feat: Removing stack trace info in production env #11657
Conversation
github-actions
bot
added
packages/frontend
Codecov Report
@@ Coverage Diff @@
## develop #11657 +/- ##
===========================================
- Coverage 78.83% 78.73% -0.11%
===========================================
Files 922 922
Lines 97709 97709
Branches 7767 7741 -26
===========================================
- Hits 77032 76929 -103
- Misses 20677 20780 +103
|
|
I think it's better to use ApiError in API execution service |
|
There should be no need to change the frontend |
|
I don't know why the test is failing |
|
Somehow Jest can't use |
The main consideration is to facilitate centralized management and reduce unnecessary errors. |
|
I don't want them on the frontend. |
|
I think it is not preferable to remove stack traces or change Errors to console.log on the front end. |
I have modified it to use |
|
Do not rewrite |
OK, I will remove all frontend changes first. |
|
This PR should not include frontend changes. |
|
I'm not sure we want |
I would like to address the existing problems first and then focus on improving error-related problems in the future. Since I'm not very familiar with TypeScript, it might take some time for me to make changes to the code (if necessary). |
|
Given that this PR now sets an error handler that drops stack info, the changes in other files are not needed, right? |
My original intention was to minimize stack trace information in production environments as much as possible, and in particular, as much as possible, not to expose the user to stack trace information especially from the back-end part. |
|
You mean there will be any situation that the stack will still be exposed even with the error handler? |
When I tested along the lines of the code here in the production environment, I still found the stack trace. |
|
Hmm, that's specific to Misskey's bull-board usage where the library registers its own error handler (and thus yours is being ignored). It seems reasonable to not throw an error but explicitly send an object instead in https://github.com/misskey-dev/misskey/blob/ab58b651f79e182c20a238f9c07f0c0006a58599/packages/backend/src/server/web/ClientServerService.ts#L148C5-L151C6, as their example does, and later investigate this bull-board issue separately. For other cases the error handler should be sufficient. |
|
This is where it's most likely to be seen by the user, so here's where I'd like to apply additional error handling (removing the stack trace). |
|
やる場合、new Errorの使用を禁止する何らかの機構(lintとかgithub actionsとか)が無いとこのPRの目的を維持するのは難しそう |
What I'm saying is that it's doable with error handler, it's the sole purpose of error handler anyway. The reason it's not working for bull-board one is explained above, and I suggest using send() only for that exception for now and reverting others. And maybe add some test by adding some test-only route. |
Do you mean like now? |
|
Hmm, I locally tested what Fastify does by adding a random error, but it seems Fastify already does not expose error stack information by default at all. The tl;dr: we don't need setErrorHandler at all, this PR should be sufficient only with changes on |
Reverted |
|
👍🏻 |
What
Remove stack trace information from production errors, and replace a small number of unnecessary errors with other types of output.
Why
This is what
instance/queue/currently looks like when accessed without logging in (e.g.misskey.io/queue)Compare the changed look
Many times in production environments stack trace information is unnecessary and a security risk.
For a small number of output changes, I think an average user would prefer a program that only outputs logs as opposed to a program that reports errors when a login action is required.
Additional info (optional)
Checklist