build: warn about --without-ssl disabling debugger

[refack]

• To fix build: --without-ssl and --without-intl imply new limitation (no debugger) #12758, added an assertion that if
  --without-ssl or --without-intl are set, --without-debugger must
  also be explicitly set.

• Added --without-debugger is an alias to --without-inspector, since
  we removed the old TCP debug protocol the V8 inspect protocol is the
  only debugger available. Hence disabling inspector means disabling
  any kind on JS debugger.

Depends on: #12197
Fixes: #12758

Checklist

• make -j4 test (UNIX), or vcbuild test (Windows) passes
• documentation is changed or added
• commit message follows commit guidelines

Affected core subsystem(s)

build, tools, inspector, debugger

[refack]

@addaleax question: are changes in our internal tools semver-major?
(for this one it doesn't matter since it's dependent on #12197)

[refack]

/cc @nodejs/build @nodejs/diagnostics

[addaleax]

are changes in our internal tools semver-major?

No, but ./configure is not an internal tool.

(Also, just so you know, it doesn’t really make a difference to add dont-land labels for semver-major changes; it’s kind of implicit in the label that it shouldn’t land on any release branches.)

[refack]

No, but ./configure is not an internal tool.

Why?
Does that mean that changing it's stdout output is also semver-major?

(Also, just so you know, it doesn’t really make a difference to add dont-land labels for semver-major changes; it’s kind of implicit in the label that it shouldn’t land on any release branches.)

I know, but there was a conversation somewhere about being explicit about the dont-lands

[addaleax]

No, but ./configure is not an internal tool.

Why?

Because it ends up being used by hundreds of scripts for building Node.

Does that mean that changing it's stdout output is also semver-major?

Probably not?

[refack]

Hmmmm 🤔 gray area, yay (not)...
I'll rework this PR

[refack]

Narrowed the score of PR, PTAL. Thank you.

[refack]

ping @nodejs/build @nodejs/diagnostics @danbev @sam-github

[sam-github]

So, with this change, every time I build node --without-ssl, I also have to add --without-debugger? If so, I think a extra line in the without-ssl docs describing the impact of not having SSL would be more useful (no crypto, no Inspector, etc.).

[refack]

Do you mean https:/nodejs/node/blob/master/configure#L433? IMHO that's very subtle (even if with couple it with emitting a warning message on ./configure run).

IMHO a debugger interface is a very important feature, even in a production environment. For me it's my eyes and ears into any kind of problems, but that's a personal opinion.

[refack]

@sam-github like you said, I think we should look into a non TLS proxy for inspector in this scenario...

[refack]

@eugeneo since you're coding around there, how feasible is it to proxy inspector over clear TCP if we don't have openSSL?

[refack]

@sam-github Apperently I didn't invent it 😉

c:\code\node-cur$ python configure  --dest-cpu=x64 --tag= --ninja --with-intl=full-icu

creating icu_config.gypi
* ECMA-402 (Intl) support didn't find ICU in deps/icu..
Warning: Not downloading package "icu". You could pass "--download=all" (Windows: "download-all") to try auto-downloading it.
Cannot build Intl without ICU in deps/icu.
(Fix, or disable with "--with-intl=none" )

c:\code\node-cur$ python configure  --dest-cpu=x64 --tag= --ninja --with-intl=full-icu --download=all

creating icu_config.gypi
* ECMA-402 (Intl) support didn't find ICU in deps/icu..
 <https://ssl.icu-project.org/files/icu4c/59.1/icu4c-59_1-src.zip>
 Fetch: : 36.4MB total, 36.4MB downloaded
Checking file integrity with MD5:
MD5:      29a41f9bb576b06c7eef0487a84a7674  deps\icu4c-59_1-src.zip
 Extracting zipfile: deps\icu4c-59_1-src.zip
* Using ICU in deps/icu
creating icu_config.gypi

[refack]

So, with this change, every time I build node --without-ssl, I also have to add --without-debugger? If so, I think a extra line in the without-ssl docs describing the impact of not having SSL would be more useful (no crypto, no Inspector, etc.).

How is that congruent with #12723 (comment)? especially when this much less frequently used?
[I'm not arguing, just asking for a rational, since your comment on experimental IMHO was very good]

If the setup scripts were silent then I agree a warring would have good effect, but they are noisy and I'm afraid it will not be noticed, also no one will read the --help line, especially if they already have a build script set up.

[gibfahn]

How is that congruent with #12723 (comment)?

That's about end users of node, not people building it. We generally tend to assume that people building node will read the docs and check warnings.

The list of enabled/disabled components is the output of ./configure, and if you pass --without-openssl then you get v8_enable_inspector set to 0 rather than 1.

➜  node git:(master) ❯ ./configure --without-ssl
  'variables': { 'node_shared_openssl': 'false',
                 'node_use_openssl': 'false',
                 'v8_enable_inspector': 0, }}

➜  node git:(master) ❯ ./configure
  'variables': { 'node_shared_openssl': 'false',
                 'node_use_openssl': 'true',
                 'v8_enable_inspector': 1, }}

I'm -1 on this because we didn't treat the inspector as just a breaking change to the debugger, we've treated it as an entirely new thing.

[refack]

I'm -1 on this because we didn't treat the inspector as just a breaking change to the debugger, we've treated it as an entirely new thing.

IMHO it's a synthetic distinction. I'm imagine a 3d party that has a build script, now with node8, their product does not have a debugger interface, while they didn't change their build setup... Why should they read the --help they didn't change anything, and the build works?

Can we converge on a loud warning message?

[refack]

just FYI my console after python configure

scrolling up

[refack]

dies of natural causes