Closed andrnag closed 3 years ago
vvolodko
commented
4 years ago The Sentry.init() function inserts defaultIntegrations and release keys into passed options object.
Attached archive (sentry.zip) contains simplified example of backend/frontend project wich shows the impact.
Try run
$ yarn dev
$ curl localhost:8080/a/b/c # in another consoleThe same is true for @sentry/browser:
export function init(options: BrowserOptions = {}): void {
if (options.defaultIntegrations === undefined) {
options.defaultIntegrations = defaultIntegrations;
}
if (options.release === undefined) {
const window = getGlobalObject<Window>();
// This supports the variable that sentry-webpack-plugin injects
if (window.SENTRY_RELEASE && window.SENTRY_RELEASE.id) {
options.release = window.SENTRY_RELEASE.id;
}
}
initAndBind(BrowserClient, options);
}
rhcarvalho
commented
4 years ago Sentry.init alters config object. It can lead to problems if the same config used on the backend and the frontend. The common practice is to copy config objects before using it in the library.
I have the impression that by design the SDK "owns" the config after it is passed to Sentry.init. Need to confirm it with the team.
That's the case for other SDKs. Python's config object has references to mutable objects, all occurrences of [] and {} in sentry_sdk/consts.py#L47-L68 would be compromised if configs were reused. Go SDK also assumes ownership of the config passed as a pointer.
From what I've seen, user code should not be altering config after init (undefined behavior), nor re-using configs.
In JavaScript there is no way to enforce object ownership, but it could be explicitly documented if necessary.
For simple cases like in @vvolodko's example, a shallow copy of the shared config could be effectively used to avoid keeping a reference to objects whose ownership is transferred to the SDK, see diff below.
A more general use case would have different configs for frontend and backend, different DSNs, etc, so all this copying wouldn't be a thing.
diff --git a/index.js b/index.js
index 4bad9f2..fa5c4fc 100644
--- a/index.js
+++ b/index.js
@@ -15,7 +15,7 @@ const config = {
* Initialize @sentry/node at backend.
* This will modify config.sentry object, see below.
*/
-Sentry.init(config.sentry);
+Sentry.init({...config.sentry});
const app = express();
app.use(Sentry.Handlers.requestHandler());
@@ -50,7 +42,7 @@ const render = (initialState, req) => {
app.get('*', (req, res) => {
const initialState = {
- sentry: config.sentry,
+ sentry: {...config.sentry},
};
res.set('Content-Type', 'text/html');
res.send(render(initialState, req));
github-actions[bot]
commented
3 years ago This issue has gone three weeks without activity. In another week, I will close it.
But! If you comment or otherwise update it, I will reset the clock, and if you label it Status: Backlog or Status: In Progress, I will leave it alone ... forever!
"A weed is but an unloved flower." ― Ella Wheeler Wilcox 🥀
rhcarvalho
commented
3 years ago Closing as stale.
Package + Version
@sentry/browser@sentry/noderaven-jsraven-node(raven for node)Version:
Description
Sentry.init alters config object. It can lead to problems if the same config used on the backend and the frontend. The common practice is to copy config objects before using it in the library.