Top o' the morning to you!

I've been toying with getting Opbeat to report sourcemapped locations for errors over the weekend. It's been a bit of a rough ride, and I'm not sure this is the best way of solving it, but I thought I'd open a PR for discussion, at least.

Basically, I've made a module (sourcemap-decorate-callsites) which takes a stack of callsites returned by error-callsites and decorates them with sourcemap file/line/column getter functions.

Originally I intended to just integrate this functionality into either stackman or error-callsites, but having to support both sync and async and due to the nature of having to read various files, extract locations and instantiate sourcemap consumers, it turned out to be a bit of code that would significantly enlarge either module. If you'd rather see this functionality added directly into either of these modules, let me know.

I figured it would be nice to expose some additional methods from stackman which can return these locations if present, and if not gracefully fall back to non-sourcemapped locations. Again something I'm a little unsure of - one could argue it would be better to return undefined or null if no sourcemap is found, and have the user call getSourceMappedLineNumber() || getLineNumber() where applicable. Thoughts welcome, as with everything else.

Lastly, I've made use of these functions to extract the context object. This seems to work fairly well.

There's a multitude of things to discuss here, obviously. Perhaps we should only attempt to extract source maps if you pass a sourcemaps option, for instance, but that opens questions on whether the source map getter functions should be present in that case, or not.

Regardless of all my questions and doubts on how to best implement it, it does seem to work. With a simple change in opbeat-node paired with these changes in stackman, opbeat logs sourcemapped locations.

Feedback and thoughts are very welcome.

This module looks like just what I need (getting context for the nearest call site outside by lib) but being async makes it inapplicable to my use case where I'm wrapping synchronous functions with the possibility of them throwing an error (in which case I'd like to show context around the callsites).

API changes

Removed functionality

• [x] It's no longer possible to get the source context in a synchronous manner
• [x] It's no longer possible to filter the call site objects
• [x] Node.js v0.8 is no longer supported

Changes to the main export

• [x] Remove support for options.context in main initializer function (use the lines option provided to callsite.sourceContext() instead)
• [x] Remove support for options.filter in main initializer function
• [x] Allow internal LRU cache sizes to be configured using options.fileCacheMax and options.sourceMapCacheMax
• [x] Remove the one function used to previously parse the error object (replace with the separate functions listed below)
• [x] Add var properties = stackman.properties(err) - Returns an array of properties for the given err (same as stack.properties in the v1 API)
• [x] Add stackman.callsites(err[, options], callback) - Calls callback with array of callsites for the given err (same as stack.frames in the v1 API)
• [x] Add stackman.sourceContexts(callsites[, options], callback) - Convenience function to get the source context for all call sites in the callsites argument in one go (instead of iterating over the call sites and calling callsite.sourceContext() for each of them). Calls the callback with an optional error object as the first argument and an array of context objects as the 2nd. Each element in the context array matches a call site in the callsites array. The optional options object will be passed on to callsite.sourceContext().

CallSite object changes

• [x] Remove the callsite.context object from call sites
• [x] Add callsite.sourceContext([options, ]callback) - Options object {lines: 5}
• [x] Add source map support to stackman.callsites()
• [x] Add source map support to callsite.sourceContext()
• [x] Add source map support to callsite.getFileName()
• [x] Add source map support to callsite.getLineNumber()
• [x] Add source map support to callsite.getColumnNumber()
• [x] Add source map support to callsite.getRelativeFileName()
• [x] Add source map support to callsite.getModuleName()
• [x] Add source map support to callsite.isApp()
• [x] Add source map support to callsite.isModule()

This is terrific, but I'd like to plug this into Winston so we can log caller's file, function/method name and line number from source map. First, how efficient is this and is there a way to get a synchronous response so as to return a formatted string back to Winston? Is there a more efficient method for our purposes than to use stackman? Thanks!

Description

This PR fixes one or more vulnerable packages in the npm dependencies of this project. See the Snyk test report for more details.

Snyk Project: watson/stackman:package.json

Snyk Organization: watson

Changes included in this PR

• A Snyk policy (.snyk) file, with updated settings.

Vulnerabilities that will be fixed

With a Snyk patch:

• SNYK-JS-LODASH-450202

You can read more about Snyk's upgrade and patch logic in Snyk's documentation.

Check the changes in this PR to ensure they won't cause issues with your project.

Stay secure, The Snyk team

Note: You are seeing this because you or someone else with access to this repository has authorised Snyk to open Fix PRs. To review the settings for this Snyk project please go to the project settings page.

This PR fixes one or more vulnerable packages in the npm dependencies of this project. See the Snyk test report for this project for details.

This PR includes:

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

• npm:eslint:20180222

You can read more about Snyk's upgrade and patch logic in Snyk's documentation.

Check the changes in this PR to ensure they won't cause issues with your project.

Stay secure, The Snyk team

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- | 696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908 | Yes | Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- | 768/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5 | Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908 | Yes | Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

If you call the properties method on an error object that has a field of type Date with a value Invalid Date, it tries to call the toISOString method of this object and throws an error: RangeError: Invalid time value.

To reproduce this, do the following:

var stackman = require('stackman')()

var err = new Error('Oops!')
err.number = Number.NaN;
err.date = new Date('invalid')

var props = stackman.properties(err)
console.log(props)

If you comment out err.date = new Date('invalid') or change the value to a valid date, the code works.

Description of the issue

Stackman generate a wrong filepath when the sourcemap is generated with Webpack and using webpack:// URLs.

For example, the error triggered when using elastic-apm-node with Webpack & Typescript:

[...]
this.apmAgent.captureError(err);
[...]

error while getting callsite source context: ENOENT: no such file or directory, open '/home/kerwan/workspace/kmp-agency/kmp-flow-launcher/dist/webpack:/boilerplate-node-typescript/src/launchers/webhooks/webhook.launcher.ts'
error while getting callsite source context: ENOENT: no such file or directory, open '/home/kerwan/workspace/kmp-agency/kmp-flow-launcher/dist/webpack:/boilerplate-node-typescript/src/launchers/webhooks/abstract-webhook.launcher.ts'
error while getting callsite source context: ENOENT: no such file or directory, open '/home/kerwan/workspace/kmp-agency/kmp-flow-launcher/dist/webpack:/boilerplate-node-typescript/src/services/webpack:/boilerplate-node-typescript/src/app.ts'
error while getting callsite source context: ENOENT: no such file or directory, open '/home/kerwan/workspace/kmp-agency/kmp-flow-launcher/dist/webpack:/boilerplate-node-typescript/src/services/webpack:/boilerplate-node-typescript/src/app.ts'

For example, the sourcemap URL for webpack://boilerplate-node-typescript/./src/launchers/abstract-launcher.ts is resolved to /home/kerwan/workspace/kmp-agency/kmp-flow-launcher/dist/webpack:/boilerplate-node-typescript/src/launchers/webhooks/webhook.launcher.ts when it should be /home/kerwan/workspace/kmp-agency/kmp-flow-launcher/src/launchers/webhooks/webhook.launcher.ts.

Steps to reproduce

Setup a project with webpack, typescript and ts-loader with the following configuration:

package.json:

{
  [...]
  "devDependencies": {
    "ts-loader": "^8.0.11",
    "typescript": "^4.1.2",
    "webpack": "^5.10.0",
    "webpack-cli": "^4.2.0",
  },
  "dependencies": {
    "stackman": "^4.0.1"
  }
  [...]
}

webpack.config.js:

const path = require('path')

const {NODE_ENV} = process.env

module.exports = {
  mode: NODE_ENV,
  target: 'node',
  devtool: 'source-map',
  entry: path.resolve(__dirname, 'src/app.ts'),
  output: {
    path: path.resolve(__dirname, 'dist'),
  },
  module: {
    rules: [
      {
        test: /.ts$/,
        include: /src/,
        loader: 'ts-loader'
      }
    ]
  },
  resolve: {
    extensions: ['.ts', '.js', '.json']
  },
}

With this configuration it will generate in the folder dist the file main.js and the sourcemap main.js.map.

Workaround

Temporarily, we have changed the devtool config in webpack to use relative paths without the namespace:

module.exports = {
  output: {
    path: path.resolve(__dirname, 'dist'),
    devtoolFallbackModuleFilenameTemplate: '../[resource-path]',
    devtoolModuleFilenameTemplate: '../[resource-path]'
  },
}

Hi! I've been testing ESM support for a work project, and noticed that filenames in stack traces were prefixed by file://. As a result, getSourceContext would return empty results, while getRelativeFileName was unable to properly truncate the filename. This change appears to fix the issue.

I've added some pretty bare-bones tests to assert that the change works. I rearranged package.json a bit to get it to work (moving standard to npm run lint, run as a posttest command) but please discard that change if it's not your cup of tea!

Hi, I'm using Elastic APM in our node projects and I found it lose stack trace when an async function throws an error. In the source code I found the error stack is first handled by stackman, and the frames will lose "From previous event" part. I found if frames length is 0, error will be handled by error-stack-parser, and the error stack can be parsed correctly. So can the stckman also add this feature? Async functions are very commonly in node.js. code like this:

const id = someAsyncFunction();
anotherFunction(id);

error like this:

nodejs.unhandledRejectionError: Invalid value Promise { <pending> }
    at Object.escape (/node_modules/sequelize/lib/sql-string.js:65:11)
    ......
    at processImmediate (internal/timers.js:439:21)
From previous event:
    at Function.findAll (/node_modules/sequelize/lib/model.js:1755:8)
    ......
name: "unhandledRejectionError"