Conversation
…es hacky JavaScript that was needed to override global.crypto - this was probably needed for along time because iOS was using nodejs12 until some recent work, hence having no global.crypto flag. - iOS and Android need the --experimental-global-webcrypto flag until nodejs mobile is rebuilt
bitmold
requested review from
adrastaea,
holmesworcester,
islathehut and
mcginty
mcginty
reviewed
Mar 16, 2026
|
|
||
| val command: MutableList<String> = ArrayList() | ||
| command.add("node") | ||
| command.add("--experimental-global-webcrypto") |
Collaborator
There was a problem hiding this comment.
Out of curiosity, did it fail without this flag? Looking at https://nodejs.org/api/webcrypto.html, I see that since v20.19.3 Ed25519 and X25519 are stable, but I wouldn't be surprised if there was still other experimental algorithms this was needed for.
Collaborator
Author
There was a problem hiding this comment.
Yes, it failed without this flag.
As far as I understand, this flag, which used to be present on iOS/Android and Desktop, was doing nothing due to Quiet's usage of @peculiar/webcrypto.I'm just adding it back here.
There are four nodejs instances to keep track of with Quiet:
- the nodejs you run when you build the project (ie the version set by
nvm use) - the nodejs version that the Desktop app uses at runtime, which is packaged with
electronand changes based on which version ofelectronyou are using - android
nodejs-mobilethat's used for thebackend - and the same thing for iOS
(Quiet packages these two nodejsmobile binaries on iOS and Android because react native apps on their own don't actually ship with nodejs at all, very much unlike how electron does on Desktop)
My previous PR that was merged upgraded the first two nodejs's in that list from 18 to 20. However, on iOS and Android we are still using nodejsmobile that's set for version 18 - so there is webcrypto support, but needs it enabled with that flag.
So, in a sense it was a mistake for me to have removed the flag on iOS and Android, but in another sense it never mattered since the flag wasn't doing anything in the first place! Since we never used anything enabled by the flag on mobile (since nothing broke) - I just assumed things were good. Another funny realization is that this flag was never needed on Desktop, since we only actually started to use the proper webcrypto API after upgrading to nodejs 20, where webcrypto's enabled by default.
I'm happy to make iOS and Android builds of nodejsmobile based on node20, but until we do, those two apps need the flag, which is now actually used, in order to function. I recently compiled a nodejs 18 build for iOS since it was still using node 16.. I also recently recompiled nodejs mobile for android (not changing the node version) since the previous compiled binary wasn't 16KB Aligned (a new restriction on binaries Google was enforcing). IMO, these should be two seperate PRs though.
adrastaea
approved these changes
Mar 17, 2026
mcginty
approved these changes
Mar 17, 2026
Collaborator
mcginty
left a comment
mcginty
left a comment
There was a problem hiding this comment.
Given the clarifying comment, approving and we can address the node version disparity later.
mcginty
pushed a commit
that referenced
this pull request
Mar 23, 2026
* Closes #3123 Removes Superflous @peculiar/webcrypto dependency. Removes hacky JavaScript that was needed to override global.crypto - this was probably needed for along time because iOS was using nodejs12 until some recent work, hence having no global.crypto flag. - iOS and Android need the --experimental-global-webcrypto flag until nodejs mobile is rebuilt
islathehut
added a commit
that referenced
this pull request
Apr 15, 2026
* update tor * Publish - @quiet/desktop@7.0.1-alpha.0 - @quiet/mobile@7.0.1-alpha.0 * Update packages CHANGELOG.md * Publish - @quiet/desktop@7.0.1-alpha.1 - @quiet/mobile@7.0.1-alpha.1 * Update packages CHANGELOG.md * Publish - @quiet/desktop@7.0.1-alpha.2 - @quiet/mobile@7.0.1-alpha.2 * Update packages CHANGELOG.md * Publish - @quiet/desktop@7.0.1-alpha.3 - @quiet/mobile@7.0.1-alpha.3 * Update packages CHANGELOG.md * fix hidden title bar on linux * fix: Wait for tor kill to finish before moving on (#3134) * Wait for tor kill to finish before moving on * Update CHANGELOG.md * Closes #3123 Removes Superflous @peculiar/webcrypto dependency (#3129) * Closes #3123 Removes Superflous @peculiar/webcrypto dependency. Removes hacky JavaScript that was needed to override global.crypto - this was probably needed for along time because iOS was using nodejs12 until some recent work, hence having no global.crypto flag. - iOS and Android need the --experimental-global-webcrypto flag until nodejs mobile is rebuilt * fix soon to be broken github actions that need the node24 runner (#3130) * iOS Push Notification Support (#3125) * Add Firebase support and Network Service Extension for push notifications * fix extension plist build issues * add encrypted Firebase plist * add decryption code for GoogleService-Info.plist * integrate with Taea's communication module * move personal changes from .xcode.env to .xcode.env.local * compatibility fixes * allow easier overriding of development team and bundle id * fix more xcodeproj woes, using a fork that works for now * fix node version build issues for .xcode.env.local --------- Co-authored-by: taea <taelxvie@gmail.com> * Feat/3086 client push service (#3114) * request permissions when ios app opens, detect changes to permission on app open * register when permission is granted and rely solely on event channels for payloads * simplify sagas, ensure event channels are set up first * update changelog * fix mobile unit tests * pass token to backend and scaffold registration * cache token until we are part of a community and connected to qss * update changelog * fix typo in changelog * remove caching of device token in redux because it is not needed * adjust mocks * try to get around ci weirdness * fix mobile tests * add qps consts to test module * fix state-manager test * implement storage * add todos for future work * remove http related deprecated code * fix merge conflict * add qps consts to test module * adjust mocks * try to get around ci weirdness * fix mobile tests * fix state-manager test * remove http related deprecated code * fix: Backend fails to start on GrapheneOS in 6.5.1 (#3106) * Standardize build config fields to boolean * Remove call to `free` because it breaks the backend on graphene * feat(3058): Self-assign member role on joining with QSS and migrate to LFA-based OrbitDB identity (#3102) * Add lockbox service and create an invite lockbox on invite creation * Update changelog * Self-assign member role on join with QSS * Fix self-assign * Use event to trigger storage setup after self-assign * Pull log entries when fully joined via qss (update later to handle joining with peers) * Move identitieswithstorage * Get janky LFA identity working with orbitdb and get syncing on join with qss working * Also pull entries on connection to qss when already a member * Remove debugging log * Add comments * Add comments and return random signature * Update qss and auth modules to use feature branches for testing * Update qss e2e test to include joining without peers * Add self-assign unit tests and fix some unit tests post-LFA identity * Fix userProfile integration tests * Update submodules * Remove changes left in from testing * Fix last of integration tests and add initializing check to storage init since we can start initialization via qss or libp2p events * Forgot a comment * Update CHANGELOG.md * Update CHANGELOG.md * Allow strings * Missed one unit test update * PR comment fixes * Add real signatures back to log entries * Update lfa-identity.service.ts * release: 6.6.0 (#3109) * Publish - @quiet/desktop@6.6.0-alpha.0 - @quiet/mobile@6.6.0-alpha.0 * Update packages CHANGELOG.md * fix: Backend fails to start on GrapheneOS in 6.5.1 (#3106) * Standardize build config fields to boolean * Remove call to `free` because it breaks the backend on graphene * Publish - @quiet/desktop@6.6.0-alpha.1 - @quiet/mobile@6.6.0-alpha.1 * Update packages CHANGELOG.md * Publish - @quiet/desktop@6.6.0 - @quiet/mobile@6.6.0 * Update packages CHANGELOG.md * basic implementation * implement storage * add todos for future work * return state * update test * skip test for device linking * skip test for device linking * test fix * match send-push name to qps-send-push * add an individual push option, rename batch push * match server message format for batch * increase batch size to 500 * fixed tests * update changelog * fix registration flow * revert interval use in registration * fix registration * formatting * reinforce endpoint fuzzy match with env flag --------- Co-authored-by: Isla <5048549+islathehut@users.noreply.github.com> * rm order expectation from test (#3139) * fix: Allow more fuzziness in team link timestamp validations and use updated logging (#3137) * Pass logger into team/connection and update auth to use new logging * Update auth * Use main auth branch * Publish - @quiet/desktop@7.0.1-alpha.4 - @quiet/mobile@7.0.1-alpha.4 * Update packages CHANGELOG.md * mess around with the deployment options * Publish - @quiet/desktop@7.0.1-alpha.5 - @quiet/mobile@7.0.1-alpha.5 * Update packages CHANGELOG.md * try macos 15 and xcode 16 * Publish - @quiet/desktop@7.0.1-alpha.6 - @quiet/mobile@7.0.1-alpha.6 * Update packages CHANGELOG.md * Revert "try macos 15 and xcode 16" This reverts commit 5af7de9. * change xcode project compatibility to 16 rather than 12 * Publish - @quiet/desktop@7.0.1-alpha.7 - @quiet/mobile@7.0.1-alpha.7 * Update packages CHANGELOG.md * add IOS_FIREBASE_KEY secret to env * Publish - @quiet/desktop@7.0.1-alpha.8 - @quiet/mobile@7.0.1-alpha.8 * Update packages CHANGELOG.md * remove unused app groups section from entitlements * add new mobile provisioning profile for network service extension * decrypt mobile provisioning profiles to the right spot * Publish - @quiet/desktop@7.0.1-alpha.9 - @quiet/mobile@7.0.1-alpha.9 * Update packages CHANGELOG.md * Fix the provisioning profile specifier * Publish - @quiet/desktop@7.0.1-alpha.10 - @quiet/mobile@7.0.1-alpha.10 * Update packages CHANGELOG.md * add missing provisioning profile mapping * Publish - @quiet/desktop@7.0.1-alpha.11 - @quiet/mobile@7.0.1-alpha.11 * Update packages CHANGELOG.md * fix(3146): Fix slow electron startup (#3147) * Load splash before main view * Add extra logging to uncover issue * Try apple silicon build * Update desktop-build.yml * Update desktop-build.yml * Make logs traces * Add prod arm64 deploy job and run e2e tests on latest macos * Update main.ts * Fix issue in unit tests and use latest intel mac runner * Update CHANGELOG.md * Update .github/workflows/desktop-build.yml Co-authored-by: Jake McGinty <me@jakebot.org> --------- Co-authored-by: Jake McGinty <me@jakebot.org> * Update notification for arm mac builds (#3151) * Publish - @quiet/desktop@7.0.1-alpha.12 - @quiet/mobile@7.0.1-alpha.12 * Update packages CHANGELOG.md * fix(3180): Add mac entitlement to fix arm64 builds (#3181) * Add entitlement to fix arm64 binaries * Update changelog * Publish - @quiet/desktop@7.0.1-alpha.13 - @quiet/mobile@7.0.1-alpha.13 * Update packages CHANGELOG.md * fix(3140): Validate qss endpoint when qss is allowed to avoid registration loops (#3141) * Validate qss endpoint when qss is allowed to avoid registration loops * Update CHANGELOG.md * Update desktop tests * Update CreateCommunity.test.tsx * fix(3127): Only run the qss log sync interval once the auth connection is properly up and running (#3126) * Only run the qss log sync interval once the auth connection is properly up and running * Update CHANGELOG.md * Go back to using connected event because I'm losing my mind * Update auth to latest * Clarify naming convention * Go back to active but rename event to connected * fix hidden title bar on linux (#3153) Co-authored-by: taea <taelxvie@gmail.com> * Publish - @quiet/desktop@7.0.1-alpha.14 - @quiet/mobile@7.0.1-alpha.14 * Update packages CHANGELOG.md * Publish - @quiet/desktop@7.0.1 - @quiet/mobile@7.0.1 * Update packages CHANGELOG.md * Move changelog entries to the correct versions * Update back compat version to 7.0 * Log error on before-quit * Bump webdriver * Bump back compat version to 7.0.1 --------- Co-authored-by: Jake McGinty <me@jakebot.org> Co-authored-by: taea <taelxvie@gmail.com> Co-authored-by: bitmold <dsnake@protonmail.com> Co-authored-by: Taea <88346289+adrastaea@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #3123 Removes Superflous @peculiar/webcrypto dependency. Removes hacky JavaScript that was needed to override global.crypto