Skip to content

Enhance browser compatibility and update Vite configuration#486

Open
kavindadimuthu wants to merge 4 commits intoasgardeo:mainfrom
kavindadimuthu:fix-nuxt-release-3
Open

Enhance browser compatibility and update Vite configuration#486
kavindadimuthu wants to merge 4 commits intoasgardeo:mainfrom
kavindadimuthu:fix-nuxt-release-3

Conversation

@kavindadimuthu
Copy link
Copy Markdown
Contributor

@kavindadimuthu kavindadimuthu commented Apr 29, 2026
edited by coderabbitai Bot
Loading

Purpose

This pull request improves compatibility and reliability for browser and Nuxt environments by adjusting how Node.js polyfills are handled and ensuring proper dependency pre-bundling with Vite. The most important changes are grouped below:

Browser polyfill handling:

  • Moves the logic for exposing Buffer on the window object from the esbuild configuration (esbuild.config.mjs — previously in banner and footer) directly into the browser entry point (src/index.ts). This ensures Buffer is always available globally in browser builds, preventing issues with libraries that expect Node polyfills. [1] [2] [3]

Nuxt/Vite dependency handling:

  • Updates the Nuxt module to extend the Vite config, explicitly pre-bundling several CJS-only dependencies (@asgardeo/browser, @asgardeo/javascript, @asgardeo/vue, base64url, cross-fetch, fast-sha256) for client builds. This prevents "Export 'X' is not defined in module" errors caused by Vite serving these packages as raw CJS from disk. [1] [2]

Related Issues

  • N/A

Related PRs

  • N/A

Checklist

  • Followed the CONTRIBUTING guidelines.
  • Manual test round performed and verified.
  • Documentation provided. (Add links if there are any)
  • Unit tests provided. (Add links if there are any)

Security checks

Summary by CodeRabbit

  • Refactor

    • Browser SDK now exposes Buffer conditionally at runtime instead of injecting it at build time, improving compatibility in environments without native Buffer.
    • Internal runtime now uses the browser-friendly user profile helper to better align client behavior.

  • Chores

    • Nuxt module extends client build tooling to pre-bundle selected CommonJS dependencies for more reliable builds.

@kavindadimuthu
Enhance browser compatibility by exposing Buffer globally and update …
70cbdca 
…Vite configuration for pre-bundling external dependencies
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented Apr 29, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 02866e3c-7914-416a-98ca-67c727a75413

📥 Commits

Reviewing files that changed from the base of the PR and between 26bb608 and 649fa75.

📒 Files selected for processing (2)
  • packages/nuxt/src/module.ts
  • packages/nuxt/src/runtime/components/AsgardeoRoot.ts
✅ Files skipped from review due to trivial changes (1)
  • packages/nuxt/src/module.ts
📝 Walkthrough

Walkthrough

Removed esbuild build-time injection of window.Buffer, moved conditional window.Buffer assignment into the browser runtime entry, and added a Nuxt module change to extend client-side Vite config to pre-bundle several CJS-only dependencies.

Changes

Browser Buffer Polyfill Strategy

Layer / File(s) Summary
Build config removal
packages/browser/esbuild.config.mjs		 Removed esbuild commonOptions banner/footer that previously injected window.Buffer into bundles.
Runtime assignment
packages/browser/src/index.ts		 Imports Buffer from buffer and conditionally assigns window.Buffer when not present before re-exporting package APIs.

Nuxt Build Optimization

Layer / File(s) Summary
Type / helper addition
packages/nuxt/src/module.ts		 Adds extendViteConfig to imports and introduces a local ViteUserConfig helper type.
Client Vite extension
packages/nuxt/src/module.ts		 Adds a client-only extendViteConfig call that appends a predefined list of CJS-only dependencies into viteConfig.optimizeDeps.include, with defaults for missing optimizeDeps/include and filtering to avoid duplicates.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

Suggested reviewers

  • DonOmalVindula

Poem

🐰 I hopped through bundles, sniffed the build-time air,
Moved buffer's blanket to where browsers care,
Nuxt now gathers CJS friends for quicker starts,
A tidy hop, a runtime nudge, and smaller parts,
Wee rabbit cheers — the bundle sings, light as air.

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately reflects the main changes: enhancing browser compatibility via polyfill handling and updating Vite configuration for the Nuxt module.
Description check ✅ Passed The PR description covers the purpose and key changes comprehensively with references, but all checklist items remain unchecked despite appearing to be applicable to these code modifications.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
Review rate limit: 0/1 reviews remaining, refill in 60 minutes.

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai Bot reviewed Apr 29, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@packages/nuxt/src/module.ts`:
- Around line 309-316: The current optimizeDeps include list in the deps array
references transitive packages (`@asgardeo/javascript`, base64url, cross-fetch,
fast-sha256) that are not declared in packages/nuxt/package.json; update the
module by either (A) adding these packages as explicit direct dependencies in
package.json so strict-mode package managers resolve them correctly, or (B)
remove them from the deps array and only include the top-level packages
('@asgardeo/browser' / '@asgardeo/node') if you confirm they bundle those
transitive modules at runtime; locate the deps constant in module.ts and ensure
package.json and the deps array are consistent to avoid strict-install failures.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 705c05e4-f359-49ff-845c-25a0e2e1dfe4

📥 Commits

Reviewing files that changed from the base of the PR and between faf4ab0 and 70cbdca.

📒 Files selected for processing (3)
  • packages/browser/esbuild.config.mjs
  • packages/browser/src/index.ts
  • packages/nuxt/src/module.ts
💤 Files with no reviewable changes (1)
  • packages/browser/esbuild.config.mjs

Comment thread packages/nuxt/src/module.ts Outdated
Comment on lines +309 to +316
const deps = [
'@asgardeo/browser',
'@asgardeo/javascript',
'@asgardeo/vue',
'base64url',
'cross-fetch',
'fast-sha256',
];
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

python - <<'PY'
import json
from pathlib import Path

nuxt_pkg = Path("packages/nuxt/package.json")
required = [
    "@asgardeo/browser",
    "@asgardeo/javascript",
    "@asgardeo/vue",
    "base64url",
    "cross-fetch",
    "fast-sha256",
]

data = json.loads(nuxt_pkg.read_text())
deps = data.get("dependencies", {})
peer = data.get("peerDependencies", {})

print(f"Checking {nuxt_pkg}:")
for name in required:
    declared = name in deps or name in peer
    where = "dependencies" if name in deps else ("peerDependencies" if name in peer else "NOT DECLARED")
    print(f"  - {name}: {where}")

print("\nIf any entry is NOT DECLARED, validate whether forcing it in optimizeDeps.include is safe for strict package managers.")
PY

Repository: asgardeo/javascript

Length of output: 415

🏁 Script executed:

# Get context around lines 309-316 in the module.ts file
head -n 330 packages/nuxt/src/module.ts | tail -n 40

Repository: asgardeo/javascript

Length of output: 1385

🏁 Script executed:

# Search for imports or usage of the undeclared packages in the nuxt module
rg -l "@asgardeo/javascript|base64url|cross-fetch|fast-sha256" packages/nuxt/src

Repository: asgardeo/javascript

Length of output: 91

🏁 Script executed:

# Check if these undeclared packages might be transitive dependencies
rg '"@asgardeo/javascript"|"base64url"|"cross-fetch"|"fast-sha256"' packages/nuxt/package.json packages/nuxt/package-lock.json 2>/dev/null || echo "Checking if packages are transitive..."

Repository: asgardeo/javascript

Length of output: 102

🏁 Script executed:

# Check if the undeclared packages are listed as external dependencies of `@asgardeo/browser`
# Look at what `@asgardeo/browser` depends on
cat packages/browser/package.json | jq '.dependencies, .peerDependencies, .optionalDependencies' 2>/dev/null || echo "Checking browser package..."

Repository: asgardeo/javascript

Length of output: 366

🏁 Script executed:

# Look for `@asgardeo/javascript` as a dependency in browser or vue packages
rg '"@asgardeo/javascript"' packages/browser/package.json packages/vue/package.json 2>/dev/null || echo "Not found in direct search"

Repository: asgardeo/javascript

Length of output: 136

🏁 Script executed:

# Check if these transitive packages are actually listed in package-lock.json or the monorepo structure
fd package.json | xargs grep -l "base64url\|cross-fetch\|fast-sha256" 2>/dev/null | head -10

Repository: asgardeo/javascript

Length of output: 120

🏁 Script executed:

# Check `@asgardeo/javascript`'s dependencies to see if it declares base64url and fast-sha256
cat packages/javascript/package.json | jq '.dependencies, .peerDependencies' 2>/dev/null || echo "Checking javascript package..."

Repository: asgardeo/javascript

Length of output: 146

🏁 Script executed:

# Check `@asgardeo/vue`'s dependencies
cat packages/vue/package.json | jq '.dependencies, .peerDependencies' 2>/dev/null || echo "Checking vue package..."

Repository: asgardeo/javascript

Length of output: 236

🏁 Script executed:

# Search for cross-fetch in all package.json files
grep -r "cross-fetch" packages/ --include="package.json"

Repository: asgardeo/javascript

Length of output: 118

🏁 Script executed:

# Check all dependencies of `@asgardeo/browser` more carefully including dev deps
cat packages/browser/package.json | jq '.' 2>/dev/null | head -80

Repository: asgardeo/javascript

Length of output: 2116

🏁 Script executed:

# Search for where cross-fetch is actually used in the nuxt module or imports
rg "cross-fetch" packages/nuxt/

Repository: asgardeo/javascript

Length of output: 116

🏁 Script executed:

# Check if cross-fetch should be coming from `@asgardeo/browser`'s dependencies
rg "cross-fetch" packages/browser/

Repository: asgardeo/javascript

Length of output: 45

🏁 Script executed:

# Let's check the full nuxt package.json to see all declared dependencies
cat packages/nuxt/package.json | jq '.dependencies, .peerDependencies' 2>/dev/null

Repository: asgardeo/javascript

Length of output: 283

🏁 Script executed:

# Double-check where cross-fetch is actually imported/used in the codebase
rg "cross-fetch|from.*cross-fetch|import.*cross-fetch" packages/

Repository: asgardeo/javascript

Length of output: 261

🏁 Script executed:

# Check if cross-fetch is used in `@asgardeo/browser` source code
rg "cross-fetch" packages/browser/src/

Repository: asgardeo/javascript

Length of output: 45

🏁 Script executed:

# Final verification: confirm `@asgardeo/node` is in nuxt dependencies and check its full package.json
cat packages/nuxt/package.json | jq '.dependencies | keys'

Repository: asgardeo/javascript

Length of output: 163

🏁 Script executed:

# Verify the dependency chain: nuxt -> `@asgardeo/node` -> cross-fetch
echo "=== `@asgardeo/node` dependencies ===" && cat packages/node/package.json | jq '.dependencies | keys'

Repository: asgardeo/javascript

Length of output: 251

🏁 Script executed:

# Verify the dependency chain: nuxt -> `@asgardeo/browser` -> base64url, fast-sha256, `@asgardeo/javascript`
echo "=== `@asgardeo/browser` dependencies ===" && cat packages/browser/package.json | jq '.dependencies | keys'

Repository: asgardeo/javascript

Length of output: 285

These packages are transitive dependencies; verify strict mode compatibility.

The packages @asgardeo/javascript, base64url, cross-fetch, and fast-sha256 are not declared in packages/nuxt/package.json but are transitive dependencies of the declared @asgardeo/browser and @asgardeo/node packages. While this ensures they are resolvable through the dependency tree, including them in optimizeDeps.include without explicit declaration may cause issues in strict package manager configurations. Verify this approach works correctly with strict mode installs, or alternatively declare these as direct dependencies if the Nuxt module explicitly depends on them.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@packages/nuxt/src/module.ts` around lines 309 - 316, The current optimizeDeps
include list in the deps array references transitive packages
(`@asgardeo/javascript`, base64url, cross-fetch, fast-sha256) that are not
declared in packages/nuxt/package.json; update the module by either (A) adding
these packages as explicit direct dependencies in package.json so strict-mode
package managers resolve them correctly, or (B) remove them from the deps array
and only include the top-level packages ('@asgardeo/browser' / '@asgardeo/node')
if you confirm they bundle those transitive modules at runtime; locate the deps
constant in module.ts and ensure package.json and the deps array are consistent
to avoid strict-install failures.

@asgardeo-github-bot
Copy link
Copy Markdown

asgardeo-github-bot commented May 2, 2026

⚠️ No Changeset found

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go.

If these changes should result in a version bump, you need to add a changeset.

Refer Release Documentation to learn how to add a changeset.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kavindadimuthu @asgardeo-github-bot