Reentrancy bugs #668
Reentrancy bugs #668
Conversation
|
I'm not sure how much this comes up, but the fix looks reasonable and test coverage confirms both the problem and the fix, so I'm merging. QA Log
|
|
I'll merge once the conflicts with |
Test-6 is polluting process.env, resulting in errors in any new tests I try to write.
Any variables read or written after the first parseFile() call will likely be incorrect if for any reason loadFileConfigs() ends up calling itself from an config/*.js files. The example in the tests illustrates a problem I encountered. This may be a little off-label, but this same situation could potentially happen with setModuleDefaults, if it uses loadFileConfigs() to extract the appropriate values.
jdmarshall
force-pushed
the
reentrancy_bugs
branch
from
7b19c01
to
4238b93
Compare
|
Someone got excited about config as code on a project I work on. setModuleDefaults(loadFileConfigs(...)) might be a wiser choice in some spots but that is not without a different but potentially equal set of problems.
Some of these are less correctness concerns and more ergonomics (how do I explain it to people so they make the right inferences when they have a problem or a feature?) but the alternative ends up with a lot of copies of node-config being requireUncached() due to variable clobbering. This doesn't scale well either and so I'm finally trying to do something about it (hence the PRs). As I said in my last commit, it would be lovely if there was a lib/utils.js that was entirely pure functions. Those make testing a cakewalk. I took a stab at this a couple years ago when I first encountered this set of problems, and I hit snags. Some of the intervening PRs have reduced that surface area, and both of my PRs so far chip away at that a little more. As it stands, Config and loadFileConfigs are at cross purposes to each other. One expects to be called exactly once, the other expects to be called N times, and they share scope. |
|
@jdmarshall The node-config project is ripe for a major overhaul. It could use a TypeScript rewrite, integrated linting, replacing @iMoses started tackling several problems. You might be interested in particular with an unmerged PR that deal with Ultimately there will likely need to be some breaking changes to apply the best fixes for some things. I'm not the author of node-config myself, but a long-time co-maintainer. Along with the original author, I don't have much time to devote to this either. The project needs more maintenance help, but suffers from being popular project so there's a steady stream of issues and PRs to react to. |
Multiple or nested calls to loadFileConfigs can result in file-scoped variables in lib/config.js being overwritten before being used.
CONFIG_DIR is especially problematic, but I also fixed runtime.json support because it represents the last use of CONFIG_DIR, after parseFiles() has been called.