feat: Add _experiments.injectBuildInformation option (#176)

Author: mydea

.prettierignore

@@ -1 +1,2 @@
-packages/e2e-tests/scenarios/*/ref/**/*
+packages/e2e-tests/scenarios/*/ref/**/*
+packages/bundler-plugin-core/test/fixtures

package.json

@@ -37,7 +37,7 @@
     "npm-run-all": "^4.1.5"
   },
   "volta": {
-    "node": "14.21.1",
+    "node": "14.21.2",
     "yarn": "1.22.19"
   }
 }

packages/bundler-plugin-core/.eslintrc.js

@@ -4,7 +4,13 @@ const jestPackageJson = require("jest/package.json");
 module.exports = {
   root: true,
   extends: ["@sentry-internal/eslint-config/jest", "@sentry-internal/eslint-config/base"],
-  ignorePatterns: [".eslintrc.js", "dist", "jest.config.js", "rollup.config.js"],
+  ignorePatterns: [
+    ".eslintrc.js",
+    "dist",
+    "jest.config.js",
+    "rollup.config.js",
+    "test/fixtures/**/*",
+  ],
   parserOptions: {
     tsconfigRootDir: __dirname,
     project: ["./src/tsconfig.json", "./test/tsconfig.json"],

packages/bundler-plugin-core/jest.config.js

@@ -2,6 +2,7 @@ const packageJson = require("./package.json");
 
 module.exports = {
   testEnvironment: "node",
+  modulePathIgnorePatterns: ["fixtures"],
   transform: {
     "^.+\\.(t|j)sx?$": [
       "@swc/jest",

packages/bundler-plugin-core/package.json

@@ -44,6 +44,7 @@
     "@sentry/cli": "^2.10.0",
     "@sentry/node": "^7.19.0",
     "@sentry/tracing": "^7.19.0",
+    "find-up": "5.0.0",
     "magic-string": "0.27.0",
     "unplugin": "1.0.1"
   },

packages/bundler-plugin-core/src/index.ts

@@ -24,6 +24,7 @@ import { getSentryCli } from "./sentry/cli";
 import { makeMain } from "@sentry/node";
 import path from "path";
 import fs from "fs";
+import { getDependencies, getPackageJson, parseMajorVersion } from "./utils";
 
 const ALLOWED_TRANSFORMATION_FILE_ENDINGS = [".js", ".ts", ".jsx", ".tsx", ".mjs"];
 
@@ -231,6 +232,7 @@ const unplugin = createUnplugin<Options>((options, unpluginMetaContext) => {
         generateGlobalInjectorCode({
           release: await releaseNamePromise,
           injectReleasesMap: internalOptions.injectReleasesMap,
+          injectBuildInformation: internalOptions._experiments.injectBuildInformation || false,
           org: internalOptions.org,
           project: internalOptions.project,
         })
@@ -328,17 +330,19 @@ function handleError(
 }
 
 /**
- * Generates code for the "sentry-release-injector" which is responsible for setting the global `SENTRY_RELEASE`
- * variable.
+ * Generates code for the global injector which is responsible for setting the global
+ * `SENTRY_RELEASE` & `SENTRY_BUILD_INFO` variables.
  */
 function generateGlobalInjectorCode({
   release,
   injectReleasesMap,
+  injectBuildInformation,
   org,
   project,
 }: {
   release: string;
   injectReleasesMap: boolean;
+  injectBuildInformation: boolean;
   org?: string;
   project?: string;
 }) {
@@ -363,9 +367,30 @@ function generateGlobalInjectorCode({
       _global.SENTRY_RELEASES["${key}"]={id:"${release}"};`;
   }
 
+  if (injectBuildInformation) {
+    const buildInfo = getBuildInformation();
+
+    code += `
+      _global.SENTRY_BUILD_INFO=${JSON.stringify(buildInfo)};`;
+  }
+
   return code;
 }
 
+export function getBuildInformation() {
+  const packageJson = getPackageJson();
+
+  const { deps, depsVersions } = packageJson
+    ? getDependencies(packageJson)
+    : { deps: [], depsVersions: {} };
+
+  return {
+    deps,
+    depsVersions,
+    nodeVersion: parseMajorVersion(process.version),
+  };
+}
+
 /**
  * Determines whether the Sentry CLI binary is in its expected location.
  * This function is useful since `@sentry/cli` installs the binary via a post-install

packages/bundler-plugin-core/src/options-mapping.ts

@@ -12,6 +12,7 @@ type RequiredInternalOptions = Required<
     | "cleanArtifacts"
     | "telemetry"
     | "injectReleasesMap"
+    | "_experiments"
   >
 >;
 
@@ -89,6 +90,7 @@ export function normalizeUserOptions(userOptions: UserOptions): InternalOptions
     silent: userOptions.silent ?? false,
     telemetry: userOptions.telemetry ?? true,
     injectReleasesMap: userOptions.injectReleasesMap ?? false,
+    _experiments: userOptions._experiments ?? {},
 
     // These options and can also be set via env variables or the config file.
     // If they're set in the options, we simply pass them to the CLI constructor.

packages/bundler-plugin-core/src/types.ts

@@ -198,6 +198,20 @@ export type Options = Omit<IncludeEntry, "paths"> & {
    * Defaults to `false`.
    */
   injectReleasesMap?: boolean;
+
+  /**
+   * These options are considered experimental and subject to change.
+   *
+   * _experiments.injectBuildInformation:
+   * If set to true, the plugin will inject an additional `SENTRY_BUILD_INFO` variable.
+   * This contains information about the build, e.g. dependencies, node version and other useful data.
+   *
+   * Defaults to `false`.
+   * @hidden
+   */
+  _experiments?: {
+    injectBuildInformation?: boolean;
+  };
 };
 
 export type IncludeEntry = {

packages/bundler-plugin-core/src/utils.ts

@@ -1,3 +1,8 @@
+import findUp from "find-up";
+import path from "node:path";
+import fs from "node:fs";
+import os from "node:os";
+
 /**
  * Checks whether the given input is already an array, and if it isn't, wraps it in one.
  *
@@ -7,3 +12,156 @@
 export function arrayify<T = unknown>(maybeArray: T | T[]): T[] {
   return Array.isArray(maybeArray) ? maybeArray : [maybeArray];
 }
+
+type PackageJson = Record<string, unknown>;
+
+/**
+ * Get the closes package.json from a given starting point upwards.
+ * This handles a few edge cases:
+ * * Check if a given file package.json appears to be an actual NPM package.json file
+ * * Stop at the home dir, to avoid looking too deeply
+ */
+export function getPackageJson({ cwd, stopAt }: { cwd?: string; stopAt?: string } = {}):
+  | PackageJson
+  | undefined {
+  return lookupPackageJson(cwd ?? process.cwd(), path.normalize(stopAt ?? os.homedir()));
+}
+
+export function parseMajorVersion(version: string): number | undefined {
+  // if it has a `v` prefix, remove it
+  if (version.startsWith("v")) {
+    version = version.slice(1);
+  }
+
+  // First, try simple lookup of exact, ~ and ^ versions
+  const regex = /^[\^~]?(\d+)(\.\d+)?(\.\d+)?(-.+)?/;
+
+  const match = version.match(regex);
+  if (match) {
+    return parseInt(match[1] as string, 10);
+  }
+
+  // Try to parse e.g. 1.x
+  const coerced = parseInt(version, 10);
+  if (!Number.isNaN(coerced)) {
+    return coerced;
+  }
+
+  // Match <= and >= ranges.
+  const gteLteRegex = /^[<>]=\s*(\d+)(\.\d+)?(\.\d+)?(-.+)?/;
+  const gteLteMatch = version.match(gteLteRegex);
+  if (gteLteMatch) {
+    return parseInt(gteLteMatch[1] as string, 10);
+  }
+
+  // match < ranges
+  const ltRegex = /^<\s*(\d+)(\.\d+)?(\.\d+)?(-.+)?/;
+  const ltMatch = version.match(ltRegex);
+  if (ltMatch) {
+    // Two scenarios:
+    // a) < 2.0.0 --> return 1
+    // b) < 2.1.0 --> return 2
+
+    const major = parseInt(ltMatch[1] as string, 10);
+
+    if (
+      // minor version > 0
+      (typeof ltMatch[2] === "string" && parseInt(ltMatch[2].slice(1), 10) > 0) ||
+      // patch version > 0
+      (typeof ltMatch[3] === "string" && parseInt(ltMatch[3].slice(1), 10) > 0)
+    ) {
+      return major;
+    }
+
+    return major - 1;
+  }
+
+  // match > ranges
+  const gtRegex = /^>\s*(\d+)(\.\d+)?(\.\d+)?(-.+)?/;
+  const gtMatch = version.match(gtRegex);
+  if (gtMatch) {
+    // We always return the version here, even though it _may_ be incorrect
+    // E.g. if given > 2.0.0, it should be 2 if there exists any 2.x.x version, else 3
+    // Since there is no way for us to know this, we're going to assume any kind of patch/feature release probably exists
+    return parseInt(gtMatch[1] as string, 10);
+  }
+  return undefined;
+}
+
+// This is an explicit list of packages where we want to include the (major) version number.
+const PACKAGES_TO_INCLUDE_VERSION = [
+  "react",
+  "@angular/core",
+  "vue",
+  "ember-source",
+  "svelte",
+  "@sveltejs/kit",
+  "webpack",
+  "vite",
+  "gatsby",
+  "next",
+  "remix",
+  "rollup",
+  "esbuild",
+];
+
+export function getDependencies(packageJson: PackageJson): {
+  deps: string[];
+  depsVersions: Record<string, number>;
+} {
+  const dependencies: Record<string, string> = Object.assign(
+    {},
+    packageJson["devDependencies"] ?? {},
+    packageJson["dependencies"] ?? {}
+  );
+
+  const deps = Object.keys(dependencies).sort();
+
+  const depsVersions: Record<string, number> = deps.reduce((depsVersions, depName) => {
+    if (PACKAGES_TO_INCLUDE_VERSION.includes(depName)) {
+      const version = dependencies[depName] as string;
+      const majorVersion = parseMajorVersion(version);
+      if (majorVersion) {
+        depsVersions[depName] = majorVersion;
+      }
+    }
+    return depsVersions;
+  }, {} as Record<string, number>);
+
+  return { deps, depsVersions };
+}
+
+function lookupPackageJson(cwd: string, stopAt: string): PackageJson | undefined {
+  const jsonPath = findUp.sync(
+    (dirName) => {
+      // Stop if we reach this dir
+      if (path.normalize(dirName) === stopAt) {
+        return findUp.stop;
+      }
+
+      return findUp.sync.exists(dirName + "/package.json") ? "package.json" : undefined;
+    },
+    { cwd }
+  );
+
+  if (!jsonPath) {
+    return undefined;
+  }
+
+  try {
+    const jsonStr = fs.readFileSync(jsonPath, "utf8");
+    const json = JSON.parse(jsonStr) as PackageJson;
+
+    // Ensure it is an actual package.json
+    // This is very much not bulletproof, but should be good enough
+    if ("name" in json || "private" in json) {
+      return json;
+    }
+  } catch (error) {
+    // Ignore and walk up
+  }
+
+  // Continue up the tree, if we find a fitting package.json
+  const newCwd = path.dirname(path.resolve(jsonPath + "/.."));
+  return lookupPackageJson(newCwd, stopAt);
+}

packages/bundler-plugin-core/test/fixtures/deeply-nested-package/deeply/nested/index.js

@@ -0,0 +1 @@
+// Placeholder here