Skip to content

feature: integration of sentry#79

Merged
rongquan1 merged 13 commits into
developfrom
feature/sentry-integration
Jun 30, 2026
Merged

feature: integration of sentry#79
rongquan1 merged 13 commits into
developfrom
feature/sentry-integration

Conversation

@manishdex25

@manishdex25 manishdex25 commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Summary by CodeRabbit

  • New Features

    • Added end-to-end error reporting and monitoring across the app, including better capture of verification, fetch, and CMS-related issues.
    • Introduced a friendlier fallback screen when the app encounters a fatal error.
  • Bug Fixes

    • Improved handling of failed requests and verification errors so issues are tracked more consistently without interrupting normal behavior.
    • Added safer redaction of sensitive information in error reports.
  • Chores

    • Updated build and deployment settings to support error monitoring in development and production.

@coderabbitai

coderabbitai Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 5ed2e931-c945-4337-9b51-0a5921a5b832

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feature/sentry-integration

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 7

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/components/home/VerifySection/useVerify.ts`:
- Around line 680-689: The catch blocks in useVerify still treat stale
verification rejections as real failures, even when a newer verification has
already started; add a verificationIdRef/currentId guard before any state
updates or captureVerificationException calls. In the relevant error handlers
around runVerification, clearVerificationMetadata, setErrorType, and
setVerifyStatus, return early unless the caught error belongs to the latest
verification attempt, so superseded failures are ignored consistently in both
success and error paths.

In `@src/lib/sentry/documentSchema.ts`:
- Around line 34-35: The schema label logic in the document classification
branch is treating raw W3C VC 2.0 payloads as VC 1.1 because only the
signed-document version helper is checked. Update the version check in the
`documentSchema` flow so the `vc.isRawDocument(d)` path also uses the raw VC 2.0
helper alongside `vc.isSignedDocumentV2_0(d)`, ensuring `verification.schema`
returns the correct W3C VC version.

In `@src/lib/sentry/scrub.ts`:
- Around line 128-131: The scrub logic in scrubObject handling
event.request.data only processes object payloads, so raw string bodies can
bypass sanitization. Update the request-data branch in scrub.ts to also detect
string request bodies and run them through the same scrubbing path (or parse and
scrub them before reassigning), while keeping the existing object handling
intact. Use the existing scrubObject flow and the event.request.data check as
the entry point for the fix.
- Around line 6-46: The sensitive-field detection in isSensitiveKey is too
strict because SENSITIVE_KEYS only exact-matches and SENSITIVE_KEY_PATTERN does
not cover common PII variants, so fields like userEmail, phoneNumber, and
requestBody can bypass scrubbing. Update the matching logic in
src/lib/sentry/scrub.ts to normalize keys before checking them and broaden the
pattern/lookup so derived names containing email, phone, or body are treated as
sensitive, while keeping the existing SENSITIVE_KEYS, SENSITIVE_KEY_PATTERN, and
CREDENTIAL_JSON_PATTERN behavior intact.

In `@src/main.tsx`:
- Around line 37-39: The SentryErrorBoundary currently only wraps App, so
bootstrap failures in BrowserRouter or outer providers bypass it. Move
SentryErrorBoundary in the main render tree in main.tsx to wrap the entire root
subtree, including BrowserRouter and any provider components, so root-level
errors are captured and the fallback UI can render.

In `@src/utils/fetchClient.ts`:
- Around line 48-50: The fetch cancellation path in fetchClient currently turns
caller-driven aborts into reported failures because the AbortError from the
upstream signal is not treated as an expected case. Update fetchClient’s
request/error handling around the abort wiring and the catch/reporting logic so
AbortError from signal-triggered cancellation is recognized and ignored or
converted into a non-reporting outcome, while still reporting real
FetchClientError and other unexpected errors to Sentry.

In `@vite.config.js`:
- Around line 14-19: The SENTRY_* values in vite.config.js should prefer
CI-injected process.env over env so stale .env entries cannot override deploy
workflow secrets. Update the SENTRY_AUTH_TOKEN, SENTRY_ORG, and SENTRY_PROJECT
resolution logic to read from process.env first and only fall back to env if the
process value is missing, while leaving VITE_SENTRY_RELEASE as-is if it is
intentionally sourced from either place.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: a9e6b1e9-70bd-4d08-b64f-29e9c2cccae0

📥 Commits

Reviewing files that changed from the base of the PR and between 99a44b6 and 3a55fc2.

⛔ Files ignored due to path filters (1)
  • package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (19)
  • .env.example
  • .github/workflows/deploy-dev.yml
  • .github/workflows/deploy-prod.yml
  • package.json
  • src/components/home/VerifySection/useVerify.analytics.test.ts
  • src/components/home/VerifySection/useVerify.test.ts
  • src/components/home/VerifySection/useVerify.ts
  • src/lib/sanity/news.ts
  • src/lib/sentry/SentryErrorBoundary.tsx
  • src/lib/sentry/capture.test.ts
  • src/lib/sentry/capture.ts
  • src/lib/sentry/documentSchema.ts
  • src/lib/sentry/index.ts
  • src/lib/sentry/init.ts
  • src/lib/sentry/scrub.test.ts
  • src/lib/sentry/scrub.ts
  • src/main.tsx
  • src/utils/fetchClient.ts
  • vite.config.js

Comment thread src/components/home/VerifySection/useVerify.ts
Comment thread src/lib/sentry/documentSchema.ts Outdated
Comment thread src/lib/sentry/scrub.ts Outdated
Comment thread src/lib/sentry/scrub.ts Outdated
Comment thread src/main.tsx Outdated
Comment thread src/utils/fetchClient.ts Outdated
Comment thread vite.config.js Outdated
manishdex25 and others added 8 commits June 30, 2026 09:48
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
- Updated Sentry mock in tests to utilize a scoped context instead of global methods, improving test isolation and accuracy.
- Refactored `withScope` function to accept a scope parameter, allowing for better context management during error capturing.
- Enhanced tests for `captureVerificationInvalid` to verify context attachment through the scoped approach.
- Adjusted Sentry initialization to ensure proper context handling in production and testing environments.
- Rearranged the component hierarchy within the render method to enhance clarity and maintainability.
- Ensured that the SentryErrorBoundary wraps the DocumentProvider, improving error handling for the entire application.
- Added functionality to strip hash fragments and `q` query parameters from URLs in both event requests and navigation breadcrumbs, improving data privacy.
- Updated tests to verify that sensitive URL components are correctly removed, ensuring robust handling of potentially sensitive information.
- Updated tests to ensure that Sentry test errors are correctly blocked in production environments.
- Improved URL scrubbing functionality to strip sensitive query parameters and hash fragments from URLs.
- Added test cases to verify the removal of sensitive information from URLs and to report timeout aborts to Sentry, enhancing overall data privacy and error reporting.
- Added a test case to ensure camelCase sensitive keys are redacted regardless of casing, improving data privacy.
- Updated sensitive keys in the scrub module to be case-insensitive, ensuring consistent redaction of sensitive information.
@rongquan1 rongquan1 merged commit 30d0c7a into develop Jun 30, 2026
5 checks passed
@rongquan1 rongquan1 deleted the feature/sentry-integration branch June 30, 2026 10:15
@coderabbitai coderabbitai Bot mentioned this pull request Jul 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants