Describe the bug
The _sentry-rails_ gem has a dependency on _rails_ itself. This forces loading the entirety of Rails, which is unnecessary in many applications (e.g., API mode). The immediate issue is it's forcing the loading of Active Storage, which is in the middle of dealing with a major licensing issue. Since we're not using Active Storage, we could avoid the licensing issue by not loading it in the first place, but _sentry-rails_ is forcing it.
I'd suggest only depending on the parts that _sentry-rails_ actually needs to load itself. I think you could go a step further and remove the dependency entirely. If someone is adding _sentry-rails_ to a non-Rails application, a runtime exception due to not being able to load a Rails class ought to be sufficient. I don't think this needs to be enforced by the gemspec.
To Reproduce
Add _sentry-rails_ to a Rails API-only project and only load the components you need. E.g.,
RAILS_VERSION = '6.1.3'
gem 'actioncable', RAILS_VERSION
gem 'actionpack', RAILS_VERSION
gem 'actionview', RAILS_VERSION
gem 'activemodel', RAILS_VERSION
gem 'activerecord', RAILS_VERSION
gem 'activesupport', RAILS_VERSION
gem 'railties', RAILS_VERSION
Expected behavior
I'd expect only the Rails dependencies I've specified have been loaded.
Actual behavior
_sentry-rails_ forces a dependency on every component of Rails.
Environment
Raven Config
This is not necessary but could be helpful.
Raven.configure do |config|
# the config you're using, without DSN and other sensitive data
end
it's on the way 馃檪 https://github.com/getsentry/sentry-ruby/pull/1352
@st0012 Thanks. I looked quickly, but missed that issue and PR. Great to hear. This is an immediate problem due to the _mimemagic_/_activestorage_ licensing issue I mentioned in the issue body.
Curious what the timeline on this is? Is there any chance that this could be released today? Right now we can either remove sentry-rails and our sentry reporting from our application, or we can't release due the mimemagic/activestorage issue.
I am here for the same reason. While trying to work around the mimemagic yanking mess, I was about to replace in our app' Gemfile:
gem "rails", "~> 6.0.3"
with
rails_version = "6.0.3"
gem "actionpack", "~> #{rails_version}"
gem "activejob", "~> #{rails_version}"
gem "activemodel", "~> #{rails_version}"
gem "activerecord", "~> #{rails_version}"
gem "railties", "~> #{rails_version}"
only to then realize that sentry-rails is depending on the entirety of rails. It is great to see you are working already on a solution.
My intuition tells me you could just replace the rails dependency with actionpack, but looking at the open PR, you want to take it even one step further.
I reviewed @st0012's PR, which looked good to me, and then linked in his branch with:
gem "sentry-rails", git: "https://github.com/getsentry/sentry-ruby.git", branch: "minimize-sentry-rails-requirement", glob: "sentry-rails/*.gemspec"
It's not a fantastic solution, but it let me move on with my day.
@nirvdrum did you find any issue when using it? I didn't release it right away because I was (and still am) worrying about if there's any issue it introduces.
@st0012 So far, so good. I haven't tested extensively though. The Rails app booted and our extensive test suite passed. I need to induce some errors and see if the reporting still works.
fyi it's now on the master branch now. I'll make a pre-release version today and keep you notified here.
sentry-rails 4.3.3.pre.beta.0 has been released. please give it a try and provide some feedback (like does it work at all?), so I can make it an official release as soon as possible 馃檪
hey everyone 馃憢 since I haven鈥檛 seen any issue report for the pre release, I鈥檒l assume it works fine and make a 4.3.3 release today 馃檪
close because version 4.3.3 has been released
Most helpful comment
hey everyone 馃憢 since I haven鈥檛 seen any issue report for the pre release, I鈥檒l assume it works fine and make a 4.3.3 release today 馃檪