fix: sentry memory leak by patching @sentry/remix to stop cloning request (#2389)

* fix: sentry memory leak by disabling includeLocalVariables

* Enhance heap snapshot consistency and labeling

To facilitate more accurate and consistent heap memory snapshots, a new function forceConsistentGC was added before taking a snapshot. This ensures the garbage collector (GC) runs multiple times, stabilizing the heap state for more reliable analysis. This is particularly helpful when debugging memory-related issues.

Updates to the memory-leak-detector script now allow labeling of snapshot runs using the --label flag. This helps in distinguishing different runs for easier tracking and comparison of memory usage across test sessions. Additionally, the --expose-gc flag ensures that the GC can be manually triggered during test runs, leading to more consistent memory states and potentially uncovering hidden memory leaks.

* Refactor forceConsistentGC for improved readability

The function forceConsistentGC was refactored to enhance code readability and consistency. The main improvements include:

- Updated syntax for consistent string quotation and spacing.
- Simplified garbage collection by removing specific major/minor GC calls, as the distinction isn't necessary.
- Implemented minor changes to arrow function formatting for consistency.

These changes neither impact the program logic nor the function behavior but help maintain code quality standards and readability.

* Fix memory leak by removing request.clone() usage

Identified that the memory leak in the project was linked to the usage of request.clone() within the `@sentry/remix` package's callRouteAction handler. Although initially suspected as a Sentry issue, the problem appears to arise from the handling of request.clone() in Remix version 2.1.0. By removing the call to request.clone(), the memory leak has been resolved.

- Introduced garbage collection execution before snapshot to manage memory allocation effectively.
- Improved error handling and timeout mechanisms in the memory leak detector to enhance its resilience during runtime.
- Expanded testing for both GET and POST requests to monitor and validate potential memory leaks better. The POST requests involve sending large payloads to stress-test the system.
- The modification particularly focuses on enhancing robust memory tracking and providing detailed progress reporting during request phases.

* patch @sentry/remix to prevent memory leaks

* Fix pnpm lock

* undo some unrelated changes

Author: ericallam

apps/webapp/.gitignore

@@ -18,4 +18,5 @@ build-storybook.log
 storybook-static
 
 /prisma/seed.js
-/prisma/populate.js
+/prisma/populate.js
+.memory-snapshots

apps/webapp/app/routes/admin.api.v1.gc.ts

@@ -2,7 +2,8 @@ import { type DataFunctionArgs } from "@remix-run/node";
 import { PerformanceObserver } from "node:perf_hooks";
 import { runInNewContext } from "node:vm";
 import v8 from "v8";
-import { requireUser } from "~/services/session.server";
+import { prisma } from "~/db.server";
+import { authenticateApiRequestWithPersonalAccessToken } from "~/services/personalAccessToken.server";
 
 async function waitTillGcFinishes() {
   let resolver: (value: PerformanceEntry) => void;
@@ -35,9 +36,19 @@ async function waitTillGcFinishes() {
 }
 
 export async function loader({ request }: DataFunctionArgs) {
-  const user = await requireUser(request);
+  const authenticationResult = await authenticateApiRequestWithPersonalAccessToken(request);
 
-  if (!user.admin) {
+  if (!authenticationResult) {
+    throw new Response("You must be an admin to perform this action", { status: 403 });
+  }
+
+  const user = await prisma.user.findFirst({
+    where: {
+      id: authenticationResult.userId,
+    },
+  });
+
+  if (!user?.admin) {
     throw new Response("You must be an admin to perform this action", { status: 403 });
   }
 

apps/webapp/app/routes/admin.api.v1.snapshot.ts

@@ -4,7 +4,8 @@ import os from "os";
 import path from "path";
 import { PassThrough } from "stream";
 import v8 from "v8";
-import { requireUser } from "~/services/session.server";
+import { prisma } from "~/db.server";
+import { authenticateApiRequestWithPersonalAccessToken } from "~/services/personalAccessToken.server";
 
 // Format date as yyyy-MM-dd HH_mm_ss_SSS
 function formatDate(date: Date) {
@@ -24,9 +25,19 @@ function formatDate(date: Date) {
 }
 
 export async function loader({ request }: DataFunctionArgs) {
-  const user = await requireUser(request);
+  const authenticationResult = await authenticateApiRequestWithPersonalAccessToken(request);
 
-  if (!user.admin) {
+  if (!authenticationResult) {
+    throw new Response("You must be an admin to perform this action", { status: 403 });
+  }
+
+  const user = await prisma.user.findFirst({
+    where: {
+      id: authenticationResult.userId,
+    },
+  });
+
+  if (!user?.admin) {
     throw new Response("You must be an admin to perform this action", { status: 403 });
   }
 

apps/webapp/app/routes/api.v1.mock.ts

@@ -0,0 +1,20 @@
+import { ActionFunctionArgs } from "@remix-run/server-runtime";
+
+export async function action({ request }: ActionFunctionArgs) {
+  if (process.env.NODE_ENV === "production") {
+    return new Response("Not found", { status: 404 });
+  }
+
+  return new Response(
+    JSON.stringify({
+      data: {
+        id: "123",
+        type: "mock",
+        attributes: {
+          name: "Mock",
+        },
+      },
+    }),
+    { status: 200 }
+  );
+}