fix: set-once-freeze for PKG_NATIVE_CACHE_PATH resolution#232
Open
olegcS wants to merge 1 commit intoyao-pkg:mainfrom
Open
fix: set-once-freeze for PKG_NATIVE_CACHE_PATH resolution#232olegcS wants to merge 1 commit intoyao-pkg:mainfrom
olegcS wants to merge 1 commit intoyao-pkg:mainfrom
Conversation
Resolve PKG_NATIVE_CACHE_PATH lazily on the first dlopen call instead of eagerly at bootstrap time, then freeze the value for all subsequent calls. This gives applications a window to set process.env.PKG_NATIVE_CACHE_PATH in their init code (before any native addon is loaded) without requiring the variable to be present in the environment before the process starts. Once the first native addon triggers dlopen, the resolved path is frozen and further changes to the env var are ignored. Use case: packaged apps that run as a privileged service (e.g. Windows SYSTEM) need to redirect the native cache from the default user-writable ~/.cache to a protected directory. The app's entry point sets the env var programmatically based on the install location, but under the current eager capture the IIFE runs before any user code. If PKG_NATIVE_CACHE_PATH is already set before the process starts (the existing workflow), behavior is unchanged — the bootstrap-time value is captured as the default and confirmed on first dlopen. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
PKG_NATIVE_CACHE_PATHis captured once in the bootstrap IIFE, before any application code runs. This means a packaged app cannot programmatically redirect its native addon cache at startup — the only way to set the path is via the process environment before launch.This is a problem for apps that need to determine the cache path at runtime (e.g. based on install location) and for security-sensitive apps that must ensure the cache points to a protected directory regardless of what environment variables a user has set.
Solution
Defer resolution of
PKG_NATIVE_CACHE_PATHto the firstdlopencall, then freeze it. This gives the application's entry point a window to setprocess.env.PKG_NATIVE_CACHE_PATHbefore any native addon is loaded, after which the value is locked.Existing behavior (env var set before process starts) is unchanged.
Relation to #228
This is the set-once-freeze portion of #228, split per reviewer feedback. The SHA-256 integrity check is in a separate PR (#230).
Test plan
PKG_NATIVE_CACHE_PATHin its entry point before loading native addons — verify the runtime value is usedPKG_NATIVE_CACHE_PATHpre-set in the environment — verify it works as beforePKG_NATIVE_CACHE_PATHset — verify default~/.cachefallback worksPKG_NATIVE_CACHE_PATHafter the first native addon load has no effect