[Bug] Unhandled JSON.parse() in MongoDB config can crash application on startup #38100
Description
Problem Statement
The MongoDB configuration file (apps/meteor/packages/rocketchat-mongo-config/server/index.js) contains an unprotected JSON.parse() call that will crash the entire application on startup if the MONGO_OPTIONS environment variable contains invalid JSON.
Current Behavior
Location: apps/meteor/packages/rocketchat-mongo-config/server/index.js:30
const mongoOptionStr = process.env.MONGO_OPTIONS;
if (typeof mongoOptionStr !== 'undefined') {
const mongoOptions = JSON.parse(mongoOptionStr); // ❌ No error handling
Object.assign(mongoConnectionOptions, mongoOptions);
}What happens:
- If
MONGO_OPTIONSis set to invalid JSON (e.g.,MONGO_OPTIONS='{"invalid": json}'), the application crashes immediately on startup - No graceful error message is shown
- The application cannot start until the environment variable is fixed
- This affects production deployments where env vars might be misconfigured
Expected Behavior
The JSON parsing should be wrapped in a try-catch block with:
- ✅ Graceful error handling
- ✅ Clear error message indicating the invalid JSON
- ✅ Fallback to safe defaults or graceful shutdown with helpful diagnostics
Proposed Solution
const mongoOptionStr = process.env.MONGO_OPTIONS;
if (typeof mongoOptionStr !== 'undefined') {
try {
const mongoOptions = JSON.parse(mongoOptionStr);
Object.assign(mongoConnectionOptions, mongoOptions);
} catch (error) {
console.error('Failed to parse MONGO_OPTIONS environment variable:', error.message);
console.error('MONGO_OPTIONS value:', mongoOptionStr);
console.error('Please ensure MONGO_OPTIONS contains valid JSON');
throw new Error(`Invalid MONGO_OPTIONS: ${error.message}`);
}
}Impact Assessment
Severity: High
- 💥 Application crash - Complete failure to start
- 🔧 Critical path - MongoDB configuration runs early in startup sequence
- 🚨 Production risk - Misconfigured env vars can take down entire deployment
- 🐛 Poor debuggability - Generic JSON parsing error without context
Affected deployments:
- Docker containers with misconfigured environment variables
- Kubernetes deployments during configuration updates
- CI/CD pipelines with templating errors
- Manual deployments with typos in env vars
Steps to Reproduce
-
Set invalid JSON in MONGO_OPTIONS environment variable:
export MONGO_OPTIONS='{"invalid": json}'
-
Start Rocket.Chat application
-
Observe crash:
SyntaxError: Unexpected token j in JSON at position 12 at JSON.parse (<anonymous>) at packages/rocketchat-mongo-config/server/index.js:30
Environment
- Affected versions: All versions (checked develop branch)
- Component: MongoDB configuration (Meteor package)
- Deployment: All deployment methods (Docker, bare metal, Kubernetes)
Additional Context
This is part of the early startup sequence, so there's no opportunity for the application to recover or provide user-friendly diagnostics. The error surfaces as a cryptic stack trace rather than a clear configuration error message.
Related Files
apps/meteor/packages/rocketchat-mongo-config/server/index.js(main issue)
Acceptance Criteria
- JSON.parse() wrapped in try-catch block
- Clear error message when MONGO_OPTIONS is invalid JSON
- Error message includes the invalid value for debugging
- Application fails fast with actionable error message
- Tests added for invalid JSON handling
- Documentation updated if needed
Priority
High - This affects application availability and can cause production outages during deployment/configuration changes.