
df32277 
This commit allows to:

- provide an ESM version of those modules ([1])
- reduce the attack surface in case of supply chain attacks
- reduce the size of the bundle with tree-shaking

As a downside, we won't receive security updates for those modules
anymore.

[1]: socketio/socket.io-client#1536
@Waxolunist
Copy link

Actually it would make it simpler for example in conjunction with esbuild or build less execution if they would be esm compatible.

darrachequesne added a commit to socketio/emitter that referenced this issue Apr 17, 2022
@darrachequesne
feat: add ESM version
54468cf 
Related: socketio/socket.io-client#1536
darrachequesne added a commit to socketio/socket.io-parser that referenced this issue Apr 17, 2022
@darrachequesne
chore: bump @socket.io/component-emitter to version 3.1.0
6c9cb27 
Related: socketio/socket.io-client#1536
darrachequesne added a commit that referenced this issue Apr 23, 2022
@darrachequesne
refactor: import single-file 3rd party modules
6fdf3c9 
This commit allows to:

- provide an ESM version of those modules ([1])
- reduce the attack surface in case of supply chain attacks
- reduce the size of the bundle with tree-shaking

As a downside, we won't receive security updates for those modules
anymore.

[1]: #1536

Related: socketio/engine.io-client@df32277
@darrachequesne
Copy link
Member

OK, so starting from socket.io-client@4.5.0 we only include ESM compatible dependencies!

@darrachequesne darrachequesne added this to the 4.5.0 milestone Apr 26, 2022
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
4.5.0
Development

No branches or pull requests
3 participants
@Artur- @Waxolunist @darrachequesne