Web3.js: Consider bumping the version of dependency scrypt.js from 0.2.0 to 0.3.0

Created on 18 Feb 2019  路  9Comments  路  Source: ChainSafe/web3.js

Expected behavior

The now deprecated node-scrypt should be an optional dependency.

Actual behavior

web3-eth-accounts depends on scrypt.js which has recently released a new version.

This version allows the users to optionally exclude the package node-scrypt

node-scrypt is treated as an optional dependency and users specifying --no-optional will install the JS-version of scrypt, scryptsy, only.

This is important because node-scrypt relies on node-gyp bindings and is problematic to install on some systems.

By bumping scrypt.js to 0.3.0 we will also be making node-scrypt optional.

Users not specifying --no-optional on installation will not be affected by this change.

Steps to reproduce the behavior

  1. npm install --save [email protected]
  2. it installs scrypt.js 0.2.0

Versions

web3.js 1.0

On a side note, node-scrypt is considered deprecated by the author since Node now has a standard library for scrypt.

It would be awesome if we could move to this long-term.

enhancement
Source
picture Kaisle
👍4

All 9 comments

Thanks for submitting this issue. Could you update this issue to be align with the issue template?

nivida picture nivida on 18 Feb 2019

No problem. I have updated the template.

Kaisle picture Kaisle on 18 Feb 2019
🎉1

Hi there,

Context
I'm facing a problem with one of my side-project.
I really want to put a step on blockchain development, and I'm trying to build my first front fetching accounts from blockchain. I went to Spectrum chat to see if it was a Nextjs related issue, someone in comments found that the scrypt module were required by a web3 dependency called ethers (cf: ethers npm package).

I am following a step by step introduction from this video (made by Gregory) where he is using the 1.0.0-beta.46. I'm currently using the 1.0.0-beta.48, but I still get the error : 

Module not found: Can't resolve './build/Release/scrypt' in '/tmp/13f82355/node_modules/scrypt'

Here my questions

  • Can I now use correctly web3 without my scrypt error with a specific release of web3 ?
  • Does using crypto.scrypt module (cf: Node Crypto Scrypt Module) would solve this as @Kaisle suggests it ?
Ugarz picture Ugarz on 13 Mar 2019

Sorry. After reading this three times I still do not understand the issue. For me this works fine. Can you maybe provide a Dockerfile which shows how to reproduce the issue?

Levino picture Levino on 15 Apr 2019

Until then I would say that this is a non-important issue and should be dropped from the 1.0 Milestone.

Levino picture Levino on 15 Apr 2019

I just got here from #2770. The install of node-scrypt is currently a blocker for me. Given that node-scrypt is deprecated it feels pointless to spend more time on trying to fix this. So it seems the upgrade to 0.3.0 would big be a big help - at least for me.

tcurdt picture tcurdt on 2 May 2019

Using npm shrinkwrap and then install with --no-optional confirmed to solve my install problem. So a big please to bump the version ASAP.

tcurdt picture tcurdt on 2 May 2019

On the deprecated node-scrypt module, if you are using scrypt.hash, it is now available natively in the Node.js crypto module.

If you are using scrypt.kdf / scrypt.verifyKdf, then scrypt-kdf is a close-to-direct replacement.

chrisveness picture chrisveness on 3 May 2019
👍1

Is this going to be published any time soon?

Levino picture Levino on 7 May 2019
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

mishell-trickster picture mishell-trickster  路  3Comments
sundbry picture sundbry  路  3Comments
oktapodia picture oktapodia  路  3Comments
ragnu picture ragnu  路  3Comments
3sGgpQ8H picture 3sGgpQ8H  路  3Comments