Publish source maps to Sentry on release

[sarayourfriend]

Problem

Currently our stack traces in Sentry are awful because Sentry does not have access to our source maps.

There are two recommended ways of getting source maps to Sentry:

1. Publish the source maps publicly alongside the code
2. Upload the source maps directly to Sentry

Sentry "strongly recommends" the second, for whatever reason. The first seems preferrable/fine for our application as there's absolutely zero reason for us to obfuscate any of the client code.

I would prefer we just publish the sourcemaps alongside the code in production for a couple reasons:

1. No need to manage a Sentry API key
2. No need to add an additional step for creating a production release other than what already exists
3. Publishing our source maps could actually help give confidence that we're running the code in production that we say we are running (i.e., we're not applying hidden patches to the open source code that would violate privacy promises)

Additionally, there is no hit to performance for users of the site because source maps that are split from the bundles aren't loaded unless dev tools are opened. Casual navigation of the site would not take any hit.

Sentry so strongly recommends that you upload source maps directly that they have a Sentry webpack plugin for configuring this, but again, it wouldn't benefit security/privacy researchers looking at our site's code and would also require managing another secret, which would be nice to avoid.

Instead I believe we can just publish production source maps like we would normally and Sentry will still pick them up:

https://docs.sentry.io/platforms/javascript/sourcemaps/generating/#advanced-usage

Description

Publishing the source maps would fix the issue of unhelpful stack traces in Sentry issues.

Implementation

• 🙋 I would be interested in implementing this feature.