regression: sip integration logs with duplicate references and server connection instance

[pierre-lehnen-rc]

Proposed changes (including videos or screenshots)

Issue(s)

Steps to test or reproduce

Further comments

Summary by CodeRabbit

• Bug Fixes

  • Sanitized SIP request/response logging by stripping internal transport details.
  • Error logs now reference negotiation IDs instead of full objects, reducing noise and sensitive data exposure.

• Chores

  • Standardized logging across inbound and outbound call flows to use sanitized payloads, without changing runtime behavior.

[dionisio-bot]

Looks like this PR is ready to merge! 🎉
If you have any trouble, please check the PR guidelines

[changeset-bot]

⚠️ No Changeset found

Latest commit: d4c17cb

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

Introduces a helper to strip internal Drachtio fields from SIP messages and updates Incoming/Outgoing SIP call providers to log sanitized request/response objects and negotiation identifiers. No control flow, error handling, or public API behavior changes beyond the added utility method.

Changes

Cohort / File(s)	Summary
Session utility for SIP message sanitization ee/packages/media-calls/src/sip/Session.ts	Adds SipServerSession.stripDrachtioServerDetails(reqOrRes: Srf.SipMessage) that returns a copy without internal fields: _agent, socket, _req, _res.
Logging sanitization in SIP call providers ee/packages/media-calls/src/sip/providers/IncomingSipCall.ts, ee/packages/media-calls/src/sip/providers/OutgoingSipCall.ts	Replaces raw logging of SIP req/res/provRes with sanitized objects via session.stripDrachtioServerDetails; logs localNegotiation.id instead of full objects in invalid negotiation errors; no control-flow changes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested labels

stat: ready to merge, stat: QA assured

Suggested reviewers

• ggazzo
• gabriellsh

Poem

A hop, a skip, I tidy the logs,
Hide the gears behind the cogs.
SIP whispers, secrets veiled—
Only what’s needed is unveiled.
Ears up high, I squeak with glee:
Clean traces left, carrot-tee! 🥕🐇

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title Check	⚠️ Warning	The title labels a regression and mentions “duplicate references and server connection instance” but does not succinctly describe the core change, which is adding a method to strip internal Drachtio server details from SIP messages and updating logging to use that method. It is overly verbose, includes noise like “regression:”, and fails to clearly convey the primary purpose of the PR.	Please rename the PR to clearly reflect the main change, for example: “Strip internal Drachtio server details from SIP logs to prevent duplicate references.” This concise title directly highlights the new utility method and its impact on logging.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/voip-drachtio-logs

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

ee/packages/media-calls/src/sip/Session.ts (1)

112-116: Add null/undefined guard for robustness.

The method doesn't handle null or undefined inputs, which could cause a runtime error if called with an invalid argument. Consider adding a guard clause or type narrowing.

Apply this diff to add input validation:

 public stripDrachtioServerDetails(reqOrRes: Srf.SipMessage): Record<string, any> {
+  if (!reqOrRes || typeof reqOrRes !== 'object') {
+    return {};
+  }
   const { _agent, socket: _socket, _req, _res, ...data } = reqOrRes as Record<string, any>;
 
   return data;
 }

ee/packages/media-calls/src/sip/providers/OutgoingSipCall.ts (1)

264-264: Consider clarifying the property name in error log.

The error log uses localNegotiation as the property name but assigns it the value localNegotiation.id. For clarity, consider renaming the property to negotiationId to match the actual data being logged.

Apply this diff for better clarity:

-				logger.error({ msg: 'Invalid Negotiation reference on OutgoingSipCall.', localNegotiation: localNegotiation.id });
+				logger.error({ msg: 'Invalid Negotiation reference on OutgoingSipCall.', negotiationId: localNegotiation.id });

ee/packages/media-calls/src/sip/providers/IncomingSipCall.ts (1)

310-310: Consider clarifying the property name in error log.

Similar to OutgoingSipCall line 264, the error log uses localNegotiation as the property name but assigns it the value localNegotiation.id. For consistency and clarity, consider renaming the property to negotiationId.

Apply this diff for better clarity:

-				logger.error({ msg: 'Invalid Negotiation reference on IncomingSipCall.', localNegotiation: localNegotiation.id });
+				logger.error({ msg: 'Invalid Negotiation reference on IncomingSipCall.', negotiationId: localNegotiation.id });

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 4bd409d and d4c17cb.

📒 Files selected for processing (3)

• ee/packages/media-calls/src/sip/Session.ts (1 hunks)
• ee/packages/media-calls/src/sip/providers/IncomingSipCall.ts (3 hunks)
• ee/packages/media-calls/src/sip/providers/OutgoingSipCall.ts (3 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: 📦 Build Packages
• GitHub Check: CodeQL-Build
• GitHub Check: CodeQL-Build

🔇 Additional comments (4)

ee/packages/media-calls/src/sip/providers/OutgoingSipCall.ts (2)

149-165: LGTM! Proper sanitization of Drachtio server details.

The changes correctly sanitize SIP message objects before logging by removing internal connection details, which improves security and reduces log verbosity.

---

226-226: LGTM! Consistent sanitization pattern.

The modify handler now correctly sanitizes the request before logging, consistent with other log statements in the file.

ee/packages/media-calls/src/sip/providers/IncomingSipCall.ts (2)

174-174: LGTM! Consistent sanitization in modify handler.

The debug log now sanitizes the request object before logging, consistent with the pattern used in OutgoingSipCall and improving log security.

---

204-204: LGTM! Proper sanitization in cancel handler.

The cancel method now sanitizes the SIP response before logging, preventing potential leakage of server connection details.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

ee/packages/media-calls/src/sip/Session.ts (1)

112-116: Consider adding input validation and clarifying variable naming.

The method serves its purpose well, but consider these improvements:

1. The destructuring uses socket: _socket where _socket is just discarded. Consider using a plain underscore or leaving it as socket for clarity.
2. Add a null/undefined guard to prevent runtime errors if called with invalid input.

Apply this diff for improved robustness:

 public stripDrachtioServerDetails(reqOrRes: Srf.SipMessage): Record<string, any> {
+  if (!reqOrRes) {
+    return {};
+  }
-  const { _agent, socket: _socket, _req, _res, ...data } = reqOrRes as Record<string, any>;
+  const { _agent, socket, _req, _res, ...data } = reqOrRes as Record<string, any>;
 
   return data;
 }

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 4bd409d and d4c17cb.

📒 Files selected for processing (3)

• ee/packages/media-calls/src/sip/Session.ts (1 hunks)
• ee/packages/media-calls/src/sip/providers/IncomingSipCall.ts (3 hunks)
• ee/packages/media-calls/src/sip/providers/OutgoingSipCall.ts (3 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: 📦 Build Packages
• GitHub Check: CodeQL-Build
• GitHub Check: CodeQL-Build

🔇 Additional comments (8)

ee/packages/media-calls/src/sip/providers/IncomingSipCall.ts (3)

174-174: LGTM!

The logging sanitization correctly strips internal Drachtio server details from the request object without affecting control flow.

---

204-204: LGTM!

The logging sanitization correctly strips internal Drachtio server details from the response object in the cancel handler.

---

310-310: LGTM!

Logging only the negotiation ID instead of the full object prevents exposing unnecessary internal details while still providing useful debugging information.

ee/packages/media-calls/src/sip/providers/OutgoingSipCall.ts (5)

149-152: LGTM!

The guard check provRes && combined with sanitization properly handles the optional provisional response without exposing internal server details.

---

155-155: LGTM!

The request object is correctly sanitized before logging, preventing exposure of internal Drachtio server connection details.

---

159-164: LGTM!

The logging sanitization for both request and response objects is well-implemented with appropriate guard checks, while preserving the ack parameter for debugging purposes.

---

226-226: LGTM!

The request sanitization in the modify handler is consistent with other logging improvements in this file.

---

264-264: LGTM!

Logging only the negotiation ID prevents exposing the full negotiation object's internal details while maintaining debugging utility.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 66.35%. Comparing base (4bd409d) to head (d4c17cb).
⚠️ Report is 6 commits behind head on release-7.11.0.

Additional details and impacted files

@@                Coverage Diff                 @@
##           release-7.11.0   #37204      +/-   ##
==================================================
- Coverage           66.37%   66.35%   -0.02%     
==================================================
  Files                3386     3386              
  Lines              115619   115619              
  Branches            21351    21351              
==================================================
- Hits                76739    76724      -15     
- Misses              36275    36289      +14     
- Partials             2605     2606       +1     

Flag	Coverage Δ
e2e	57.27% <ø> (-0.02%)	⬇️
unit	71.21% <ø> (-0.02%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.