🍕 Fix buffer dependency stub#253
Merged
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What does this PR do?
Hardens the Vite
bufferbrowser-compat stub so third-party libraries that subclassBufferno longer crash thekiln-editbundle at module-evaluation time.The stub's fallback (used when the page has no global
Bufferpolyfill) was a plain object. Any dependency doingSafeBuffer.prototype = Object.create(Buffer.prototype)therefore hitObject.create(undefined)and threw — before Kiln could boot:No linked issue — surfaced during the Vite kiln-edit rollout (context below).
Why are we doing this? Any context or related work?
Downstream in
nymag/sites, edit mode began crashing the moment a component pulledcrypto-browserifyinto the kiln bundle. Its transitive stack (create-hash,create-hmac,sha.js,cipher-base, …) depends onsafe-buffer@5.2.1, whose module init runsSafeBuffer.prototype = Object.create(Buffer.prototype).safe-bufferfeature-detectsfrom/alloc/allocUnsafe/allocUnsafeSlow; when all four exist it just re-exports the providedbuffermodule and skips subclassing. The old stub was missingallocUnsafe/allocUnsafeSlowand had no prototype (it was a plain object), so it fell into the subclassing branch and blew up.The rewrite makes the fallback:
.prototype(subclass-safe),from/alloc/allocUnsafe/allocUnsafeSlow/concatsurface, sosafe-buffertakes the cheap re-export path, andSlowBufferfor API parity.A real
globalThis.Bufferpolyfill is still preferred when the page provides one.Where should a reviewer start?
BUFFER_STUBinbrowser-compat.js: function-shapedBuffer+ full alloc API +SlowBuffer. The block comment documents the two constraints (real prototype; expose all four alloc methods).evalEsmStubsandbox helper: full alloc API present, fallback is subclass-safe when there is no global Buffer, and a real global Buffer is preferred when present.Manual testing steps?
crypto-browserify→safe-buffer), build JS:npx clay vite --only js.Uncaught TypeError: Object prototype may only be an Object or null: undefined. After: edit mode boots normally.Unit tests:
npx jest lib/cmd/vite/plugins/browser-compat.test.js(green on Node 18 / 20 / 22 in CI).Screenshots
N/A — console error on boot → clean boot.
Additional Context
Same failure family as the other Node-builtin stubs the Vite rollout has surfaced one at a time — each edit-mode code path that reaches a different builtin exposes the next incomplete stub. This change makes the
bufferfallback robust for anyBuffer.prototypesubclasser, not justsafe-buffer.