Detect ivars in Rack middleware
synth opened this issue · comments
Instance variables in Rack middleware are bad. They are not thread safe and are insidious to track down issues relating to it.
Ref:
- puma/puma#2001
- https://bernardoamc.com/rails-middleware-leak/
- https://crypt.codemancers.com/posts/2018-06-07-frozen-middleware-with-rack-freeze/
Since this is such a gotcha, I (via my company) would gladly sponsor development of such a cop to walk the middleware hierarchy and catch offenders which could occur at app level or third party.