Sentry
Error tracking and performance monitoring for both frontend and backend. Captures unhandled exceptions, performance traces, and session replays to aid debugging in deployed environments.
Architecture
| Component | Path | Purpose |
|---|---|---|
| Backend setup | top of backend/src/index.ts | @sentry/bun init before any other imports, beforeSend scrubbing |
| Backend capture | backend/src/middleware/errorHandler.ts | Sentry.captureException with user context |
| Frontend setup | frontend/src/main.tsx | @sentry/react init, tracing, session replay, error boundary |
There is no separate lib/sentry.ts — backend init lives directly at the top of index.ts so it runs before everything else.
Configuration
| Variable | Purpose |
|---|---|
SENTRY_DSN_BACKEND | Backend error reporting endpoint |
VITE_SENTRY_DSN_FRONTEND | Frontend DSN (build-time, public) |
Secrets live in Infisical (EU) and sync natively to Fly.io. See Deployment Pipeline.
Environment Awareness
Sentry is enabled in all cloud deployments — APP_ENV in development, preview, staging, production (rationale: fail fast, catch errors early). Excluded: local (docker-compose) and test (CI). Events are tagged with:
environment: theAPP_ENVvaluerelease:COMMIT_SHAorFLY_IMAGE_REFfrom CI/CD
Performance sampling: tracesSampleRate is 0.1 in production, 1.0 everywhere else.
Backend Integration
The error handler middleware (backend/src/middleware/errorHandler.ts) is the last middleware in the Backend Middleware pipeline. It:
- Catches all unhandled exceptions from routes and services
- Attaches request context (URL, method, user ID) and captures to Sentry (cloud envs with DSN only)
- Returns a structured JSON error response to the client
See Error Handling Pattern for the error response format.
Sensitive Data Scrubbing
The backend beforeSend hook (in index.ts) strips sensitive fields before events leave the process — case-insensitive matching on patterns including password, passwordHash, token, accessToken, refreshToken, resetToken, secret, apiKey, privateKey, credential, authorization, plus auth/cookie headers. The frontend beforeSend scrubs sensitive breadcrumb data (form inputs such as passwords).
Frontend Integration
frontend/src/main.tsx (@sentry/react) includes:
| Feature | Detail |
|---|---|
| Error boundary | Sentry.ErrorBoundary wrapping the app with ErrorFallback |
| Session replay | replayIntegration with maskAllText, blockAllMedia, maskAllInputs |
| Performance tracing | browserTracingIntegration |
| Breadcrumb scrubbing | beforeSend removes password fields from breadcrumb data |
Related
- Error Handling Pattern — Structured error responses
- Backend Middleware — Error handler middleware position
- External Integrations — All third-party integrations
- Frontend Architecture — Frontend Sentry setup
- CI-CD Workflows — Release tagging on deploy
- Security Scanning — Complementary security monitoring