-
Notifications
You must be signed in to change notification settings - Fork 121
fix: ignore empty api key from react native #237
Conversation
Ignores empty api keys when initialising react native, preferring to use the existing config.apiKey instead
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One question around the nil
check
cocoa/BugsnagReactNative.m
Outdated
@@ -215,7 +215,11 @@ + (void)startWithConfiguration:(BugsnagConfiguration *)config { | |||
NSString *appVersion = [RCTConvert NSString:options[@"appVersion"]]; | |||
NSString *codeBundleId = [RCTConvert NSString:options[@"codeBundleId"]]; | |||
BugsnagConfiguration* config = [Bugsnag bugsnagStarted] ? [Bugsnag configuration] : [BugsnagConfiguration new]; | |||
config.apiKey = apiKey; | |||
|
|||
if (apiKey != nil && apiKey.length > 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we need to check for nil
here? It seems like on line 208 we just check the length
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, if the value is nil
, then length is coerced to 0.
How can / will this change be tested? |
@kattrali I think in the short-term we should test this manually, and longer-term via mazerunner when that's setup. |
@kattrali I've updated the PR and the description - I think this is ready for a structural review now. The vendored Cocoa code will also need patching into the main bugsnag-cocoa repo. |
@@ -215,7 +215,11 @@ + (void)startWithConfiguration:(BugsnagConfiguration *)config { | |||
NSString *appVersion = [RCTConvert NSString:options[@"appVersion"]]; | |||
NSString *codeBundleId = [RCTConvert NSString:options[@"codeBundleId"]]; | |||
BugsnagConfiguration* config = [Bugsnag bugsnagStarted] ? [Bugsnag configuration] : [BugsnagConfiguration new]; | |||
config.apiKey = apiKey; | |||
|
|||
if (apiKey.length > 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks like the right solution on the bugsnag-react-native side
@@ -96,7 +96,7 @@ - (void)send { | |||
} | |||
BugsnagSessionTrackingPayload *payload = [[BugsnagSessionTrackingPayload alloc] initWithSessions:sessions]; | |||
|
|||
if (payload.sessions.count > 0) { | |||
if (payload.sessions.count > 0 && self.config.apiKey.length > 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This check (and the one in getBodyFromReports
) should instead be much earlier in the process of sending requests. Calls to the public interface (in Bugsnag.h
) and automatic events from lifecycle callbacks should check if API key is nil and no-op if that is the case. +[Bugsnag bugsnagStarted]
could potentially be beefed up a bit to check both whether notifier
and API key are nil.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You shouldnt be able to set the apikey to nil using a config accessor, and if you initialize with nil it should no op and not set the notifier static variable?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Well yeah, API key should be not be nullable and initializing with a configuration object should require an API key.
@kattrali @snmaynard I'm a bit unclear on what further actions need to be taken to get this PR to a mergeable state. From the feedback so far, it's suggested that we either: (A) Prevent initialisation of the Notifier entirely when an API key is not supplied, by not instantiating anything. Questions for option A would include:
Questions for option B would include:
|
Correct, the notifier should not be instantiated when API key is nil.
JS- and native-layer reports are delivered through the native layer so then it doesn't matter if the JS layer is initialized with no API key, as it is shared from the existing client/notifier on the native side. In the other direction, if an API key is provided to the JS layer but not the native layer, JS initialization passes the key to
A warning and allowing the application to continue without Bugsnag activated will suffice.
Since setting the API key from either the native layer or the JS layer works, the only unintended way is not setting an API key at all. No additional documentation should be required for this case.
For most methods in
Log a warning, in line with existing behavior.
Stronger style, review, and linting guidelines. For example, having a general rule for not putting nullable values into dictionary literals unchecked, even when that value should not be nil. Separate from those concerns, I want to point out that this changeset was prompted by initializing with an non-nil API key but then later setting it to nil. There should be a guard against that scenario. Setting API key to nil should be a no-op which warns. |
@kattrali thanks for the comprehensive response. I have updated this PR so that it guards the necessary calls with I believe this should resolve this issue and #214 as the notifier won't initialise if the API key is nil, and will NOP on public methods if this is the case. Do we still want to leave in nil checks deeper within the notifier (e.g. in BugsnagSessionTracker)? We will of course need to update our vendored Cocoa code assuming the changeset in #280 is ok - I've left this task out for now, pending review. |
Yeah - I think this works. We should ensure that the vendored code is the same as in bugsnag-cocoa so those changes should be undone. |
I have updated the vendored code so that there aren't any changes. This PR is now blocked until bugsnag/bugsnag-cocoa#280 is approved. |
Goal
Prevents crashes when a nil API key is present, by guarding against calling any code that uses an API key.
Design
This approach avoids crashes in the case that the Notifier has not been configured correctly, and maintains the existing API design.
Changeset
Checks on the length of the API key throughout the codebase.
Tests
Manual tests on React Native with no API key set in either the native/JS layer. JS error + auto session tracking were tested.
Discussion
Alternative Approaches
Throwing an exception in
start
was discussed but not pursued, due to concerns over unexpectedly crashing production applications due to a change in behaviour. Adding anerror
parameter tostart
was also discussed, which would be set if the API key was not present.My main concern with this change is that it's not particularly intuitive that the API key can be null, and that we may not be warning users strongly enough that something is wrong with how they've configured Bugsnag.
I'm also concerned that it would be easy for a future developer to make a change that inadvertently accesses the API key and assumes it is non-null - which is an easy enough assumption to make as this is documented within the notifier spec and is the case in most of the other notifiers.
The concerns above aren't pre-requisites for this change so IMO we can pursue them at a later date, if we decide to change our public API to allow this.
Review
For the submitter, initial self-review:
For the pull request reviewer(s), this changeset has been reviewed for: