Merge branch 'master' into codyde/javascript-tracing-refactor

Author: codyde

.github/CODEOWNERS

@@ -45,12 +45,12 @@
 
 # ###### Replays #######
 
-# /src/docs/product/session-replay/                                 @getsentry/replay
-# /src/includes/session-replay-web-report-bug.mdx                   @getsentry/replay
-# /src/platform-includes/session-replay/                            @getsentry/replay @getsentry/replay-sdk-web
-# /src/platforms/javascript/common/session-replay/                  @getsentry/replay @getsentry/replay-sdk-web
-# /src/wizard/javascript/replay-onboarding/                         @getsentry/replay @getsentry/replay-sdk-web
+# /src/docs/product/session-replay/web                              @jas-kas @getsentry/replay-sdk-web @getsentry/replay-frontend @getsentry/replay-backend
+# /src/docs/product/session-replay/mobile                           @jas-kas @getsentry/replay-sdk-mobile @getsentry/replay-frontend @getsentry/replay-backend
+# /src/includes/session-replay-web-report-bug.mdx                   @getsentry/replay-sdk-web
+# /src/platform-includes/session-replay/                            @getsentry/replay-sdk-web @getsentry/replay-sdk-mobile
+# /src/platforms/javascript/common/session-replay/                  @getsentry/replay-sdk-web
 
-# /src/docs/product/dev-toolbar/                                    @getsentry/replay
+# /src/docs/product/dev-toolbar/                                    @ryan953 @jas-kas
 
 # ###### End Replays #######

.github/workflows/bump-api-schema-sha.yml

@@ -14,7 +14,7 @@ jobs:
       - uses: actions/checkout@v4.1.1
       - name: Get auth token
         id: token
-        uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3
+        uses: actions/create-github-app-token@0d564482f06ca65fa9e77e2510873638c82206f2 # v1.11.5
         with:
           app-id: ${{ vars.SENTRY_INTERNAL_APP_ID }}
           private-key: ${{ secrets.SENTRY_INTERNAL_APP_PRIVATE_KEY }}

.github/workflows/prepare-release.yml

@@ -15,7 +15,7 @@ jobs:
     steps:
       - name: Get auth token
         id: token
-        uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3
+        uses: actions/create-github-app-token@0d564482f06ca65fa9e77e2510873638c82206f2 # v1.11.5
         with:
           app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }}
           private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }}

develop-docs/development-infrastructure/devservices.mdx

@@ -25,6 +25,10 @@ commands:
   purge               Purge the local devservices cache
 ```
 
+## Installation
+
+Installation instructions can be found [here](https://github.com/getsentry/devservices?tab=readme-ov-file#installation).
+
 ## Viewing logs for a service
 
 ```shell

develop-docs/sdk/data-model/envelope-items.mdx

@@ -146,7 +146,7 @@ details.
 
 *None*
 
-### Statsd
+### Statsd (deprecated)
 
 Item type `"statsd"` contains metrics emissions in a superset of the statsd format.
 
@@ -162,7 +162,7 @@ details.
 
 *None*
 
-### Metric Meta
+### Metric Meta (deprecated)
 
 Item type `"metric_meta"` contains per-metric meta data which is persisted alongside
 metrics in the system.

develop-docs/sdk/expected-features/data-handling.mdx

@@ -111,6 +111,8 @@ Fields in the event payload that allow user-specified or dynamic values are rest
 
 - Mappings of values (such as HTTP data, extra data, etc) are limited to 50 item pairs.
 - Event IDs are limited to 36 characters and must be valid UUIDs.
+- Flag keys are limited to 32 characters.
+- Flag values are limited to 200 characters.
 - Tag keys are limited to 32 characters.
 - Tag values are limited to 200 characters.
 - Culprits are limited to 200 characters.

develop-docs/sdk/expected-features/index.mdx

@@ -30,7 +30,7 @@ What scope means depends on the application, for a web framework it is most like
 
 ## Automatic Context Data
 
-Automatic addition of useful attributes such as `tags` or `extra` or specific `contexts`. Typically means the SDK hooks into a framework so that it can set attributes that are known to be useful for most users. Please check [Data Handling](/sdk/expected-features/data-handling) for considerations.
+Automatic addition of useful attributes such as `flags` or `tags` or `extra` or specific `contexts`. Typically means the SDK hooks into a framework so that it can set attributes that are known to be useful for most users. Please check [Data Handling](/sdk/expected-features/data-handling) for considerations.
 
 ## Breadcrumbs
 
@@ -118,24 +118,15 @@ This functionality should be gated behind the `includeLocalVariables` option, wh
 
 ## Feature Flags
 
-An SDK may expose a Scope property for tracking feature flag evaluations. When the scope forks, it's important to clone the feature flags property. Leaking flag evaluations between threads could lead to inaccurate feature flag evaluation logs.
+An SDK may optionally support feature flag collection. Feature flags are collected on evaluation, stored on the scope, and submitted to Sentry on error obeying the schema specified in the <Link to="/sdk/data-model/event-payloads/contexts/#feature-flag-context">Feature Flag Context</Link> protocol documentation.
 
-The Scope's flag property should have a capped capacity and should prefer recently-evaluated flags over less-recently-evaluated flags. The recommended data structure is a LRU-cache but it is not required so long as the data structure behaves similarly. Serious deviations from the behavior of an LRU-cache should be documented for your language.
+If an SDK supports feature flags it must expose a function `set_flag` which has identical behavior to the `set_tag` function. It must accept a key of type string and a value which is a union of string, boolean, integer, float, and structure. An SDK may hold up to 100 evaluations. Evaluations are ordered based on their evaluation time. Typically, an LRU cache is used to store feature flags. When the capacity of the cache is exceeded the oldest flag is dropped. Any (or multiple) data structure(s) may be chosen by the SDK to store feature flags as long as the evaluation order of the flags is maintained.
 
-The Scope's flag property should expose two methods: `get/0` and `set/2`. `set/2` takes two arguments. The first argument is the name of the flag. It is of type string. The second argument is the evaluation result. It is of type boolean. `set/2` should remove all entries from the LRU-cache which match the provided flag's name and append the new evaluation result to the end of the queue. `get/0` accepts zero arguments. The `get/0` method must return a list of serialized flag evaluation results in order of evaluation. Oldest values first, newest values last. See the <Link to="/sdk/data-model/event-payloads/contexts/#feature-flag-context">Feature Flag Context</Link> protocol documentation for details.
+Because flags are stored on the scope, when a scope forks the flags data structure must be cloned. Failure to clone the data structure appropriately will lead to flags leaking across thread boundaries and lead to unexpected results.
 
 ### Integrations
 
-Integrations automate the work of tracking feature flag evaluations and serializing them on error context. An integration should hook into third-party SDK and record feature flag evaluations using the current scope. For example, in Python an integration would call `sentry_sdk.get_current_scope().flags.set(...)` on each flag evaluation.
-
-An integration is also responsible for registering an "on error" hook with the Sentry SDK. When an error occurs the integration should request the current scope and serialize the flags property. For example, in Python an integration might define this callback function:
-
-```python
-def flag_error_processor(event, exc_info):
-    scope = sentry_sdk.get_current_scope()
-    event["contexts"]["flags"] = {"values": scope.flags.get()}
-    return event
-```
+Integrations automate the work of tracking feature flag evaluations. An integration should hook into a third-party SDK and record feature flag evaluations using the current scope.
 
 ## Desymbolication
 
@@ -346,7 +337,7 @@ The SDK automatically captures HTTP Client errors and sends them to [sentry.io](
 
 The HTTP Client integration should have 3 configuration options:
 
-- `captureFailedRequests` defaults to `false` due to PII reasons.
+- `captureFailedRequests` defaults to `false` when introducing this feature due to PII reasons and can be changed to `true` in a follow up major.
   - The SDK will only capture HTTP Client errors if it is enabled.
 - `failedRequestStatusCodes` defaults to `500 - 599`, this configuration option accepts a `List` of `HttpStatusCodeRange` which is a range of HTTP status code -> `min` to `max` or a single `status_code`.
   - The SDK will only capture HTTP Client errors if the HTTP Response status code is within the defined ranges in `failedRequestStatusCodes`.
@@ -547,9 +538,9 @@ Ability for the SDK to attach request body to events and triggered during the ex
 User should be able to set a configuration option `maxRequestBodySize` to instruct SDK how big requests bodies should be attached.
 SDK controls what is an actual size in bytes for each option:
 
-- `none` (default)
+- `none`
 - `small` - `1000` bytes
-- `medium` - `10000` bytes
+- `medium` - `10000` bytes (default)
 - `always`
 
 ## Log context

develop-docs/sdk/miscellaneous/hub_and_scope_refactoring.mdx

@@ -78,7 +78,7 @@ This scope is probably only used for process-wide data like the `release`.
 
 **Isolation Scope**
 
-This scope holds data only applicable to the current request (on a server), tab (in a browser), or user (on a mobile). The top-level APIs that manipulate data (like `sentry_sdk.set_tag()`, `sentry_sdk.set_context()` etc) write to the isolation scope (at least once the migration phase is over, see "Backwards Compatibility").
+This scope holds data only applicable to the current request (on a server), tab (in a browser), or user (on a mobile). The top-level APIs that manipulate data (like `sentry_sdk.set_flag()`, `sentry_sdk.set_tag()`, `sentry_sdk.set_context()` etc.) write to the isolation scope (at least once the migration phase is over, see "Backwards Compatibility").
 
 The isolation scope is stored in a context variable, thread local, async local, or something similar (depending on the platform). It may also be stored on OTel `Context` so we can rely on OTels `Context` propagation once SDKs implement POTEL.
 

develop-docs/sdk/miscellaneous/unified-api/index.mdx

@@ -216,6 +216,8 @@ Sentry.configureScope((scope) =>
 
 - `scope.set_extras(extras)`: Sets an object with key/value pairs, convenience function instead of multiple `set_extra` calls. As with `set_extra` this is considered deprecated functionality.
 
+- `scope.set_flag(key, value)`: Sets the flag to a string value, overwriting a potential previous value. Entries can not be removed except by expiration.
+
 - `scope.set_tag(key, value)`: Sets the tag to a string value, overwriting a potential previous value. Removing a key is SDK-defined, either with a `remove_tag` function or by passing nothing as data.
 
 - `scope.set_tags(tags)`: Sets an object with key/value pairs, convenience function instead of multiple `set_tag` calls.

develop-docs/sdk/processes/basics.mdx

@@ -32,13 +32,17 @@ When sending events just substitute `orgXXX.ingest.sentry.io` with `localhost:30
 whichever port you ended up chosing.  Also note that a local relay will out of the box
 be available via HTTP only so don't try to send HTTPS requests there.
 
-## Join us on Discord
-
-You can reach out to Sentry open source contributors and talk with other SDK maintainers on the [Sentry Discord server](https://discord.gg/sentry).
-
 ## Consult Existing SDKs
 
 While we're trying to keep the docs up to date about all important things, it's usually
 a good idea to refer to already existing Sentry SDKs for input.  In particular the
 transport design is not part of the documentation but generally quite similar between
 SDKs.
+
+## Type out context in Relay
+
+To have a better understanding of various [context](https://develop.sentry.dev/sdk/data-model/event-payloads/contexts/) our SDKs emit, any newly added context should also be typed out in [Relay](https://github.com/getsentry/relay/tree/master/relay-event-schema/src/protocol/contexts).
+
+## Join us on Discord
+
+You can reach out to Sentry open source contributors and talk with other SDK maintainers on the [Sentry Discord server](https://discord.gg/sentry).

develop-docs/self-hosted/troubleshooting/sentry.mdx

@@ -51,3 +51,13 @@ worker1:
 ```
 
 To see a more complete example, please see [a sample solution on our community forum](https://forum.sentry.io/t/how-to-clear-backlog-and-monitor-it/10715/14?u=byk).
+
+## Cannot Load JavaScript or CSS Files From Web Interface
+
+If you are running your Sentry instance behind a CDN like Cloudflare, Fastify, or the like, you may see some errors of invalid JavaScript or CSS files being loaded from the web interface. This is caused by some static asset files that are already optimized by the bundlers, but aren't being served with minified extensions (for example, `.min.js`). Therefore, the CDN that you are using will try to optimize the files a second time, which will result in corrupted files.
+
+Some known paths where you may see this error:
+* _static/dist/sentry/entrypoints/sentry.css
+* _static/dist/sentry/entrypoints/app.js
+
+To fix this, you can disable the auto optimization performed by your CDN.

docs/account/auth-tokens/index.mdx

@@ -47,8 +47,12 @@ User auth token permissions are customizable but cannot be edited later.
 
 ![](./img/org-auth-tokens-overview.png)
 
+<Alert>
+
 They can also be generated on certain pages of Sentry's docs if you're signed in, and by using the Sentry Wizard to configure uploading source maps.
 
+</Alert>
+
 Organization auth token names are generated for you unless you create the token through the Sentry UI. This name is only used for display purposes - it helps to identify an auth token in case you want to revoke it later. You can change the name for an organization auth token at [sentry.io](https://sentry.io) on the **Edit Auth Token** page under **Settings > Developer Settings > Auth Tokens**.
 
 For security reasons, organization auth tokens are only visible _once_, right after you create them. If you lose the auth token, you will have to create a new one. This means you can't see the full token on the overview page or on the token detail page, you can only see the last characters of the token to help identify it.

docs/cli/dif.mdx

@@ -86,6 +86,15 @@ the upload is performed on the same machine as the application build:
 sentry-cli debug-files upload --include-sources /path/to/files...
 ```
 
+<Alert>
+
+This feature is supported by build tools that produce debug information files
+supported by Sentry such as DWARF and PDB. This applies to languages such
+as C/C++/C#/Swift/Rust/Zig/etc.
+For Java/Kotlin and other JVM languages, use one of the plugins: [Maven](https://docs.sentry.io/platforms/java/maven/) or [Gradle](https://docs.sentry.io/platforms/java/gradle/). 
+
+</Alert>
+
 ## Uploading Files
 
 Use the `sentry-cli debug-files upload` command to upload debug information files to

docs/concepts/data-management/event-grouping/img/merged-issues.png

@@ -55,6 +55,32 @@ If the stack trace is not available, but exception information is, then the grou
 
 Grouping falls back to messages if the stack trace, `type`, and `value` are not available. When this happens, the grouping algorithm will try to use the message without any parameters. If that is not available, the grouping algorithm will use the full message attribute.
 
+### AI-Enhanced Grouping
+
+In addition to fingerprint-based grouping, Sentry uses AI to further improve issue grouping accuracy. This system helps identify semantically similar errors that might have different fingerprints due to minor code variations. The AI grouping system works alongside traditional fingerprinting - it only attempts to group new issues and will never split up issues that were grouped by fingerprint.
+
+This system will not apply to any events that have fully custom fingerprints (either set via SDK or [fingerprint rules](https://docs.sentry.io/product/issues/grouping-and-fingerprints/#fingerprint-rules)). However, events with fingerprints containing `{{ default }}` will use AI grouping to calculate the `{{ default }}` portion of the fingerprint.
+
+When Sentry's default fingerprinting algorithm generates a new hash, it automatically sends the error data to [Seer](https://github.com/getsentry/seer), our AI/ML service. That error data includes the message and in-app stack frames (including those configured with stack trace rules), or all frames when no in-app frames are present.
+
+Seer performs the following steps:
+
+1. It generates a vector representation of the error's stack trace using a transformer-based text embedding model
+2. It compares this embedding against existing error embeddings for that project in the database
+3. If a semantically similar error is found within the configured threshold, Sentry merges the new error into the existing issue
+
+![Sentry Seer PostgreSQL.](./img/sentry-seer-postgresql.png)
+
+This algorithm is particularly effective at handling cases where:
+
+- Similar errors occur in different parts of the codebase
+- Code changes or deployments introduce slight variations in stack traces
+- Different error types represent the same underlying problem
+
+You can see issues that have been merged through this system in the “Merged Issues” section of the Issue Details UI. You can always unmerge any fingerprints that you would not like to see grouped, and our system will avoid grouping them in the future.
+
+![Merged issues.](./img/merged-issues.png)
+
 ## Ways to Customize Error Grouping
 
 If the way that Sentry is grouping issues for your organization is already ideal, you don't need to make any changes. However, you may find that Sentry is either creating too many similar groups, or is grouping disparate events into groups that should be separate. If this is the case, for **error issues**, you can extend and change the default grouping behavior. Error grouping can be extended and changed completely according to your needs. Transaction grouping currently cannot be customized.

docs/concepts/data-management/event-grouping/img/sentry-seer-postgresql.png

@@ -4,7 +4,7 @@ description: "Learn more about searchable issue properties."
 sidebar_order: 10
 ---
 
-[Issues](/product/issues/) are an aggregate of one or more error events. Searchable issues properties include status, assignment, aggregate counts, and age. You can search by issue properties in the **Issues** page and in **Dashboards** in the widget builder, depending on your dataset selection.
+[Issues](/product/issues/) are an aggregate of one or more error events. Searchable issues properties include status, assignment, aggregate counts, and age. If you have set up [evaluation tracking for feature flags](/product/issues/issue-details/feature-flags/#evaluation-tracking), you can search for issues that have error events where the feature flag evaluated value is `true` or `false`. You can search by issue properties in the **Issues** page and in **Dashboards** in the widget builder, depending on your dataset selection.
 
 ## Searchable Properties
 
@@ -178,6 +178,12 @@ Returns issues with a matching first time seen. Syntax is the same as `age`.
 
 - **Type:** datetime
 
+### `flags`
+
+For [feature flag evaluations](/product/issues/issue-details/feature-flags/#evaluation-tracking) set to `true` or `false`, the name of the feature flag.
+
+- **Type:** boolean
+
 ### `geo.city`
 
 Full name of the city

docs/concepts/data-management/event-grouping/index.mdx

@@ -1,6 +1,6 @@
 ---
 title: Generic
-sidebar_order: 3
+sidebar_order: 1
 description: Learn about Sentry's generic feature-flag integrations.
 ---
 
@@ -24,7 +24,7 @@ For the generic case, you need to write a webhook that conforms to our API. You
 
 ### Set Up Change Tracking
 
-Enabling Change Tracking is a four step process. To get started visit the [feature-flags settings page](https://sentry.io/orgredirect/organizations/:orgslug/settings/feature-flags) in a new tab. Then follow the steps listed below.
+Enabling Change Tracking is a four step process. To get started, visit the [feature flags settings page](https://sentry.io/orgredirect/organizations/:orgslug/settings/feature-flags) in a new tab. Then follow the steps listed below.
 
 1. **Click the "Add New Provider" button.**
     - One webhook secret can be registered per provider type.

docs/concepts/search/searchable-properties/issues.mdx

@@ -4,7 +4,8 @@ sidebar_order: 90
 description: "Learn more about Sentry's feature flag integrations."
 ---
 
-- [LaunchDarkly](/organization/integrations/feature-flag/launchdarkly/)
 - [Generic](/organization/integrations/feature-flag/generic/)
+- [LaunchDarkly](/organization/integrations/feature-flag/launchdarkly/)
+- [Statsig](/organization/integrations/feature-flag/statsig/)
 - [Split](/organization/integrations/feature-flag/split/)
 - [Unleash](/organization/integrations/feature-flag/unleash/)