Merge branch 'master' into antonis/rn-feedback-button

Author: antonis

app/api/ip-ranges/ip-ranges.json

@@ -0,0 +1,62 @@
+{
+  "data": {
+    "dashboard": {
+      "sentry_io": [
+        "35.186.247.156/32"
+      ],
+      "us_sentry_io": [
+        "35.186.247.156/32"
+      ],
+      "de_sentry_io": [
+        "34.36.122.224/32",
+        "34.36.87.148/32"
+      ]
+    },
+    "event_ingestion": {
+      "apex_domain": [
+        "35.186.247.156/32"
+      ],
+      "organization_subdomains": {
+        "us": [
+          "34.120.195.249/32"
+        ],
+        "eu": [
+          "34.120.62.213/32",
+          "130.211.36.74/32"
+        ]
+      },
+      "legacy": [
+        "34.96.102.34/32"
+      ]
+    },
+    "outbound_requests": {
+      "us": [
+        "35.184.238.160/32",
+        "104.155.159.182/32",
+        "104.155.149.19/32",
+        "130.211.230.102/32"
+      ],
+      "eu": [
+        "34.141.31.19/32",
+        "34.141.4.162/32",
+        "35.234.78.236/32"
+      ]
+    },
+    "email_delivery": [
+      "167.89.86.73",
+      "167.89.84.75",
+      "167.89.84.14"
+    ],
+    "uptime_monitoring": [
+      "34.123.33.225",
+      "34.41.121.171",
+      "34.169.179.115",
+      "35.237.134.233",
+      "34.85.249.57",
+      "34.159.197.47",
+      "35.242.231.10",
+      "34.107.93.3",
+      "35.204.169.245"
+    ]
+  }
+}

app/api/ip-ranges/route.ts

@@ -0,0 +1,17 @@
+// these ranges are a copy of docs/security-legal-pii/security/ip-ranges.mdx
+import ipRanges from './ip-ranges.json';
+
+// 12h
+const CACHE_DURATION = 12 * 60 * 60;
+
+export function GET() {
+  const headers = new Headers({
+    'Content-Type': 'application/json',
+    'Cache-Control': `public, max-age=${CACHE_DURATION}`,
+    'X-Content-Type-Options': 'nosniff',
+    'X-Frame-Options': 'DENY',
+    'X-XSS-Protection': '1; mode=block',
+  });
+
+  return Response.json(ipRanges, {status: 200, headers});
+}

app/layout.tsx

@@ -33,7 +33,7 @@ export default function RootLayout({children}: {children: React.ReactNode}) {
   return (
     <html lang="en" suppressHydrationWarning>
       <head>
-        <PlausibleProvider domain="docs.sentry.io,rollup.sentry.io" />
+        <PlausibleProvider taggedEvents domain="docs.sentry.io,rollup.sentry.io" />
       </head>
       <body className={rubik.variable} suppressHydrationWarning>
         <ThemeProvider
@@ -58,6 +58,7 @@ export default function RootLayout({children}: {children: React.ReactNode}) {
           data-font-family="var(--font-rubik)"
           data-modal-disclaimer="Please note: This is a tool that searches publicly available sources. Do not include any sensitive or personal information in your queries. For more on how Sentry handles your data, see our [Privacy Policy](https://sentry.io/privacy/)."
           data-modal-example-questions="How to set up Sentry for Next.js?,What are tracePropagationTargets?"
+          data-user-analytics-cookie-enabled="false"
         />
       </body>
     </html>

develop-docs/backend/api/design.mdx

@@ -119,24 +119,24 @@ POST /resources/{id}
 
 ### Batch Operations
 
-Resources can get complicated when you need to expose batch operations vs single resource operations. For batch operations it is preferred to expose them as a `POST` request on the collection when possible.
+Resources can get complicated when you need to expose batch operations vs single resource operations. For batch operations it is preferred to expose them as a `PUT` request on the collection when possible.
 
 Let's say for example we have an endpoint that mutates an issue:
 
 ```
-POST /api/0/organizations/{org}/issues/{issue}/
+PUT /api/0/organizations/{org}/issues/{issue}/
 ```
 
 When designing a batch interface, we simply expose it on the collection instead of the individual resource:
 
 ```
-POST /api/0/organizations/{org}/issues/
+PUT /api/0/organizations/{org}/issues/
 ```
 
 You may also need to expose selectors on batch resources, which can be done through normal request parameters:
 
 ```
-POST /api/0/organizations/{org}/issues/
+PUT /api/0/organizations/{org}/issues/
 {
   "issues": [1, 2, 3]
 }
@@ -237,7 +237,7 @@ Expanding responses allow us to include relational information on a resource wit
 
 In general, endpoints should expose the fewest fields that will make the API usable in the general scenario. Doing one SQL request per API request is a good rule of thumb. To return information on a bounded relationship, endpoints should rely on the `expand` parameter. To return an unbounded relationship, it should be another endpoint.
 
-To take an example, let's talk about the projects list endpoint. A project belongs to an organizations but could be on multiple teams.
+To take an example, let's talk about the projects list endpoint. A project belongs to an organization but could be on multiple teams.
 
 By default, here's what the project endpoint should look like
 

develop-docs/backend/application-domains/kafka.mdx

@@ -3,15 +3,34 @@ title: Kafka consumers
 sidebar_order: 60
 ---
 
-## Creating a new consumer in Sentry
+## Create a new Kafka topic
 
-WIP! This is currently just a checklist.
+1. Add the topic to the `KAFKA_TOPIC_TO_CLUSTER` in [src/sentry/conf/server.py](https://github.com/getsentry/sentry/blob/master/src/sentry/conf/server.py):
+  * e.g. `subscription-results-eap-items`
+2. Add the topic to `Topic` in [src/sentry/conf/types/kafka_definition.py](https://github.com/getsentry/sentry/blob/master/src/sentry/conf/types/kafka_definition.py)
+
+## Define or re-use a processing strategy
+
+In most cases a [Streaming Factory](https://getsentry.github.io/arroyo/getstarted.html#create-a-streaming-consumer) is what you want to when defining a consumer (see next section). You can find examples of it in [Sentry's code base](https://github.com/search?q=repo%3Agetsentry%2Fsentry+%28ProcessingStrategyFactory&type=code).
+
+## Define a new Kafka consumer
 
 1. Add a new entry in the `KAFKA_CONSUMERS` key in
-   `src/sentry/consumers/__init__.py`.
+   [src/sentry/consumers/__init__.py](https://github.com/getsentry/sentry/blob/master/src/sentry/consumers/__init__.py):
+```python
+KAFKA_CONSUMERS = {
+    "<your_topic_str_here>": {
+        "topic": Topic.YOUR_TOPIC,
+        "strategy_factory": "sentry_package_defining_your_strategy_factory_class",
+    }
+}
+```
+2. You may need optional properties (e.g. `click_options`, you will need to research them by looking at [ConsumerDefinition](https://github.com/getsentry/sentry/blob/master/src/sentry/conf/types/kafka_definition.py)'s code.
+
+3. Make sure you can run it: `sentry run consumer <your_topic>`
+4. You may need to add some devserver options [here](https://github.com/getsentry/sentry/blob/master/src/sentry/runner/commands/devserver.py).
+4. Add tests for your consumer
 
-2. Create ops PR for adding your consumer to
-   `k8s/services/getsentry/consumer-deployment.yaml`.
+## Deployment
 
-3. In the Sentry Consumers metrics dashboard, add a new saved view for your
-   consumer.
+Visit the Ops repo and search for `shared_config/kafka/README.md` for a full, in-depth step-by-step guide.

develop-docs/sdk/data-model/envelope-items.mdx

@@ -146,39 +146,6 @@ details.
 
 _None_
 
-### Statsd (deprecated)
-
-Item type `"statsd"` contains metrics emissions in a superset of the statsd format.
-
-See the <Link to="/sdk/metrics/">metrics</Link> documentation for the payload
-details.
-
-**Constraints:**
-
-- This Item may occur multiple times per Envelope.
-- Ingestion may limit the maximum number of Items per Envelope, see _Ingestion_.
-
-**Additional Item Headers:**
-
-_None_
-
-### Metric Meta (deprecated)
-
-Item type `"metric_meta"` contains per-metric meta data which is persisted alongside
-metrics in the system.
-
-See the <Link to="/sdk/metrics/">metrics</Link> documentation for the payload
-details.
-
-**Constraints:**
-
-- This Item may occur multiple times per Envelope.
-- Ingestion may limit the maximum number of Items per Envelope, see _Ingestion_.
-
-**Additional Item Headers:**
-
-_None_
-
 ### User Feedback
 
 Item type `"feedback"` contains an event with a feedback context in the payload encoded in JSON.

develop-docs/sdk/expected-features/rate-limiting.mdx

@@ -88,7 +88,7 @@ While these [data categories](https://github.com/getsentry/relay/blob/master/rel
   - `error`: Error events.
   - `transaction`: Transaction type events.
   - `span`: Span type events.
-  - `security`: Events with event_type `csp`, `hpkp`, `expectct`, `expectstaple`
+  - `security`: Events with event_type `csp`
   - `attachment`: Attachment bytes stored (unused for rate limiting)
   - `session`: Session update events
   - `profile`: Profiling events

develop-docs/sdk/expected-features/setup-wizards/index.mdx

@@ -53,15 +53,22 @@ For instance:
 Related to this, wizards should [check the git status](#1-check-preconditions) of the project and warn users if they're not in a clean state.
 This ensures that users can revert the changes easily if something goes wrong.
 
-### Cater to the 80%
+### Respect Users' decisions
+
+Wizards should allow users to select the high-level Sentry features (e.g. tracing, replay, profiling) they want to install.
+The SDK setup should be minimal, may be opinionated ("whatever makes sense for the platform") but 
+must respect users' decisions. 
 
-Wizards should be opinionated in which SDK options are set and cater to the 80% use case.
-The SDK setup doesn't necessarily have to be minimal.
-For example, it can include optional but recommended integrations (e.g. session replay or profiling) or options (e.g. sample rates).
+Some examples: 
+- We should not enable a feature that users previously declined (e.g. set `tracesSampleRate` if users previously declined to enable tracing)
+- We may set additional options, like the `tunnelRoute` option in Next.Js, but we should ask for consent whenever reasonable. In this example, consent is important because setting this option potentially increases users' traffic and hence their infrastructure bill.
+- We may set additional options like `tracePropagationTargets` or `sendDefaultPii` as comments, if we think that these are options users should be aware of.
+
+### Cater to the 80%
 
 Given that most wizards will actively modify code or config files, there is a chance that they might fail or break something.
-That's okay and expected as long as we're transparent about it and we tell users upfront that we're touching their files.
-We cannot possibly cover all edge cases but we should try to cover the 80% so that typical projects can be set up with the wizard.
+That's okay and expected as long as we're transparent about it and we tell users upfront that we're modifying their files.
+We cannot possibly cover all edge cases but we should try to cover the 80% so that typical projects can be set up successfully.
 
 ### Support Self-Hosted Sentry
 

develop-docs/sdk/telemetry/logs.mdx

@@ -268,33 +268,39 @@ An SDK should implement [Tracing without Performance](/sdk/telemetry/traces/trac
 
 ### Default Attributes
 
-By default the SDK should set the following attributes:
+By default the SDK should attach the following attributes to a log:
 
-1. `sentry.message.template`: The parameterized template string
-2. `sentry.message.parameter.X`: The parameters to the template string. X can either be the number that represent the parameter's position in the template string (`sentry.message.parameter.0`, `sentry.message.parameter.1`, etc) or the parameter's name (`sentry.message.parameter.item_id`, `sentry.message.parameter.user_id`, etc)
-3. `sentry.environment`: The environment set in the SDK
-4. `sentry.release`: The release set in the SDK
-5. `sentry.trace.parent_span_id`: The span id of the span that was active when the log was collected. This should not be set if there was no active span.
-6. `sentry.sdk.name`: The name of the SDK that sent the log
-7. `sentry.sdk.version`: The version of the SDK that sent the log
-8. [BACKEND SDKS ONLY] `server.address`: The address of the server that sent the log. Equivalent to `server_name` we attach to errors and transactions.
-
-Example:
+1. `sentry.environment`: The environment set in the SDK if defined.
+2. `sentry.release`: The release set in the SDK if defined.
+3. `sentry.trace.parent_span_id`: The span id of the span that was active when the log was collected. This should not be set if there was no active span.
+4. `sentry.sdk.name`: The name of the SDK that sent the log
+5. `sentry.sdk.version`: The version of the SDK that sent the log
 
 ```json
 {
-  "sentry.message.template": "Adding item %s for user %s",
-  "sentry.message.parameter.0": "item_id",
-  "sentry.message.parameter.1": "user_id",
   "sentry.environment": "production",
   "sentry.release": "1.0.0",
   "sentry.trace.parent_span_id": "b0e6f15b45c36b12",
   "sentry.sdk.name": "sentry.javascript.node",
-  "sentry.sdk.version": "9.11.0",
-  "server.address": "foo.example.com"
+  "sentry.sdk.version": "9.11.0"
 }
 ```
 
+If the log was paramaterized the SDK should attach the following
+
+1. `sentry.message.template`: The parameterized template string
+2. `sentry.message.parameter.X`: The parameters to the template string. X can either be the number that represent the parameter's position in the template string (`sentry.message.parameter.0`, `sentry.message.parameter.1`, etc) or the parameter's name (`sentry.message.parameter.item_id`, `sentry.message.parameter.user_id`, etc)
+
+```json
+{
+  "sentry.message.template": "Adding item %s for user %s",
+  "sentry.message.parameter.0": "item_id",
+  "sentry.message.parameter.1": "user_id"
+}
+```
+
+#### SDK Integration Attributes
+
 If a log is generated by an SDK integration, the SDK should also set the `sentry.origin` attribute, as per the [Trace Origin](/sdk/telemetry/traces/trace-origin/) documentation. It is assumed that logs without a `sentry.origin` attribute are manually created by the user.
 
 ```json
@@ -303,7 +309,73 @@ If a log is generated by an SDK integration, the SDK should also set the `sentry
 }
 ```
 
-Beyond these attributes, we are exploring if the SDK should also send OS, user, and device information automatically (via reading the appropriate contexts from the scope). Given this behaviour can easily be added as a new feature to the SDK, it does not have to be part of the initial SDK implementation until we make a finalized decision.
+#### User Attributes
+
+If `sendDefaultPii`/`send_default_pii` is set to `true` in the SDK, the SDK should attach the following user data if available:
+
+1. `user.id`: The user ID. Maps to `id` in the [User](/sdk/data-model/event-payloads/user/) payload.
+2. `user.name`: The username. Maps to `username` in the [User](/sdk/data-model/event-payloads/user/) payload.
+3. `user.email`: The email address. Maps to `email` in the [User](/sdk/data-model/event-payloads/user/) payload.
+
+```json
+{
+  "user.id": "123",
+  "user.name": "john.doe",
+  "user.email": "[email protected]"
+}
+```
+
+#### User Agent Parsing
+
+By default, Relay should parse the user agent attached to an incoming log envelope to parse `browser` and `os` information for logs. These attributes should be attached by Relay, but SDKs can attach them if they do not forward a user agent when sending logs to Sentry.
+
+1. `browser.name`: Display name of the browser application. Maps to `name` in the [Contexts](/sdk/data-model/event-payloads/contexts/#browser-context) payload.
+2. `browser.version`: Version string of the browser. Maps to `version` in the [Contexts](/sdk/data-model/event-payloads/contexts/#browser-context) payload.
+
+```json
+{
+  "browser.name": "Chrome",
+  "browser.version": "120.0"
+}
+```
+
+#### Backend SDKs
+
+For backend SDKs (Node.js, Python, PHP, etc.), the SDKs should attach the following:
+
+1. `server.address`: The address of the server that sent the log. Equivalent to [`server_name`](sdk/data-model/event-payloads/#optional-attributes) we attach to errors and transactions.
+
+```json
+{
+  "server.address": "foo.example.com"
+}
+```
+
+#### Mobile, Desktop, and Native SDKs
+
+For mobile, desktop, and native SDKs (Android, Apple, Electron, etc.), the SDKs should attach the following:
+
+1. `os.name`: The name of the operating system. Maps to `name` in the [Contexts](/sdk/data-model/event-payloads/contexts/#os-context) payload.
+2. `os.version`: The version of the operating system. Maps to `version` in the [Contexts](/sdk/data-model/event-payloads/contexts/#os-context) payload.
+3. `device.brand`: The brand of the device. Maps to `brand` in the [Contexts](/sdk/data-model/event-payloads/contexts/#device-context) payload.
+4. `device.model`: The model of the device. Maps to `model` in the [Contexts](/sdk/data-model/event-payloads/contexts/#device-context) payload.
+5. `device.family`: The family of the device. Maps to `family` in the [Contexts](/sdk/data-model/event-payloads/contexts/#device-context) payload.
+
+```json
+{
+  "os.name": "iOS",
+  "os.version": "17.0",
+  "device.brand": "Apple",
+  "device.model": "iPhone 15 Pro Max",
+  "device.family": "iPhone"
+}
+```
+
+#### Future Default Attributes
+
+The SDKs should aim to minimize the number of default attributes attached to a log. Logs are intended to be lightweight, and we want to try to keep the average byte size of a log as small as possible as users will be charged per byte size of logs sent.
+
+We are trying to settle on a balance of debuggability vs. smaller byte size for logs which is why new default attributes should only be added after significant feedback from users and discussion internally with the SDK and ingest teams. There is no hard rule about what exact attributes are allowed, every proposed new attribute will be evaluated on a case-by-case basis.
 
 ### Data Category and Rate Limiting