@sveltejs/kit 2.30.0 → 2.31.0

package/src/runtime/server/respond.js

@@ -1,6 +1,8 @@
+/** @import { RequestState } from 'types' */
 import { DEV } from 'esm-env';
 import { json, text } from '@sveltejs/kit';
 import { Redirect, SvelteKitError } from '@sveltejs/kit/internal';
+import { merge_tracing, with_request_store } from '@sveltejs/kit/internal/server';
 import { base, app_dir } from '__sveltekit/paths';
 import { is_endpoint_request, render_endpoint } from './endpoint.js';
 import { render_page } from './page/index.js';
@@ -34,8 +36,8 @@ import {
 	strip_resolution_suffix
 } from '../pathname.js';
 import { get_remote_id, handle_remote_call } from './remote.js';
-import { with_event } from '../app/server/event.js';
-import { create_event_state, EVENT_STATE } from './event-state.js';
+import { record_span } from '../telemetry/record_span.js';
+import { otel } from '../telemetry/otel.js';
 
 /* global __SVELTEKIT_ADAPTER_NAME__ */
 /* global __SVELTEKIT_DEV__ */
@@ -55,6 +57,8 @@ const allowed_page_methods = new Set(['GET', 'HEAD', 'OPTIONS']);
 
 let warned_on_devtools_json_request = false;
 
+export const respond = propagate_context(internal_respond);
+
 /**
  * @param {Request} request
  * @param {import('types').SSROptions} options
@@ -62,7 +66,7 @@ let warned_on_devtools_json_request = false;
  * @param {import('types').SSRState} state
  * @returns {Promise<Response>}
  */
-export async function respond(request, options, manifest, state) {
+export async function internal_respond(request, options, manifest, state) {
 	/** URL but stripped from the potential `/__data.json` suffix and its search param  */
 	const url = new URL(request.url);
 
@@ -134,9 +138,18 @@ export async function respond(request, options, manifest, state) {
 		url
 	);
 
+	/** @type {RequestState} */
+	const event_state = {
+		prerendering: state.prerendering,
+		transport: options.hooks.transport,
+		handleValidationError: options.hooks.handleValidationError,
+		tracing: {
+			record_span
+		}
+	};
+
 	/** @type {import('@sveltejs/kit').RequestEvent} */
 	const event = {
-		[EVENT_STATE]: create_event_state(state, options),
 		cookies,
 		// @ts-expect-error `fetch` needs to be created after the `event` itself
 		fetch: null,
@@ -379,32 +392,69 @@ export async function respond(request, options, manifest, state) {
 			disable_search(url);
 		}
 
-		const response = await with_event(event, () =>
-			options.hooks.handle({
-				event,
-				resolve: (event, opts) =>
-					// counter-intuitively, we need to clear the event, so that it's not
-					// e.g. accessible when loading modules needed to handle the request
-					with_event(null, () =>
-						resolve(event, page_nodes, opts).then((response) => {
-							// add headers/cookies here, rather than inside `resolve`, so that we
-							// can do it once for all responses instead of once per `return`
-							for (const key in headers) {
-								const value = headers[key];
-								response.headers.set(key, /** @type {string} */ (value));
-							}
-
-							add_cookies_to_headers(response.headers, Object.values(new_cookies));
-
-							if (state.prerendering && event.route.id !== null) {
-								response.headers.set('x-sveltekit-routeid', encodeURI(event.route.id));
-							}
-
-							return response;
-						})
-					)
-			})
-		);
+		const response = await record_span({
+			name: 'sveltekit.handle.root',
+			attributes: {
+				'http.route': event.route.id || 'unknown',
+				'http.method': event.request.method,
+				'http.url': event.url.href,
+				'sveltekit.is_data_request': is_data_request,
+				'sveltekit.is_sub_request': event.isSubRequest
+			},
+			fn: async (root_span) => {
+				const traced_event = {
+					...event,
+					tracing: {
+						enabled: __SVELTEKIT_SERVER_TRACING_ENABLED__,
+						root: root_span,
+						current: root_span
+					}
+				};
+				return await with_request_store({ event: traced_event, state: event_state }, () =>
+					options.hooks.handle({
+						event: traced_event,
+						resolve: (event, opts) => {
+							return record_span({
+								name: 'sveltekit.resolve',
+								attributes: {
+									'http.route': event.route.id || 'unknown'
+								},
+								fn: (resolve_span) => {
+									// counter-intuitively, we need to clear the event, so that it's not
+									// e.g. accessible when loading modules needed to handle the request
+									return with_request_store(null, () =>
+										resolve(merge_tracing(event, resolve_span), page_nodes, opts).then(
+											(response) => {
+												// add headers/cookies here, rather than inside `resolve`, so that we
+												// can do it once for all responses instead of once per `return`
+												for (const key in headers) {
+													const value = headers[key];
+													response.headers.set(key, /** @type {string} */ (value));
+												}
+
+												add_cookies_to_headers(response.headers, Object.values(new_cookies));
+
+												if (state.prerendering && event.route.id !== null) {
+													response.headers.set('x-sveltekit-routeid', encodeURI(event.route.id));
+												}
+
+												resolve_span.setAttributes({
+													'http.response.status_code': response.status,
+													'http.response.body.size':
+														response.headers.get('content-length') || 'unknown'
+												});
+
+												return response;
+											}
+										)
+									);
+								}
+							});
+						}
+					})
+				);
+			}
+		});
 
 		// respond with 304 if etag matches
 		if (response.status === 200 && response.headers.has('etag')) {
@@ -460,7 +510,7 @@ export async function respond(request, options, manifest, state) {
 			add_cookies_to_headers(response.headers, Object.values(new_cookies));
 			return response;
 		}
-		return await handle_fatal_error(event, options, e);
+		return await handle_fatal_error(event, event_state, options, e);
 	}
 
 	/**
@@ -481,6 +531,7 @@ export async function respond(request, options, manifest, state) {
 			if (options.hash_routing || state.prerendering?.fallback) {
 				return await render_response({
 					event,
+					event_state,
 					options,
 					manifest,
 					state,
@@ -494,7 +545,7 @@ export async function respond(request, options, manifest, state) {
 			}
 
 			if (remote_id) {
-				return await handle_remote_call(event, options, manifest, remote_id);
+				return await handle_remote_call(event, event_state, options, manifest, remote_id);
 			}
 
 			if (route) {
@@ -506,6 +557,7 @@ export async function respond(request, options, manifest, state) {
 				if (is_data_request) {
 					response = await render_data(
 						event,
+						event_state,
 						route,
 						options,
 						manifest,
@@ -514,13 +566,14 @@ export async function respond(request, options, manifest, state) {
 						trailing_slash
 					);
 				} else if (route.endpoint && (!route.page || is_endpoint_request(event))) {
-					response = await render_endpoint(event, await route.endpoint(), state);
+					response = await render_endpoint(event, event_state, await route.endpoint(), state);
 				} else if (route.page) {
 					if (!page_nodes) {
 						throw new Error('page_nodes not found. This should never happen');
 					} else if (page_methods.has(method)) {
 						response = await render_page(
 							event,
+							event_state,
 							route.page,
 							options,
 							manifest,
@@ -613,6 +666,7 @@ export async function respond(request, options, manifest, state) {
 
 				return await respond_with_error({
 					event,
+					event_state,
 					options,
 					manifest,
 					state,
@@ -634,7 +688,7 @@ export async function respond(request, options, manifest, state) {
 			// and I don't even know how to describe it. need to investigate at some point
 
 			// HttpError from endpoint can end up here - TODO should it be handled there instead?
-			return await handle_fatal_error(event, options, e);
+			return await handle_fatal_error(event, event_state, options, e);
 		} finally {
 			event.cookies.set = () => {
 				throw new Error('Cannot use `cookies.set(...)` after the response has been generated');
@@ -658,3 +712,25 @@ export function load_page_nodes(page, manifest) {
 		manifest._.nodes[page.leaf]()
 	]);
 }
+
+/**
+ * It's likely that, in a distributed system, there are spans starting outside the SvelteKit server -- eg.
+ * started on the frontend client, or in a service that calls the SvelteKit server. There are standardized
+ * ways to represent this context in HTTP headers, so we can extract that context and run our tracing inside of it
+ * so that when our traces are exported, they are associated with the correct parent context.
+ * @param {typeof internal_respond} fn
+ * @returns {typeof internal_respond}
+ */
+function propagate_context(fn) {
+	return async (req, ...rest) => {
+		if (otel === null) {
+			return fn(req, ...rest);
+		}
+
+		const { propagation, context } = await otel;
+		const c = propagation.extract(context.active(), Object.fromEntries(req.headers));
+		return context.with(c, async () => {
+			return await fn(req, ...rest);
+		});
+	};
+}

package/src/runtime/server/utils.js

@@ -1,12 +1,12 @@
 import { DEV } from 'esm-env';
 import { json, text } from '@sveltejs/kit';
 import { HttpError } from '@sveltejs/kit/internal';
+import { with_request_store } from '@sveltejs/kit/internal/server';
 import { coalesce_to_error, get_message, get_status } from '../../utils/error.js';
 import { negotiate } from '../../utils/http.js';
 import { fix_stack_trace } from '../shared-server.js';
 import { ENDPOINT_METHODS } from '../../constants.js';
 import { escape_html } from '../../utils/escape.js';
-import { with_event } from '../app/server/event.js';
 
 /** @param {any} body */
 export function is_pojo(body) {
@@ -67,13 +67,14 @@ export function static_error_page(options, status, message) {
 
 /**
  * @param {import('@sveltejs/kit').RequestEvent} event
+ * @param {import('types').RequestState} state
  * @param {import('types').SSROptions} options
  * @param {unknown} error
  */
-export async function handle_fatal_error(event, options, error) {
+export async function handle_fatal_error(event, state, options, error) {
 	error = error instanceof HttpError ? error : coalesce_to_error(error);
 	const status = get_status(error);
-	const body = await handle_error_and_jsonify(event, options, error);
+	const body = await handle_error_and_jsonify(event, state, options, error);
 
 	// ideally we'd use sec-fetch-dest instead, but Safari — quelle surprise — doesn't support it
 	const type = negotiate(event.request.headers.get('accept') || 'text/html', [
@@ -92,11 +93,12 @@ export async function handle_fatal_error(event, options, error) {
 
 /**
  * @param {import('@sveltejs/kit').RequestEvent} event
+ * @param {import('types').RequestState} state
  * @param {import('types').SSROptions} options
  * @param {any} error
  * @returns {Promise<App.Error>}
  */
-export async function handle_error_and_jsonify(event, options, error) {
+export async function handle_error_and_jsonify(event, state, options, error) {
 	if (error instanceof HttpError) {
 		return error.body;
 	}
@@ -109,7 +111,7 @@ export async function handle_error_and_jsonify(event, options, error) {
 	const message = get_message(error);
 
 	return (
-		(await with_event(event, () =>
+		(await with_request_store({ event, state }, () =>
 			options.hooks.handleError({ error, event, status, message })
 		)) ?? { message }
 	);
@@ -183,3 +185,16 @@ export function has_prerendered_path(manifest, pathname) {
 		(pathname.at(-1) === '/' && manifest._.prerendered_routes.has(pathname.slice(0, -1)))
 	);
 }
+
+/**
+ * Returns the filename without the extension. e.g., `+page.server`, `+page`, etc.
+ * @param {string | undefined} node_id
+ * @returns {string}
+ */
+export function get_node_type(node_id) {
+	const parts = node_id?.split('/');
+	const filename = parts?.at(-1);
+	if (!filename) return 'unknown';
+	const dot_parts = filename.split('.');
+	return dot_parts.slice(0, -1).join('.');
+}

package/src/runtime/shared.js

@@ -19,6 +19,26 @@ export const INVALIDATED_PARAM = 'x-sveltekit-invalidated';
 
 export const TRAILING_SLASH_PARAM = 'x-sveltekit-trailing-slash';
 
+/**
+ * @param {any} data
+ * @param {string} [location_description]
+ */
+export function validate_load_response(data, location_description) {
+	if (data != null && Object.getPrototypeOf(data) !== Object.prototype) {
+		throw new Error(
+			`a load function ${location_description} returned ${
+				typeof data !== 'object'
+					? `a ${typeof data}`
+					: data instanceof Response
+						? 'a Response object'
+						: Array.isArray(data)
+							? 'an array'
+							: 'a non-plain object'
+			}, but must return a plain object at the top level (i.e. \`return {...}\`)`
+		);
+	}
+}
+
 /**
  * Try to `devalue.stringify` the data object using the provided transport encoders.
  * @param {any} data

package/src/runtime/telemetry/noop.js

@@ -0,0 +1,81 @@
+/** @import { Tracer, Span, SpanContext } from '@opentelemetry/api' */
+
+/**
+ * Tracer implementation that does nothing (null object).
+ * @type {Tracer}
+ */
+export const noop_tracer = {
+	/**
+	 * @returns {Span}
+	 */
+	startSpan() {
+		return noop_span;
+	},
+
+	/**
+	 * @param {unknown} _name
+	 * @param {unknown} arg_1
+	 * @param {unknown} [arg_2]
+	 * @param {Function} [arg_3]
+	 * @returns {unknown}
+	 */
+	startActiveSpan(_name, arg_1, arg_2, arg_3) {
+		if (typeof arg_1 === 'function') {
+			return arg_1(noop_span);
+		}
+		if (typeof arg_2 === 'function') {
+			return arg_2(noop_span);
+		}
+		if (typeof arg_3 === 'function') {
+			return arg_3(noop_span);
+		}
+	}
+};
+
+/**
+ * @type {Span}
+ */
+export const noop_span = {
+	spanContext() {
+		return noop_span_context;
+	},
+	setAttribute() {
+		return this;
+	},
+	setAttributes() {
+		return this;
+	},
+	addEvent() {
+		return this;
+	},
+	setStatus() {
+		return this;
+	},
+	updateName() {
+		return this;
+	},
+	end() {
+		return this;
+	},
+	isRecording() {
+		return false;
+	},
+	recordException() {
+		return this;
+	},
+	addLink() {
+		return this;
+	},
+	addLinks() {
+		return this;
+	}
+};
+
+/**
+ * @type {SpanContext}
+ */
+const noop_span_context = {
+	traceId: '',
+	spanId: '',
+	traceFlags: 0
+};

package/src/runtime/telemetry/otel.js

@@ -0,0 +1,21 @@
+/** @import { Tracer, SpanStatusCode, PropagationAPI, ContextAPI } from '@opentelemetry/api' */
+
+/** @type {Promise<{ tracer: Tracer, SpanStatusCode: typeof SpanStatusCode, propagation: PropagationAPI, context: ContextAPI }> | null} */
+export let otel = null;
+
+if (__SVELTEKIT_SERVER_TRACING_ENABLED__) {
+	otel = import('@opentelemetry/api')
+		.then((module) => {
+			return {
+				tracer: module.trace.getTracer('sveltekit'),
+				propagation: module.propagation,
+				context: module.context,
+				SpanStatusCode: module.SpanStatusCode
+			};
+		})
+		.catch(() => {
+			throw new Error(
+				'Tracing is enabled (see `config.kit.experimental.instrumentation.server` in your svelte.config.js), but `@opentelemetry/api` is not available. Have you installed it?'
+			);
+		});
+}

package/src/runtime/telemetry/record_span.js

@@ -0,0 +1,65 @@
+/** @import { RecordSpan } from 'types' */
+import { HttpError, Redirect } from '@sveltejs/kit/internal';
+import { noop_span } from './noop.js';
+import { otel } from './otel.js';
+
+/** @type {RecordSpan} */
+export async function record_span({ name, attributes, fn }) {
+	if (otel === null) {
+		return fn(noop_span);
+	}
+
+	const { SpanStatusCode, tracer } = await otel;
+
+	return tracer.startActiveSpan(name, { attributes }, async (span) => {
+		try {
+			return await fn(span);
+		} catch (error) {
+			if (error instanceof HttpError) {
+				span.setAttributes({
+					[`${name}.result.type`]: 'known_error',
+					[`${name}.result.status`]: error.status,
+					[`${name}.result.message`]: error.body.message
+				});
+				if (error.status >= 500) {
+					span.recordException({
+						name: 'HttpError',
+						message: error.body.message
+					});
+					span.setStatus({
+						code: SpanStatusCode.ERROR,
+						message: error.body.message
+					});
+				}
+			} else if (error instanceof Redirect) {
+				span.setAttributes({
+					[`${name}.result.type`]: 'redirect',
+					[`${name}.result.status`]: error.status,
+					[`${name}.result.location`]: error.location
+				});
+			} else if (error instanceof Error) {
+				span.setAttributes({
+					[`${name}.result.type`]: 'unknown_error'
+				});
+				span.recordException({
+					name: error.name,
+					message: error.message,
+					stack: error.stack
+				});
+				span.setStatus({
+					code: SpanStatusCode.ERROR,
+					message: error.message
+				});
+			} else {
+				span.setAttributes({
+					[`${name}.result.type`]: 'unknown_error'
+				});
+				span.setStatus({ code: SpanStatusCode.ERROR });
+			}
+
+			throw error;
+		} finally {
+			span.end();
+		}
+	});
+}

package/src/types/ambient.d.ts

@@ -79,3 +79,57 @@ declare module '$service-worker' {
 	 */
 	export const version: string;
 }
+
+/**
+ * This module contains generated types for the routes in your app.
+ */
+declare module '$app/types' {
+	/**
+	 * Interface for all generated app types. This gets extended via declaration merging. DO NOT USE THIS INTERFACE DIRECTLY.
+	 */
+	export interface AppTypes {
+		// These are all functions so that we can leverage function overloads to get the correct type.
+		// Using the return types directly would error with a "not the same type" error.
+		// https://www.typescriptlang.org/docs/handbook/declaration-merging.html#merging-interfaces
+		RouteId(): string;
+		RouteParams(): Record<string, Record<string, string>>;
+		LayoutParams(): Record<string, Record<string, string>>;
+		Pathname(): string;
+		ResolvedPathname(): string;
+		Asset(): string;
+	}
+
+	/**
+	 * A union of all the route IDs in your app. Used for `page.route.id` and `event.route.id`.
+	 */
+	export type RouteId = ReturnType<AppTypes['RouteId']>;
+
+	/**
+	 * A utility for getting the parameters associated with a given route.
+	 */
+	export type RouteParams<T extends RouteId> = T extends keyof ReturnType<AppTypes['RouteParams']>
+		? ReturnType<AppTypes['RouteParams']>[T]
+		: Record<string, never>;
+
+	/**
+	 * A utility for getting the parameters associated with a given layout, which is similar to `RouteParams` but also includes optional parameters for any child route.
+	 */
+	export type LayoutParams<T extends RouteId> = T extends keyof ReturnType<AppTypes['LayoutParams']>
+		? ReturnType<AppTypes['LayoutParams']>[T]
+		: Record<string, never>;
+
+	/**
+	 * A union of all valid pathnames in your app.
+	 */
+	export type Pathname = ReturnType<AppTypes['Pathname']>;
+
+	/**
+	 * `Pathname`, but possibly prefixed with a base path. Used for `page.url.pathname`.
+	 */
+	export type ResolvedPathname = ReturnType<AppTypes['ResolvedPathname']>;
+
+	/**
+	 * A union of all the filenames of assets contained in your `static` directory.
+	 */
+	export type Asset = ReturnType<AppTypes['Asset']>;
+}

package/src/types/global-private.d.ts

@@ -4,6 +4,8 @@ declare global {
 	const __SVELTEKIT_APP_VERSION_POLL_INTERVAL__: number;
 	const __SVELTEKIT_DEV__: boolean;
 	const __SVELTEKIT_EMBEDDED__: boolean;
+	/** True if `config.kit.experimental.instrumentation.server` is `true` */
+	const __SVELTEKIT_SERVER_TRACING_ENABLED__: boolean;
 	/** true if corresponding config option is set to true */
 	const __SVELTEKIT_EXPERIMENTAL__REMOTE_FUNCTIONS__: boolean;
 	/** True if `config.kit.router.resolution === 'client'` */

package/src/types/internal.d.ts

@@ -30,6 +30,7 @@ import {
 	RequestOptions,
 	TrailingSlash
 } from './private.js';
+import { Span } from '@opentelemetry/api';
 
 export interface ServerModule {
 	Server: typeof InternalServer;
@@ -567,5 +568,32 @@ export type RemoteInfo =
 			inputs?: RemotePrerenderInputsGenerator;
 	  };
 
+export type RecordSpan = <T>(options: {
+	name: string;
+	attributes: Record<string, any>;
+	fn: (current: Span) => Promise<T>;
+}) => Promise<T>;
+
+/**
+ * Internal state associated with the current `RequestEvent`,
+ * used for tracking things like remote function calls
+ */
+export interface RequestState {
+	prerendering: PrerenderOptions | undefined;
+	transport: ServerHooks['transport'];
+	handleValidationError: ServerHooks['handleValidationError'];
+	tracing: {
+		record_span: RecordSpan;
+	};
+	form_instances?: Map<any, any>;
+	remote_data?: Record<string, MaybePromise<any>>;
+	refreshes?: Record<string, any>;
+}
+
+export interface RequestStore {
+	event: RequestEvent;
+	state: RequestState;
+}
+
 export * from '../exports/index.js';
 export * from './private.js';

package/src/types/synthetic/$env+dynamic+private.md

@@ -9,4 +9,4 @@ import { env } from '$env/dynamic/private';
 console.log(env.DEPLOYMENT_SPECIFIC_VARIABLE);
 ```
 
-> In `dev`, `$env/dynamic` always includes environment variables from `.env`. In `prod`, this behavior will depend on your adapter.
+> [!NOTE] In `dev`, `$env/dynamic` always includes environment variables from `.env`. In `prod`, this behavior will depend on your adapter.

package/src/version.js

@@ -1,4 +1,4 @@
 // generated during release, do not modify
 
 /** @type {string} */
-export const VERSION = '2.30.0';
+export const VERSION = '2.31.0';