packages with names over 1024 crash the resolver

[paperdave]

What version of Bun is running?

No response

What platform is your computer?

No response

What steps can reproduce the bug?

bun run boo

package.json

What is the expected behavior?

to not crash

What do you see instead?

thread 2355986 panic: reached unreachable code
/Users/dave/code/bun/.cache/zig/lib/std/debug.zig:342:14: 0x100329abf in assert (bun-zig)
    if (!ok) unreachable; // assertion failure
             ^
/Users/dave/code/bun/src/bun.zig:364:60: 0x1003844a3 in copy__anon_46322 (bun-zig)
    if (comptime Environment.allow_assert) std.debug.assert(dest.len >= src.len);
                                                           ^
/Users/dave/code/bun/src/resolver/package_json.zig:64:17: 0x100be4faf in generateHash (bun-zig)
        bun.copy(u8, &hashy, package_json.name);
                ^
/Users/dave/code/bun/src/resolver/package_json.zig:1022:42: 0x1007727af in parse__anon_87999 (bun-zig)
                package_json.generateHash();

Additional information

issue found by @ryanccn, thanks for this reproduction

[RandoomWalks]

@paperdave
2 thoughts:
allocate a buffer dynamically based on the length of the package name.
or
iteratively hash smaller chunks

[paperdave]

this should hash smaller chunks if it cannot entirely fit into 1024 bytes.

[sequencerr]

@paperdave I'm sorry if the problem is not about matching other's standards, but
https://docs.npmjs.com/cli/v10/configuring-npm/package-json#name

The name must be less than or equal to 214 characters.

[sequencerr]

Maybe display message about invalid name?