Skip to content

fix(scrub-sensitive-data-from-sentry): scrubs sensitive datat from se…#3843

Open
brian-mecha wants to merge 2 commits into
dimagi:mainfrom
brian-mecha:fix/3194-scrub-sensitive-data-from-sentry
Open

fix(scrub-sensitive-data-from-sentry): scrubs sensitive datat from se…#3843
brian-mecha wants to merge 2 commits into
dimagi:mainfrom
brian-mecha:fix/3194-scrub-sensitive-data-from-sentry

Conversation

@brian-mecha

Copy link
Copy Markdown
Contributor

Product Description

Prevents the CommCare Connect encryption key from leaking into Sentry error reports.

Technical Description

Sentry runs with attach_stacktrace=True, which ships stack-frame locals with every event, so the raw Connect encryption_key was captured whenever an exception fired in the encrypt/decrypt paths.

  • Added a custom EventScrubber (new config/sentry.py, wired into sentry_sdk.init) extending DEFAULT_DENYLIST with encryption_key/encryption_key_bytes and recursive=True to also catch secrets nested in dicts/lists. Extracted to its own module so the scrubbing is unit-testable without initializing the SDK.
  • Scrubbing matches variable/key names by exact, case-insensitive name, so standardized the convention: renamed the bare key arg to encryption_key in CommCareConnectClient.decrypt_messages / _encrypt_message / _decrypt_message (and call sites) so all raw key material is denylist-covered without over-scrubbing unrelated key vars.
  • Added config/tests/test_sentry.py verifying sensitive locals (incl. nested) are redacted while non-sensitive vars are preserved.

Migrations

  • The migrations are backwards compatible

Demo

Docs and Changelog

  • This PR requires docs/changelog update

Fixes #3194

@coderabbitai

coderabbitai Bot commented Jul 17, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 2aa7e841-7dcb-46fe-b980-bac6cabfc3c5

📥 Commits

Reviewing files that changed from the base of the PR and between aac1f5c and bac0305.

📒 Files selected for processing (8)
  • apps/channels/clients/connect_client.py
  • apps/channels/tests/test_connect_channel_v2.py
  • apps/channels/tests/test_connect_client.py
  • apps/channels/tests/test_connect_integration.py
  • config/sentry.py
  • config/settings.py
  • config/tests/__init__.py
  • config/tests/test_sentry.py

📝 Walkthrough

Walkthrough

Connect encryption parameters and keyword calls now use encryption_key. A new Sentry scrubber denylist covers encryption key names and recursively scrubs sensitive values in stack-frame locals and nested structures. Sentry initialization uses the scrubber, with tests covering sensitive, non-sensitive, and nested data.

Estimated code review effort: 3 (Moderate) | ~20 minutes

Suggested reviewers: smittiec

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 20.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title is concise and clearly describes the main change: scrubbing sensitive Sentry data.
Description check ✅ Passed The description includes the required sections and gives enough technical detail about the Sentry scrubber and key renames.
Linked Issues check ✅ Passed [#3194] The PR adds a recursive Sentry scrubber, updates key naming, and adds tests that match the issue's requirements.
Out of Scope Changes check ✅ Passed The added tests, config module, and key renames are all directly related to scrubbing sensitive Sentry data.
✨ Finishing Touches
⚔️ Resolve merge conflicts
  • Resolve merge conflict in branch fix/3194-scrub-sensitive-data-from-sentry

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Scrub sensitive data from Sentry

1 participant