fix(boootstrap): prevent to override existing node addon file #1611
Conversation
robertsLando
changed the title
|
Hmm. In some cases, we may want to overwrite the file:
I think we should implement an |
Agree, good point.
Hmm, wouldn't an updated pkg-packaged app with a newer For security reasons, I would prefer to fail / stop the app start if the What do you think? I can update the PR, just let me know if e.g. a SHA-256 check is sufficient for you for the A disadvantage could be the slower app start in general, because the previous best case (all files already exist, so no copy action takes place) is the worst case now, we never trust an existing file anymore because each file will be checked with |
|
My application will start multiple workers, they will read the .node file at the same time, and if it does not exist, will they write to disk at the same time? |
We already calculate the sha of the file, isn't that enough? |
We calculated the hash of the file to be dlopen-ed, but not the hashes of all contents under the Additionally, the hash only determines the folder name in the temporary directory, not if the file on the disk is the same as the file in the snapshot. |
Ok so @renkei I think you could try with the second approach for now, it's easier |
|
Which method you would prefer for a |
I let @jesec answer to this |
Correctness is more essential than performance. Let's ensure correctness first, then try to optimize it. Actually, with either method ( |
@jesec This is what I worry about. My application will start multiple worker_threads and use a lot of private C/Rust modules,. I temporarily move all node files to the main process and require it, which is very helpless |
|
@jesec Is it possible to ask the user to tag node modules to load them early in a single process? |
|
What about to use process pid to identify the processe that is using a specific module and store this info somewhere in the temporary directory ? We could also make the checks needed to verify that the file is the same and if not create a new one in another directory and/or use symlinks |
|
I've update the PR to also perform the copy even if the file already exists but is outdated. There is still no solution for the use case that multiple instances of the app might start simultaneously. I see only two options:
Solution 1 must be implemented by the user that tries to start multiple instances because we cannot implement a delayed check© (with some retries to give the other instance time to finish the copy) in bootstrap.js because everything inside process.dlopen must be synchronous. To be honest, I would prefer this solution, it is much easier for the user to control the start of multiple instances than for pkg. Solution 2 sounds interesting but has so much disadvantages. It makes things more complicated and can produce a lot of spam on disk since we copy the same files again and again, they cannot be shared across multiple instances anymore. I'm not sure if it's worth the effort, maybe we're leaving the KISS pattern too much here... |
|
I loaded all node files in the main process. for me this is the only solution so far.
|
There was a problem hiding this comment.
It would be more correct and less error-prone to let each process have its own temporary directory. I have implemented the approach: jesec@71f697d, but I am still sorting out issues with Node 12 on Windows at the moment. Duplication would be annoying but correctness is more essential.
Nonetheless, this PR does provide some improvements over the status quo and we can get it merged first.
Nice, I will try this out. Thanks!
Beside the duplication (which is not really an issue, I guess, as long as everything is removed before the app exits) this has another effect: Native modules cannot be shared across instances, no matter whether multiple instances are running simultaneously or not because the temporary folder name depends now on the process ID and |
Verified, has run successfully, but affects startup speed. But there is no other better solution |
This PR fixes #1589. The fix has two effects:
.nodefiles that must exist on the real filesystem instead of the virtual snapshot filesystem (because of process.dlopen) are only copied if they do not exist. If they already exist then it doesn't matter anymore whether they are currently opened by an running instance of the pkg-packaged app or not, because existing files are untouched now.