I’ve seen Salesforce obscure certain details about a managed package when it was deployed in a subscriber org. For instance, the debug logging generated from the managed package namespace isn’t visible in the subscriber org unless the user is logged in via the License Managing Application (LMA) Subscriber Support functionality.
Another area related to this is
Exception.getStackTraceString(). In the context of the subscriber Org I’ve expected this to only show the namespace of the managed package rather than the full stack trace. E.g. ‘(myNamespace)’
See Capturing process information with Apex
Exception.getStackTraceString()as part of the exception handling inside the managed package. It creates a custom object to store the exception details, which includes concatenating that stack trace into a text field. As above, this has only ever been visible as the full stack trace in the developer packaging org. Everywhere else it has appeared as just the namespace in brackets. This makes sense, as it is protecting the internal implementation details of the managed package.
Recently I’ve seen erratic behavior with this. The developer packaging org has started to only record the namespace in brackets. At 4:18 pm on the 6th of September it was working as expected. Then by 5:38 pm when the next exception was logged it was only showing the obscured version. This was on na2.
Then, of more concern, a single user in a subscriber org that is unrelated to us as the package provider has started creating custom exception objects that show the full stack trace from our managed package. Going back through the debug logs showed this started occurring for them on the 15th of August. At 9:22 am it was working as expected. Then the immediate subsequent record started showing the full stack trace.
It seems like a bug to me, and I’ve raised support case 14553747 to get it investigated. However, progress has been slow as I can’t grant them login access as the subscriber orgs problem user.
Is anyone aware of how these package details are being exposed in the subscriber org? Is this some sort of unknown black tab functionality?
I’m concerned that more IP details of the managed package implementation might be exposed to the specific subscriber org user such as the debug logs or Apex class bodies.