Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use SHA-256 as the webpack hash function #10112

Closed
wants to merge 1 commit into from
Closed

Use SHA-256 as the webpack hash function #10112

wants to merge 1 commit into from

Conversation

jbg
Copy link

@jbg jbg commented Oct 7, 2021
edited
Loading

Webpack defaults to MD4 as the output hash function. MD4 was moved to the legacy provider in OpenSSL 3.0 and is not available by default. As a result, webpack fails to run on any system with OpenSSL 3.0 or later.

This patch sets the hash function explicitly to SHA-256 which fixes the webpack build on such systems. SHA-256 is chosen as a reasonable modern default.

An alternative solution would be to upgrade to webpack v5.54.0 or later and use webpack's future default hash function xxhash64, which doesn't depend on OpenSSL and is also faster than SHA-256.

Related: jitsi/lib-jitsi-meet#1743

@jbg jbg mentioned this pull request Oct 7, 2021
Open
@jitsi-jenkins
Copy link

Hi, thanks for your contribution!
If you haven't already done so, could you please make sure you sign our CLA (https://jitsi.org/icla for individuals and https://jitsi.org/ccla for corporations)? We would unfortunately be unable to merge your patch unless we have that piece :(.

@jbg
Copy link
Author

jbg commented Oct 7, 2021

CLA already signed

@saghul
Copy link
Member

saghul commented Oct 7, 2021

Jenkins please test this please.

@saghul
Copy link
Member

saghul commented Oct 7, 2021

LGTM since I may need a bit more time to finish the Webpack 5 migration.

@quitrk
Copy link
Contributor

quitrk commented Oct 18, 2021
edited
Loading

Webpack 5.57.1 upgrade is completed on master, however, in order to benefit of xxhash64, experiments.futureDefaults should be enabled, which is not the case presently.

I'm thinking we should go ahead and override the default with sha-256 for now, @saghul @jbg wdyt?

@saghul
Copy link
Member

saghul commented Oct 18, 2021
edited
Loading

Aren't we ok since we are on a newer Webpack version now? If not, this needs a rebase.

@jbg
Copy link
Author

jbg commented Oct 18, 2021

Newer webpack still defaults to md4 unless you use experiments.futureDefaults to get xxhash64. So it is still problematic with newer OpenSSL. So I think merging this still makes sense. I'll rebase this shortly

@saghul
Copy link
Member

saghul commented Oct 18, 2021

Yes it does then, thank you!

@quitrk
Copy link
Contributor

quitrk commented Oct 25, 2021

Please rebase this

@jbg
Use SHA-256 as the webpack hash function
f5f0f4f 
Webpack defaults to MD4 as the output hash function. MD4 was moved to the legacy provider in OpenSSL 3.0 and is not available by default. As a result, webpack fails to run on any system with OpenSSL 3.0 or later.

This patch sets the hash function explicitly to SHA-256 which fixes the webpack build on such systems. SHA-256 is chosen as a reasonable modern default.

An alternative solution would be to upgrade to webpack v5.54.0 or later and use webpack's future default hash function xxhash64, which doesn't depend on OpenSSL and is also faster than SHA-256.

Related: lib-jitsi-meet#1743
@jbg
Copy link
Author

jbg commented Oct 25, 2021

Rebased.

@jbg
Copy link
Author

jbg commented Oct 27, 2021

CI failure looks unrelated.

@quitrk
Copy link
Contributor

quitrk commented Oct 27, 2021

an older commit on master i causing that

@saghul
Copy link
Member

saghul commented Mar 31, 2022

Sorry, this fell through the cracks, can you please rebase this one last time @jbg ?

@github-actions GitHub Actions
Copy link

This PR has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label Feb 12, 2024
@github-actions github-actions bot closed this Feb 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@quitrk quitrk quitrk approved these changes

Assignees
No one assigned
Labels
stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jbg @jitsi-jenkins @saghul @quitrk