You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
One shared list of regexes for things that must never reach Sentry (rootkey, 22-char base64 strings, lat/lng markers), used by both the React Native and Node sides
React Native side: replace the placeholder beforeSend in src/sentry.ts with the real scrubber, registered before the host app's own beforeSend so the host can never see an unscrubbed event
Node side: backend/before-send.js, registered as a Sentry event processor in loader.mjs — same scrubbing, same drop behaviour
The scrubber checks every text field on an event: message, exception text, extra data, contexts, breadcrumb messages and data, span descriptions and attributes (§9b.1)
Scrub HTTP breadcrumb URLs down to just the host (drop path and query string) — keeps the "all our requests are failing" signal without recording which server or project a user talks to (§9b.5)
Tests
Events containing base64-shaped strings, lat/lng markers, and raw project IDs → redacted or dropped, both sides
URL breadcrumb → host-only
Document the false-positive trade-offs with example matches
Part of #74. Independent — can run in parallel with the toggle/metrics work.
Spec:
docs/sentry-integration-plan.md§9b.1 (PII scrubber), §9b.5 (network breadcrumb URLs), Phase 5 (wiring inbackend/before-send.js).Deliverables
beforeSendinsrc/sentry.tswith the real scrubber, registered before the host app's ownbeforeSendso the host can never see an unscrubbed eventbackend/before-send.js, registered as a Sentry event processor inloader.mjs— same scrubbing, same drop behaviourTests