🥅 server: improve service error fingerprinting

[cruzdanilo]

---

Summary by CodeRabbit

• Bug Fixes

  • Improved error detection and classification for more accurate tracking.
  • Enhanced error messages to include contextual entity names for Not Found scenarios.
  • Refined error fingerprinting to better identify and categorize error types.

• Tests

  • Added tests validating improved error handling and messaging.

• Chores

  • Versioning metadata updated (patch bumps).

Greptile Summary

this pr improves error fingerprinting for external service failures in sentry by making error classification more precise and consistent.

• manteca errors: now extract internalStatus field (e.g., BAD_REQUEST) for error type classification and strip pii from error messages (e.g., removing phone numbers after "has wrong value")
• panda errors: extract entity names from urls (e.g., "user" or "card") instead of showing generic "Not Found" messages
• card api: updated noUser function to return dynamic error names (error.name) instead of hardcoded type literals, enabling better sentry grouping by actual error types like PandaNotFound vs PandaForbidden

the changes maintain backwards compatibility while providing more granular error tracking without exposing sensitive user data.

Confidence Score: 5/5

• safe to merge - well-tested refactor that improves observability without changing core logic
• the changes are purely about error classification and fingerprinting for sentry. all modifications have comprehensive test coverage, maintain backwards compatibility, and don't alter business logic. the pii stripping in manteca errors actually improves security by preventing sensitive data from appearing in error messages.
• no files require special attention

Important Files Changed

Filename	Overview
server/api/card.ts	updated error type handling to use dynamic error names instead of hardcoded strings for better sentry fingerprinting
server/utils/panda.ts	enhanced not found errors to extract entity name from url (e.g., "user" or "card") instead of generic "Not Found" message
server/utils/ramps/manteca.ts	improved error fingerprinting by extracting internalStatus for type classification and stripping pii from error messages
server/test/utils/manteca.test.ts	added comprehensive tests for new manteca error parsing logic including pii stripping and fallback scenarios
server/test/utils/panda.test.ts	new test file verifying entity extraction from urls for panda not found errors

_{Last reviewed commit: 06edd30}

[changeset-bot]

🦋 Changeset detected

Latest commit: 06edd30

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
@exactly/server	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[gemini-code-assist]

Summary of Changes

Hello @cruzdanilo, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the server's error handling capabilities for external service interactions with Panda and Manteca. The changes focus on providing more precise and informative error classifications and messages, which will improve debugging and monitoring by offering clearer insights into the nature of service failures. This is achieved through more sophisticated parsing of error responses and dynamic message generation, leading to a more robust and maintainable error reporting system.

Highlights

• Enhanced Manteca Error Fingerprinting: Improved the parsing of Manteca service error responses to extract more granular error types (from internalStatus) and detailed messages (from errors array or message), including stripping Personally Identifiable Information (PII) from error details.
• Improved Panda Error Classification: Refined the classification of Panda service errors, specifically for 'Not Found' errors, by dynamically extracting the relevant entity name from the request URL to provide more context in error messages.
• Refactored Error Type Handling: Updated the noUser utility function in server/api/card.ts to use the actual error.name from ServiceError instances for error classification, replacing previous hardcoded type strings like 'NotFoundError' and 'ForbiddenError'.
• Added Manteca Error Test Cases: Introduced new unit tests for Manteca error utilities to ensure correct extraction of field paths with PII stripping and proper fallback to general messages when specific error arrays are absent.

Changelog

• .changeset/warm-panda-drift.md
  • Added a new changeset entry for Manteca error fingerprinting.
• .changeset/xryv-lcxa-mode.md
  • Added a new changeset entry for Panda error classification.
• server/api/card.ts
  • Updated error type checking in noUser function to use issue.error.status for 404 errors.
  • Modified noUser function to return error.name as the type instead of hardcoded strings.
• server/test/utils/manteca.test.ts
  • Added a test case to verify extraction of field paths from error arrays while stripping PII.
  • Added a test case to confirm fallback to the general message when the errors array is absent.
• server/utils/panda.ts
  • Enhanced 'Not Found' error messages by extracting entity names from the request URL.
• server/utils/ramps/manteca.ts
  • Implemented robust error response parsing to extract detailed error types and messages, including PII stripping.

Activity

• No human activity has been recorded on this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

Walkthrough

Shifted backend error classification toward status-based detection and richer parsing of remote error payloads, updated NotFound messaging, and added tests; two patch changesets for @exactly/server were added.

Changes

Cohort / File(s)	Summary
Changeset Declarations ​.changeset/warm-panda-drift.md, ​.changeset/xryv-lcxa-mode.md	Added two patch changesets for @exactly/server describing improvements to error fingerprinting/classification.
API error detection server/api/card.ts	Switched NotFound detection to check issue.error.status === 404 (instead of issue.type === "NotFoundError"); propagate error.name for NotFound/Forbidden branches.
Panda utilities server/utils/panda.ts, server/test/utils/panda.test.ts	Added fallback to derive entity name from URL when message is "Not Found"; tests added to assert Panda NotFound becomes PandaNotFound with contextual message.
Manteca ramp & parsing server/utils/ramps/manteca.ts, server/test/utils/manteca.test.ts	Enhanced non-OK response handling: read raw body, attempt JSON parse, extract internalStatus → TitleCase type and errors[0]/message detail, attach raw body to thrown ServiceError; added tests covering field extraction and fallback behaviors.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• 🥅 server: handle no panda user on card create #791 — Overlapping changes to server/api/card.ts around user-not-found handling and error-to-type mapping.
• 🐛 server: manteca improvements #756 — Modifies Manteca error parsing and metadata extraction in ramps (related parsing logic).
• 🥅 name and fingerprint warning-level exceptions #811 — Broad changes to error naming/classification across the same server modules (card, ramps, panda).

Suggested reviewers

• nfmelendez

🚥 Pre-merge checks | ✅ 2

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title 'server: improve service error fingerprinting' accurately summarizes the main objective—enhancing Sentry error fingerprinting across Manteca and Panda service integrations.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch sentry

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sentry]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 69.44%. Comparing base (313b9fe) to head (06edd30).
⚠️ Report is 2 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #821      +/-   ##
==========================================
- Coverage   69.55%   69.44%   -0.11%     
==========================================
  Files         211      211              
  Lines        7847     7545     -302     
  Branches     2529     2422     -107     
==========================================
- Hits         5458     5240     -218     
+ Misses       2161     2091      -70     
+ Partials      228      214      -14     

Flag	Coverage Δ
e2e	69.43% <95.00%> (+1.81%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sentry]

Issues attributed to commits in this pull request

This pull request was merged and Sentry observed the following issues:

• ‼️ MantecaDniStatus: Dni is already validated in production

• ‼️ MantecaDniStatus: Dni is already validated in production