fix(scrubber): Remove ip_address instead of replacing with [Filtered]

[joaquinhuigomez]

Fixes #5701

Problem

The EventScrubber replaces ip_address with [Filtered], but [Filtered] is not a valid IP address. The Sentry server rejects it as a protocol violation, showing a processing error in the UI even though the server infers the real IP from the HTTP request.

Solution

Add a remove_list parameter to EventScrubber that controls which denied keys are deleted from the dict instead of being replaced with [Filtered].

• Defaults to DEFAULT_REMOVE_LIST = ["ip_address"], so the fix works out of the box.
• Users can override via EventScrubber(remove_list=[...]).
• Setting remove_list=[] restores the previous replace-with-[Filtered] behavior for all fields.

This follows the approach suggested by @rodolfoBee in the issue discussion: adding an option that removes the IP address from the event instead of replacing it.

Changes

• sentry_sdk/scrubber.py: New DEFAULT_REMOVE_LIST constant and remove_list parameter on EventScrubber.__init__. Updated scrub_dict to delete keys in the remove list instead of substituting them.
• tests/test_scrubber.py: Updated existing test expectations (ip_address now absent instead of [Filtered]), added four new tests covering the user dict scenario, PII-enabled passthrough, custom remove list, and empty remove list fallback.

[github-actions]

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

---

New Features ✨

Langchain

• Set gen_ai.operation.name and gen_ai.pipeline.name on LLM spans by ericapisani in #5849
• Broaden AI provider detection beyond OpenAI and Anthropic by ericapisani in #5707
• Update LLM span operation to gen_ai.generate_text by ericapisani in #5796

Other

• (asgi) Add option to disable suppressing chained exceptions by alexander-alderman-webb in #5714
• (logging) Separate ignore lists for events/breadcrumbs and sentry logs by sl0thentr0py in #5698

Bug Fixes 🐛

Anthropic

• Set exception info on streaming span when applicable by alexander-alderman-webb in #5683
• Patch AsyncStream.close() and AsyncMessageStream.close() to finish spans by alexander-alderman-webb in #5675
• Patch Stream.close() and MessageStream.close() to finish spans by alexander-alderman-webb in #5674

Ci

• Use gh CLI to convert PR to draft by stephanie-anderson in #5874
• Use GitHub App token for draft PR enforcement by stephanie-anderson in #5871

Openai

• Always set gen_ai.response.streaming for Responses by alexander-alderman-webb in #5697
• Simplify Responses input handling by alexander-alderman-webb in #5695
• Use max_output_tokens for Responses API by alexander-alderman-webb in #5693
• Always set gen_ai.response.streaming for Completions by alexander-alderman-webb in #5692
• Simplify Completions input handling by alexander-alderman-webb in #5690
• Simplify embeddings input handling by alexander-alderman-webb in #5688

Other

• (google-genai) Guard response extraction by alexander-alderman-webb in #5869

• (scrubber) Remove ip_address instead of replacing with [Filtered] by joaquinhuigomez in #5783

• (starlette) Catch Jinja2Templates ImportError by alexander-alderman-webb in #5741
• (workflow) Fix permission issue with github app and PR draft graphql endpoint by Jeffreyhung in #5887

Documentation 📚

• Update CONTRIBUTING.md with contribution requirements and TOC by stephanie-anderson in #5896
• Add note on AI PRs to CONTRIBUTING.md by sentrivana in #5696

Internal Changes 🔧

Langchain

• Add text completion test by alexander-alderman-webb in #5740
• Add tool execution test by alexander-alderman-webb in #5739
• Add basic agent test with Responses call by alexander-alderman-webb in #5726
• Replace mocks with httpx types by alexander-alderman-webb in #5724
• Consolidate span origin assertion by alexander-alderman-webb in #5723
• Consolidate available tools assertion by alexander-alderman-webb in #5721

Openai

• Replace mocks with httpx types for streaming Responses by alexander-alderman-webb in #5882
• Replace mocks with httpx types for streaming Completions by alexander-alderman-webb in #5879
• Move input handling code into API-specific functions by alexander-alderman-webb in #5687

Other

• (ai) Rename generate_text to text_completion by ericapisani in #5885
• (asyncpg) Normalize query whitespace in integration by ericapisani in #5855
• Add workflow to close unvetted non-maintainer PRs by stephanie-anderson in #5895
• Exclude compromised litellm versions by alexander-alderman-webb in #5876
• Reactivate litellm tests by alexander-alderman-webb in #5853
• Add note to coordinate with assignee before PR submission by sentrivana in #5868
• Temporarily stop running litellm tests by alexander-alderman-webb in #5851
• Pin GitHub Actions to full-length commit SHAs by joshuarli in #5781
• Add -latest alias for each integration test suite by sentrivana in #5706
• Use date-based branch names for toxgen PRs by sentrivana in #5704
• 🤖 Update test matrix with new releases (03/19) by github-actions in #5703
• Add client report tests for span streaming by sentrivana in #5677

Other

• ci+docs: Add draft PR enforcement by stephanie-anderson in #5867
• release: 2.56.0 by alexander-alderman-webb in f5e93ad0
• Update CHANGELOG.md by sentrivana in #5685

---

_{🤖 This preview updates automatically when you update the PR.}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

[cursor]

Unused import of DEFAULT_REMOVE_LIST in tests

Low Severity

DEFAULT_REMOVE_LIST is imported but never referenced in any test function. It was likely intended for use in a test (e.g., to build a custom list via DEFAULT_REMOVE_LIST + [...]) but ended up unused. This is dead code introduced by this PR.

 

[stephanie-anderson]

This PR has been closed. The referenced issue does not show a discussion between you and a maintainer.

To avoid wasted effort on both sides, please discuss your proposed approach in the issue first and wait for a maintainer to respond before opening a PR.

Please review our contributing guidelines for more details.