Skip to content

tools: add ncrypto updater script #61613

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
aduh95 wants to merge 2 commits into
base: main
Choose a base branch
from
Open

tools: add ncrypto updater script #61613

aduh95 wants to merge 2 commits into from
+70 −5

Conversation

@aduh95
Copy link
Contributor

@aduh95 aduh95 commented Feb 1, 2026

With nodejs/ncrypto#17 in a release, I think there's no reason to keep maintaining a separate copy of ncrypto in this repo.

@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Feb 1, 2026

Review requested:

  • @nodejs/actions
  • @nodejs/security-wg
  • @nodejs/tsc

@nodejs-github-bot nodejs-github-bot added build Issues and PRs related to build files or the CI. meta Issues and PRs related to the general management of the project. needs-ci PRs that need a full CI run. tools Issues and PRs related to the tools directory. labels Feb 1, 2026
panva
panva requested changes Feb 1, 2026
View reviewed changes
Copy link
Member

@panva panva left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think there's no reason to keep maintaining a separate copy of ncrypto in this repo.

I think this misses the point, ncrypto is the separate copy of node's crypto internals. Not the other way around. Not yet.

The entire reason for ncrypto's existance was to make node's internals available to other runtimes. Setting up a process where nodejs/node latest releases get pulled to and tagged in nodejs/ncrypto seems more appropriate to me.

ncrypto is a tool for non-node runtimes, not for node.

ncrypto changes are not tested with the same CI rigour, with the same openssl matrix, are not reviewed by @nodejs/crypto and there's no guarantee that changes landing in ncrypto are compatible with node. Waiting for ncrypto releases to make dependant changes in node is not a process that would welcome contributions. I for one cannot imagine having to do all of the post-quantum work last year crippled by ncrypto having to have code merged and released first.

Switching ncrypto to be a full blown dependency is still a long way off (if ever). I raised this in nodejs/ncrypto#7 and that still stands.

As is I am not convinced the nodejs project is better off relying on ncrypto releases. If anything, things will live in src/crypto again.

@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@anonrig
Copy link
Member

anonrig commented Feb 1, 2026

ncrypto is a tool for non-node runtimes, not for node.

Yes I definitely agree but we don't run certain things on deps folder, such as linting testing etc. In order to even run individual tests, either we append our test runner here with unrelated tests, such as Bazel etc, or we just behave like it's a dependency just like another.

I think it's less work to act like it's Ada/v8 etc.

@anonrig anonrig requested a review from jasnell February 1, 2026 14:01
@codecov
Copy link

codecov bot commented Feb 1, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 88.86%. Comparing base (f6464c5) to head (ae2825f).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #61613      +/-   ##
==========================================
- Coverage   89.76%   88.86%   -0.90%     
==========================================
  Files         673      673              
  Lines      203944   203944              
  Branches    39191    39109      -82     
==========================================
- Hits       183080   181245    -1835     
- Misses      13194    14970    +1776     
- Partials     7670     7729      +59

see 108 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@aduh95 aduh95 added the tsc-agenda Issues and PRs to discuss during the meetings of the TSC. label Feb 1, 2026
@aduh95
Copy link
Contributor Author

aduh95 commented Feb 1, 2026

Adding the tsc-agenda Issues and PRs to discuss during the meetings of the TSC. label as both approaches sound reasonable, and maybe we would benefit from having a quick vote.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@panva panva panva requested changes

@jasnell jasnell jasnell approved these changes

@anonrig anonrig anonrig approved these changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

build Issues and PRs related to build files or the CI. meta Issues and PRs related to the general management of the project. needs-ci PRs that need a full CI run. tools Issues and PRs related to the tools directory. tsc-agenda Issues and PRs to discuss during the meetings of the TSC.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@aduh95 @nodejs-github-bot @anonrig @panva @jasnell