Skip to content

feat(core): Seal SentryTracerProvider spans against mutation after they end#21842

Open
andreiborza wants to merge 2 commits into
ab/sentry-trace-provider-core-capturefrom
ab/sentry-trace-provider-seal
Open

feat(core): Seal SentryTracerProvider spans against mutation after they end#21842
andreiborza wants to merge 2 commits into
ab/sentry-trace-provider-core-capturefrom
ab/sentry-trace-provider-seal

Conversation

@andreiborza

@andreiborza andreiborza commented Jun 29, 2026

Copy link
Copy Markdown
Member

What

Seal spans created by the SentryTracerProvider once they end. After SentrySpan.end() finishes its end-of-span processing, every mutator no-ops, gated on the spanIsTracerProviderSpan brand:

  • setAttribute / setAttributes
  • setStatus
  • updateName
  • updateStartTime
  • addLink / addLinks
  • addEvent

Spans created directly through core (e.g. the browser SDK) are never branded, so they stay mutable.

Why

OpenTelemetry SDK spans are immutable after end() (setters no-op). The SentryTracerProvider hands native SentrySpans to OTel instrumentations as OTel spans, so they must honor that contract. Some instrumentations write to a span after end() (e.g. Next.js sets a status on a render error); without sealing, those late writes overwrite the finalized values.

This matters most once segment-span capture is deferred (#21839): the transaction snapshot is then taken on a later tick, so any late post-end() write (status, attribute, name, start time, link, or event) would be serialized into it. Sealing the span on end() keeps the finalized values intact.

Notes

  • The seal applies only to provider-branded spans. The brand is set exclusively by the OTel SentryTracer, never by the browser SDK, so browser spans (including web-vitals start-time adjustments via updateStartTime) are unaffected.
  • Tests in sentrySpan.test.ts cover both directions: a branded span where all mutators no-op after end(), and a non-branded span that stays mutable.

Stacked on #21839 (deferred capture / orphan emission) and #21666 (which provides the spanIsTracerProviderSpan brand). Dormant until #21680 wires the provider; no provider-branded spans exist before then.

Comment thread packages/core/src/tracing/sentrySpan.ts
Comment thread packages/core/src/tracing/sentrySpan.ts
@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

size-limit report 📦

Path Size % Change Change
@sentry/browser 27.62 kB - -
@sentry/browser - with treeshaking flags 26.05 kB - -
@sentry/browser (incl. Tracing) 46.32 kB +0.55% +249 B 🔺
@sentry/browser (incl. Tracing + Span Streaming) 48.08 kB +0.55% +261 B 🔺
@sentry/browser (incl. Tracing, Profiling) 51.09 kB +0.5% +252 B 🔺
@sentry/browser (incl. Tracing, Replay) 85.56 kB +0.31% +259 B 🔺
@sentry/browser (incl. Tracing, Replay) - with treeshaking flags 75.16 kB +0.33% +245 B 🔺
@sentry/browser (incl. Tracing, Replay with Canvas) 90.25 kB +0.3% +261 B 🔺
@sentry/browser (incl. Tracing, Replay, Feedback) 102.92 kB +0.25% +255 B 🔺
@sentry/browser (incl. Feedback) 44.8 kB - -
@sentry/browser (incl. sendFeedback) 32.42 kB - -
@sentry/browser (incl. FeedbackAsync) 37.55 kB - -
@sentry/browser (incl. Metrics) 28.68 kB - -
@sentry/browser (incl. Logs) 28.93 kB - -
@sentry/browser (incl. Metrics & Logs) 29.61 kB - -
@sentry/react 29.41 kB - -
@sentry/react (incl. Tracing) 48.59 kB +0.45% +214 B 🔺
@sentry/vue 33.1 kB +0.78% +255 B 🔺
@sentry/vue (incl. Tracing) 48.2 kB +0.56% +266 B 🔺
@sentry/svelte 27.64 kB - -
CDN Bundle 30.03 kB +0.03% +7 B 🔺
CDN Bundle (incl. Tracing) 48.29 kB +0.58% +276 B 🔺
CDN Bundle (incl. Logs, Metrics) 31.59 kB +0.01% +3 B 🔺
CDN Bundle (incl. Tracing, Logs, Metrics) 49.59 kB +0.5% +243 B 🔺
CDN Bundle (incl. Replay, Logs, Metrics) 70.79 kB +0.01% +5 B 🔺
CDN Bundle (incl. Tracing, Replay) 85.75 kB +0.28% +237 B 🔺
CDN Bundle (incl. Tracing, Replay, Logs, Metrics) 87.03 kB +0.28% +242 B 🔺
CDN Bundle (incl. Tracing, Replay, Feedback) 91.56 kB +0.27% +243 B 🔺
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics) 92.82 kB +0.29% +260 B 🔺
CDN Bundle - uncompressed 89.42 kB - -
CDN Bundle (incl. Tracing) - uncompressed 146.09 kB +0.51% +737 B 🔺
CDN Bundle (incl. Logs, Metrics) - uncompressed 94.12 kB - -
CDN Bundle (incl. Tracing, Logs, Metrics) - uncompressed 150.06 kB +0.5% +737 B 🔺
CDN Bundle (incl. Replay, Logs, Metrics) - uncompressed 218.66 kB - -
CDN Bundle (incl. Tracing, Replay) - uncompressed 265.1 kB +0.28% +737 B 🔺
CDN Bundle (incl. Tracing, Replay, Logs, Metrics) - uncompressed 269.06 kB +0.28% +737 B 🔺
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed 278.8 kB +0.27% +739 B 🔺
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics) - uncompressed 282.75 kB +0.27% +739 B 🔺
@sentry/nextjs (client) 51.02 kB +0.52% +260 B 🔺
@sentry/sveltekit (client) 46.72 kB +0.57% +264 B 🔺
@sentry/core/server 78.14 kB +0.51% +389 B 🔺
@sentry/core/browser 64.46 kB +0.63% +399 B 🔺
@sentry/node-core 61.79 kB +0.53% +324 B 🔺
@sentry/node 123.13 kB +0.25% +304 B 🔺
@sentry/node/import (ESM hook with diagnostics-channel injection) 69.95 kB - -
@sentry/node/light 50.72 kB +0.55% +274 B 🔺
@sentry/node - without tracing 73.6 kB +0.54% +395 B 🔺
@sentry/aws-serverless 84.43 kB +0.41% +344 B 🔺
@sentry/cloudflare (withSentry) - minified 181.55 kB +0.52% +930 B 🔺
@sentry/cloudflare (withSentry) 449.36 kB +0.55% +2.43 kB 🔺

View base workflow run

@andreiborza andreiborza force-pushed the ab/sentry-trace-provider-seal branch from 920659d to 8d1b3be Compare June 29, 2026 12:36

@Lms24 Lms24 left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

dumb q but is there anything we could do to avoid having this logic hard-baked into SentrySpan? No super strong opinion, but maybe medium-strong: Ideally we can keep our SentrySpan as size-efficient as possible and rather special-case provider-emitted spans. wdyt? I might be missing something that makes this more complicated/infeasible, so feel free to disregard

@andreiborza

Copy link
Copy Markdown
Member Author

@Lms24 as discussed, this adds a lot of extra code. The SentryTracerProvider doesn't instantiate spans itself, it calls core startSpan apis so there's not an easy way to instantiate spans that have this logic in them just for the tracer provider path.

This change is about 60 bytes gzipped, so I think the impact shouldn't be too bad. Also, spans should probably be finalized for core and browser as well, but that's something we can take a look at a later point.

@andreiborza andreiborza force-pushed the ab/sentry-trace-provider-seal branch from 8d1b3be to bb677d7 Compare June 29, 2026 14:12

@JPeer264 JPeer264 left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

* @internal
*/
public updateStartTime(timeInput: SpanTimeInput): void {
if (this._frozen) {

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(After looking at other functions the following is a bad idea, but I'll keep it here for food for thoughts)

q: This might be an issue for a future method when we forget to add this._frozen. Would it make sense to add an this._update() function where we update certain fields and protect that?

E.g. here we would update the startTime with this._update({ startTime: '' }), while the this._update is guarded with the this._frozen check.

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd rather not add more code to the SentrySpan, see Lukas' original objection. I think this kind of issue of forgetting to add is easily caught by review bots nowadays.

Also, realistically, I don't think we'll expose much more api on this class.

@andreiborza andreiborza force-pushed the ab/sentry-trace-provider-core-capture branch from 29ce501 to c741940 Compare June 29, 2026 15:46
@andreiborza andreiborza requested a review from a team as a code owner June 29, 2026 15:46
@andreiborza andreiborza requested review from mydea and removed request for a team June 29, 2026 15:46
@andreiborza andreiborza force-pushed the ab/sentry-trace-provider-seal branch from bb677d7 to c1392df Compare June 29, 2026 15:47
@andreiborza andreiborza force-pushed the ab/sentry-trace-provider-core-capture branch from c741940 to 4b3fc03 Compare June 30, 2026 08:13
@andreiborza andreiborza force-pushed the ab/sentry-trace-provider-seal branch from c1392df to 8fdd6d8 Compare June 30, 2026 08:13
@andreiborza andreiborza force-pushed the ab/sentry-trace-provider-core-capture branch from 4b3fc03 to 14cb421 Compare June 30, 2026 08:48
@andreiborza andreiborza force-pushed the ab/sentry-trace-provider-seal branch from 8fdd6d8 to 3ce0cf9 Compare June 30, 2026 08:48
@andreiborza andreiborza force-pushed the ab/sentry-trace-provider-core-capture branch from 14cb421 to 6b8db6e Compare June 30, 2026 09:56
@andreiborza andreiborza force-pushed the ab/sentry-trace-provider-seal branch from 3ce0cf9 to a416506 Compare June 30, 2026 09:57

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit a416506. Configure here.

Comment thread packages/core/src/tracing/sentrySpan.ts
Comment thread packages/core/src/tracing/sentrySpan.ts
@andreiborza andreiborza force-pushed the ab/sentry-trace-provider-seal branch from 9a3a9c9 to 9e658ff Compare June 30, 2026 11:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants