-
Notifications
You must be signed in to change notification settings - Fork 74
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
failed to delete intrinsics #612
Comments
What version of what browser? |
Google Chrome, Version 89.0.4389.82 (Official Build) (x86_64) |
Were you doing anything else in that window or frame before calling |
Could you visit https://ses-demo.netlify.app/demos/console/ |
I don't see it in https://ses-demo.netlify.app/demos/console/ This is what my code looks like
|
It's weird because it was working fine and then randomly started giving me the error. Like I didn't update my SES version or anything. |
Curiouser and curiouser. The hits on this web search look suspicious. Many of the hits seem to be about malware. But that doesn't mean much until it is clearer what we're looking at. Nothing is clear yet. |
Is there any hack I can use to get rid of this error? I use a locally downloaded version of ses. |
What happens if you restart your browser? How are you turning that code into something that runs in your browser? Are you using a bundler or packer or something? |
It's basically a stock create-react-app so it uses webpack. I'll try restarting my browser. |
Looks like https://github.com/benjamn/wryware must be running first. Same author as https://github.com/benjamn/private, which is not SES compatible. They are probably employing similar tricks, which can now all be replaced with a WeakMap or private fields. @AidenRourke Can you trace your app’s dependency graph to see what’s using |
I'm sort of able to reproduce it:
expected behavior: all is well. React app works
|
On the first
If you don't care if you're still safe after doing that hack, in your download of ses, you can add it to the whitelist. But in order to whitelist it, we need to know what the type of its value is. In whitelist-intrinsics.js you'll see try {
delete obj[prop];
} catch (err) {
if (prop in obj) {
console.error(`failed to delete ${subPath}`, err);
} else {
console.error(`deleting ${subPath} threw`, err);
}
throw err;
} Change that first call to console.error(`failed to delete ${subPath}: ${typeof obj[prop]}`, err);
return; // to continue to see all other such errors and let me know what the new error message says, or messages if these are more than one. Then we should be able to complete the following whitelisting instructions: In whitelist.js you'll find an entry like Array: {
// Properties of the Array Constructor
'[[Proto]]': '%FunctionPrototype%',
from: fn,
isArray: fn,
of: fn,
prototype: '%ArrayPrototype%',
'@@species': getter,
}, Add a line at the end, changing it to Array: {
// Properties of the Array Constructor
'[[Proto]]': '%FunctionPrototype%',
from: fn,
isArray: fn,
of: fn,
prototype: '%ArrayPrototype%',
'@@species': getter,
'@wry/context:Slot': <something depending on what type its value is>
}, |
Maybe "create-react-app and ses don't get along" should be a separate issue? |
Restarting my browser didn't fix it. @dckc It's weird because I've been developing this for weeks now and it suddenly stopped working. That is to say, it WAS working with react until it suddenly stopped. I didn't update my ses version or add an npm module it just randomly started giving me the error. |
On the error @dckc reports above , from the messages
a bit of searching reveals @rbuckton's https://github.com/rbuckton/reflect-metadata which looks like it does a bunch of primordial monkey patching (or shimming) of a future proposal he has in mind. None of these are on the ses whitelist, so ses I know @rbuckton and he knows me and ses, so perhaps we can get this resolved. @rbuckton, does this indeed look like it is coming from your code? Do these additional properties introduce any primordial state or behavior that ses might find problematic? Whatever the functionality is, could you provide it in another manner, without monkey patching the primordials? |
Are you using yarn or npm? Do you have a |
Did you upgrade your browser recently? (I doubt this could cause these symptoms anyway, but just checking) |
@erights |
Possibly, or worse. Until we know what that function does, we must assume it is unsafe to leave it. Could you place the call to lockdown into a separate file that you import first, so all your other imports happen after lockdown? They may fail, but their failure should give us interesting diagnostic info about how they are incompat with ses. For example, whatever code is adding that |
Yes, that seems to be the case.
I'm not certain on this count. The API essentially wraps a
I do have an importable version, which is what https://esfx.js.org/esfx/api/metadata.html does. The problem is that TypeScript's |
Updates:
Note: |
What should I add given that the type is "function"? |
|
Everything was working fine and then all of a sudden I started to get this message:
Removing intrinsics.Array.@wry/context:Slot
Followed by this error:
failed to delete intrinsics.Array.@wry/context:Slot (TypeError#1)
The messages only appear if I call
lockdown()
The text was updated successfully, but these errors were encountered: