neverthrow icon indicating copy to clipboard operation
neverthrow copied to clipboard
verified publisher icon supermacro

Code is unsafe in many places

Open benjamingr opened this issue 7 months ago • 1 comments

Hey,

There are many places in the codebase that make unsafe assumptions about types passed in, for example code does stuff like:

  andThen(f: any): any {
    return new ResultAsync(
      this._promise.then((res) => {
        if (res.isErr()) {
          return new Err<never, E>(res.error)
        }

        const newValue = f(res.value)
        return newValue instanceof ResultAsync ? newValue._promise : newValue
      }),
    )

For application code this is fine but for library code of a base abstractions many many things can go wrong here - for example .then can throw for a promsie subclass, res.isErr can throw is something that passes as a result is passed, instanceof can fail across realms and so on.

I would consider either:

  • Hardening the code
  • Changing the strategy to wrap hardened code (like native promises) instead

benjamingr avatar May 26 '25 16:05 benjamingr