Terser v3.16.0 breaks terser-webpack-plugin about terser-webpack-plugin HOT 54 CLOSED

A bug in terser 3.16 which was released hours ago.

For npm users run:
npm i [email protected]

For yarn users: add the following field to package.json and then rerun yarn:

"resolutions": {
  "terser": "3.14.1"
}

from terser-webpack-plugin.

Solution:
npm install [email protected] --save-dev
For me it solves!

from terser-webpack-plugin.

I changed _terser.default.minify to _terser.minify and it works

from terser-webpack-plugin.

https://github.com/rogeriochaves/npm-force-resolutions
for npm

from terser-webpack-plugin.

For everyone using npm who can't wait for update from terser, here is a simple (temporary) fix you can apply:

1. npm install --save-dev [email protected] --save-exact
2. edit package-lock.json > locate: "terser-webpack-plugin" > inside it's tree: change:
   "terser": "^3.8.1" (or whatever), to "terser": "3.14.1" and make sure there is no “^” in front of the version

Cheers

from terser-webpack-plugin.

To summarize it: Everybody that gets a CI failure on the master branch or an error on production, probably didn't commit the lockfile. That's not how lockfiles work. They are there to fix your dependencies, so every dependency upgrade need to be done manually** in a PR, which is reviewed and tested by CI. This way no broken release (which happen, because everyone makes mistakes) could every break your production environment or even your development workflow.

** There are also services to automate this.

from terser-webpack-plugin.

terser/terser#254 should address this.

from terser-webpack-plugin.

Fix has been implemented: terser/terser#254

from terser-webpack-plugin.

Hello guys, the same problem for me when running nuxt generate, now I fixed using @TomCosta solution npm install [email protected] --save-dev, so thanks.
Hope this problem will be fixed in the future.

from terser-webpack-plugin.

@huochunpeng the point is that terser made a breaking change without bumping the major version, but just v3.14.1 => v3.16.0. Besides worth taking into the account that it's not just terser-webpack-plugin depends on terser but many other libraries too.

from terser-webpack-plugin.

@vladimiry Agree. Default exports and module.exports assignment were mistake.

from terser-webpack-plugin.

When doing the above trick, make sure to install the exact version (--save-exact) or else you'll end up with a broken first level dependency:

npm install [email protected] --save-dev --save-exact

And your package.json afterwards should mention:

terser: "3.14.1" - there should be NO ^ in front of the 3.

from terser-webpack-plugin.

@ksharlandjiev package-lock is generally quite good for applications but not libraries (since you won't be testing and building using the same dependencies that users of your library will end up with)

Locking the dependencies is useful for libraries too as it makes the build process reproducible.

from terser-webpack-plugin.

Yikes, looks like next.js is broken too 😨

from terser-webpack-plugin.

@TomCosta , I literally had this issue about 15 mins ago for an ionic 4 project. Found your solution, which you posted about 10 mins ago and worked perfectly, thanks :)

from terser-webpack-plugin.

Running npm install [email protected] --save-dev fixed my Nuxt npm run build too. Thank you.

from terser-webpack-plugin.

This is also affecting Create React App. See facebook/create-react-app#6334.

from terser-webpack-plugin.

So hopefully over a time all the developers will have https://palantir.github.io/tslint/rules/no-default-export/ / https://github.com/benmosher/eslint-plugin-import/blob/master/docs/rules/no-default-export.md rules enabled in own library-like projects.

from terser-webpack-plugin.

@mdix I am not using terser library directly in my package.json.
Third party libraries are using terser, so will this change help me be able to build my web app correctly?

from terser-webpack-plugin.

@anujladia check my suggestion, I was also with the same case.
Install terser 3.14.1 locally with —save-dev, modify package-lock and specify 3.14.1 and not anything else starting with ^ for any package using it

from terser-webpack-plugin.

@anujladia if you build something on CI servers (Travis, Gitlab, etc) using npm consider executing npm ci there instead of npm install.

from terser-webpack-plugin.

@bendg25 look at your package-lock.json and search for "terser".
I have suggested a fix somewhere up in the comments.

from terser-webpack-plugin.

Locking the dependencies is not that useful for libraries. You rather want to see things break in your CI and be warned about it. If you must lock your dependency to a certain dependencies, this should be the way to go.

from terser-webpack-plugin.

@afide1 Hey, its been fixed, all you need to do is update terser-webpack-plugin to v1.2.2 +

from terser-webpack-plugin.

I added console logging locally and the _terser object is empty ({}) at the point where it's trying to do this:

  const {
    error,
    map,
    code,
    warnings
  } = _terser.default.minify({
    [file]: input
  }, terserOptions);

_terser.default is undefined and therefore it can't dereference _terser.default.minify.

I assume the terser folks must have changed something such that

var _terser = _interopRequireDefault(require("terser"));

no longer gets the right object.

from terser-webpack-plugin.

Even without any work from terser, you can fix the code in this repo, defensively support both terser 3.16 (esm) and old versions (commonjs).

// import terser from 'terser';
// change to
import {minify} from 'terser';

//... change terser.minify(...) to minify(...)

from terser-webpack-plugin.

@vladimiry you are right, I understand. I just offer a solution for this repo instead of waiting terser to fix the backward compatibility.

from terser-webpack-plugin.

I changed _terser.default.minify to _terser.minify and it works

Thanks ❤️ , verified for me running npm run build with:

devDependencies": {
    ...,
    "@vue/cli-plugin-babel": "^3.4.0",
    "@vue/cli-service": "^3.4.0",
  }

from terser-webpack-plugin.

I changed _terser.default.minify to _terser.minify and it works

In my case it was _terser2.default.minify and it works also fine for me.

from terser-webpack-plugin.

FYI rollup plugin is not broken :)
https://github.com/TrySound/rollup-plugin-terser/blob/master/transform.js#L1

from terser-webpack-plugin.

FYI rollup plugin is not broken :)

One more instance of default exports and accordingly imports should not be used at all, in my opinion.

from terser-webpack-plugin.

I have :)

from terser-webpack-plugin.

Unfortunately, the solution proposed by @TomCosta above isn't working, I'm trying to deploy a Next.js application to Now.sh and I'm still getting:

TypeError: Cannot read property 'minify' of undefined

Anyone else? :(

from terser-webpack-plugin.

@cezarsmpio:
Install terser 3.14.1 as a separate dependency and update your package-lock
I’m running this on a pure react app, but it should also work for next.js
Also try to check the dependency tree when running your build to check if other dependency is installing terser 3.16.
If this is the case, again locate in your lock file and force downgrade do 3.14.1
Remember to remove the ^ in front of the version to lock to a specific one.
Good luck

from terser-webpack-plugin.

Needed to use yarn instead of npm, here is what I've done as a temp fix:

1. Delete your package-lock.json
2. Add to your package.json

"resolutions": {
    "terser": "3.14.1"
},

3. npm install [email protected] --save-dev
4. Deploy

from terser-webpack-plugin.

FYI as of now nuxt build is also broken nuxt/nuxt#4931

from terser-webpack-plugin.

@ksharlandjiev Hey thanks. But I have another quick question
We ignore sending the package-lock to git from where it gets build and deployed
So from now on should I send my package-lock everytime it is being pushed so that it always uses this package-lock.json rather than building it again on Gitlab and recreating it??
I never worked on package-lock. So have no idea about it

from terser-webpack-plugin.

We ignore sending the package-lock to git
So from now on should I send my package-lock everytime it is being pushed

Yes package-lock.json resp. yarn.lock should be commited and pushed.

from terser-webpack-plugin.

@anujladia, this is a side topic, but yes lock files should be added to prevent exactly this kind of scenarios with build processes

from terser-webpack-plugin.

@ksharlandjiev thanks man your solution works like magic
@sokra @vladimiry thanks for the information will keep these in mind for future references

from terser-webpack-plugin.

I'm getting a build error still using 3.14.1 from terser..
Error: CSS minification error: Cannot read property 'type' of undefined. File: css/app.8384d281.css

node_modules@intervolga\optimize-cssnano-plugin\index.js:106:21

from terser-webpack-plugin.

I am using Angular 7, I don't want to do this workaround, as I will no doubt forget about it and it will cause me more problems further down the line. Is it Angular 7 that brings in this (broken) dependency? and if so, are the Angular team going to make a release with a downgraded version of this plugin?

from terser-webpack-plugin.

@bendg25 it is terser plugin that cause to be block, or this plugin directly. terser as updated the way it exports it's file. This plugin needs or terser needs to provide backward compatibility. It is nothing related to angular nor reactjs.

@ksharlandjiev lockfile are only for application, all the modules that depend on those plugin are also broken.

from terser-webpack-plugin.

@kopax I don't directly include the terser plugin in my package.json. So what is bringing this dependency into my scope?

from terser-webpack-plugin.

@bendg25 webpack uses the terser plugin by default unless you override it and use something else for minification.

from terser-webpack-plugin.

@kopax so I have this: ─┬ @angular-devkit/[email protected]
│ └─┬ [email protected]
│ └── [email protected] deduped
└── [email protected]

Fix suggested by @ksharlandjiev does not work for me, as my release process runs npm install from a clean box.

from terser-webpack-plugin.

WIP on this

from terser-webpack-plugin.

With Angular 7, I updated my package-json to add:
"Terser": "3.14.1"
in the section devDependencies.

It's a workaround, but helps me to avoid that CI tries to download the latest version available (where I work, we don't push the package-lock.json in source control).

Hope this might help out while we wait for a proper solution. I'm following the thread.

from terser-webpack-plugin.

@kopax :

1. clone everything locally, run npm install
2. follow my guide: install [email protected], edit package-lock.json and pin 3.14.1 everywhere you can find it.
3. commit package-lock.json to your repository.

run your build!
your build process and npm install will follow versions "locked" into your lock file.
That is why it is important to have this into your repository and available for any CI server to use.

from terser-webpack-plugin.

/cc @fabiosantoscode hopefully you add tests on this regressions, it is break webpack for many developers

from terser-webpack-plugin.

@ksharlandjiev package-lock is generally quite good for applications but not libraries (since you won't be testing and building using the same dependencies that users of your library will end up with)

from terser-webpack-plugin.

Awesome @pitops the workaround works, thanks

from terser-webpack-plugin.

terser/terser#251

Resolved

from terser-webpack-plugin.

The latest terser update (released an hour ago) breaks this plugin.

• Operating System:
• Node Version: 10.12.0
• NPM Version: 6.4.1
• webpack Version: 4.29.0
• terser-webpack-plugin Version: 1.2.1

Expected Behavior

Terser to minify my code

Actual Behavior

ERROR in js/main.6e4faa1e7d31caf0fa3b.js from Terser
TypeError: Cannot read property 'minify' of undefined
    at minify (/<path>/node_modules/terser-webpack-plugin/dist/minify.js:175:23)

How Do We Reproduce?

Delete yarn.lock

Install terser-webpack-plugin and try to run a production build where the plugin is called

workaround

As a workaround for now if you use yarn you can add a resolution to a fixed terser version. Delete yarn.lock first and node_modules

Example (in your package.json)

"resolutions": {
  "terser": "3.14.1"
}

For npm try the suggestion by @odedi

"Thank you!"

from terser-webpack-plugin.