Skip to content

chore: 에러 모니터링 환경 구축을 위한 Sentry 도입 #89

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
leeleeleeleejun merged 1 commit into from
Dec 24, 2025
Merged

chore: 에러 모니터링 환경 구축을 위한 Sentry 도입 #89

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions apps/web/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,3 +32,6 @@ yarn-error.log*

# vercel
.vercel

# Sentry Config File
.env.sentry-build-plugin
16 changes: 16 additions & 0 deletions apps/web/app/_lib/axiosInstance.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ import axios, {
AxiosResponse,
InternalAxiosRequestConfig,
} from 'axios'
import * as Sentry from '@sentry/nextjs'
import { getToken } from '@/_apis/services/login'
import { getCookie } from '@/_utils/getCookie'

Expand Down Expand Up @@ -33,6 +34,21 @@ axiosInstance.interceptors.response.use(
const originalRequest = error.config as InternalAxiosRequestConfig & {
_retry?: boolean
}

// Todo: 상태 코드 400 전체 제외할지 말지 데이터를 보고 정하기
// error.response.status >= 500 &&
// error.response.status < 600
if (error.response?.status !== 401) {
Sentry.captureException(error, {
extra: {
url: originalRequest?.url,
method: originalRequest?.method,
status: error.response?.status,
data: error.response?.data,
},
})
}
Comment on lines +41 to +50
Copy link

@coderabbitai coderabbitai bot Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

민감 정보 유출 위험: response data 로깅 제거 또는 필터링 필요.

error.response?.data를 Sentry에 전송하면 다음과 같은 심각한 보안 및 개인정보 보호 문제가 발생할 수 있습니다:

  • 개인정보(PII) 유출: 사용자 이메일, 전화번호, 주소 등이 API 응답에 포함될 수 있음
  • 보안 정보 노출: 인증 토큰, 세션 ID, API 키 등이 에러 응답에 포함될 수 있음
  • 규정 준수 위반: GDPR, 개인정보보호법 위반 가능성

Sentry는 외부 모니터링 서비스이므로, 민감한 데이터가 외부로 전송되지 않도록 주의해야 합니다.

🔎 권장 해결 방법

방법 1 (권장): response data 필드 완전 제거

     if (error.response?.status !== 401) {
       Sentry.captureException(error, {
         extra: {
           url: originalRequest?.url,
           method: originalRequest?.method,
           status: error.response?.status,
-          data: error.response?.data,
         },
       })
     }

방법 2: 민감 정보 필터링 후 로깅

+    const sanitizeErrorData = (data: any) => {
+      if (!data) return undefined
+      const sanitized = { ...data }
+      // 민감 필드 제거
+      const sensitiveFields = ['password', 'token', 'accessToken', 'refreshToken', 'email', 'phone', 'address']
+      sensitiveFields.forEach(field => delete sanitized[field])
+      return sanitized
+    }
+
     if (error.response?.status !== 401) {
       Sentry.captureException(error, {
         extra: {
           url: originalRequest?.url,
           method: originalRequest?.method,
           status: error.response?.status,
-          data: error.response?.data,
+          data: sanitizeErrorData(error.response?.data),
         },
       })
     }

또한 Sentry 설정에서 beforeSend 훅을 사용하여 전역적으로 민감 정보를 필터링할 수도 있습니다.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
if (error.response?.status !== 401) {
Sentry.captureException(error, {
extra: {
url: originalRequest?.url,
method: originalRequest?.method,
status: error.response?.status,
data: error.response?.data,
},
})
}
if (error.response?.status !== 401) {
Sentry.captureException(error, {
extra: {
url: originalRequest?.url,
method: originalRequest?.method,
status: error.response?.status,
},
})
}
🤖 Prompt for AI Agents 
In apps/web/app/_lib/axiosInstance.ts around lines 41 to 50, the current Sentry
capture includes error.response?.data which can leak PII or secrets; remove
sending the full response body and instead either omit error.response.data
entirely or sanitize it before sending (e.g., whitelist only non-sensitive
fields like status and headers, or send a truncated/summary string), and update
the Sentry.extra payload to include only safe values (url, method, status, and a
sanitized/omitted data field) or rely on Sentry's beforeSend global filter to
scrub any remaining sensitive fields.


if (error.response?.status === 401 && !originalRequest._retry) {
originalRequest._retry = true

Expand Down
29 changes: 24 additions & 5 deletions apps/web/app/error.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,25 +1,44 @@
'use client'

import Link from 'next/link'
import { useEffect } from 'react'
import * as Sentry from '@sentry/nextjs'
import { Text } from '@repo/ui/components/Text'
import { Icon } from '@repo/ui/components/Icon'
import { Button } from '@repo/ui/components/Button'
import { Column } from '@repo/ui/components/Layout'
import { CLIENT_PATH } from '@/_constants/path'

export default function ErrorPage() {
type Props = {
error: Error & { digest?: string }
reset: VoidFunction
}

export default function ErrorPage({ error, reset }: Props) {
useEffect(() => {
Sentry.captureException(error)
}, [error])

return (
<Column className={'flex-1 items-center justify-center gap-20'}>
<Column className={'gap-30 flex-1 items-center justify-center'}>
<Column className={'items-center gap-2'}>
<Icon type={'logo'} size={150} />
<div className={'text-center'}>
<Text fontSize={'lg'}>에러가 발생했어요</Text>
<Text fontSize={'lg'}>페이지를 새로고침해주세요</Text>
</div>
</Column>
<Button as={Link} size={'medium'} href={CLIENT_PATH.MAIN}>
홈으로
</Button>
<Column className={'items-center gap-2'}>
<Button size={'medium'} onClick={reset} className='mb-2'>
다시 시도
</Button>
<Link
href={CLIENT_PATH.MAIN}
className='text-sm text-gray-400 underline'
>
홈으로 이동
</Link>
</Column>
</Column>
)
}
39 changes: 39 additions & 0 deletions apps/web/app/global-error.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
'use client'

import * as Sentry from '@sentry/nextjs'
import { useEffect } from 'react'
import { Column } from '@repo/ui/components/Layout'
import { Text } from '@repo/ui/components/Text'
import { Button } from '@repo/ui/components/Button'

export default function GlobalError({
error,
}: {
error: Error & { digest?: string }
}) {
useEffect(() => {
Sentry.captureException(error)
}, [error])

return (
<html lang='ko'>
<body>
<div className='flex h-screen w-full items-center justify-center bg-white'>
<Column className={'items-center gap-10'}>
<div className={'text-center'}>
<Text fontSize={'2xl'} fontWeight='bold'>
시스템에 문제가 발생했습니다
</Text>
<Text className='mt-2 text-gray-500'>
잠시 후 다시 시도해주세요.
</Text>
</div>
<Button size={'medium'} onClick={() => window.location.reload()}>
새로고침
</Button>
</Column>
</div>
</body>
</html>
)
}
33 changes: 33 additions & 0 deletions apps/web/instrumentation-client.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
// This file configures the initialization of Sentry on the client.
// The added config here will be used whenever a users loads a page in their browser.
// https://docs.sentry.io/platforms/javascript/guides/nextjs/

import * as Sentry from '@sentry/nextjs'

Sentry.init({
dsn: process.env.NEXT_PUBLIC_SENTRY_DSN,

enabled: process.env.NODE_ENV === 'production',

// Add optional integrations for additional features
integrations: [Sentry.replayIntegration()],

// Define how likely traces are sampled. Adjust this value in production, or use tracesSampler for greater control.
tracesSampleRate: 1,
Copy link

@coderabbitai coderabbitai bot Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

프로덕션 환경에서 tracesSampleRate를 낮추세요.

서버 설정과 마찬가지로 클라이언트의 tracesSampleRate: 1(100% 샘플링)은 프로덕션 환경에서 성능과 비용 문제를 야기할 수 있습니다.

🔎 권장 수정사항 
-  tracesSampleRate: 1,
+  tracesSampleRate: process.env.NODE_ENV === 'production' ? 0.1 : 1,
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
tracesSampleRate: 1,
tracesSampleRate: process.env.NODE_ENV === 'production' ? 0.1 : 1,
🤖 Prompt for AI Agents 
In apps/web/instrumentation-client.ts around line 16, the client currently sets
tracesSampleRate: 1 which will sample 100% of transactions and can harm
performance and cost in production; change this to use an environment-driven
value (e.g., process.env.NEXT_PUBLIC_SENTRY_TRACES_SAMPLE_RATE or a small
numeric default like 0.05–0.2) and only enable 100% in development, or implement
tracesSampler to programmatically control sampling based on environment and
request/context.

// Enable logs to be sent to Sentry
enableLogs: true,

// Define how likely Replay events are sampled.
// This sets the sample rate to be 10%. You may want this to be 100% while
// in development and sample at a lower rate in production
replaysSessionSampleRate: 0.1,

// Define how likely Replay events are sampled when an error occurs.
replaysOnErrorSampleRate: 1.0,

// Enable sending user PII (Personally Identifiable Information)
// https://docs.sentry.io/platforms/javascript/guides/nextjs/configuration/options/#sendDefaultPii
sendDefaultPii: true,
Copy link

@coderabbitai coderabbitai bot Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

fd "instrumentation-client" --type f

Repository: knu-matzip/Matzip-Client

Length of output: 102

🏁 Script executed:

cat -n apps/web/instrumentation-client.ts

Repository: knu-matzip/Matzip-Client

Length of output: 1566

🏁 Script executed:

find . -type f -name "*instrumentation*" | head -20

Repository: knu-matzip/Matzip-Client

Length of output: 134

🏁 Script executed:

fd "sentry" --type f -e py -e ts -e js | grep -E "(server|backend|instrumentation)" | head -20

Repository: knu-matzip/Matzip-Client

Length of output: 100

🏁 Script executed:

find . -type f \( -name "PRIVACY*" -o -name "privacy*" -o -name "DATA_PROTECTION*" -o -name "*policy*" \) | head -10

Repository: knu-matzip/Matzip-Client

Length of output: 50

🏁 Script executed:

cat -n apps/web/instrumentation.ts

Repository: knu-matzip/Matzip-Client

Length of output: 480

🏁 Script executed:

cat -n apps/web/sentry.server.config.ts

Repository: knu-matzip/Matzip-Client

Length of output: 971

🏁 Script executed:

cat -n README.md 2>/dev/null | head -50

Repository: knu-matzip/Matzip-Client

Length of output: 2561

🏁 Script executed:

find . -type f \( -name "README*" -o -name "CHANGELOG*" \) -exec grep -l "privacy\|PII\|Sentry\|data" {} \;

Repository: knu-matzip/Matzip-Client

Length of output: 50

Sentry sendDefaultPii 설정의 개인정보 보호 정책 검토 필요

sendDefaultPii: true 설정은 클라이언트와 서버 모두에서 사용자 PII(IP 주소, 쿠키, 사용자 컨텍스트 등)를 Sentry 서드파티 서비스로 전송합니다. 이 설정이 개인정보 보호 정책, 이용약관, 그리고 필요한 경우 사용자 동의와 일치하는지 확인하세요.

🤖 Prompt for AI Agents 
In apps/web/instrumentation-client.ts around line 30, the Sentry option
sendDefaultPii is set to true which will send user PII to a third party; change
this to false by default and implement one of the following fixes: (1) require
explicit user consent before enabling sendDefaultPii (store consent flag and
enable Sentry only after consent), (2) gate the setting behind a server-side or
build-time env var (e.g., SENTRY_SEND_PII=true) and document it, or (3) keep it
true only after confirming legal/privacy review and add client/server-side
scrubbing to remove sensitive fields; also add a comment and tests/QA steps
showing where consent/env is checked and update privacy docs accordingly.

})

export const onRouterTransitionStart = Sentry.captureRouterTransitionStart
13 changes: 13 additions & 0 deletions apps/web/instrumentation.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
import * as Sentry from '@sentry/nextjs'

export async function register() {
if (process.env.NEXT_RUNTIME === 'nodejs') {
await import('./sentry.server.config')
}

if (process.env.NEXT_RUNTIME === 'edge') {
await import('./sentry.edge.config')
}
}

export const onRequestError = Sentry.captureRequestError
39 changes: 38 additions & 1 deletion apps/web/next.config.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import { withSentryConfig } from '@sentry/nextjs';
import type { NextConfig } from 'next'

const nextConfig: NextConfig = {
Expand Down Expand Up @@ -66,4 +67,40 @@ const nextConfig: NextConfig = {
},
}

export default nextConfig
export default withSentryConfig(nextConfig, {
// For all available options, see:
// https://www.npmjs.com/package/@sentry/webpack-plugin#options

org: "ss-vp",

project: "javascript-nextjs",

// Only print logs for uploading source maps in CI
silent: !process.env.CI,

// For all available options, see:
// https://docs.sentry.io/platforms/javascript/guides/nextjs/manual-setup/

// Upload a larger set of source maps for prettier stack traces (increases build time)
widenClientFileUpload: true,

// Route browser requests to Sentry through a Next.js rewrite to circumvent ad-blockers.
// This can increase your server load as well as your hosting bill.
// Note: Check that the configured route will not match with your Next.js middleware, otherwise reporting of client-
// side errors will fail.
tunnelRoute: "/monitoring",

webpack: {
// Enables automatic instrumentation of Vercel Cron Monitors. (Does not yet work with App Router route handlers.)
// See the following for more information:
// https://docs.sentry.io/product/crons/
// https://vercel.com/docs/cron-jobs
automaticVercelMonitors: true,

// Tree-shaking options for reducing bundle size
treeshake: {
// Automatically tree-shake Sentry logger statements to reduce bundle size
removeDebugLogging: true,
},
},
});
1 change: 1 addition & 0 deletions apps/web/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
"@heroui/theme": "catalog:",
"@hookform/resolvers": "^5.2.1",
"@repo/ui": "workspace:*",
"@sentry/nextjs": "^10",
"@suspensive/react": "^3.3.2",
"@tanstack/react-query": "catalog:",
"@tanstack/react-query-devtools": "catalog:",
Expand Down
22 changes: 22 additions & 0 deletions apps/web/sentry.edge.config.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
// This file configures the initialization of Sentry for edge features (middleware, edge routes, and so on).
// The config you add here will be used whenever one of the edge features is loaded.
// Note that this config is unrelated to the Vercel Edge Runtime and is also required when running locally.
// https://docs.sentry.io/platforms/javascript/guides/nextjs/

import * as Sentry from '@sentry/nextjs'

Sentry.init({
dsn: process.env.NEXT_PUBLIC_SENTRY_DSN,

enabled: process.env.NODE_ENV === 'production',

// Define how likely traces are sampled. Adjust this value in production, or use tracesSampler for greater control.
tracesSampleRate: 1,
Comment on lines +13 to +14
Copy link

@coderabbitai coderabbitai bot Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

프로덕션 환경에서 tracesSampleRate를 낮춰야 합니다.

tracesSampleRate: 1은 모든 트랜잭션(100%)을 샘플링하므로 프로덕션 환경에서 다음과 같은 문제가 발생할 수 있습니다:

  • Sentry 사용 비용이 크게 증가
  • 애플리케이션 성능 오버헤드 발생
  • 대용량 트래픽 시 Sentry 할당량 초과 가능

일반적으로 프로덕션에서는 0.1 (10%) 이하로 설정하는 것을 권장합니다.

🔎 권장 설정 
-  // Define how likely traces are sampled. Adjust this value in production, or use tracesSampler for greater control.
-  tracesSampleRate: 1,
+  // Adjust this value based on your traffic volume and budget
+  tracesSampleRate: process.env.NODE_ENV === 'production' ? 0.1 : 1,
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
// Define how likely traces are sampled. Adjust this value in production, or use tracesSampler for greater control.
tracesSampleRate: 1,
// Adjust this value based on your traffic volume and budget
tracesSampleRate: process.env.NODE_ENV === 'production' ? 0.1 : 1,
🤖 Prompt for AI Agents 
In apps/web/sentry.edge.config.ts around lines 13-14, tracesSampleRate is
hard-coded to 1 which will sample 100% of transactions in production; change
this to a lower default (e.g., 0.1) and wire it to an environment variable
(e.g., SENTRY_TRACES_SAMPLE_RATE) so production can use a small rate, and
consider replacing the fixed value with tracesSampler for dynamic sampling logic
based on environment, user, or transaction characteristics.


// Enable logs to be sent to Sentry
enableLogs: true,

// Enable sending user PII (Personally Identifiable Information)
// https://docs.sentry.io/platforms/javascript/guides/nextjs/configuration/options/#sendDefaultPii
sendDefaultPii: true,
Comment on lines +19 to +21
Copy link

@coderabbitai coderabbitai bot Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

cd apps/web && find . -name "sentry.edge.config.ts" -o -name "sentry*.config.ts" | head -20

Repository: knu-matzip/Matzip-Client

Length of output: 117

🏁 Script executed:

cat -n apps/web/sentry.edge.config.ts

Repository: knu-matzip/Matzip-Client

Length of output: 1133

🏁 Script executed:

# Search for any other Sentry configuration files or beforeSend callbacks
rg -l "beforeSend|Sentry.init" --type ts --type js | head -20

Repository: knu-matzip/Matzip-Client

Length of output: 166

🏁 Script executed:

# Check if there are any privacy-related policies or documentation
find . -name "*privacy*" -o -name "*gdpr*" -o -name "*policy*" 2>/dev/null | grep -v node_modules | head -20

Repository: knu-matzip/Matzip-Client

Length of output: 50

🏁 Script executed:

cat -n apps/web/sentry.server.config.ts

Repository: knu-matzip/Matzip-Client

Length of output: 971

🏁 Script executed:

cat -n apps/web/instrumentation-client.ts

Repository: knu-matzip/Matzip-Client

Length of output: 1566

🏁 Script executed:

# Search more broadly for beforeSend or data filtering in Sentry configs
rg "beforeSend|afterSend|integrations" apps/web/ --type ts --type js -A 3 -B 1

Repository: knu-matzip/Matzip-Client

Length of output: 521

🏁 Script executed:

# Check if there's a package.json to see Sentry version
cat apps/web/package.json | grep -A 2 -B 2 "@sentry"

Repository: knu-matzip/Matzip-Client

Length of output: 240

sendDefaultPii 설정에 대한 개인정보 보호 및 준수 사항 검토 필요

sendDefaultPii: true 설정이 세 곳에 모두 적용되어 있습니다:

  • apps/web/sentry.edge.config.ts (line 21)
  • apps/web/sentry.server.config.ts (line 20)
  • apps/web/instrumentation-client.ts (line 30)

이 설정은 사용자의 IP 주소, 사용자명, 이메일, 쿠키 등 개인식별정보(PII)를 Sentry로 전송합니다. 다음 사항들을 확인해주세요:

  • 개인정보처리방침에서 외부 모니터링 서비스로의 PII 전송을 명시하고 있는가?
  • GDPR, 개인정보보호법 등 관련 법규 준수 여부
  • 사용자 동의 절차가 필요한지 확인

민감한 정보 노출을 방지하기 위해 각 설정 파일에서 beforeSend 콜백을 통한 데이터 필터링 또는 sendDefaultPii: false로 변경하여 불필요한 PII 전송을 중단하는 것을 권장합니다.

🤖 Prompt for AI Agents 
In apps/web/sentry.edge.config.ts around lines 19 to 21, the config currently
sets sendDefaultPii: true which will send user-identifying data to Sentry;
update this to protect PII by either setting sendDefaultPii: false or
implementing a beforeSend callback that strips/filters IPs, usernames, emails,
cookies and other sensitive fields before events are sent, and mirror the same
change in the other two files (apps/web/sentry.server.config.ts and
apps/web/instrumentation-client.ts); ensure any change is accompanied by a note
to confirm privacy policy disclosure and consent flow with legal/product.

})
21 changes: 21 additions & 0 deletions apps/web/sentry.server.config.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
// This file configures the initialization of Sentry on the server.
// The config you add here will be used whenever the server handles a request.
// https://docs.sentry.io/platforms/javascript/guides/nextjs/

import * as Sentry from '@sentry/nextjs'

Sentry.init({
dsn: process.env.NEXT_PUBLIC_SENTRY_DSN,

enabled: process.env.NODE_ENV === 'production',

// Define how likely traces are sampled. Adjust this value in production, or use tracesSampler for greater control.
tracesSampleRate: 1,
Copy link

@coderabbitai coderabbitai bot Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

프로덕션 환경에서 tracesSampleRate를 낮추세요.

tracesSampleRate: 1은 모든 트랜잭션을 추적합니다(100% 샘플링). 프로덕션 환경에서는 성능 오버헤드와 Sentry 비용이 크게 증가할 수 있습니다. 일반적으로 프로덕션에서는 0.1(10%) 이하로 설정하는 것이 권장됩니다.

🔎 권장 수정사항 
-  tracesSampleRate: 1,
+  // Adjust based on your traffic - 0.1 = 10% of transactions
+  tracesSampleRate: process.env.NODE_ENV === 'production' ? 0.1 : 1,
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
tracesSampleRate: 1,
// Adjust based on your traffic - 0.1 = 10% of transactions
tracesSampleRate: process.env.NODE_ENV === 'production' ? 0.1 : 1,
🤖 Prompt for AI Agents 
In apps/web/sentry.server.config.ts around line 13, tracesSampleRate is set to 1
(100% sampling) which is too high for production; change it to a lower default
for production (e.g., 0.1 or lower) and implement environment-aware
configuration so development can keep high sampling while production reads a
SENTRY_TRACES_SAMPLE_RATE env var (with a safe fallback like 0.1 or 0.05) to
avoid excessive performance overhead and costs.


// Enable logs to be sent to Sentry
enableLogs: true,

// Enable sending user PII (Personally Identifiable Information)
// https://docs.sentry.io/platforms/javascript/guides/nextjs/configuration/options/#sendDefaultPii
sendDefaultPii: true,
Copy link

@coderabbitai coderabbitai bot Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# Examine the target file
cat -n apps/web/sentry.server.config.ts

Repository: knu-matzip/Matzip-Client

Length of output: 971

🏁 Script executed:

# Search for any beforeSend or other privacy-related configuration
rg -i "beforesend|filterpii|denyurls|allowurls|privacy" apps/web/ --type ts --type js -A 2 -B 2

Repository: knu-matzip/Matzip-Client

Length of output: 50

🏁 Script executed:

# Look for privacy policy or GDPR-related documentation
fd -i "privacy\|gdpr\|ccpa\|compliance" apps/web/ -o 2>/dev/null

Repository: knu-matzip/Matzip-Client

Length of output: 50

🏁 Script executed:

# Check Sentry's documentation context - search for any comments or documentation in the codebase
rg -i "sentry" apps/web/sentry.server.config.ts -A 5 -B 5

Repository: knu-matzip/Matzip-Client

Length of output: 824

Sentry 설정에서 PII 전송에 대한 개인정보 보호 검토가 필요합니다.

sendDefaultPii: true는 사용자의 개인 식별 정보(IP 주소, 이메일, 사용자명 등)를 Sentry로 전송하도록 설정되어 있습니다. 현재 코드에는 beforeSend 콜백이나 기타 PII 필터링 메커니즘이 없으므로, GDPR, CCPA 등 개인정보 보호 규정 준수 여부를 법무팀 또는 개인정보 보호 담당자와 반드시 검토해야 합니다.

권장사항:

  • 개인정보 보호 정책과의 정합성 확인
  • beforeSend 콜백을 통한 PII 데이터 필터링 구현
  • 필요시 sendDefaultPii: false로 설정
🤖 Prompt for AI Agents 
In apps/web/sentry.server.config.ts around line 20, sendDefaultPii: true
currently forwards user PII (IP, email, username) to Sentry; consult
legal/privacy and either set sendDefaultPii: false or implement a beforeSend
callback that inspects and removes/sanitizes PII fields (IP, user.email,
user.username, request headers, cookies, etc.) before sending events, add a
short comment documenting the privacy decision and which fields are scrubbed,
and ensure the change is approved by the privacy team.

})
Loading