remove PII from error report

[kfirstri]

Note

Description

This PR improves the daily error reporting GitHub Action by removing PII from PostHog queries, restructuring the details query to aggregate errors by fingerprint, and enhancing the AI prompt with stricter privacy rules and richer report requirements. The changes ensure no user emails or identifiable information appear in public GitHub issues while making reports more actionable with mandatory code snippets and PostHog deep links.

Related Issue

None

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Refactoring (no functional changes)
• Other (please describe): CI/workflow improvement — privacy, data quality, and report quality enhancements for the daily error reporting action

Changes Made

• Remove PII from queries: Dropped distinct_id, command_args, and app_id from the details query; errors are now aggregated by fingerprint (one row per unique error group) instead of returning individual events
• Add internal_occurrences column: Summary query now counts occurrences from @wix.com/@base44.com users via countIf, replacing the per-event email check with an aggregate metric
• Restructure details query: Details query now groups by fingerprint with occurrences, last_seen, first_seen, and any() aggregations; stack traces are truncated to 3000 chars to stay within limits
• Add output file trimming step: New workflow step trims /tmp/summary.jsonl and /tmp/details.jsonl to 200 KB before passing them to the AI, preventing token overflow
• Enhance AI prompt with privacy section: Explicit instructions to redact home-directory path segments in stack traces and error messages, and to never include emails, names, or IP addresses
• Add PostHog deep links: Provide the PostHog project ID to the AI so it can generate per-error error_tracking/<fingerprint> links directly in the report
• Mandate code snippets in reports: Updated prompt to require both the PostHog error/stack trace and the relevant src/ code snippet for every error; reports without code snippets are now considered incomplete
• Update report template: Separated "Error from PostHog" and "Stack trace" sections from "Root cause in code"; replaced "Affected users" list with "Internal vs external" fraction using the new aggregate field

Testing

• I have tested these changes locally
• I have added/updated tests as needed
• All tests pass (npm test)

Checklist

• My code follows the project's style guidelines
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation (if applicable)
• My changes generate no new warnings
• I have updated docs/ (AGENTS.md) if I made architectural changes

Additional Notes

The query restructuring (grouping details by fingerprint rather than returning raw events) is the core change enabling PII removal — since there is no longer a distinct_id column, no user emails can appear in the report. The internal_occurrences aggregate provides the same internal-vs-external signal without exposing individual identities. The 200 KB trim guard prevents the workflow from silently failing when error volume is high.

---

_{🤖 Generated by Claude | 2026-02-18 23:42 UTC}

[github-actions]

🚀 Package Preview Available!

---

Install this PR's preview build with npm:

npm i @base44-preview/cli@0.0.32-pr.269.2da16d6

Prefer not to change any import paths? Install using npm alias so your code still imports base44:

npm i "base44@npm:@base44-preview/cli@0.0.32-pr.269.2da16d6"

Or add it to your package.json dependencies:

{
  "dependencies": {
    "base44": "npm:@base44-preview/cli@0.0.32-pr.269.2da16d6"
  }
}

• 📦 Preview Package: @base44-preview/cli@0.0.32-pr.269.2da16d6
• 🔗 View this commit on GitHub

---

_{Preview published to npm registry — try new features instantly!}