browserify / randombytes Goto Github PK
View Code? Open in Web Editor NEWrandom bytes from browserify stand alone
License: MIT License
random bytes from browserify stand alone
License: MIT License
As reported by this user oliver-la/generate-password-browser#7, webpack 5 will not provide the Buffer polyfill anymore. Documentation for this is still lacking, but I found this merged PR with that change: webpack/webpack#8460
What's the suggested way to work around this? Should randombytes
reflect this change or are people forced to implement a solution by themselves? (such as using browserify)
There is a problem with the global reference used in the source code, it may not exist, because it is a compatibility problem, why not use globalThis?
What is the proper way to shim/monkeypatch/replace this library?
I.e. I need to use my version of randomBytes()
function for an exotic platform that is not supported.
Tried browserify().external(['randombytes'])
it doesn't work: error: Cannot find module 'randombytes'
.
Obviously my module randombytes
is available, so the error is bogus.
And because browserify never produces any logs I have no idea what was included in the bundle and how exactly it searches for the module in question.
I just noticed that changes made on this PRs are not inlcuded on the last version of the package:
The browser.js
file in my project still uses safe-buffer
as dependency and global
instead of globalThis
.
The version of my package is 2.1.0
.
Because of the missing changes my project is breaking.
Thanks in advance for the fix!
It seems like this package is creating some issues with sveltekit (uses Vite behind the scene)
global is not defined
ReferenceError: global is not defined
at node_modules/randombytes/browser.js (http://localhost:3000/node_modules/.vite/simple-peer.js?v=10be15c3:2351:18)
at __require (http://localhost:3000/node_modules/.vite/chunk-UNANNA3Z.js?v=10be15c3:38:50)
at node_modules/simple-peer/index.js (http://localhost:3000/node_modules/.vite/simple-peer.js?v=10be15c3:5160:23)
at __require (http://localhost:3000/node_modules/.vite/chunk-UNANNA3Z.js?v=10be15c3:38:50)
at http://localhost:3000/node_modules/.vite/simple-peer.js?v=10be15c3:6017:27
You check for the crypto object one global
not on window
and therefore fails for me when used as a dependency in another project. Why using global
?
Hi, is it secure to use crypto random bytes to generate both access token and refresh token for custom authentication?
Phantomjs is suspended and not being worked on any longer.
Phantomjs have never been a browser that anyone is using due to lack of any UI. it was solo used for testing and scripting automation, so it's very unpopular
ppl start using headless chrome or firefox nowdays
This library is broken on SSR,because webpack won't replace global
to window object, and global.crypto
is undefined.
I'm building a React App where I installed the aes256 package. I'm working with webpack over 5.0, so I know I need to polyfill node core modules I want to use. The only one I need is 'crypto' to be able to run aes256.
I set up my webpack.config.js with the required fallback
module.exports = { resolve: { fallback: { crypto: require.resolve("crypto-browserify"), }, }, };
but my error message states
"
If you want to include a polyfill, you need to:
- add a fallback 'resolve.fallback: { "crypto": require.resolve("crypto-browserify") }'
- install 'crypto-browserify'
If you don't want to include a polyfill, you can use an empty module like this:
resolve.fallback: { "crypto": false }
ERROR in ./node_modules/aes256/index.js 2:13-30
Module not found: Error: Can't resolve 'crypto' in '/mnt/c/Users/.../demo-project-hardhat-react/node_modules/aes256'
"
I have already ran 'npm i crypto-browserify' and it is up to date. Does anyone know why my project would be unable to recognize this polyfill?
It looks like this library limits the number of random bytes you can request to 65536. Node limits it to the max value of an unsigned 32 bit integer.
Is there any reason for the discrepancy?
There is a new way to access globally defined variable, which is the same for both node and browsers, see Firefox' JS reference.
Currently, it's using global
directly, which is only defined on node.
https://github.com/crypto-browserify/randombytes/blob/f18ded32b209f0d4c637608a11ae042ae96b4c2e/browser.js#L16
btw, why did you not use windows
directly as it is meant for browser?
I received this error in an up-to-date version of Chrome (Version 41.0.2272.104):
Uncaught Error: secure random number generation not supported by this browser use chrome, FireFox or Internet Explorer 11
after running
var randombytes = require('randombytes');
console.log(randombytes(10))
However, crypto.randomBytes
worked fine.
This commit introduced a regression in browsers that don't implement Buffer.from
.
Could you make this less dependent on node stuff?
Would like to see a major update where Uint8Array is returned instead on both node and browser.
Buffer is unnecessary in many cases where it's just seen as a Uint8Array. And where many node core feature is more acceptable of typed arrays instead
So including Buffer (safe-buffer) in the browser is just bloated and unnecessary.
Think if ppl need a Buffer then they should use Buffer.from(randombytes(1))
instead.
Can make a PR if you wish
im using a library that is using this one and im getting this error when running in IE 11, did anyone encounter it? and if yes what was the solution? i am looking for a few hours now and kinda lost, would appreciate any help.
thanks!
Pardon my javascript naivety -- is there an es 6 module version of randombytes? Rollupjs has an issue with either crypto or buffer shims I think, and just isn't playing nicely in the browser. Thanks for very useful set up plugins btw, has worked great in my other webpack projects.
Hi, I would like to ask: is this library still maintained?
This is based on this discussion
TL;DR: I propose having an implementation of getRandomValues
that does not depend on a native implementation of crypto.
I am having an issue with bundling my code and running it in a non-browser environment, using modules that depend on crypto
, which depends on randombytes
' implementation of getRandomValues
. If I bundle my code in "browser" mode, I get the error 'Secure random number generation is not supported by this browser.\nUse Chrome, Firefox or Internet Explorer 11'
.
If I don't bundle it in browser mode but force browser fallback for crypto-browserify
(which is necessary in my use-case, the javascript VM I'm using does not implement crypto
), then I get a circular dependency and getRandomBytes is never implemented.
Is it possible to implement it in this package? If not is there any particular reason? And can I help in some way?
The browser.js uses safe-buffer package as the implementation of Buffer.
However safe-buffer doesn't supply a browser polyfill for buffer, it just uses the Node buffer.
So how is browser.js going to work in browsers?
Shouldn't it instead use the Buffer polyfill? https://github.com/feross/buffer
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.