Update keccak to the latest version 🚀 #225
Conversation
![greenkeeper[bot]](https://avatars.githubusercontent.com/in/505?s=60&v=4){kind=small}
|
It would be really awesome if this could be merged and |
|
This is really interesting @michaelsbradleyjr. Thanks for pointing it out! Merging this should be pretty easy, Do you know how are these pre built images created? Why weren't they used before? Which versions of node do they support? |
|
@alcuadrado they're built using GitHub Actions workflows: https://github.com/cryptocoinjs/keccak/blob/master/.github/workflows/ci.yaml I believe the workflows were implemented just prior to releasing the new major versions. They seem to support Node 10.x, 12.x, and 13.x — those are the versions I tried. Note that the prebuilds for Linux, macOS, and Windows are included in the tarballs published to the NPM registry vs. their being downloaded during package install as is common with |
|
Thanks for your answer @michaelsbradleyjr. This is really cool. We should make sure that we are ok with dropping support for older Node.js versions, which is being discussed here ethereum/js-team-organization#7 |
|
That are indeed strong arguments to drop Node 8 in this case. |
|
cf. https://github.com/cryptocoinjs/keccak/blob/master/package.json#L45 and https://github.com/cryptocoinjs/secp256k1-node/blob/master/package.json#L50 For good measure I tried with Node.js |
|
Is there any way (tool) out there for getting at least a rough idea on the Node version consumers of a library are using? Any idea anyone? |
|
No idea, but at first blush it seems like npm/yarn (or the package itself during postinstall or at runtime) would have to "phone home" re: the Node.js version in use either to the registry or to package maintainer... obvious downsides to that and I'm not actually sure to what extent if any npm/yarn send user info to the registry, e.g. when running |
|
Somewhat helpful to get an overall idea of version popularity: https://nodejs.org/metrics/summaries/version.png Image link taken from the Versions section (not linkable) toward the bottom of: |
|
@michaelsbradleyjr Thanks, phew, I would say that is still too much (having a look at the version popularity chart from the first link). 😕 |
|
@holgerd77 https://raw.githubusercontent.com/nodejs/Release/master/schedule.svg?sanitize=true Node 8 is officially not supported anymore. As it is currently, many people have issues with node-gyp dependencies (probably the most common ethereum JS issue in the ecosystem) and it also slows down installations. The pre-builds are a massive QoL improvement. |
|
@iurimatias Yeah well, then let's do it. @alcuadrado @evertonfraga @ryanio what do you think? |
|
I think that dropping node-gyp is compelling enough to make the change. I’d give a period of notice (3-4 weeks) and would release a minor version. |
|
@evertonfraga Hmm, I think we also didn't followed this on EthereumJS, but technically I would say a Node.js version bump should rather be treated as a major version bump regarding semver? This DOES introduce a (very much) breaking change, since it makes existing v8 installations unusable. Did a quick search, there are similar opinions out there, e.g.: Not sure, other opinions from people reading here? |
|
I think it should be a major version bump to avoid a big surprise for those users (still on older Node.js) who would pick up a minor bump owing to the default |
|
I'm more inclined not to release it as a major. Using an unsupported version of any runtime is totally risky and should be avoided. If you do, you do it at your own risk. If we release it as a major, people how are doing their things rightly will stop getting updates unless they manually upgrade to the new major. |
|
Ok, did a local test install both with the current
> keccak@2.1.0 install PATH/keccak
> npm run rebuild || echo "Keccak bindings compilation fail. Pure JS implementation will be used."
> keccak@2.1.0 rebuild PATH/node_modules/keccak
> node-gyp rebuild
gyp ERR! configure error
gyp ERR! stack Error: Command failed: PATH/.pyenv/shims/python2 -c import sys; print "%s.%s.%s" % sys.version_info[:3];
gyp ERR! stack pyenv: python2: command not found
gyp ERR! stack
gyp ERR! stack The `python2' command exists in these Python versions:
...(I actually directly had the horror case with my local python environment not properly configured. 😜
> keccak@3.0.0 install PATH/node_modules/keccak
> node-gyp-build || exit 0So I will merge here. Seems there is no golden way for the version number, I would then follow the advice from @alcuadrado and prepare a minor release here, both argumentation lines seems pretty valid. Not sure if we'll get the |
|
This has now been published in the v7.0.0 release on npm. |
The dependency keccak was updated from
2.1.0to3.0.0.This version is not covered by your current version range.
If you don’t accept this pull request, your project will work just like it did before. However, you might be missing out on a bunch of new features, fixes and/or performance improvements from the dependency update.
Publisher: fanatid
License: MIT
Find out more about this release.
FAQ and help
There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.
Your Greenkeeper bot 🌴