Bump Sentry Ruby SDK to v6

Gemfile

@@ -22,8 +22,8 @@ gem "warden"
 gem "pundit"
 
 # Use Sentry (https://sentry.io/for/ruby/?platform=sentry.ruby.rails#)
-gem "sentry-rails"
-gem "sentry-ruby"
+gem "sentry-rails", "~> 6"
+gem "sentry-ruby", "~> 6"
 
 gem "config"
 

Gemfile.lock

@@ -515,12 +515,13 @@ GEM
       rexml (~> 3.2, >= 3.2.5)
       rubyzip (>= 1.2.2, < 4.0)
       websocket (~> 1.0)
-    sentry-rails (5.28.1)
-      railties (>= 5.0)
-      sentry-ruby (~> 5.28.1)
-    sentry-ruby (5.28.1)
+    sentry-rails (6.4.1)
+      railties (>= 5.2.0)
+      sentry-ruby (~> 6.4.1)
+    sentry-ruby (6.4.1)
       bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
+      logger
     simplecov (0.22.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
@@ -645,8 +646,8 @@ DEPENDENCIES
   rspec-rails (>= 3.9.0)
   rubocop-govuk
   selenium-webdriver
-  sentry-rails
-  sentry-ruby
+  sentry-rails (~> 6)
+  sentry-ruby (~> 6)
   simplecov (~> 0.22.0)
   spring-commands-rspec
   spring-prspec
@@ -833,8 +834,8 @@ CHECKSUMS
   rubyzip (3.2.2) sha256=c0ed99385f0625415c8f05bcae33fe649ed2952894a95ff8b08f26ca57ea5b3c
   securerandom (0.4.1) sha256=cc5193d414a4341b6e225f0cb4446aceca8e50d5e1888743fac16987638ea0b1
   selenium-webdriver (4.41.0) sha256=cdc1173cd55cf186022cea83156cc2d0bec06d337e039b02ad25d94e41bedd22
-  sentry-rails (5.28.1) sha256=43a5f884622c60fa459ba05dc8bd22fbd5f28daaced1d00dbcfc4669eaf93807
-  sentry-ruby (5.28.1) sha256=1162d474271e8b82202c984b1116db234007a084c5b73293e921468898d07e99
+  sentry-rails (6.4.1) sha256=fb800a375533f2fff3101f26a1a32bdce0a4b99b16cd5be7b64b15e93bcb58e8
+  sentry-ruby (6.4.1) sha256=dac04976f791ad6ecd4fd30440c29d9b73aee08f790eeca73b439b5d67370f38
   simplecov (0.22.0) sha256=fe2622c7834ff23b98066bb0a854284b2729a569ac659f82621fc22ef36213a5
   simplecov-html (0.12.3) sha256=4b1aad33259ffba8b29c6876c12db70e5750cb9df829486e4c6e5da4fa0aa07b
   simplecov_json_formatter (0.1.4) sha256=529418fbe8de1713ac2b2d612aa3daa56d316975d307244399fa4838c601b428

config/initializers/sentry.rb

@@ -7,16 +7,39 @@
     config.dsn = Settings.sentry.dsn
     config.breadcrumbs_logger = %i[active_support_logger http_logger]
     config.debug = true
-    config.enable_tracing = false
     config.environment = Settings.sentry.environment
     config.excluded_exceptions += %w[NotFoundError]
 
     filter = ActiveSupport::ParameterFilter.new(
       [EmailParameterFilterProc.new(mask: Settings.sentry.filter_mask)],
       mask: Settings.sentry.filter_mask,
     )
+
     config.before_send = lambda do |event, _hint|
-      filter.filter(event.to_hash)
+      if event.exception && event.exception.values.present?
+        event.exception.values.each do |exception| # rubocop:disable Style/HashEachMethods
+          exception.value = filter.filter_param(nil, exception.value)
+        end
+      end
+      if event.extra
+        event.extra = filter.filter(event.extra)
+      end
+      if event.user
+        event.user = filter.filter(event.user)
+      end
+      if event.contexts
+        event.contexts = filter.filter(event.contexts)
+      end
+
+      event
+    end
+
+    config.before_breadcrumb = lambda do |breadcrumb, _hint|
+      if breadcrumb.data
+        breadcrumb.data = filter.filter(breadcrumb.data)
+      end
+
+      breadcrumb
     end
   end
 end

spec/integration/sentry_spec.rb

@@ -3,6 +3,10 @@
 RSpec.describe "config/initializers/sentry" do
   let(:test_dsn) { "https://fake@test-dsn/1".freeze }
 
+  # set the email address up here to keep it out of the traceback for the test error event
+  let(:submission_email) { "submission-email@test.example" }
+  let(:user_email) { "user@example.org" }
+
   before do
     allow(Settings.sentry).to receive(:dsn).and_return(test_dsn)
 
@@ -16,24 +20,38 @@
   end
 
   context "when an exception is raised containing personally identifying information" do
-    let(:form) { create :form, submission_email: "submission-email@test.example" }
+    let(:form) { create :form, submission_email: }
 
     before do
       raise "Something went wrong: #{form.inspect}"
     rescue RuntimeError => e
+      Sentry.set_context(:user, { email: user_email, id: "some-user-id" })
       Sentry.capture_exception(e)
     end
 
+    it "captures the exception" do
+      expect(last_sentry_event).to be_present
+    end
+
     it "scrubs email addresses from everywhere in the event" do
-      expect(last_sentry_event.to_hash.to_s).not_to include "submission-email@test.example"
+      expect(last_sentry_event.to_h.to_s).not_to include submission_email
+      expect(last_sentry_event.to_h.to_s).not_to include user_email
     end
 
-    it "replaces the email address in the exception with a comment" do
-      expect(last_sentry_event.to_hash[:exception][:values].first[:value]).to include "[Filtered (client-side)]"
+    it "replaces the email address in the exception with a mask" do
+      expect(last_sentry_event.to_h[:exception][:values].first[:value]).to include "[Filtered (client-side)]"
     end
 
     it "keeps the rest of the exception message" do
-      expect(last_sentry_event.to_hash[:exception][:values].first[:value]).to include "Something went wrong"
+      expect(last_sentry_event.to_h[:exception][:values].first[:value]).to include "Something went wrong"
+    end
+
+    it "replaces the email address in the context with a mask" do
+      expect(last_sentry_event.contexts[:user][:email]).to eq "[Filtered (client-side)]"
+    end
+
+    it "keeps the rest of the context" do
+      expect(last_sentry_event.contexts[:user][:id]).to eq "some-user-id"
     end
   end
 
@@ -58,11 +76,11 @@
     end
 
     it "scrubs email addresses from everywhere in the event" do
-      expect(last_sentry_event.to_hash.to_s).not_to include "new-submission-email@test.example"
+      expect(last_sentry_event.to_h.to_s).not_to include "new-submission-email@test.example"
     end
 
     it "replaces the email address in the breadcrumbs with a comment" do
-      expect(last_sentry_event.to_hash[:breadcrumbs][:values].last[:data]["params"]["forms_submission_form"]["temporary_submission"]).to eq "[Filtered (client-side)]"
+      expect(last_sentry_event.to_h[:breadcrumbs][:values].last[:data]["params"]["forms_submission_form"]["temporary_submission"]).to eq "[Filtered (client-side)]"
     end
   end
 end