I saw an interesting error during a Webpack build while running on Node.js v17.0.1 - i THINK this might have started on v17+ (didn't see it on earlier versions)

special note on NVM:

• NVM was especially handy while i was looking at this error
• it made it very quick and easy to switch between versions of Node.js to observe the different behave between versions

The error:

• "Error : error : 0308010C:digital envelope routines::unsupported at new Hash (node:internal/crypto/hash:67:19)"

a helpful source

• https://github.com/webpack/webpack/issues/14532
  • the comment with the fix i used: https://github.com/webpack/webpack/issues/14532#issuecomment-950198249
  • there were other similar fixes like this: https://github.com/webpack/webpack/issues/14532#issuecomment-947012063
    • this one is probably a better approach than my approach, because this looks like one change--i change any script i have that runs webpack
  • and this was another different fix (webpack config): https://github.com/webpack/webpack/issues/14532#issuecomment-947525539
    • this might be the best fix, i didn't try it
    • not sure i understood the fix--but it seems like if there is a webpack config change to fix this, it would be preferred

the fix i used

• use the following in package.json scripts -- SET NODE_OPTIONS=--openssl-legacy-provider
• example:
  • "dev": "npm run typescheck && SET NODE_OPTIONS=--openssl-legacy-provider && webpack --mode=development",
• is this "fix" a security issue?? i don't think so, because webpack is just using the hash algorithm during optimization--not fur security

note on the fix

• i really don't know if this is the right way to handle this error
• it wasn't clear to me from the above source if there is a problem with this approach
• best i could tell, it seemed to me that Webpack is using an old hashing algorithm
• maybe the webpack config change would be a better fix, i didn't bother to try that yet