Reevaluate rollout of enforced cursor serializability #80
Description
Context
The enforcement that cursors be losslessly serializable to JSON introduced in #73 was released in 1.1.11.
Unfortunately, this broke some production jobs, due to excessive mocking in tests not catching unserializable cursors.
We have since reverted the change in #77 and published version 1.1.12.
This was discussed in Slack:
- Apps may be relying on the existing behaviour of being able to provide arbitrary cursor and dealing with deserializing the corrupted cursor.
- Those apps would now encounter an error
- This is therefore a breaking change, and would likely require a major version upgrade
- Tests do not always discover breakages, so it may be desirable to be able to customize the behaviour in the event of an unserializable cursor.
Way Forward
We could reintroduce the cursor validation, but this time with behaviour customizable by the host app.
- By default, we could simply log a warning via
Rails.logger.warn. - Host apps wishing to be more strict could select alternative behaviour:
JobIteration.configure do |config| config.on_cursor_unsafe_to_serialize = :raise end
- Host apps requiring even more customized behaviour could register a callable
JobIteration.configure do |config| config.on_cursor_unsafe_to_serialize = lambda do |job, cursor| # e.g. compare job against some list and conditionally raise # e.g. emit a metric to some metric service end end
This could be shipped as part of a minor version bump, as it would be a non-breaking new feature intended to provide more robust guarantees.
When we decide it is appropriate to change the default, we can simply change it and release a major version bump. Consumers could continue to override the config until such a time as we decide to get rid of it.