why is the instantsearch library still trying to fetch search-insights from CDN, despite being installed via yarn?

[twelve17]

We've got a nextjs FE app that has some CSP policies defined. We've got the following libraries installed via yarn:

"algoliasearch": "^4.20.0",
"react-instantsearch": "^7.8.0",
"react-instantsearch-nextjs": "0.2.3",
"search-insights": "^2.13.0",

On a production build, we're seeing a "blocked:csp" error: it looks like one of the Algolia libraries is trying to download search-insights from a CDN:

https://cdn.jsdelivr.net/npm/search-insights@2.13.0/dist/search-insights.min.js

It fails due to our CSP policy. But it is odd that it is even trying to download it, since we have it installed locally. We really do not want to get the libraries from a CDN.

Anyone else run into this?

[dhayab]

Hi, are you providing the insights client to <InstantSearch>?

import { InstantSearch } from 'react-instantsearch';
import insightsClient from 'search-insights';

export function App() {
  return (
    <InstantSearch
      searchClient={searchClient}
      indexName="indexName"
      insights={{ insightsClient }}
    >
      /* ... */
    </InstantSearch>
  );
}

Otherwise, InstantSearch cannot deduce the presence of the Insights client just by it being added as a dependency, and will fallback to loading it from a CDN.

[twelve17]

Hi, and thanks for your reply, @dhayab . Looks like that worked! Thanks again.