Skip to content

Fix(V3): Duplicated session / Fix incompatibility with Cocoa V9#1088

Merged
lucas-zimerman merged 12 commits intomainfrom
lz/fix-session
Jan 23, 2026
Merged

Fix(V3): Duplicated session / Fix incompatibility with Cocoa V9#1088
lucas-zimerman merged 12 commits intomainfrom
lz/fix-session

Conversation

@lucas-zimerman
Copy link
Collaborator

@lucas-zimerman lucas-zimerman commented Jan 21, 2026

Dublicated Session

Due to not replacing the defaultIntegration, we have a side effect that the sibling SDK will add their own integrations, inserting the BrowserSession automatically. This is wrong since both native and the JS implementation has auto session implementation.

The correct fix was applied by adding the capacitor integrations into defaultIntegrations, overwriting the sibling SDK integrations and thus, only having a single session being created.

A minor refactor was also implemented where I renamed finalOption to sharedOption since it matches what it is actually being used, as a shared data instead of the final option being used.

Before:
image

After:
image

image

Cocoa Fix

It just appeared now that SentryOptionsInternal is not available on SPM, so I just opted for just insert the logic locally .

@github-actions
Copy link
Contributor

github-actions bot commented Jan 21, 2026

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).


Bug Fixes 🐛

  • (V3) Duplicated session by lucas-zimerman in #1088

Build / dependencies / internal 🔧

  • (V3) Bump sentry cocoa v9 by lucas-zimerman in #1086
  • Use pull_request_target for changelog preview by BYK in #1079

🤖 This preview updates automatically when you update the PR.

@lucas-zimerman lucas-zimerman changed the title Fix(V3): Duplicated session Fix(V3): Duplicated session / Fix incompatibility with Cocoa V9 Jan 22, 2026
@lucas-zimerman lucas-zimerman marked this pull request as ready for review January 22, 2026 12:41
Comment on lines +132 to +138
if let sessionTrackingIntervalMillis = dict["sessionTrackingIntervalMillis"] as? Int {
options.sessionTrackingIntervalMillis = UInt(sessionTrackingIntervalMillis)
}

if let maxBreadcrumbs = dict["maxBreadcrumbs"] as? Int {
options.maxBreadcrumbs = UInt(maxBreadcrumbs)
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: A negative value for sessionTrackingIntervalMillis or maxBreadcrumbs from JavaScript will cause a fatal crash on iOS due to an unsafe Int to UInt cast.
Severity: HIGH

Suggested Fix

Before casting sessionTrackingIntervalMillis and maxBreadcrumbs to UInt, validate that the Int values are non-negative. If a negative value is received, it should be ignored or handled gracefully instead of attempting the cast. For example: if let value = dict["maxBreadcrumbs"] as? Int, value >= 0 { options.maxBreadcrumbs = UInt(value) }.

Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: ios/Sources/SentryCapacitorPlugin/SentryCapacitorPlugin.swift#L132-L138

Potential issue: The `createOptions` method manually parses
`sessionTrackingIntervalMillis` and `maxBreadcrumbs` from a dictionary. It casts these
values from `Int` to `UInt` using a direct initializer `UInt()`. In Swift, attempting to
initialize a `UInt` with a negative `Int` value triggers a fatal runtime error, which
will crash the application. The JavaScript layer, which provides these options, does not
perform any validation to prevent negative numbers from being passed. This means a
negative value for either of these options will lead to an unavoidable crash on the iOS
platform.

Did we get this right? 👍 / 👎 to inform future reviews.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd rather limit this on the JavaScript side.
The PR is not changing the behavior of sessionTrackingIntervalMillis and maxBreadcrumbs so lets leave it as is and fix it on a separated PR.

Copy link
Contributor

@antonis antonis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🎸

@lucas-zimerman lucas-zimerman merged commit 9103a4f into main Jan 23, 2026
18 checks passed
@lucas-zimerman lucas-zimerman deleted the lz/fix-session branch January 23, 2026 12:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants