Does Joplin need to change openssl build due to this change in node 17 (nodejs v17.0.0 release notes - see their blog)?
Node.js now includes OpenSSL 3.0, specifically quictls/openssl which provides QUIC support. With OpenSSL 3.0 FIPS support is again available using the new FIPS module. For details about how to build Node.js with FIPS support please see BUILDING.md.
While OpenSSL 3.0 APIs should be mostly compatible with those provided by OpenSSL 1.1.1, we do anticipate some ecosystem impact due to tightened restrictions on the allowed algorithms and key sizes.
If you hit an ERR_OSSL_EVP_UNSUPPORTED error in your application with Node.js 17, it’s likely that your application or a module you’re using is attempting to use an algorithm or key size which is no longer allowed by default with OpenSSL 3.0. A command-line option, --openssl-legacy-provider, has been added to revert to the legacy provider as a temporary workaround for these tightened restrictions.
For details about all the features in OpenSSL 3.0 please see the OpenSSL 3.0 release blog.
Having a look around the building process I get
$ yarn install ... ➤ YN0000: Failed with errors in 49s 623ms
the log shows
Error: error:0308010C:digital envelope routines::unsupported at new Hash (node:internal/crypto/hash:67:19) at Object.createHash (node:crypto:133:10) at module.exports ... opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ], library: 'digital envelope routines', reason: 'unsupported', code: 'ERR_OSSL_EVP_UNSUPPORTED' }
A stackoverflow answer (a/69713899) recommends changing
package.json to have
"start": "react-scripts --openssl-legacy-provider start".
I can build the app, however, by using
export NODE_OPTIONS=--openssl-legacy-provider in the terminal.
However, is Joplins openssl build outdated since the BUILD.md says node16+ should be used?