Clojurians Log v2

Clojure programming
Channels
# 100-days-of-code# aatree# admin-announcements# adventofcode# ai# alda# aleph# all-the-channels# announcements# arachne# architecture# asami# atlanta-clojurians# atom-editor# autochrome-github# avi# aws# aws-lambda# babashka# babashka-sci-dev# bangalore-clj# beginners# berlin# biff# bigdata# bitcoin# boot# boot-dev# boulder-clojurians# braid-chat# braveandtrue# brevis# bristol-clojurians# business# calva# capetown# carry# cbus# cestmeetup# chestnut# chlorine-clover# cider# circleci# clara# clj-commons# cljdoc# cljfx# clj-http# clj-kondo# clj-on-windows# cljs-dev# cljs-experience# cljsfiddle# cljsjs# cljsrn# cljtogether# clojars# clojure# clojure-android# clojure-argentina# clojure-art# clojure-austin# clojure-australia# clojure-austria# clojure-bangladesh# clojure-bay-area# clojure-beijing# clojure-belgium# clojure-berlin# clojure-boston# clojure-brasil# clojurebridge# clojurebridge-ams# clojure-canada# clojure-chennai# clojure-chicago# clojure-china# clojure-colombia# clojure-conj# clojurecup# clojure-czech# clojured# clojure-denmark# clojure-denver# clojure-derby# clojuredesign-podcast# clojure-dev# clojure-dusseldorf# clojure-ecuador# clojure-egypt# clojure-estonia# clojure-europe# clojure-filipino# clojure-finland# clojure-france# clojure-gamedev# clojure-germany# clojure-greece# clojure-guangzhou# clojure-hamburg# clojure-hk# clojure-houston# clojure-hungary# clojure-india# clojureindia# clojure-indonesia# clojure-ireland# clojure-israel# clojure-italy# clojure-japan# clojure-kc# clojure-korea# clojure-losangeles# clojure-madison# clojure-mexico# clojure-miami# clojure-mk# clojure-mke# clojure-morsels# clojure-my# clojure-new-zealand# clojure-nl# clojure-nlp# clojure-norway# clojure-poland# clojure-portugal# clojure-provo# clojure-quebec# clojureremote# clojure-romania# clojure-russia# clojure-sanfrancisco# clojurescript# clojurescript-ios# clojure-sdn# clojure-seattle# clojure-serbia# clojure-sg# clojure-shanghai# clojure-spain# clojure-spec# clojuresque# clojure-survey# clojure-sweden# clojure-switzerland# clojure-taiwan# clojure-turkiye# clojure-uk# clojure-ukraine# clojureverse-ops# clojurewerkz# clojurewest# clojurex# clojure-za# clojurian-chat-app# clojutre# cloverage# cloxp# clr# code-art# code-reviews# community-development# component# conf-proposals# conjure# consulting# contributions-welcome# copenhagen-clojurians# core-async# core-logic# core-matrix# core-typed# cryogen# crypto# css# cursive# cz-clojure# d2q# datacrypt# datahike# datalevin# datalog# data-oriented-programming# data-science# datascript# datavis# dato# datomic# defnpodcast# deps-new# depstar# devcards# devops# dirac# docker# docs# domino-clj# duct# dunaj# eastwood# editors# emacs# error-message-catalog# etaoin# ethereum# euroclojure# events# exercism# expound# figwheel# figwheel-main# flambo# fulcro# funcool# functionalprogramming# funimage# garden# ghostwheel# girouette# gis# google-cloud# gorilla# graalvm# graalvm-mobile# graclj# graphql# gratitude# gsoc# hammock-driven-dev# helix# heroku# hispano# holy-lambda# honeysql# hoplon# hugsql# humor# hypercrud# hyperfiddle# immutant# improve-getting-started# incanter# indycljs# inf-clojure# instaparse# integrant# interceptors# interop# introduce-yourself# iot# iotivity# ipfs# jackdaw# jaunt# java# javascript# javelin# jobs# jobs-discuss# jobs-rus# joker# jukebox# juxt# jvm# kaocha# keechma# kekkonen# keyboards# klipse# kosmos# lambdaisland# ldnclj# ldnproclodo# lein-figwheel# leiningen# liberator# liquid# livestream# local-first-clojure# london-clojurians# lsp# luminus# lumo# mail# malli# mathematics# meander# melbourne# membrane# mental-health# microservices# mid-cities-meetup# midje# minecraft# minimallist# missionary# monads# mount# music# new-channels# new-clojure# nextjournal# nginx# nrepl# numerical-computing# nyc# observability# off-topic# om# om-next# onyx# other-languages# other-lisps# overtone# pamela# parinfer# pathom# pedestal# perun# philosophy# phzr# planck# plastic# play-clj# podcasts# polylith# portal# portkey# portland-or# powderkeg# practicalli# precept# prelude# programming-beginners# project-updates# proletarian# proton# protorepl# pulsar# pure-frame# qa# qlkit# quil# random# rdf# react# reactive# reading-clojure# reagent# reclojure# re-frame# reitit# releases# remote-jobs# respo# rethinkdb# reveal# rewrite-clj# ring# ring-swagger# robots# rum# schema# sci# sfcljs# shadow-cljs# _silence# sim-testing# sioux-falls# slack-help# sneer# sneer-br# spacemacs# specmonstah# specter# speculative# spirituality-ethics# sql# startup-in-a-month# sydney# test200# test-check# testing# thejaloniki# timbre# tmp-json-parsing# tools-build# tools-deps# trading# tree-sitter# uncomplicate# unrepl# untangled# utah-clojurians# videos# vim# vrac# vscode# wasm# web-security# windows# xtdb# yada# yleinen
Apps

shadow-cljs

https://github.com/thheller/shadow-cljs | https://github.com/sponsors/thheller | https://www.patreon.com/thheller
timrichardt 2020-09-01T08:01:50.015100Z

After 2.11.0 the default imports inside .js are kinda weird now? If i 

import Card from "@material-ui/core/Card";
I now only can use it via 
<Card.default> ... </Card.default>
The 
import { foo } from "bar"
imports work as expected.

thheller 2020-09-01T08:30:52.016Z

@timrichardt unfortunately that is the only way I can make it work. closure is kinda strict about commonjs <-> ESM interop and as far as Closure is concerned it only sees the npm packages as commonjs

thheller 2020-09-01T08:32:15.016600Z

did you not have issues with JS code in release prior to 2.11.0?

timrichardt 2020-09-01T08:32:43.017Z

I did, but this works now, as you intended.

timrichardt 2020-09-01T08:35:43.017200Z

Thx. 🙂

thheller 2020-09-01T09:00:24.017700Z

I wonder whats going to happen with webpack5. they've been talking about breaking changes in this area for years

thheller 2020-09-01T09:02:49.018100Z

https://github.com/webpack/webpack/issues/11406 looks like its going to happen soon. hope it'll improve the situation a bit

dazld 2020-09-01T13:48:58.019Z

tap&gt; is super handy! is there any way to be able to send stuff from a server side process to the inspect tab via the same helper..?

pithyless 2020-09-02T10:50:34.031100Z

@dazld I do just that, by starting a second shadow-cljs instance on the server-side. If you're running some kind of component system, you can hook up as just another start/stop component 🙂

pithyless 2020-09-02T10:52:28.031300Z

(:require [shadow.cljs.devtools.server :as shadow-server])

(defn start-shadow-inspect []
  (println "Starting shadow-server...")
  (shadow-server/start!))
^ It will find an open port and print on what port it started.

Lucy Wang 2020-09-01T14:37:54.019500Z

not sure if possible, but for a pretty good general REBL-like solution, checkout https://github.com/djblue/portal

👍 2
thheller 2020-09-01T15:25:52.020800Z

@dazld tap> for CLJ currently only works in the process where shadow-cljs is running. remote otherwise only works for CLJS.

👍 1
scottlowe 2020-09-01T18:25:10.022100Z

I'm getting a security notification for the NPM lib Elliptic which needs to be bumped from 6.5.1 to 6.5.3. The dependency is only local but it's being included by shadow-cljs as a dependency of node-libs-browser. https://github.com/advisories/GHSA-vh7m-p724-62c2

scottlowe 2020-09-01T18:25:21.022400Z

I was simply going to wait until shadow-cljs gets updated, but I've just noticed that node-libs-browser is deprecated and unlikely to be updated. Should I simply patch my yarn.lock file with a new elliptic version, or are there any plans for shadow-cljs that will sidestep this issue in the near future?

scottlowe 2020-09-01T18:26:03.022800Z

elliptic module in shadow-cljs dependency tree

thheller 2020-09-01T18:28:15.023500Z

I don't know what is going to happen with node-libs-browser once webpack v5 is out

thheller 2020-09-01T18:29:05.024600Z

you can just bump the dependency in your project if you are worried but it isn't really relevant and this will only ever be used in browser builds

thheller 2020-09-01T18:29:26.025300Z

which are probably safe. don't see how one could ever exploit this.

scottlowe 2020-09-01T18:30:03.025600Z

Okay, thanks @thheller That's what I was thinking. It's only used in dev, obviously. Thanks! 🙇

thheller 2020-09-01T18:30:37.026200Z

no its used in production BUT node-libs-browser are polyfills for npm built-in packages

scottlowe 2020-09-01T18:31:01.026900Z

Ach. Right. Thanks for the correction.

thheller 2020-09-01T18:31:23.027400Z

so you have to use a npm package that uses any of these. I'm assuming its require("crypto") and then use this in a browser (as :node-script etc will not use node-libs-browser)

thheller 2020-09-01T18:32:15.027800Z

I can bump the node-libs-browser dep. maybe thats enough.

scottlowe 2020-09-01T18:42:25.029700Z

I see what you mean. The version restrictions on crypto-browserify are relaxed for the minor version; so the child dependencies can be updated, even if there isn't a new release of node-libs-browser.

scottlowe 2020-09-01T18:43:58.030600Z

Oh. That works for me locally too with yarn upgrade. I now have elliptic@6.5.3. The joys of semantic versioning (seriously). The version restrictions were loose enough in shadow-cljs deps that I received the updated child packages. Well that's solved my problem 😊