Is there an existing issue for this?
How do you use Sentry?
Sentry Saas (sentry.io)
Which SDK are you using?
@sentry/react-native (via @sentry/core supabase integration re-exported by @sentry/browser)
SDK Version
8.6.0
Framework Version
React Native
Link to Sentry event
SDK crash detection event — internal to Sentry
Steps to Reproduce
- Use
supabaseIntegration in a React Native app
- Perform a PostgREST query (e.g.
supabase.from('table').select('*'))
- Under certain conditions (likely related to RN's
fetch implementation or a custom fetch passed to the Supabase client), the PostgREST response resolves with undefined instead of the expected { data, error, status } object
Expected Result
The integration should handle a nullish response gracefully without crashing.
Actual Result
The SDK crashes with an unhandled Error (empty message) at instrumentPostgRESTFilterBuilder in supabase.ts.
The crash occurs in the .then() success handler after Reflect.apply(target, thisArg, []), where res.error is accessed without a null check on res:
https://github.com/getsentry/sentry-javascript/blob/0ccab39ff4e498228ntonio/packages/core/src/integrations/supabase.ts#L342
// Current code (crashes when res is nullish):
(res: SupabaseResponse) => {
if (res && typeof res === 'object' && 'status' in res) {
setHttpStatus(span, res.status || 500);
}
span.end();
if (res.error) { // 💥 TypeError if res is undefinedNotably, the auth instrumentation in the same file already guards against this correctly:
// Auth path (safe):
if (res && typeof res === 'object' && 'error' in res && res.error) {Additional Context
This was detected via Sentry's SDK crash detection (sdk_crash_detection context). The mechanism is auto.db.supabase.postgres, confirming it's the PostgREST path.
Why this appears to be React Native-specific:
PostgREST's .then() is a custom thenable that internally calls fetch(), processes the response in an async callback, and returns internalPromise.then(onfulfilled, onrejected). When Sentry calls it with no arguments (Reflect.apply(target, thisArg, [])), both callbacks are undefined, so the resolved value should pass through per the Promise/A+ spec.
However, React Native uses its own native-bridged fetch implementation (not the browser's), and users often provide a custom fetch to the Supabase client as recommended by Supabase docs. If the fetch resolves differently (e.g., on network errors or timeouts), the PostgREST async handler could exit without an explicit return, resolving with undefined.
Suggested fix:
Guard res before accessing .error, consistent with the auth handler:
Or use optional chaining throughout the success handler.
Priority
React with 👍 to help prioritize this issue. Please use comments to provide useful context, avoiding +1 or me too, to help us triage it.
Is there an existing issue for this?
How do you use Sentry?
Sentry Saas (sentry.io)
Which SDK are you using?
@sentry/react-native(via@sentry/coresupabase integration re-exported by@sentry/browser)SDK Version
8.6.0
Framework Version
React Native
Link to Sentry event
SDK crash detection event — internal to Sentry
Steps to Reproduce
supabaseIntegrationin a React Native appsupabase.from('table').select('*'))fetchimplementation or a customfetchpassed to the Supabase client), the PostgREST response resolves withundefinedinstead of the expected{ data, error, status }objectExpected Result
The integration should handle a nullish response gracefully without crashing.
Actual Result
The SDK crashes with an unhandled
Error(empty message) atinstrumentPostgRESTFilterBuilderinsupabase.ts.The crash occurs in the
.then()success handler afterReflect.apply(target, thisArg, []), whereres.erroris accessed without a null check onres:https://github.com/getsentry/sentry-javascript/blob/0ccab39ff4e498228ntonio/packages/core/src/integrations/supabase.ts#L342
Notably, the auth instrumentation in the same file already guards against this correctly:
Additional Context
This was detected via Sentry's SDK crash detection (
sdk_crash_detectioncontext). The mechanism isauto.db.supabase.postgres, confirming it's the PostgREST path.Why this appears to be React Native-specific:
PostgREST's
.then()is a custom thenable that internally callsfetch(), processes the response in anasynccallback, and returnsinternalPromise.then(onfulfilled, onrejected). When Sentry calls it with no arguments (Reflect.apply(target, thisArg, [])), both callbacks areundefined, so the resolved value should pass through per the Promise/A+ spec.However, React Native uses its own native-bridged
fetchimplementation (not the browser's), and users often provide a customfetchto the Supabase client as recommended by Supabase docs. If the fetch resolves differently (e.g., on network errors or timeouts), the PostgREST async handler could exit without an explicitreturn, resolving withundefined.Suggested fix:
Guard
resbefore accessing.error, consistent with the auth handler:Or use optional chaining throughout the success handler.
Priority
React with 👍 to help prioritize this issue. Please use comments to provide useful context, avoiding
+1orme too, to help us triage it.