Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Warn if fake secure random is on the classpath
See original GitHub issueIn light of https://github.com/scalatest/scalatest/issues/2116, I think it would be a very good thing if there was more hand-holding regarding the fake secure random artifact. Since downstreams can receive this dependency transitively, it is really not a nice situation for them if an upstream accidentally forgets to add % Test or worse.
This is a similar situation to https://github.com/scala-js/scala-js/issues/4610 or the warning for the global EC. Warn, because it’s probably not what the user wants, and give actionable instructions how to fix it.
If the sbt-plugin could make a best effort to check the classpath for the fake secure random and log a warning that alerts users to its presence. Or honestly even raise a fatal error, unless you explicitly opt-in a setting clearly indicating that this is what you want to do. Although the dependency can be inherited transitively, this opt-in cannot be, which is the point.
Or maybe this could be done on the linker level, IDK.
Thanks.
Issue Analytics
- State:
- Created a year ago
- Comments:18 (15 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Trying to address that at the source: https://github.com/jsdom/jsdom/pull/3352
I think that JSDOM is only modern JSEnv that doesn’t currently support cryptographically secure random numbers. But Seb has already fixed that in https://github.com/jsdom/jsdom/pull/3352 😃