Disable @newrelic/publish-sourcemap dependency for MFEs

Development
1

Hi folks.

We are working on packaging Open edX Maple.2 for Bitnami, and we have found that there is a hardcoded dependency on @newrelic/publish-sourcemap within the @edx/frontend-build NPM package, for building MFEs. Note that the dependency is being installed via @edx/new-relic-source-map-webpack-plugin, which depends on the mentioned New Relic dependency.

Our concern is that the @newrelic/publish-sourcemap is not open-source software, and thus cannot be distributed legally. In fact, the following note is added in its package.json:

"license": "New Relic proprietary"

We have been able to disable this dependency at runtime via the ENABLE_NEW_RELIC=false environment variable. However, it is still a build-time dependency and is required even if the mentioned environment variable is set. See @edx/frontend-build/config/webpack.prod.config.js:

...
const NewRelicSourceMapPlugin = require('@edx/new-relic-source-map-webpack-plugin');
...
if (process.env.ENABLE_NEW_RELIC !== 'false') {
  ...
  extraPlugins.push(new NewRelicSourceMapPlugin({

Note: Similar issues have been reported with Open edX components, like cs_comments_service.

Do you know of any other way to disable the dependency (and not only the functionality via ENABLE_NEW_RELIC)? If not, is there anything else we can do to get this issue resolved?

Note that in our case, we have a requirement to package the MFE as well as its dependencies, as we need to be able to regenerate it each time there is a change to the domain/IP address.

2 Likes
2

Hi @marcos, welcome to the forum!

There is no built-in way to do this, AFAIK, but it is an important issue. Thanks for bringing it up.

The “hard-codedness” of New Relic has been a sore point for a while, in particular as it comes to MFEs. The ENABLE_NEW_RELIC var itself is a pretty recent development, coming about only at the tail end of 2021. And as you can see, it only does away with New Relic at runtime. (It came about as an interim solution to a more general problem: that of introducing dynamic runtime MFE configuration.)

I opened an issue that will get discussed - at the latest - at our next frontend working group meeting. You’re free to pick it up in the meantime, by the way! We’ll happily review a PR, and will likely get the issue sorted out sooner. (You’re also invited to join the meeting, if interested. It’s basically open to the public.)

All this said, one of the ways @regis deals with Open edX inadequacies (such as this one) in the Tutor build process is by, well, hacking it:

# This low-tech (i.e: ugly), manual patch should be removed in later versions
RUN sed -i "s/@edx\/frontend-build\": \"8.0.4\"/@edx\/frontend-build\": \"8.2.0\"/g" package.json

Tutor, btw, is the community’s official deployment method as of the latest release, so it’s not like we frown upon such things. :slight_smile: If you find sedding out @newrelic/publish-sourcemap is an option (which may likely require removing other bits of code too), I say go for it. The proper upstream fix will probably not be immediate.

3 Likes
3

Thanks for the quick turnaround @arbrandes! It is really appreciated.

I opened an issue that will get discussed - at the latest - at our next frontend working group meeting. You’re free to pick it up in the meantime, by the way! We’ll happily review a PR, and will likely get the issue sorted out sooner. (You’re also invited to join the meeting, if interested. It’s basically open to the public.)

Thanks for the invitation! I will start watching the issue as well. Unfortunately I don’t think I’ll be able to attend the front-end working group, as I am going to be out-of-office that week.

As for contributing, currently I have some idea that would work but it would not follow best practices:

diff --git a/config/webpack.prod.config.js b/config/webpack.prod.config.js
index 483c0dc..0fc8ee9 100644
--- a/config/webpack.prod.config.js
+++ b/config/webpack.prod.config.js
@@ -7,7 +7,6 @@ const { merge } = require('webpack-merge');
 const CssNano = require('cssnano');
 const Dotenv = require('dotenv-webpack');
 const dotenv = require('dotenv');
-const NewRelicSourceMapPlugin = require('@edx/new-relic-source-map-webpack-plugin');
 const HtmlWebpackPlugin = require('html-webpack-plugin');
 const MiniCssExtractPlugin = require('mini-css-extract-plugin');
 const path = require('path');
@@ -36,6 +35,8 @@ if (process.env.ENABLE_NEW_RELIC !== 'false') {
     licenseKey: process.env.NEW_RELIC_LICENSE_KEY || 'undefined_license_key',
     applicationID: process.env.NEW_RELIC_APP_ID || 'undefined_application_id',
   }));
+  // eslint-disable-next-line global-require
+  const NewRelicSourceMapPlugin = require('@edx/new-relic-source-map-webpack-plugin');
   extraPlugins.push(new NewRelicSourceMapPlugin({
     applicationId: process.env.NEW_RELIC_APP_ID,
     apiKey: process.env.NEW_RELIC_ADMIN_KEY,
diff --git a/package.json b/package.json
index ad2f072..edfccab 100644
--- a/package.json
+++ b/package.json
@@ -33,7 +33,6 @@
     "@babel/preset-env": "7.16.4",
     "@babel/preset-react": "7.16.0",
     "@edx/eslint-config": "2.0.0",
-    "@edx/new-relic-source-map-webpack-plugin": "1.0.1",
     "@pmmmwh/react-refresh-webpack-plugin": "0.5.3",
     "@svgr/webpack": "6.2.1",
     "autoprefixer": "10.2.6",
@@ -77,6 +76,9 @@
     "webpack-dev-server": "4.7.3",
     "webpack-merge": "5.2.0"
   },
+  "optionalDependencies": {
+    "@edx/new-relic-source-map-webpack-plugin": "1.0.1"
+  },
   "peerDependencies": {
     "react": "^16.14.0 || ^17.0.0"
   }

If this change makes sense for you, let me know to send a PR. Just be aware that we need to initiate an internal process for contributing to an external project, and it could take us a few weeks before we are able to send the PR.

All this said, one of the ways @regis deals with Open edX inadequacies (such as this one) in the Tutor build process is by, well, hacking it:

The Tutor patch is something that would work for us, and we will look into applying it as a temporary solution. Thanks for that!

1 Like