feat(error-tracking): add debug_id snippet injection for cross-MFE stack trace un-minification

[amortemousque]

What and why?

Current unminification based on (service, version) breaks with MFEs.

When an error spans multiple micro frontends, its stack trace may contain frames from several bundles (for example, cart.js, header.js, and shell-app.js). Unminification today relies on a single (service, version) pair, typically derived from the originating MFE. The backend applies that pair to every frame in the stack trace. As a result, frames from other MFEs, which were uploaded under their own (service, version) pairs—cannot be matched to the correct source maps and remain minified.

debug_id solves this by attaching a UUID to each JS bundle. The backend can then resolves each frame independently.

How?

• Add injection plugin capability to pass the chunk source or hash to hook callbacks.
  • Expose a new injection callback: (sourceOrHash) => {}
  • Move Rollup injection from banner/footer hooks to renderChunk so the plugin can access and modify the generated chunk source.
• Implement debug_id injection in the RUM sourceCodeContext plugin.
  • Subscribe to the new injection callback and generate a deterministic UUID from the file content
  • Add ddDebugId: uuid to DD_SOURCE_CODE_CONTEXT entries.
• Add end-to-end tests

[datadog-datadog-prod-us1-2]

🎉 All green!

🧪 All tests passed
❄️ No new flaky tests detected

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 88eab93 | Docs | Datadog PR Page | Give us feedback!}

[amortemousque]

While implementing this, I took the opportunity to simplify the injection logic by:

• processInjections + processItem becomes prepareInjections + resolveWithFallback where prepareInjections drives the loop and resolveWithFallback resolves async and file injections
• processInjections iterated items one at a time with no-await-in-loop. Now prepareInjections resolves all injections in parallel.
• Remove Map<string, ToInjectItem>: generated UUIDs were never used for lookup, replaced with ToInjectItem[] directly.

I think a good potential next step would be to replace the parameterized context.inject API with separate hooks per injection type.

[amortemousque]

I'm not a fan of this logic to detect (chunk) => ... per-chunk functions.
Improving this area would require a larger refactor, which I’d prefer to tackle in a dedicated PR. My plan is to replace the parameterized context.inject API with separate hooks for each injection type, making the implementation simpler and easier to reason about.

[yoannmoinet]

Was this change intentional?

[amortemousque]

Yes, intentional. MD5 was only used for deterministic IDs, but it is not supported in FIPS environments, which can cause builds to fail (similar to getsentry/sentry-javascript-bundler-plugins#618). SHA-256 avoids that issue.

[yoannmoinet]

Please notify apps folks about this.
EDIT: Uh oh, it seems I AM part of the apps folks... I'll forward this.

[yoannmoinet]

This will need a major bump, IIRC we expose this API through the customPlugins.
Is it really necessary?

[amortemousque]

Hum, indeed. I can rollback this change to avoid breaking changes

[yoannmoinet]

This may have a pretty intense impact on performances, as we will read every single bundle now.
I guess it's necessary for the new injection features, but I would double check the impact on performances still.

If only esbuild would offer us a way to hook ourselves right before writing the bundles.

[amortemousque]

Yes it's also one of my concern. I'll get some data on the overhead

[amortemousque]

I re-added a check so we inject only when contentsToInject contains an entry with injectIntoAllChunks: true.
This limits the overhead to cases where the customer uses a plugin that requires it.

[yoannmoinet]

bundler doesn't seem to be used.

[yoannmoinet]

nit: This was fixed in rollup with MagicString, would it be a good occasion to do this here too?

[amortemousque]

Yes indeed! It's not exactly the same, as be need to rewrite the already generated .map but I handled them.

[yoannmoinet]

This was required to keep the order of injection the same post processing.

Making it fully parallel may introduce a behavior change worth noting.
This could also lead to indeterministic errors if we have cross injection dependencies.

We could keep the processing parallel, but the final injection should keep the same order to prevent any indeterministic behavior.

wdyt?

[amortemousque]

FMU, the order is already preserved. Promise.all returns results in input order regardless of resolution timing. Same guarantee as the sequential for...of. The only change is parallel execution. Am I missing something?

[yoannmoinet]

Why remove the comment?

[amortemousque]

I don't know why but llms tend to remove them. I'll rewrite them

[yoannmoinet]

Now that it's not optional anymore (it seems) we could remove it from the peerDependencies.

[amortemousque]

Indeed :)

[bcaudan]

❓ question: ‏MFE was previously configured under rum. sourceCodeContext and we are now adding errorTracking.debugId.
Could we limit the number of options that the customers have to enable for MFE supports?

[amortemousque]

I collocated the options like to

type SourceCodeContext = {
    service?: string;
    version?: string;
    ddDebugId?: string;
};

ddDebugId is new attribute within DD_SOURCE_CODE_CONTEXT entries