-
-
Notifications
You must be signed in to change notification settings - Fork 7.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update Sentry usage in @strapi/plugin-sentry
#17435
base: main
Are you sure you want to change the base?
Conversation
} | ||
|
||
strapi.server.use(async (ctx, next) => { | ||
return new Promise((resolve, reject) => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why are we instantiating a promise here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good point, will just remove these wrapping promises!
try { | ||
await next(); | ||
} catch (err) { | ||
reject(err); | ||
} | ||
resolve(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is unnecessary if we just remove the surrounding promise.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good point, removed this (and will also update the docs accordingly 😅 )
scope.addEventProcessor((event) => | ||
Sentry.addRequestDataToEvent(event, ctx.request, { | ||
include: { | ||
user: false, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are there any other default values we should override for pii reasons?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The other things here here are ip
which is off by default, request
and transaction
which should both be fine I think.
category: 'stderr', | ||
message: line, | ||
level: Severity.Error, | ||
level: Sentry.Severity.Error, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We prefer string literals here instead of the enum: https://github.com/getsentry/sentry-javascript/blob/df7bb254d3f7b1c456a5949efcc123606838aa77/MIGRATION.md#L424-L428
// connect to trace of upstream app | ||
let traceparentData; | ||
if (ctx.request.get('sentry-trace')) { | ||
traceparentData = Sentry.extractTraceparentData(ctx.request.get('sentry-trace')); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we also want to extract baggage here, and also use distributed tracing features (don't gate by hasTracingEnabled
). See express as an example:
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I updated this again, can you have another look?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the PR!
A concern I have is that bumping the major version of Sentry means introducing a breaking change. It's only a small one and can be corrected though, see my comment there
And I think we tend to prefer fixed version dependencies, to avoid potential bugs in future releases or packages not respecting semver. The dependabot github app makes it easy to upgrade our dependencies, but with a small manual check for extra safety
OK, I pinned the deps to an exact version, and also added some code to migrate the old allow/deny URL options! 🚀 |
This updates the used Sentry version to the current latest (7.60.0), and also updates the middlewares based on https://docs.sentry.io/platforms/node/guides/koa/.
When can we expect to get the new Sentry SDK version released? |
It appears that the changes requested are completed, but now we're up to 7.91.0 :) |
This PR, as-is, doesn't work. I was receiving the following error until I changed the
|
This updates the used Sentry version to the current latest (7.60.0), and also updates the middlewares based on https://docs.sentry.io/platforms/node/guides/koa/.
@sentry/node
to^7.60.0
- I think it makes sense to allow the caret version here, as otherwise you do not get bugfixes etc. If you prefer to hard-pin this to7.60.0
, let me know, then I can also do that.tracesSampleRate
which defaults to 0.1. Based on this we can also instrument performance monitoring in Sentry for the user.Fixes #17425