wip

[simo6529]

Summary by CodeRabbit

• New Features

  • Filters noisy third-party telemetry spans from transaction events to improve monitoring signal.
  • Records audit metadata when spans are trimmed so filtered counts and keys are tracked.

• Tests

  • Adds comprehensive tests for span-filtering behavior and transaction handling.
  • Provides test utilities to build and validate span scenarios.

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds transaction-span filtering to Sentry client: new utilities detect and remove noisy third-party telemetry spans (e.g., GA, Coinbase) and record filtered counts/keys in event tags/extra; instrumentation-client runs this filter inside beforeSendTransaction and tests cover the behavior.

Changes

Cohort / File(s)	Summary
Tests — instrumentation & filters __tests__/instrumentation-client.test.ts, __tests__/utils/sentry-client-filters.test.ts	Adds comprehensive tests exercising beforeSendTransaction span-filtering and the shouldFilterThirdPartyTelemetrySpan rules (positive and negative cases). Pay attention to mocks/module isolation and test helpers.
Filtering utilities utils/sentry-client-filters.ts	Introduces SentryTransactionSpan type and filter utilities: cross-origin detection, URL parsing, status/transfer-size extraction, noisyThirdPartyTelemetryTargets, getThirdPartyTelemetrySpanTargetKey, and shouldFilterThirdPartyTelemetrySpan. Review normalization and allowlist logic.
Instrumentation integration instrumentation-client.ts	Integrates filterNoisyThirdPartyTransactionSpans into beforeSendTransaction, updates event tags/extra when spans are trimmed, and preserves existing error handling flows. Review changes to event mutation and metadata keys.

Sequence Diagram(s)

sequenceDiagram
  participant Client
  participant Instrumentation as InstrumentationClient
  participant Filter as SentryClientFilters
  participant Sentry as SentrySDK
  Client->>Instrumentation: send transaction event
  Instrumentation->>Filter: filterNoisyThirdPartyTransactionSpans(event)
  Filter-->>Instrumentation: filtered event (spans removed, keys/count)
  Instrumentation->>Sentry: sanitize & forward event (with tags/extra)
  Sentry-->>Client: capture/submit event

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• wip #1659: Modifies instrumentation-client.ts beforeSend flow (IndexedDB/network error handling) — overlaps same instrumentation logic.
• Sentry Client config #1628: Adjusts beforeSend behavior to drop events by message — touches same beforeSend entrypoint and filtering flow.
• sentry issues #2110: Enhances event/span filtering in instrumentation-client.ts and filter utilities — strong code-level overlap with introduced span filters.

Suggested reviewers

• prxt6529
• GelatoGenesis
• ragnep

Poem

🐇 I hop through spans both far and near,
I nibble noise till paths are clear.
GA and coins I gently sweep,
So metrics wake from noiseless sleep. 🥕✨

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The pull request title 'wip' is a vague, generic placeholder that does not meaningfully describe the actual changes being made.	Replace 'wip' with a descriptive title that summarizes the main change, such as 'Filter noisy third-party telemetry spans in Sentry transactions' or similar.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch 160326-1

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

You can customize the tone of the review comments and chat replies.

Configure the tone_instructions setting to customize the tone of the review comments and chat replies. For example, you can set the tone to Act like a strict teacher, Act like a pirate and more.

[coderabbitai]

🧹 Nitpick comments (2)

__tests__/instrumentation-client.test.ts (1)

175-187: Assertions may be fragile if sanitizeSentryEvent modifies tags/extra.

Lines 185-186 assert that tags and extra are undefined for events with no spans. However, sanitizeSentryEvent (called in the real beforeSendTransaction) might add its own tags or extra fields. If the sanitizer's behavior changes, these assertions could fail unexpectedly.

Consider verifying the specific filtering-related fields are absent rather than asserting the entire objects are undefined:

♻️ More resilient assertions

     const result = beforeSendTransaction(event);
 
     expect(result.spans).toBeUndefined();
-    expect(result.tags).toBeUndefined();
-    expect(result.extra).toBeUndefined();
+    expect(result.tags?.["third_party_span_noise_filtered"]).toBeUndefined();
+    expect(result.extra?.["filteredThirdPartySpanCount"]).toBeUndefined();
+    expect(result.extra?.["filteredThirdPartySpanKeys"]).toBeUndefined();

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@__tests__/instrumentation-client.test.ts` around lines 175 - 187, The test's
assertions that result.tags and result.extra are entirely undefined are fragile
because sanitizeSentryEvent (used by beforeSendTransaction) may inject its own
fields; update the assertions in the "is a no-op when the transaction has no
spans" test to only check that the filtering-related fields added by
beforeSendTransaction are absent (for example assert that specific keys like the
span-filtering tag/extra added by beforeSendTransaction are undefined or that
result does not have those properties) rather than requiring tags and extra to
be wholly undefined; locate the test using loadBeforeSendTransaction and
sanitizeSentryEvent references and replace the broad expect(...).toBeUndefined()
checks with targeted checks for the specific keys that beforeSendTransaction
would add.

instrumentation-client.ts (1)

276-280: Consider removing the as any cast for better type safety.

The as any cast bypasses TypeScript's type checking. Since SentryTransactionEvent extends Sentry.Event, consider using a more precise cast or adjusting the type definitions to avoid losing type safety.

♻️ Suggested improvement

  beforeSendTransaction(event) {
-   return sanitizeSentryEvent(
-     filterNoisyThirdPartyTransactionSpans(event) as any
-   );
+   return sanitizeSentryEvent(
+     filterNoisyThirdPartyTransactionSpans(event) as Sentry.Event
+   );
  },

Also note: The server-side (sentry.server.config.ts) and edge (sentry.edge.config.ts) beforeSendTransaction hooks don't include this third-party span filtering. This is likely intentional since these noisy spans originate from client-side third-party scripts, but worth confirming if consistency is needed.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@instrumentation-client.ts` around lines 276 - 280, Replace the unsafe "as
any" in beforeSendTransaction by using the correct Sentry transaction type
and/or adjusting sanitizeSentryEvent/filterNoisyThirdPartyTransactionSpans
signatures: cast the result of filterNoisyThirdPartyTransactionSpans to
Sentry.TransactionEvent (or SentryTransactionEvent if that type is defined)
instead of any, or change sanitizeSentryEvent to accept Sentry.TransactionEvent;
update imports/types accordingly for type compatibility and run TS checks. Also
verify whether beforeSendTransaction in sentry.server.config.ts and
sentry.edge.config.ts should apply the same filter for consistency and adjust
those hooks if needed.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@__tests__/instrumentation-client.test.ts`:
- Around line 175-187: The test's assertions that result.tags and result.extra
are entirely undefined are fragile because sanitizeSentryEvent (used by
beforeSendTransaction) may inject its own fields; update the assertions in the
"is a no-op when the transaction has no spans" test to only check that the
filtering-related fields added by beforeSendTransaction are absent (for example
assert that specific keys like the span-filtering tag/extra added by
beforeSendTransaction are undefined or that result does not have those
properties) rather than requiring tags and extra to be wholly undefined; locate
the test using loadBeforeSendTransaction and sanitizeSentryEvent references and
replace the broad expect(...).toBeUndefined() checks with targeted checks for
the specific keys that beforeSendTransaction would add.

In `@instrumentation-client.ts`:
- Around line 276-280: Replace the unsafe "as any" in beforeSendTransaction by
using the correct Sentry transaction type and/or adjusting
sanitizeSentryEvent/filterNoisyThirdPartyTransactionSpans signatures: cast the
result of filterNoisyThirdPartyTransactionSpans to Sentry.TransactionEvent (or
SentryTransactionEvent if that type is defined) instead of any, or change
sanitizeSentryEvent to accept Sentry.TransactionEvent; update imports/types
accordingly for type compatibility and run TS checks. Also verify whether
beforeSendTransaction in sentry.server.config.ts and sentry.edge.config.ts
should apply the same filter for consistency and adjust those hooks if needed.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 77bc1841-184d-40da-aaf9-40b3afc86ebe

📥 Commits

Reviewing files that changed from the base of the PR and between a10a937 and 4e99b87.

📒 Files selected for processing (4)

• __tests__/instrumentation-client.test.ts
• __tests__/utils/sentry-client-filters.test.ts
• instrumentation-client.ts
• utils/sentry-client-filters.ts

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@instrumentation-client.ts`:
- Around line 278-282: In beforeSendTransaction, remove the unnecessary "as any"
cast on the result of filterNoisyThirdPartyTransactionSpans: call
sanitizeSentryEvent(filterNoisyThirdPartyTransactionSpans(event)) directly since
filterNoisyThirdPartyTransactionSpans already returns Sentry.Event and is
compatible with sanitizeSentryEvent<T extends Event>; update the return
expression inside beforeSendTransaction to drop the cast and rely on the
existing types (sanitizeSentryEvent and filterNoisyThirdPartyTransactionSpans)
to satisfy the compiler.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: b67710f7-eb6a-47b8-8de1-f1e944e7fa49

📥 Commits

Reviewing files that changed from the base of the PR and between 4e99b87 and 5d21b25.

📒 Files selected for processing (1)

• instrumentation-client.ts