-
Notifications
You must be signed in to change notification settings - Fork 333
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support of Scala.js 1.10.0 #2116
Comments
Oh dear. /cc @sjrd for visibility.
Please do not do that. It'll spread the fake SecureRandom everywhere (even if it is just in the test config).
You can write your own implementation of |
Implementation of As a stop gap measure, you could just copy this and use |
@gzm0 to be honest I really think that this changes in SJS a kind of disaster. |
I cannot emphasize this enough. Don't depend on
This is probably the way to go. Another possibility is to indeed move away from |
Yes, it is. So is leaving a gaping security hole in the middle of a codebase as widely depended on as Scala.js. |
…tingReporter. The UUIDs are only used as an in-memory identifier for `Slot`s. It is more efficient and more reliable to use an object identity instead, for that purpose. This removes the dependency on `UUID.randomUUID()`, which unblocks using ScalaTest with Scala.js >= 1.10.0. See GHSA-j2f9-w8wh-9ww4 and scala-js/scala-js#4657 for the reason why `randomUUID()` fails to link by default in recent Scala.js.
Here is a proposed fix: #2117 |
Scala.js released 1.10.0 which contains broking changes inside
java.lang.UUID
which forces to usejava.security.SecureRandom
: https://www.scala-js.org/news/2022/04/04/announcing-scalajs-1.10.0/TestSortingReporter
is usingUUID.randomUUID
which can't be used in sjs since this release, it fails on compiling like:I not sure how this should be fixed on the right way:
Impact? Huge.
AsyncWordSpec
and similar things are affected.@cheeseng
The text was updated successfully, but these errors were encountered: