Skip to content

fix(start): skip errored Rspack modules during import protection#7685

Open
SyMind wants to merge 5 commits into
TanStack:mainfrom
SyMind:fix-tanstack-router-dev
Open

fix(start): skip errored Rspack modules during import protection#7685
SyMind wants to merge 5 commits into
TanStack:mainfrom
SyMind:fix-tanstack-router-dev

Conversation

@SyMind

@SyMind SyMind commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

Fixes a dev-mode recovery bug where invalid JS/TS code could produce a Rspack compiler-level error from import protection, leaving rsbuild dev unable to recover even after the user fixed the source code.

Changes:

  • Skip already-errored Rspack modules while building the import protection compilation graph.
  • Ensure the original syntax error is surfaced through the Rsbuild error overlay instead of a secondary Compilation.hooks.processAssets plugin error.
  • Add RSC Rsbuild e2e coverage that injects invalid route code and snapshots the client/server error overlay.

Summary by CodeRabbit

  • Bug Fixes
    • Improved import-protection handling so modules with errors are less likely to be treated like normal modules, leading to more reliable behavior during build failures.
  • Tests
    • Added end-to-end coverage to verify the error overlay displays syntax errors consistently.
  • Chores
    • Updated the Rsbuild toolchain version across supported examples, benchmarks, and starter templates to the latest 2.1.x release.

@coderabbitai

coderabbitai Bot commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: fe40c25b-c2e7-4609-84ec-42271dd6a247

📥 Commits

Reviewing files that changed from the base of the PR and between ab4f558 and 66fc253.

📒 Files selected for processing (1)
  • e2e/react-start/rsc-rsbuild/tests/error-overlay.spec.ts
🚧 Files skipped from review as they are similar to previous changes (1)
  • e2e/react-start/rsc-rsbuild/tests/error-overlay.spec.ts

📝 Walkthrough

Walkthrough

Bumps @rsbuild/core to ^2.1.0 across packages, fixtures, examples, and benchmarks. Updates buildCompilationGraph to skip errored module connections. Adds a Playwright E2E test that verifies the rsbuild error overlay in the rsc-rsbuild fixture.

Changes

rsbuild 2.1.0 upgrade with import-protection fix and error overlay E2E

Layer / File(s) Summary
Bump rsbuild dependencies
benchmarks/bundle-size/package.json, e2e/*/package.json, examples/*/package.json, packages/*/package.json
Package manifests across packages, e2e fixtures, examples, and benchmarks update @rsbuild/core to ^2.1.0; packages/router-plugin adds the dependency entry, and e2e/vue-start/basic also bumps rsbuild Vue plugins.
Skip errored modules in import graph
packages/start-plugin-core/src/rsbuild/import-protection.ts
buildCompilationGraph now ignores outgoing connections whose connection.module.error is truthy, so errored modules are not added to the import graph edges.
Error overlay Playwright test
e2e/react-start/rsc-rsbuild/tests/error-overlay.spec.ts
The new test file adds a DevServer helper, overlay text parsing and normalization utilities, snapshot assembly helpers, and a Playwright test that injects a syntax error into the fixture route and asserts the rendered overlay output.

Sequence Diagram(s)

sequenceDiagram
  participant Playwright test
  participant DevServer
  participant rsbuild dev server
  Playwright test->>DevServer: start on per-test port
  DevServer->>rsbuild dev server: pnpm exec rsbuild dev
  Playwright test->>rsbuild dev server: navigate and read error overlay
  Playwright test->>Playwright test: normalize and compare snapshot
Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~15 minutes

Possibly related PRs

  • TanStack/router#7245: Also updates @rsbuild/core version ranges across repository package manifests.
  • TanStack/router#7482: Touches packages/start-plugin-core/src/rsbuild/import-protection.ts in the same import-protection pipeline.

Suggested labels

package: start-plugin-core

Suggested reviewers

  • schiller-manuel

🐇 I hop through manifests, bright and neat,
Then skip the errored modules on the street.
A tiny test watches the overlay glow,
With JSON snapshots in tidy row.
Rsbuild 2.1.0 — off we go! 🎉

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly matches the main fix: skipping errored Rspack modules during import protection in start.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

# Conflicts:
#	benchmarks/bundle-size/package.json
#	e2e/react-router/rspack-basic-file-based/package.json
#	e2e/react-router/rspack-basic-virtual-named-export-config-file-based/package.json
#	e2e/react-start/basic/package.json
#	e2e/react-start/css-inline/package.json
#	e2e/react-start/custom-server-rsbuild/package.json
#	e2e/react-start/deferred-hydration/package.json
#	e2e/react-start/hmr/package.json
#	e2e/react-start/import-protection/package.json
#	e2e/react-start/rsc/package.json
#	e2e/react-start/server-functions/package.json
#	e2e/solid-router/rspack-basic-file-based/package.json
#	e2e/solid-router/rspack-basic-virtual-named-export-config-file-based/package.json
#	e2e/solid-start/basic/package.json
#	e2e/solid-start/deferred-hydration/package.json
#	e2e/vue-router/rspack-basic-file-based/package.json
#	e2e/vue-router/rspack-basic-virtual-named-export-config-file-based/package.json
#	e2e/vue-start/basic/package.json
#	examples/react/quickstart-rspack-file-based/package.json
#	examples/solid/quickstart-rspack-file-based/package.json
#	packages/react-start/package.json
#	packages/solid-start/package.json
#	packages/start-plugin-core/package.json
#	packages/vue-start/package.json
#	pnpm-lock.yaml
@socket-security

socket-security Bot commented Jun 24, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Addednitro-nightly@​3.0.1-20260628-090458-3df69609791008296100
Added@​rsbuild/​core@​2.1.11001008598100

View full report

@socket-security

socket-security Bot commented Jun 24, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @emnapi/runtime is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/nitro@3.0.1-alpha.2npm/@tanstack/eslint-config@0.4.0npm/@rsbuild/plugin-vue@1.2.7npm/nitro@3.0.260311-betanpm/wrangler@4.75.0npm/@cloudflare/vite-plugin@1.29.1npm/@rsbuild/plugin-react@2.0.0npm/@rsbuild/core@2.1.1npm/nitro-nightly@3.0.1-20260628-090458-3df69609npm/@swc-node/register@1.11.1npm/@tanstack/eslint-config@0.3.2npm/@netlify/vite-plugin-tanstack-start@1.1.4npm/@emnapi/runtime@1.11.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@emnapi/runtime@1.11.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm env-runner is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/nitro-nightly@3.0.1-20260628-090458-3df69609npm/env-runner@0.1.14

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/env-runner@0.1.14. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Low adoption: npm ocache

Location: Package overview

From: pnpm-lock.yamlnpm/nitro-nightly@3.0.1-20260628-090458-3df69609npm/ocache@0.1.5

ℹ Read more on: This package | This alert | What are unpopular packages?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Unpopular packages may have less maintenance and contain other problems.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/ocache@0.1.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@SyMind SyMind marked this pull request as ready for review June 29, 2026 02:56

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@e2e/react-start/rsc-rsbuild/tests/error-overlay.spec.ts`:
- Around line 28-44: The DevServer startup path currently waits only on
waitUntilReady(), so a spawn failure from pnpm/rsbuild can hang until timeout
instead of failing immediately. In the DevServer.start method, add an error
listener to the spawned process and surface that error right away, ideally
before or alongside the waitUntilReady() flow, so startup failures are reported
immediately instead of being masked by the timeout.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 666b748c-f5f5-4855-9201-a1019bf10caf

📥 Commits

Reviewing files that changed from the base of the PR and between 80d098f and ab4f558.

⛔ Files ignored due to path filters (1)
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (28)
  • benchmarks/bundle-size/package.json
  • e2e/react-router/rspack-basic-file-based/package.json
  • e2e/react-router/rspack-basic-virtual-named-export-config-file-based/package.json
  • e2e/react-start/basic/package.json
  • e2e/react-start/css-inline/package.json
  • e2e/react-start/custom-server-rsbuild/package.json
  • e2e/react-start/deferred-hydration/package.json
  • e2e/react-start/hmr/package.json
  • e2e/react-start/import-protection/package.json
  • e2e/react-start/rsc-rsbuild/package.json
  • e2e/react-start/rsc-rsbuild/tests/error-overlay.spec.ts
  • e2e/react-start/rsc/package.json
  • e2e/react-start/server-functions/package.json
  • e2e/solid-router/rspack-basic-file-based/package.json
  • e2e/solid-router/rspack-basic-virtual-named-export-config-file-based/package.json
  • e2e/solid-start/basic/package.json
  • e2e/solid-start/deferred-hydration/package.json
  • e2e/vue-router/rspack-basic-file-based/package.json
  • e2e/vue-router/rspack-basic-virtual-named-export-config-file-based/package.json
  • e2e/vue-start/basic/package.json
  • examples/react/quickstart-rspack-file-based/package.json
  • examples/solid/quickstart-rspack-file-based/package.json
  • packages/react-start/package.json
  • packages/router-plugin/package.json
  • packages/solid-start/package.json
  • packages/start-plugin-core/package.json
  • packages/start-plugin-core/src/rsbuild/import-protection.ts
  • packages/vue-start/package.json

Comment thread e2e/react-start/rsc-rsbuild/tests/error-overlay.spec.ts
@SyMind

SyMind commented Jun 29, 2026

Copy link
Copy Markdown
Contributor Author

@codex review

@nx-cloud

nx-cloud Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

View your CI Pipeline Execution ↗ for commit 66fc253

Command Status Duration Result
nx affected --targets=test:eslint,test:unit,tes... ❌ Failed 12m 40s View ↗
nx run-many --target=build --exclude=examples/*... ✅ Succeeded 2m 26s View ↗

☁️ Nx Cloud last updated this comment at 2026-06-29 19:19:26 UTC

@pkg-pr-new

pkg-pr-new Bot commented Jun 29, 2026

Copy link
Copy Markdown
More templates

@tanstack/arktype-adapter

npm i https://pkg.pr.new/@tanstack/arktype-adapter@7685

@tanstack/eslint-plugin-router

npm i https://pkg.pr.new/@tanstack/eslint-plugin-router@7685

@tanstack/eslint-plugin-start

npm i https://pkg.pr.new/@tanstack/eslint-plugin-start@7685

@tanstack/history

npm i https://pkg.pr.new/@tanstack/history@7685

@tanstack/nitro-v2-vite-plugin

npm i https://pkg.pr.new/@tanstack/nitro-v2-vite-plugin@7685

@tanstack/react-router

npm i https://pkg.pr.new/@tanstack/react-router@7685

@tanstack/react-router-devtools

npm i https://pkg.pr.new/@tanstack/react-router-devtools@7685

@tanstack/react-router-ssr-query

npm i https://pkg.pr.new/@tanstack/react-router-ssr-query@7685

@tanstack/react-start

npm i https://pkg.pr.new/@tanstack/react-start@7685

@tanstack/react-start-client

npm i https://pkg.pr.new/@tanstack/react-start-client@7685

@tanstack/react-start-rsc

npm i https://pkg.pr.new/@tanstack/react-start-rsc@7685

@tanstack/react-start-server

npm i https://pkg.pr.new/@tanstack/react-start-server@7685

@tanstack/router-cli

npm i https://pkg.pr.new/@tanstack/router-cli@7685

@tanstack/router-core

npm i https://pkg.pr.new/@tanstack/router-core@7685

@tanstack/router-devtools

npm i https://pkg.pr.new/@tanstack/router-devtools@7685

@tanstack/router-devtools-core

npm i https://pkg.pr.new/@tanstack/router-devtools-core@7685

@tanstack/router-generator

npm i https://pkg.pr.new/@tanstack/router-generator@7685

@tanstack/router-plugin

npm i https://pkg.pr.new/@tanstack/router-plugin@7685

@tanstack/router-ssr-query-core

npm i https://pkg.pr.new/@tanstack/router-ssr-query-core@7685

@tanstack/router-utils

npm i https://pkg.pr.new/@tanstack/router-utils@7685

@tanstack/router-vite-plugin

npm i https://pkg.pr.new/@tanstack/router-vite-plugin@7685

@tanstack/solid-router

npm i https://pkg.pr.new/@tanstack/solid-router@7685

@tanstack/solid-router-devtools

npm i https://pkg.pr.new/@tanstack/solid-router-devtools@7685

@tanstack/solid-router-ssr-query

npm i https://pkg.pr.new/@tanstack/solid-router-ssr-query@7685

@tanstack/solid-start

npm i https://pkg.pr.new/@tanstack/solid-start@7685

@tanstack/solid-start-client

npm i https://pkg.pr.new/@tanstack/solid-start-client@7685

@tanstack/solid-start-server

npm i https://pkg.pr.new/@tanstack/solid-start-server@7685

@tanstack/start-client-core

npm i https://pkg.pr.new/@tanstack/start-client-core@7685

@tanstack/start-fn-stubs

npm i https://pkg.pr.new/@tanstack/start-fn-stubs@7685

@tanstack/start-plugin-core

npm i https://pkg.pr.new/@tanstack/start-plugin-core@7685

@tanstack/start-server-core

npm i https://pkg.pr.new/@tanstack/start-server-core@7685

@tanstack/start-static-server-functions

npm i https://pkg.pr.new/@tanstack/start-static-server-functions@7685

@tanstack/start-storage-context

npm i https://pkg.pr.new/@tanstack/start-storage-context@7685

@tanstack/valibot-adapter

npm i https://pkg.pr.new/@tanstack/valibot-adapter@7685

@tanstack/virtual-file-routes

npm i https://pkg.pr.new/@tanstack/virtual-file-routes@7685

@tanstack/vue-router

npm i https://pkg.pr.new/@tanstack/vue-router@7685

@tanstack/vue-router-devtools

npm i https://pkg.pr.new/@tanstack/vue-router-devtools@7685

@tanstack/vue-router-ssr-query

npm i https://pkg.pr.new/@tanstack/vue-router-ssr-query@7685

@tanstack/vue-start

npm i https://pkg.pr.new/@tanstack/vue-start@7685

@tanstack/vue-start-client

npm i https://pkg.pr.new/@tanstack/vue-start-client@7685

@tanstack/vue-start-server

npm i https://pkg.pr.new/@tanstack/vue-start-server@7685

@tanstack/zod-adapter

npm i https://pkg.pr.new/@tanstack/zod-adapter@7685

commit: 66fc253

@codspeed-hq

codspeed-hq Bot commented Jun 29, 2026

Copy link
Copy Markdown

Merging this PR will improve performance by 10.42%

⚠️ Different runtime environments detected

Some benchmarks with significant performance changes were compared across different runtime environments,
which may affect the accuracy of the results.

Open the report in CodSpeed to investigate

⚡ 3 improved benchmarks
❌ 1 regressed benchmark
✅ 140 untouched benchmarks

Warning

Please fix the performance issues or acknowledge them on CodSpeed.

Performance Changes

Mode Benchmark BASE HEAD Efficiency
Memory mem streaming-peak chunked (vue) 11.9 MB 12.3 MB -3.27%
Memory mem aborted-requests (solid) 2.4 MB 1.8 MB +31.66%
Memory mem aborted-requests (vue) 1,021 KB 912.1 KB +11.93%
Memory mem serialization-payload (solid) 6.8 MB 6.5 MB +4.29%

Tip

Investigate this regression by commenting @codspeedbot fix this regression on this PR, or directly use the CodSpeed MCP with your agent.


Comparing SyMind:fix-tanstack-router-dev (66fc253) with main (ba52d2b)1

Open in CodSpeed

Footnotes

  1. No successful run was found on main (bb2daa6) during the generation of this report, so ba52d2b was used instead as the comparison base. There might be some changes unrelated to this pull request in this report.

@nx-cloud nx-cloud Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nx Cloud has identified a possible root cause for your failed CI:

We investigated this failure and found it to be an environmental issue unrelated to the PR's changes. The test shard encountered EADDRINUSE: address already in use :::40891, meaning a stale process had already claimed the dynamically assigned port before the web server could start. A clean re-run should resolve this without any code changes needed.

No code changes were suggested for this issue.

You can trigger a rerun by pushing an empty commit:

git commit --allow-empty -m "chore: trigger rerun"
git push

Nx Cloud View detailed reasoning on Nx Cloud ↗


🎓 Learn more about Self-Healing CI on nx.dev

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants