Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ref(nextjs): Add note about upcoming default hideSourceMaps value #5464

Merged
merged 1 commit into from Aug 30, 2022
Merged

ref(nextjs): Add note about upcoming default hideSourceMaps value #5464

merged 1 commit into from Aug 30, 2022

Conversation

lobsterkatie
Copy link
Member

@lobsterkatie lobsterkatie commented Aug 30, 2022
edited

This expands the explanation of the hideSourceMaps option in next.config.js, and notes that it will default to true starting in version 8 of the SDK.

In conjunction with getsentry/sentry-javascript#5649, getsentry/sentry-wizard#188, and vercel/next.js#40079, this is the first step in addressing the concerns raised in getsentry/sentry-javascript#4489. See here for more details.

@vercel
Copy link

vercel bot commented Aug 30, 2022

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated
sentry-docs ✅ Ready (Inspect) Visit Preview Aug 30, 2022 at 4:54AM (UTC)

This was referenced Aug 30, 2022
Merged
Merged
Merged
Open
imatwawana
imatwawana reviewed Aug 30, 2022
View reviewed changes
src/platforms/javascript/guides/nextjs/manual-setup.mdx

If you would like to use `hidden-source-map` rather than `source-map` as your webpack `devtool`, so that your built files do not contain a `sourceMappingURL` comment, add a `sentry` object to `moduleExports` above, and set the `hideSourceMaps` option to `true`:
Depending on your deployment setup, adding `sentry/nextjs` to your app may cause your source code to be visible in browser devtools when it wasn't before. (This happens because of the default behavior of [Webpack's `source-map` built-in `devtool`](https://webpack.js.org/configuration/devtool/).) To prevent this, you can use `hidden-source-map` rather than `source-map`, which will prevent your built files from containing a `sourceMappingURL` comment, thus making sourcemaps invisible to the browser. To use `hidden-source-map`, add a `sentry` object to `moduleExports` above, and set the `hideSourceMaps` option to `true`:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The way you've used the word "above" in that last sentence is a bit confusing. At first I thought I needed to refer to code snippet previous to this one. If you said "above it" instead, would that work?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, because there's no real antecedent for "it" there, but I can reword to make it clearer.

That said, my preference would be to make the change in a separate PR, for a few reasons:
a) You weren't wrong - it is in fact referring to the code snippet in https://docs.sentry.io/platforms/javascript/guides/nextjs/manual-setup/#extend-nextjs-configuration, which is where moduleExports is originally defined.
b) That wording isn't new in this PR.
c) The same wording is used in the sections above and below the one I'm changing here, so if I fix it here, I should fix it there, too, which broadens the scope of this PR past what it really should be.

@lobsterkatie lobsterkatie merged commit 4bd0dd0 into master Aug 30, 2022
@lobsterkatie lobsterkatie deleted the kmclb-nextjs-expand-hidden-source-map-note branch August 30, 2022 19:37
lobsterkatie added a commit to getsentry/sentry-wizard that referenced this pull request Aug 30, 2022
@lobsterkatie
ref(nextjs): Default to hiding source maps in nextjs config (#188)
875d4cf 
This adds a default value for `hideSourceMaps` to the `next.config.js` the wizard provides, so that new users will use `hidden-source-map` as their Webpack `devtool` by default in client-side builds. (This prevents browser devtools from seeing sourcemaps and therefore prevents original source code from showing up automatically in the `Sources` tab. (More information on `devtool` values can be found at https://webpack.js.org/configuration/devtool/.)

In conjunction with getsentry/sentry-javascript#5649, getsentry/sentry-docs#5464, and vercel/next.js#40079, this is the first step in addressing the concerns raised in getsentry/sentry-javascript#4489. See getsentry/sentry-javascript#4489 (comment) for more details.
lobsterkatie added a commit to getsentry/sentry-javascript that referenced this pull request Aug 30, 2022
@lobsterkatie
ref(nextjs): Add warning about non-hidden sourcemaps (#5649)
27b5771 
This adds a warning during nextjs app build (both in prod and dev) letting folks know that by default (for now), the sourcemaps we create can be seen by browser devtools.

In conjunction with getsentry/sentry-wizard#188, getsentry/sentry-docs#5464, and vercel/next.js#40079, this is the first step in addressing the concerns raised in #4489. See #4489 (comment) for more details.

Notes:

- The function doing the warning includes both the current warning and one for use in v8 and beyond (currently commented out), telling people they no longer need to set `hideSourceMaps` to `true` (because by that point it will be the default).

- The formatting of the warning matches the formatting of other nextjs warnings. Because nextjs vendors `chalk` themselves, that meant we needed to add it as a dependency. Though the latest version of `chalk` is 5.x, here we're using 3.x because it's the last to be compatible with node 8. (See the PR for a screenshot.)

- There are `TODO`s reflecting the changes which need to be made in v8 (change the default to `true`, switch the warning message) and v9 or v10 (get rid of the second warning once it's had plenty of time to do its job).
kodiakhq bot pushed a commit to vercel/next.js that referenced this pull request Sep 5, 2022
@lobsterkatie
ref(with-sentry example): Explicitly set hideSourceMaps (#40079)
77e7529 
This adds a default value for `hideSourceMaps` to the `next.config.js` the `with-sentry` example app provides, so that new users will use `hidden-source-map` as their Webpack `devtool` by default in client-side builds. (This prevents browser devtools from seeing sourcemaps and therefore prevents original source code from showing up automatically in the `Sources` tab. (More information on `devtool` values can be found [here](https://webpack.js.org/configuration/devtool/).)

In conjunction with getsentry/sentry-javascript#5649, getsentry/sentry-wizard#188, and getsentry/sentry-docs#5464, this is the first step in addressing the concerns raised in getsentry/sentry-javascript#4489. See [here](getsentry/sentry-javascript#4489 (comment)) for more details.
@github-actions github-actions bot locked and limited conversation to collaborators Sep 15, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@imatwawana imatwawana imatwawana left review comments

@lforst lforst lforst approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@lobsterkatie @lforst @imatwawana