Skip to content

fix(solana-utils): lazy-load jito-ts so non-Jito consumers don't crash #3702

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
0xghost42 wants to merge 1 commit into
base: main
Choose a base branch
from
+44 −3
Open

fix(solana-utils): lazy-load jito-ts so non-Jito consumers don't crash #3702

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion target_chains/solana/sdk/js/solana_utils/package.json
View file
Open in desktop
Copy link
Copy Markdown
Contributor

@devin-ai-integration devin-ai-integration Bot May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚩 Dependencies use pinned version ranges instead of catalog references

The REVIEW.md states "For TypeScript dependencies, prefer using catalog: versions over declaring package-specific dependency versions." Several dependencies in this package use explicit version ranges (e.g., @coral-xyz/anchor: ^0.29.0, @solana/web3.js: ^1.90.0, bs58: ^5.0.0) while the pnpm workspace catalog defines versions for some of these (e.g., @coral-xyz/anchor: ^0.30.1, @solana/web3.js: ^1.98.0, bs58: ^6.0.0). This is a pre-existing issue not introduced by this PR, but it's worth noting the divergence — the package uses older version ranges than what the catalog specifies.

Open in Devin Review

Was this helpful? React with 👍 or 👎 to provide feedback.

Original file line number Diff line number Diff line change
Expand Up @@ -81,5 +81,5 @@
},
"type": "module",
"types": "./dist/cjs/index.d.ts",
"version": "0.6.0"
"version": "0.6.1"
Copy link
Copy Markdown
Contributor

@devin-ai-integration devin-ai-integration Bot May 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚩 Lock file not updated after version bump

The version was bumped from 0.6.0 to 0.6.1 in package.json:84, but the pnpm-lock.yaml was not updated in this PR. Per the repository's REVIEW.md guidelines ("Also suggest the lock file changes when a bump happens"), the lock file should typically be regenerated to reflect the new version. This is usually handled by running pnpm install before committing.

Open in Devin Review

Was this helpful? React with 👍 or 👎 to provide feedback.

}
33 changes: 33 additions & 0 deletions target_chains/solana/sdk/js/solana_utils/src/__tests__/JitoLazyImport.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
// Regression test for https://github.com/pyth-network/pyth-crosschain/issues/1838.
//
// `jito.ts` historically eager-imported `jito-ts/dist/sdk/block-engine/{searcher,types}`,
// which transitively required `jito-ts`'s nested `@solana/web3.js@~1.77.3` ->
// `rpc-websockets/dist/lib/client` — a path removed in `rpc-websockets@>=7.11`.
// Consumers that loaded any `@pythnetwork/solana-utils` export therefore
// crashed with `Cannot find module 'rpc-websockets/dist/lib/client'`, even
// when they never used the Jito helpers.
//
// We now type-only-import `SearcherClient`/`Bundle` and dynamic-import
// `Bundle` inside `sendTransactionsJito`. This test guards that contract.

describe("jito-ts lazy loading", () => {
it("does not load jito-ts when importing transaction helpers", async () => {
await import("../transaction");

const cachedJitoPath = Object.keys(require.cache).find((p) =>
p.includes(`${"/node_modules/"}jito-ts/`),
);

expect(cachedJitoPath).toBeUndefined();
});

it("does not load jito-ts when importing jito.ts itself", async () => {
await import("../jito");

const cachedJitoPath = Object.keys(require.cache).find((p) =>
p.includes(`${"/node_modules/"}jito-ts/`),
);

expect(cachedJitoPath).toBeUndefined();
});
});
12 changes: 10 additions & 2 deletions target_chains/solana/sdk/js/solana_utils/src/jito.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,13 @@ import type {
} from "@solana/web3.js";
import { PublicKey, SystemProgram } from "@solana/web3.js";
import bs58 from "bs58";
// jito-ts is loaded lazily inside `sendTransactionsJito` so that consumers
// who only use the non-Jito transaction helpers do not pay the cost of
// jito-ts pulling its nested `@solana/web3.js@~1.77.3` (which transitively
// `require`s a rpc-websockets path removed in rpc-websockets@>=7.11). See
// https://github.com/pyth-network/pyth-crosschain/issues/1838.
import type { SearcherClient } from "jito-ts/dist/sdk/block-engine/searcher";
import { Bundle } from "jito-ts/dist/sdk/block-engine/types";
import type { Bundle as BundleType } from "jito-ts/dist/sdk/block-engine/types";
import type { Logger } from "ts-log";
import { dummyLogger } from "ts-log";

Expand Down Expand Up @@ -85,7 +90,10 @@ export async function sendTransactionsJito(
signedTransactions[0]?.signatures[0]!,
);

const bundle = new Bundle(signedTransactions, 2);
// Dynamic import so jito-ts (and its old @solana/web3.js transitive dep)
// is only resolved when this code path is actually taken.
const { Bundle } = await import("jito-ts/dist/sdk/block-engine/types");
const bundle: BundleType = new Bundle(signedTransactions, 2);

let lastError: Error | null | undefined;
let totalAttempts = 0;
Expand Down