Update Sentry usage in @strapi/plugin-sentry
#17435
Conversation
|
|
| } | ||
|
|
||
| strapi.server.use(async (ctx, next) => { | ||
| return new Promise((resolve, reject) => { |
There was a problem hiding this comment.
Why are we instantiating a promise here?
There was a problem hiding this comment.
good point, will just remove these wrapping promises!
| try { | ||
| await next(); | ||
| } catch (err) { | ||
| reject(err); | ||
| } | ||
| resolve(); |
There was a problem hiding this comment.
This is unnecessary if we just remove the surrounding promise.
There was a problem hiding this comment.
good point, removed this (and will also update the docs accordingly 😅 )
| scope.addEventProcessor((event) => | ||
| Sentry.addRequestDataToEvent(event, ctx.request, { | ||
| include: { | ||
| user: false, |
There was a problem hiding this comment.
Are there any other default values we should override for pii reasons?
There was a problem hiding this comment.
The other things here here are ip which is off by default, request and transaction which should both be fine I think.
| category: 'stderr', | ||
| message: line, | ||
| level: Severity.Error, | ||
| level: Sentry.Severity.Error, |
There was a problem hiding this comment.
We prefer string literals here instead of the enum: https://github.com/getsentry/sentry-javascript/blob/df7bb254d3f7b1c456a5949efcc123606838aa77/MIGRATION.md#L424-L428
| // connect to trace of upstream app | ||
| let traceparentData; | ||
| if (ctx.request.get('sentry-trace')) { | ||
| traceparentData = Sentry.extractTraceparentData(ctx.request.get('sentry-trace')); |
There was a problem hiding this comment.
we also want to extract baggage here, and also use distributed tracing features (don't gate by hasTracingEnabled). See express as an example:
There was a problem hiding this comment.
I updated this again, can you have another look?
There was a problem hiding this comment.
Thanks for the PR!
A concern I have is that bumping the major version of Sentry means introducing a breaking change. It's only a small one and can be corrected though, see my comment there
And I think we tend to prefer fixed version dependencies, to avoid potential bugs in future releases or packages not respecting semver. The dependabot github app makes it easy to upgrade our dependencies, but with a small manual check for extra safety
OK, I pinned the deps to an exact version, and also added some code to migrate the old allow/deny URL options! 🚀 |
This updates the used Sentry version to the current latest (7.60.0), and also updates the middlewares based on https://docs.sentry.io/platforms/node/guides/koa/.
|
When can we expect to get the new Sentry SDK version released? |
|
It appears that the changes requested are completed, but now we're up to 7.91.0 :) |
|
This PR, as-is, doesn't work. I was receiving the following error until I changed the |
This updates the used Sentry version to the current latest (7.60.0), and also updates the middlewares based on https://docs.sentry.io/platforms/node/guides/koa/.
@sentry/nodeto^7.60.0- I think it makes sense to allow the caret version here, as otherwise you do not get bugfixes etc. If you prefer to hard-pin this to7.60.0, let me know, then I can also do that.tracesSampleRatewhich defaults to 0.1. Based on this we can also instrument performance monitoring in Sentry for the user.Fixes #17425