fix: instrumentation.ts crypto import for webpack compatibility

Use eval('require')('crypto') to hide the import from webpack's
static analysis. The instrumentation file is compiled for both
client and server, but crypto is only used in Node.js runtime.
This commit is contained in:
diegosouzapw
2026-02-25 16:26:05 -03:00
parent bc55911d0f
commit 8caef4b688
+4 -2
View File
@@ -8,10 +8,12 @@
* @see https://nextjs.org/docs/app/building-your-application/optimizing/instrumentation
*/
import crypto from "crypto";
function ensureJwtSecret(): void {
if (!process.env.JWT_SECRET || process.env.JWT_SECRET.trim() === "") {
// Use eval to hide require from webpack's static analysis
// This code only runs in Node.js runtime (guarded by NEXT_RUNTIME check)
// eslint-disable-next-line no-eval
const crypto = eval("require")("crypto");
const generated = crypto.randomBytes(48).toString("base64");
process.env.JWT_SECRET = generated;
console.log("[STARTUP] JWT_SECRET auto-generated (random 64-char secret)");