When using the `crypto.getRandomValues` method on a `Compute@Edge` instance, a small bug in the JS Compute Runtime that was previously unpatched allows the predictable initial value to be presented to the PRNG, thus forcing the PRNG to use the same value for each WebAssembly module. The issue has been patched in version 0.5.4. No known workarounds exist.
4.0 - A Critical Issue with Hosting Plans for Node.js apps There is a critical issue with hosting plans for Node.js apps that can cause Node.js app deployment to fail, even in cases where Node.js is not used for the hosting plan at all. If you are using a hosting plan that is associated with Node.js, you will encounter this issue when upgrading your plan to a new version.
How to fix hosting plan deployment failures for Node.js apps
If your Node.js app fails to deploy after upgrading your hosting plan, it is possible that the issue is due to a race condition in the `crypto.getRandomValues` method when used with the `Compute@Edge` API. In order to work around this issue you can use either of the following approaches:
A) Set a unique random value when linking WebAssembly modules with `Compute@Edge`.
B) If using a hosting plan that does not require Node.js, it is possible that updating from a previous version may fail and cause your app to fail to deploy. To avoid this, you can take the approach described in B (or A if you are unable to use B).
What is Node.js?
Node.js is a JavaScript runtime environment built on Chrome's V8 JavaScript engine. It is sometimes referred to as a JavaScript server-side framework and it has gained traction in recent years for its ability to allow for building scalable, high-performance network applications using an asynchronous event-driven pattern.
Node.js Hosting Plans with Node.js
Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time Web applications that run across distributed devices. Node.js has server-side JavaScript engines built in that can run without any dependencies or configuration, making it a great choice for hosting apps and services in the cloud or locally.
Including Node.js in your hosting plan gives you access to a large number of modules from npm, the Node Package Manager (NPM). NPM is a dependency manager used to manage packages of code written in JavaScript and other programming languages such as TypeScript and CoffeeScript, with over 300 million downloads every month.
What is this issue about?
A JS Compute Runtime bug that was previously unpatched allows the predictable initial value to be presented to the PRNG, thus forcing the PRNG to use the same value for each WebAssembly module. The issue has been patched in version 0.5.4. No known workarounds exist.
Timeline
Published on: 09/20/2022 20:15:00 UTC
Last modified on: 09/21/2022 20:02:00 UTC