From 8caef4b6887d8045270bb77a0651df6891f12f9a Mon Sep 17 00:00:00 2001 From: diegosouzapw Date: Wed, 25 Feb 2026 16:26:05 -0300 Subject: [PATCH] fix: instrumentation.ts crypto import for webpack compatibility Use eval('require')('crypto') to hide the import from webpack's static analysis. The instrumentation file is compiled for both client and server, but crypto is only used in Node.js runtime. --- src/instrumentation.ts | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/instrumentation.ts b/src/instrumentation.ts index d537bd46..42aee252 100644 --- a/src/instrumentation.ts +++ b/src/instrumentation.ts @@ -8,10 +8,12 @@ * @see https://nextjs.org/docs/app/building-your-application/optimizing/instrumentation */ -import crypto from "crypto"; - function ensureJwtSecret(): void { if (!process.env.JWT_SECRET || process.env.JWT_SECRET.trim() === "") { + // Use eval to hide require from webpack's static analysis + // This code only runs in Node.js runtime (guarded by NEXT_RUNTIME check) + // eslint-disable-next-line no-eval + const crypto = eval("require")("crypto"); const generated = crypto.randomBytes(48).toString("base64"); process.env.JWT_SECRET = generated; console.log("[STARTUP] JWT_SECRET auto-generated (random 64-char secret)");