Change how API versions are set #640
Comments
sholladay
changed the title
|
Hi @sholladay, thanks for this feedback! I agree with you that properties like the API key or API version should only be settable at creation time and be immutable afterwards (though still overridable on a per-request basis). Note that you can actually set the API version on a per-request basis, by passing @rattrayalex-stripe Any thoughts / opinions on the above? |
Ah, thanks for pointing that out! I had done a rudimentary search for variations of Well since that's already implemented, removing |
|
Hi @sholladay – thanks for the feedback! This is great; please send more thoughts like this in the future! Definitely +1 to being able to set things like this at initialization time. I was probably thinking this API, curious for your thoughts: const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
stripe_version: '2019-01-01', // etc...
});We should probably also move the docs for passing options from a Wiki to the README... cc also @paulasjes-stripe |
|
Yeah, I agree. I've disabled wikis on all of my own projects and moved everything to |
|
I'd like to bikeshed on the naming a bit and suggest: Does it make sense to use that object as a generic |
|
Ah, I hadn't read carefully earlier. Definitely agreed with this: const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
apiVersion: '2019-01-01',
maxNetworkRetries: 5,
// all other config options
});I also like the idea of moving to camel case on each request override, like this: stripe.charges.refund(chargeId, {
amount: 500,
}, {
stripeAccount: connectedAccountId,
apiVersion: '2019-01-01',
});Thanks, Seth and Paul! |
|
We talked about this internally and we've split it into a few tasks:
The config object in task 1 will need to be quite strict about what it accepts, throwing errors if it contains something unexpected. |
|
Fixed in #703 |
Pinning all stripe requests to a specific API version is a good idea and recommended, yet the way this is currently done using the SDK is a bit strange and, I would argue, even a bit dangerous.
The
setApiVersion()method is strange because it is setting an option that really belongs in either the constructor or each API method call. As far as I am aware, it is the only option that uses a method to set it. Currently, you cannot donew Stripe({ apiVersion : '2019-02-19' }), which makes it inconsistent with how the secret key is set.You also cannot doThe fact that it's done with a method also forces me to add an extrastripe.customers.retrieve(customerId, { apiVersion : '2019-02-19' }), which makes it inconsistent with how thestripe_accountoption is set.ifstatement to one of my modules, which is a small but annoying inconvenience.Additionally, the
setApiVersion()method is dangerous because it gives the impression that it is okay to set the API version at any time before calling a Stripe API. This is problematic because if a single instance of the SDK is used across multiple routes on a server (very common use case), then we are prone to one route accidentally influencing the API version used by other, separate routes. You have to be very careful to first read the existing API version, then set the new API version, then call the desired Stripe API, and finally set the API version back to what it was originally. Yet even then, you are prone to race conditions between routes.I think moving this option to the constructor would be a great improvement to the SDK and that alone is probably sufficient. However, if people are relying on the ability to override the version for individual API calls, then this option should be supported on each API method.
The text was updated successfully, but these errors were encountered: