Skip to content

feat(web): associate Sentry errors with users#1452

Open
brendan-kellam wants to merge 1 commit into
mainfrom
brendan/associate-sentry-errors-with-users
Open

feat(web): associate Sentry errors with users#1452
brendan-kellam wants to merge 1 commit into
mainfrom
brendan/associate-sentry-errors-with-users

Conversation

@brendan-kellam

@brendan-kellam brendan-kellam commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Summary

  • associate browser-side Sentry events with the active NextAuth user
  • associate server-side Sentry events after resolving the request session
  • clear identity for unauthenticated sessions and only include email/name when PII telemetry is enabled

Testing

  • yarn workspace @sourcebot/web test (1,074 tests passed)
  • yarn workspace @sourcebot/web lint (passes with 4 pre-existing warnings)

Note

Medium Risk
Extends the auth session path and sends user identifiers (and optionally PII) to Sentry; behavior is gated by an existing env flag and covered by unit tests.

Overview
Sentry events can now be tied to the signed-in user on both the browser and server.

A shared setSentryUser helper calls Sentry.setUser with user id only by default, and adds email/name when SOURCEBOT_TELEMETRY_PII_COLLECTION_ENABLED is true; it clears the user when the session is absent.

On the client, SentryUserProvider (mounted in the root layout inside SessionProvider) waits until NextAuth finishes loading, then updates Sentry as login state changes. On the server, the cached auth() resolver sets the Sentry user after each session lookup so request-scoped errors get the same identity.

Reviewed by Cursor Bugbot for commit 49d0429. Bugbot is set up for automated code reviews on this repo. Configure here.

Summary by CodeRabbit

  • New Features

    • Added automatic Sentry user context based on the current authentication session.
    • Supports clearing user context when users sign out.
    • Limits reported personal information by default, with optional PII collection controlled by configuration.
  • Tests

    • Added coverage for loading, authentication changes, sign-out behavior, and PII handling.

@github-actions

Copy link
Copy Markdown
Contributor

@brendan-kellam your pull request is missing a changelog!

@coderabbitai

coderabbitai Bot commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: c9346a52-8cbf-4c6e-b25a-82750325951a

📥 Commits

Reviewing files that changed from the base of the PR and between a50ca10 and 49d0429.

📒 Files selected for processing (6)
  • packages/web/src/app/layout.tsx
  • packages/web/src/app/sentryUserProvider.test.tsx
  • packages/web/src/app/sentryUserProvider.tsx
  • packages/web/src/auth.ts
  • packages/web/src/lib/sentryUser.test.ts
  • packages/web/src/lib/sentryUser.ts

Walkthrough

Adds Sentry user-context synchronization to client session handling and server authentication, with configurable PII collection. New helper and provider tests cover loading, authenticated, unauthenticated, and PII-enabled behavior.

Changes

Sentry user context

Layer / File(s) Summary
Sentry user mapping
packages/web/src/lib/sentryUser.ts, packages/web/src/lib/sentryUser.test.ts
Adds setSentryUser to set or clear Sentry user context, optionally including email and username, with tests for each mode.
Client session wiring
packages/web/src/app/sentryUserProvider.tsx, packages/web/src/app/sentryUserProvider.test.tsx, packages/web/src/app/layout.tsx
Adds a session-aware provider that waits for session resolution before updating Sentry and wires it into the root layout with the PII configuration flag.
Server authentication wiring
packages/web/src/auth.ts
Updates auth() to synchronize the resolved session user with Sentry before returning the session.

Estimated code review effort: 3 (Moderate) | ~20 minutes

Sequence Diagram(s)

sequenceDiagram
  participant SessionProvider
  participant SentryUserProvider
  participant setSentryUser
  participant Sentry
  SessionProvider->>SentryUserProvider: provide resolved session state
  SentryUserProvider->>setSentryUser: pass user and PII setting
  setSentryUser->>Sentry: set or clear user context
Loading
🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly summarizes the main change: associating Sentry events with active users in the web app.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch brendan/associate-sentry-errors-with-users

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes using high effort and found 1 potential issue.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit 49d0429. Configure here.

Comment thread packages/web/src/auth.ts
setSentryUser(
session?.user ?? null,
env.SOURCEBOT_TELEMETRY_PII_COLLECTION_ENABLED === 'true',
);

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

API auth skips Sentry user

Medium Severity

Server-side setSentryUser runs only inside the NextAuth auth() wrapper. getAuthenticatedUser always calls auth() first, so API key and OAuth Bearer requests clear the Sentry user to null and never re-associate after the real principal is resolved. Server errors on those paths (for example MCP and chat via withOptionalAuth + sew) stay anonymous in Sentry.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 49d0429. Configure here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant