fix(clerk-js): Bundle the zxcvbn library inside the headless variant

[anagstef]

Description

Currently, the zxcvbn is lazy loaded on clerk-js due to its size. However, using import() is not working in non-browser environments, including Expo.

Considering the assumption that the clerk.headless.js variant is only used on native environments, this PR bundles the whole zxcvbn inside the headless clerk-js.

This PR will fix the usage of the validatePassword on Expo.

Checklist

• npm test runs as expected.
• npm run build runs as expected.
• (If applicable) JSDoc comments have been added or updated for any package exports
• (If applicable) Documentation has been updated

Type of change

• 🐛 Bug fix
• 🌟 New feature
• 🔨 Breaking change
• 📖 Refactoring / dependency upgrade / documentation
• other:

[changeset-bot]

🦋 Changeset detected

Latest commit: b3e55f8

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages

Name	Type
@clerk/clerk-js	Patch
@clerk/chrome-extension	Patch
@clerk/clerk-expo	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[BRKalow]

@anagstef Let's add an e2e here that uses the headless entry and calls validatePassword() 👀

[panteliselef]

@anagstef I think we should also mention the increase in the bundle size as it is significant.

[anagstef]

@anagstef Let's add an e2e here that uses the headless entry and calls validatePassword() 👀

@BRKalow we should find a way to mimic the non-browser environment. We should give a shot to https://wix.github.io/Detox/

@anagstef I think we should also mention the increase in the bundle size as it is significant.

@panteliselef you mean on the changeset?

[nikosdouvlis]

My understanding is that this is only used in clerkHeadless package, so let's kill the variant argument from here and move the plugin definition to the clerkHeadless rules in prodConfig (probably line 196?)

[nikosdouvlis]

❓ Is this a sync import?
Pretty sure this is not widely supported yet - this should probably be awaited here.

[nikosdouvlis]

Is there a webpack config we can leverage where dynamic imports are "ignored" and instead they are bundled as normal?

[anagstef]

Is this a sync import?

This is followed by:

return Promise.all([core, languageCommon]);

so, we don't expect it to be sync.

[anagstef]

Is there a webpack config we can leverage where dynamic imports are "ignored" and instead they are bundled as normal?

Didn't find anything. :(

[panteliselef]

Isn't require synchronous ?

[LekoArts]

@anagstef I also think that the await before the require isn't doing anything

[anagstef]

Yes, I've removed this, but haven't pushed yet! Thank you both for noticing!

[panteliselef]

Does this mean the the dependencies will no longer load in parallel ?

[anagstef]

Hmm. Nice catch! I'll revert this one.

[nikosdouvlis]

@anagstef do we have any updates on this one?