From 661d83bd939ff2c46e91df9328694f570390933a Mon Sep 17 00:00:00 2001 From: Klaas van Schelven Date: Sat, 15 Nov 2025 13:33:49 +0100 Subject: [PATCH] minidumps: FEATURE flag --- bugsink/app_settings.py | 3 +++ bugsink/settings/development.py | 3 +++ files/views.py | 3 +++ ingest/views.py | 9 ++++++++- 4 files changed, 17 insertions(+), 1 deletion(-) diff --git a/bugsink/app_settings.py b/bugsink/app_settings.py index 1d59347..5d2da85 100644 --- a/bugsink/app_settings.py +++ b/bugsink/app_settings.py @@ -73,6 +73,9 @@ DEFAULTS = { # Security: "MINIMIZE_INFORMATION_EXPOSURE": False, "PHONEHOME": True, + + # Feature flags: + "FEATURE_MINIDUMPS": False, # minidumps are experimental/early-stage and likely a DOS-magnet; disabled by default } diff --git a/bugsink/settings/development.py b/bugsink/settings/development.py index 48e86c4..a221949 100644 --- a/bugsink/settings/development.py +++ b/bugsink/settings/development.py @@ -109,6 +109,9 @@ BUGSINK = { "MAX_EMAILS_PER_MONTH": 10, # for development: a thing to tune if you want to the the quota system "KEEP_ARTIFACT_BUNDLES": True, # in development: useful to preserve sourcemap uploads + + # in development we want optional features enabled to [1] play with them and [2] have the tests work + "FEATURE_MINIDUMPS": True, } diff --git a/files/views.py b/files/views.py index 79e5049..1f32a6f 100644 --- a/files/views.py +++ b/files/views.py @@ -205,6 +205,9 @@ def artifact_bundle_assemble(request, organization_slug): @csrf_exempt # we're in API context here; this could potentially be pulled up to a higher level though @requires_auth_token def difs_assemble(request, organization_slug, project_slug): + if not get_settings().FEATURE_MINIDUMPS: + return JsonResponse({"detail": "minidumps not enabled"}, status=404) + # TODO move to tasks.something.delay # TODO think about the right transaction around this data = json.loads(request.body) diff --git a/ingest/views.py b/ingest/views.py index 3aebb60..f48f8bb 100644 --- a/ingest/views.py +++ b/ingest/views.py @@ -53,6 +53,7 @@ from .models import StoreEnvelope, DontStoreEnvelope, Envelope HTTP_429_TOO_MANY_REQUESTS = 429 HTTP_400_BAD_REQUEST = 400 +HTTP_404_NOT_FOUND = 404 HTTP_501_NOT_IMPLEMENTED = 501 @@ -638,7 +639,10 @@ class IngestEnvelopeAPIView(BaseIngestAPIView): if ((type_ not in ["event", "attachment"]) or (item_headers.get("type") == "attachment" and - item_headers.get("attachment_type") != "event.minidump")): + item_headers.get("attachment_type") != "event.minidump") or + (item_headers.get("type") == "attachment" and + item_headers.get("attachment_type") == "event.minidump" and + not get_settings().FEATURE_MINIDUMPS)): # non-event/minidumps can be discarded; (we don't check for individual size limits, because these differ # per item type, we have the envelope limit to protect us, and we incur almost no cost (NullWriter)) @@ -732,6 +736,9 @@ class MinidumpAPIView(BaseIngestAPIView): # I'm not 100% sure whether "philosophically" the minidump endpoint is also "ingesting"; we'll see. def post(self, request, project_pk=None): + if not get_settings().FEATURE_MINIDUMPS: + return JsonResponse({"detail": "minidumps not enabled"}, status=HTTP_404_NOT_FOUND) + # not reusing the CORS stuff here; minidump-from-browser doesn't make sense. # TODO: actually pick/configure max