THRIFT-4064 Update node library dependencies #1175
Conversation
zertosh
commented
Feb 1, 2017
zertosh
commented
- The changes to node-int64 and Q are small:
- broofa/node-int64@v0.3.3...v0.4.0
- kriskowal/q@v1.0.1...v1.4.1
- ws under went a rewrite between 0.4.32 and 2.0.1 (websockets/ws@0.4.32...2.0.1). The API as used by thrift is backwards compatible. However, ws now uses ES6 syntax, so it requires at least Node 4.
- Most notable change here is that ws no longer tries to install binary modules.
- Node 4 is now the minimally required version of Node, due to ws' requirement.
zertosh
changed the title
|
@jeking3 I don't really know what to change exactly in the Dockerfile :/ |
|
The tests are failing because |
|
I looked at the build results and in build job #2 it was still using node.js version 0.10 presumably because that's what is on the base install on the build slave being used: NodeJS Library: The build failure has led me to a number of questions about how we maintain our docker images, who is responsible for that, and how we stage changes like this so CI builds can pass and prove the changes and new docker image are okay. I have sent emails out to others on the development team to learn this process and see if it needs to be modified to handle this type of change. |
|
I looked at the build failures. Build jobs 2 and 4 use the "debian" Dockerfile which needs to be updated in a very similar way to the ubuntu one. Give that a try. As for build jobs 3 and 8, I don't know exactly what happened but job #8 has me the most nervous since it was using the "ubuntu" image which we updated to node.js 4.7.2 and it looks like it hung during testing. |
There was a problem hiding this comment.
Build job 8 (https://travis-ci.org/apache/thrift/jobs/200386738) in Travis CI has hung twice now. This leads me to believe we have a bug or a test that isn't cleaning up properly. We could try going to 6.x and see if it makes a difference; otherwise this hang in the test needs to be sorted out before we commit.
|
@jeking3 pretty sure that the "SyntaxError: Parse error" error is phanthomjs (via run-browser) choking on the new syntax. The tests are running phantomjs@1.9.20 (https://travis-ci.org/apache/thrift/jobs/200386738#L2252), but it seems that it's v2 that added ES6 support (see ariya/phantomjs#14506). Alternatively, how do you feel about making the |
|
I know very little about node.js in practice. It would be up to other committers/members/contributors who know node.js to weigh in on that. My biggest concern is the hang in build job 8. Can't merge unless we get a clean CI run, and ideally a knowledgeable code review from someone else. I'm happy to help in any way I can otherwise to help make progress. |
|
@zertosh can you elaborate on
Here's why I'm interested... I run the node library through browserify which works but by default produces a much larger glob of javascript than I really need, due to all of the thrift node components requiring that file which pulls in all of the other components whether I need them or not (eg I don't want to pull in TCompactProtocol or TFramedTransport etc if I'm just using TXHRTransport and TBinaryProtocol in the browser). At the moment I'm using some local edits to reduce what gets included by |
|
@bgould that's a very similar use case to ours. Also the Q library is kinda heavy, and could probably switch to just using native Promises. For the purposes of this PR (avoid binary deps), I just switched to ws@1.x instead of ws@2.x, so that phantomjs doesn't choke. We'll still have some lib duplication, but at least you don't need to compile the dep. |
build/docker/debian/Dockerfile
Outdated
| @@ -113,8 +113,8 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ | |||
| neko-dev \ | |||
| libneko0 | |||
|
|
|||
| # Node.js dependencies - THRIFT-4064 says it must be >= 4.x | |||
| RUN curl -sL https://deb.nodesource.com/setup_4.x | bash - | |||
| # Node.js dependencies - THRIFT-4064 says it must be >= 0.12.0 | |||
There was a problem hiding this comment.
Wasn't the whole point of this exercise to move up to node 4.x as a minimum supported version?
There was a problem hiding this comment.
The point was to move away from ws@<1.0.0, since those versions depend on native node modules - they're a huge pain (#672 (comment)). Ideally we'd upgrade to the latest ws (v2.x), but the newer JS syntax is proving to be really problematic. Less ideally, but nonetheless solves the native module problem, is to upgrade to ws@^1.0.0. That only requires Node >= 0.12.0, and doesn't use newer syntax.
I still want to use ws@^2.0.0, but that requires other upstream dep fixes. I'm not really familiar with phantomjs, so that's going to take me a bit.
|
Looks like the bufferutil thing caused some build jobs to break. |
|
`clang: error: unknown argument: '-fno-tree-vrp' clang: error: unknown argument: '-fno-delete-null-pointer-checks'` I'm guessing these are GCC-only options... and in that test runner CC=clang and CXX=clang++ I don't have time to look more into this right now but perhaps can experiment with it in the next few days |
* The changes to node-int64 and Q are small: - broofa/node-int64@v0.3.3...v0.4.0 - kriskowal/q@v1.0.1...v1.4.1 * ws under went a rewrite between 0.4.32 and 2.0.1 (websockets/ws@0.4.32...2.0.1). The API as used by thrift is backwards compatible. However, ws now uses ES6 syntax, so it requires at least Node 4. - Most notable change here is that ws no longer tries to install binary modules. * Node 4 is now the minimally required version of Node, due to ws' requirement.
|
I'm at a loss here. I can't see this PR through. Sorry everyone, and thank you for your time. |
|
thrift... oh, that looks cool and kind of low level tool chain, maybe create a static typing language in the next century or a random url bring me here and give it a quick look. |
| "ws": "~0.4.32" | ||
| "node-int64": "^0.4.0", | ||
| "q": "^1.0.0", | ||
| "ws": "^1.0.0" |
There was a problem hiding this comment.
It should be >=1.1.1. In this version most of security issues were fixed. Please update the version.
There was a problem hiding this comment.
@ledara1 I'm pretty sure this work was abandoned. We've since moved most of the build targets to more recent distributions, but this file wasn't updated. There is a new ubuntu-xenial docker image which, if you would be able to update the package.json file to match, would be useful.
|
@zertosh We're on a new build environment based on ubuntu-xenial and it's more stable, perhaps you could resurrect your work here and complete it? |
|
sorry @jeking3, I don't have the bandwidth these days to pick this back up |
