Skip to content

fix: handle PII-scrubbed span values and unknown GitHub PR actions gracefully#119462

Draft
billyvg wants to merge 1 commit into
mainfrom
claude/serene-cannon-2vvbwh
Draft

fix: handle PII-scrubbed span values and unknown GitHub PR actions gracefully#119462
billyvg wants to merge 1 commit into
mainfrom
claude/serene-cannon-2vvbwh

Conversation

@billyvg

@billyvg billyvg commented Jul 11, 2026

Copy link
Copy Markdown
Member

Fixes two escalating Sentry alerts surfaced by automated monitoring.

SENTRY-5R9RValueError in LargeHTTPPayloadDetector (HIGH actionability, 1256 occurrences)

Root cause: large_http_payload_detector.py:59 calls int(encoded_body_size) where encoded_body_size is a string. When Sentry's PII data scrubber replaces the value with '[Filtered]', the int() conversion throws ValueError, which is caught upstream as "Failed to detect performance problems" — silently skipping performance issue detection for that span.

Fix: Wrap the int() call in try/except ValueError and return early, so scrubbed spans are skipped cleanly.

Evidence: Stacktrace shows encoded_body_size = "'[Filtered]'" as a local variable at the crash point. Issue link: https://sentry.sentry.io/issues/SENTRY-5R9R


SENTRY-5R97ValidationError: Invalid enum value 'stacked' in GitHub webhook (MEDIUM actionability, 177 occurrences, 93 users)

Root cause: GitHub introduced a new pull request action type "stacked" (stacked PRs feature). Our GitHubPullRequestEvent msgspec struct used PullRequestAction (a strict Literal[...] type) for the action field, so msgspec's decoder throws ValidationError on any action not in the enum. This generates a Sentry error for every stacked PR event from any customer's GitHub integration.

Fix:

  • Widen GitHubPullRequestEvent.action from PullRequestAction to str so msgspec accepts any string without failing validation.
  • Compute _KNOWN_PR_ACTIONS at import time from typing.get_args on the PullRequestAction type alias (so it stays in sync when sentry-scm is bumped).
  • In deserialize_github_pull_request_event, return None for unrecognised action types with an info-level log instead of crashing. The caller (deserialize_github_event) already returns EventType | None, so None events are silently dropped.

Note: sentry-scm==0.32.1 (released 2026-07-10) already adds "stacked" to PullRequestAction, but it hasn't been published to the internal PyPI yet. This sentry-side fix provides immediate relief and future-proofs us against any other new GitHub action types.

Evidence: Error tags show github_event_action: stacked. Issue link: https://sentry.sentry.io/issues/SENTRY-5R97


Changes

  • src/sentry/issue_detection/detectors/large_http_payload_detector.py: try/except ValueError around int(encoded_body_size)
  • src/sentry/scm/private/webhooks/github.py: widen action field to str, validate against _KNOWN_PR_ACTIONS, return None for unknown actions

Claude session: https://claude.ai/code/session_015Gd856MCZWtWz8VmqLdaA3


Generated by Claude Code

…github webhooks

- large_http_payload_detector: wrap int() conversion in try/except ValueError so
  PII-scrubbed span data values like '[Filtered]' are skipped cleanly instead of
  raising ValueError and suppressing the entire span detection run (SENTRY-5R9R)

- github webhook deserializer: widen GitHubPullRequestEvent.action to str and
  validate against the known PullRequestAction values at runtime, returning None
  for unrecognised actions (e.g. GitHub's new "stacked" action). This stops
  ValidationError noise without losing coverage of legitimate actions (SENTRY-5R97)
@github-actions github-actions Bot added the Scope: Backend Automatically applied to PRs that change backend components label Jul 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Scope: Backend Automatically applied to PRs that change backend components

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants