fix: update BetterBugs recording links to use new package URLs

[sebastianiv21]

Description

Tip

Add a TL;DR when the description is longer than 500 words or extremely technical (helps the content, marketing, and DevRel team).

Please also include relevant motivation and context. List any dependencies that are required for this change. Add links to Notion, Figma or any other documents that might be relevant to the PR.

• Changed the script source URLs for BetterBugs recording links from cdn.betterbugs.io to pkg.betterbugs.io.
• Updated the comment to include a direct link to BetterBugs documentation for workspace settings related to recording links.

Fixes #Issue Number
or
Fixes Issue URL

Warning

If no issue exists, please create an issue first, and check with the maintainers if the issue is valid.

Automation

/ok-to-test tags="@tag.Sanity"

🔍 Cypress test results

Tip

🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
Workflow run: https://github.com/appsmithorg/appsmith/actions/runs/23671351342
Commit: f44e178
Cypress dashboard.
Tags: @tag.Sanity
Spec:

---

Fri, 27 Mar 2026 23:52:07 UTC

Communication

Should the DevRel and Marketing teams inform users about this change?

• Yes
• No

Summary by CodeRabbit

• Chores
  • Updated BetterBugs recording-link loader to use the provider's new hosting endpoint and adjusted how the scripts are loaded.
  • Improved initialization and loading sequence to enhance stability and reliability of the bug recording feature.
  • Streamlined implementation for better maintainability and performance.

[sebastianiv21]

/build-deploy-preview skip-tests=true

[coderabbitai]

Walkthrough

Updated the BetterBugs recording-link loader in app/client/public/index.html: replaced cdn.betterbugs.io with pkg.betterbugs.io, changed injected scripts' async from true to false, and removed the IIFE in favor of direct sequential createElement/appendChild calls within the existing guard.

Changes

Cohort / File(s)	Summary
BetterBugs Script Loader app/client/public/index.html	Replaced cdn.betterbugs.io with pkg.betterbugs.io for both injected scripts; set async = false on both; removed the immediately-invoked function wrapper and refactored to direct sequential document.createElement/appendChild calls. Guard condition (if (!DISABLE_BETTERBUGS && !AIRGAPPED)) and window.__BetterbugsRecordingLinkConfig assignment remain unchanged.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

Scripts step in line, no race to be won,
cdn to pkg, the switch is done,
No IIFE dance, just straight and neat,
Sequential loading—smoother beat. 🐛✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	PR description is mostly complete with key changes documented, but lacks an issue reference and leaves placeholder text unfilled.	Fill in the issue number or URL in the 'Fixes' section to properly link this PR to the corresponding issue.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately and specifically describes the main change: updating BetterBugs recording links to use new package URLs instead of CDN URLs.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/update-betterbugs-cdn

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Deploying Your Preview: https://github.com/appsmithorg/appsmith/actions/runs/23671123334.
Workflow: On demand build Docker image and deploy preview.
skip-tests: true.
env: ``.
PR: 41667.
recreate: .
base-image-tag: .

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

app/client/public/index.html (1)

85-90: Ensure pkg.betterbugs.io is included in CSP script-src allowlists for hardened deployments.

Currently, no script-src directive restricts script loading. If script-src CSP is added in the future, the BetterBugs scripts at pkg.betterbugs.io will fail silently unless the domain is explicitly allowlisted.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@app/client/public/index.html` around lines 85 - 90, The BetterBugs loader
scripts are injected via s1.src and s2.src in index.html and will be blocked if
a strict Content-Security-Policy with a script-src directive is applied; update
your CSP (meta tag or server header) to explicitly allow the host
pkg.betterbugs.io in the script-src allowlist (in addition to 'self' as
appropriate) so the scripts referenced by s1.src and s2.src can load in hardened
deployments.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@app/client/public/index.html`:
- Around line 84-91: Replace the top-level `var` declarations for the script
elements with block-scoped `const` to avoid creating global window properties;
specifically update the `s1` and `s2` declarations used when creating the
logs-capture and recorder script elements so they are declared as `const s1 =
document.createElement("script")` and `const s2 =
document.createElement("script")`, leaving the rest of the logic (setting `src`,
`async`, and appending to `document.head`) unchanged.

---

Nitpick comments:
In `@app/client/public/index.html`:
- Around line 85-90: The BetterBugs loader scripts are injected via s1.src and
s2.src in index.html and will be blocked if a strict Content-Security-Policy
with a script-src directive is applied; update your CSP (meta tag or server
header) to explicitly allow the host pkg.betterbugs.io in the script-src
allowlist (in addition to 'self' as appropriate) so the scripts referenced by
s1.src and s2.src can load in hardened deployments.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 7133c96e-9e5e-40d7-b97b-cb0ab9af3365

📥 Commits

Reviewing files that changed from the base of the PR and between b47d782 and c84f00a.

📒 Files selected for processing (1)

• app/client/public/index.html

[coderabbitai]

🧹 Nitpick comments (1)

app/client/public/index.html (1)

85-90: Third-party script loading is stable.

Both BetterBugs endpoints are reachable with proper cache headers (max-age=120), indicating BetterBugs actively manages the /latest endpoint. Pinning versions would add maintenance overhead; the current approach is acceptable for external services.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@app/client/public/index.html` around lines 85 - 90, No code change is
required here: keep the two script elements using s1.src =
"https://pkg.betterbugs.io/scripts/latest/logs-capture.js" and s2.src =
"https://pkg.betterbugs.io/scripts/latest/recorder.js" as-is (do not pin
versions), since the reviewer confirmed the /latest endpoints are stable and
served with proper cache headers; simply ensure s1 and s2 remain created and
appended the same way in this file.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@app/client/public/index.html`:
- Around line 85-90: No code change is required here: keep the two script
elements using s1.src =
"https://pkg.betterbugs.io/scripts/latest/logs-capture.js" and s2.src =
"https://pkg.betterbugs.io/scripts/latest/recorder.js" as-is (do not pin
versions), since the reviewer confirmed the /latest endpoints are stable and
served with proper cache headers; simply ensure s1 and s2 remain created and
appended the same way in this file.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 84a276c9-3907-4f71-bba4-58eb7344daec

📥 Commits

Reviewing files that changed from the base of the PR and between c84f00a and f44e178.

📒 Files selected for processing (1)

• app/client/public/index.html

[github-actions]

Deploy-Preview-URL: https://ce-41667.dp.appsmith.com

[sebastianiv21]

/build-deploy-preview skip-tests=true

[github-actions]

Deploying Your Preview: https://github.com/appsmithorg/appsmith/actions/runs/23671514633.
Workflow: On demand build Docker image and deploy preview.
skip-tests: true.
env: ``.
PR: 41667.
recreate: .
base-image-tag: .

[github-actions]

Deploy-Preview-URL: https://ce-41667.dp.appsmith.com