Skip to content

perf: don't bundle node:crypto in the browser bundle #782

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Nov 18, 2025
Merged

perf: don't bundle node:crypto in the browser bundle #782

merged 5 commits into from
Nov 18, 2025

Conversation

@barjin
Copy link
Member

@barjin barjin commented Nov 12, 2025

Uses new implementations of createStorageContentSignature and createHmacSignature from @apify/utilities.

Those native WebCrypto API instead of importing the node:crypto package, so we can mark crypto as external in the browser bundler and cut the bundle size ~2.4 times (both plain and compressed).

before (master) after (perf/use-native-crypto)
image image

Note: SubtleCrypto API in browsers is only available in Secure Contexts. This should be fairly safe (as any https://-served page is one, as well as localhost).

Related to #753

@barjin barjin self-assigned this Nov 12, 2025
@github-actions github-actions bot added this to the 127th sprint - Tooling team milestone Nov 12, 2025
@github-actions github-actions bot added t-tooling Issues with this label are in the ownership of the tooling team. tested Temporary label used only programatically for some analytics. labels Nov 12, 2025
Copilot finished reviewing on behalf of barjin November 12, 2025 13:09
@barjin barjin added the adhoc Ad-hoc unplanned task added during the sprint. label Nov 12, 2025
Copilot AI reviewed Nov 12, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR optimizes the browser bundle by replacing Node.js crypto implementations with native WebCrypto API equivalents from @apify/utilities, reducing bundle size by ~2.4x. The key changes involve switching from synchronous crypto signature functions to asynchronous WebCrypto-based implementations and marking the Node.js crypto module as external in the browser bundler configuration.

  • Updated signature generation functions to use async WebCrypto API implementations
  • Added browser-based tests to verify cryptographic operations work correctly in secure contexts
  • Upgraded @apify/utilities from 2.18.0 to 2.23.0 to access the new async crypto functions

Reviewed Changes

Copilot reviewed 7 out of 8 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
src/resource_clients/key_value_store.ts Switched to async signature functions (createHmacSignatureAsync, createStorageContentSignatureAsync) with proper await usage
src/resource_clients/dataset.ts Updated to use createStorageContentSignatureAsync with await
test/key_value_stores.test.js Added browser tests for getRecordPublicUrl() and createKeysPublicUrl() to verify WebCrypto implementation works in browsers
test/datasets.test.js Added browser tests for createItemsPublicUrl() to verify WebCrypto implementation works in browsers
test/_helper.js Enhanced getInjectedPage() to navigate to URLs ensuring secure context required for Web Crypto API
rsbuild.config.ts Marked crypto as external to prevent bundling Node.js crypto module in browser builds
package.json Upgraded @apify/utilities dependency to version 2.23.0
package-lock.json Updated lock file to reflect new @apify/utilities version (2.23.0)

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@barjin barjin marked this pull request as draft November 12, 2025 13:15
@barjin barjin mentioned this pull request Nov 18, 2025
Merged
barjin added a commit to apify/apify-shared-js that referenced this pull request Nov 18, 2025
@barjin
fix: improve createHmacSignatureAsync compatibility with worker-bas…
3689d59 
…ed environments (#573)

Worker-based environments (e.g. `jest` tests) do not have access to
`globalThis.require()` (while calling `require()` instead works). Deeper
investigation shows that `tsup` doesn't transpile this in a dangerous
way, so we can use this here.

Unblocks apify/apify-client-js#782 (tested)
Unblocks failing tests in #570
@barjin barjin marked this pull request as ready for review November 18, 2025 14:28
Copilot finished reviewing on behalf of barjin November 18, 2025 14:30
Copilot AI reviewed Nov 18, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Copilot reviewed 7 out of 8 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@barjin barjin merged commit 72a1d3c into master Nov 18, 2025
13 checks passed
@barjin barjin deleted the perf/use-native-crypto branch November 18, 2025 14:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@B4nan B4nan B4nan approved these changes

@vladfrangu vladfrangu Awaiting requested review from vladfrangu

Assignees

@barjin barjin

Labels

adhoc Ad-hoc unplanned task added during the sprint. t-tooling Issues with this label are in the ownership of the tooling team. tested Temporary label used only programatically for some analytics.

Projects

None yet

Milestone

127th sprint - Tooling team

Development

Successfully merging this pull request may close these issues.

3 participants

@barjin @B4nan