Merge branch 'main' into ensure-android-plugin-type-safety

Author: lucas-zimerman

.github/workflows/codeql-analysis.yml

@@ -44,7 +44,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # pin@v3.29.5
+        uses: github/codeql-action/init@df559355d593797519d70b90fc8edd5db049e7a2 # pin@v3.29.5
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -55,7 +55,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # pin@v3.29.5
+        uses: github/codeql-action/autobuild@df559355d593797519d70b90fc8edd5db049e7a2 # pin@v3.29.5
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions
@@ -66,4 +66,4 @@ jobs:
       #   make bootstrap
       #   make release
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # pin@v3.29.5
+        uses: github/codeql-action/analyze@df559355d593797519d70b90fc8edd5db049e7a2 # pin@v3.29.5

.github/workflows/e2e-v2.yml

@@ -313,7 +313,7 @@ jobs:
             runs-on: macos-14
           - platform: ios
             rn-version: '0.65.3'
-            runs-on: macos-15
+            runs-on: macos-14
           - platform: android
             runs-on: ubuntu-latest
         exclude:

.github/workflows/native-tests.yml

@@ -18,7 +18,7 @@ jobs:
 
   test-ios:
     name: ios
-    runs-on: macos-15
+    runs-on: macos-14
     needs: [diff_check]
     if: ${{ needs.diff_check.outputs.skip_ci != 'true' }}
     steps:

.github/workflows/testflight.yml

@@ -14,7 +14,7 @@ jobs:
 
   upload_to_testflight:
     name: Build and Upload React Native Sample to Testflight
-    runs-on: macos-15
+    runs-on: macos-14
     needs: [diff_check]
     if: ${{ needs.diff_check.outputs.skip_ci != 'true' }}
     steps:

CHANGELOG.md

@@ -6,6 +6,29 @@
 > make sure you follow our [migration guide](https://docs.sentry.io/platforms/react-native/migration/) first.
 <!-- prettier-ignore-end -->
 
+## Unreleased
+
+
+### Important Changes
+
+- **fix(browser): Ensure IP address is only inferred by Relay if `sendDefaultPii` is `true`** ([#5092](https://github.com/getsentry/sentry-react-native/pull/5092))
+
+This release includes a fix for a [behaviour change](https://docs.sentry.io/platforms/javascript/migration/v8-to-v9/#behavior-changes)
+that was originally introduced with v9 of the JavaScript SDK: User IP Addresses should only be added to Sentry events automatically,
+if `sendDefaultPii` was set to `true`.
+
+However, the change in v9 required further internal adjustment, which should have been included in v10 of the SDK.
+To avoid making a major bump, the fix was patched on the current version and not by bumping to V10.
+There is _no API_ breakage involved and hence it is safe to update.
+However, after updating the SDK, events (errors, traces, replays, etc.) sent from the browser, will only include
+user IP addresses, if you set `sendDefaultPii: true` in your `Sentry.init` options.
+
+We apologize for any inconvenience caused!
+
+## Fixes
+
+- Remove the warning that used to indicate that Time To Initial Display and Time To Full Display are not supported ([#5081](https://github.com/getsentry/sentry-react-native/pull/5081))
+
 ## 6.20.0
 
 ### Features

packages/core/src/js/integrations/sdkinfo.ts

@@ -5,6 +5,13 @@ import { isExpoGo, notWeb } from '../utils/environment';
 import { SDK_NAME, SDK_PACKAGE_NAME, SDK_VERSION } from '../version';
 import { NATIVE } from '../wrapper';
 
+// TODO: Remove this on JS V10.
+interface IpPatchedSdkInfo extends SdkInfoType {
+  settings?: {
+    infer_ip?: 'auto' | 'never';
+  };
+}
+
 const INTEGRATION_NAME = 'SdkInfo';
 
 type DefaultSdkInfo = Pick<Required<SdkInfoType>, 'name' | 'packages' | 'version'>;
@@ -19,13 +26,25 @@ export const defaultSdkInfo: DefaultSdkInfo = {
   ],
   version: SDK_VERSION,
 };
+let DefaultPii: boolean | undefined = undefined;
 
 /** Default SdkInfo instrumentation */
 export const sdkInfoIntegration = (): Integration => {
   const fetchNativeSdkInfo = createCachedFetchNativeSdkInfo();
 
   return {
     name: INTEGRATION_NAME,
+    setup(client) {
+      const options = client.getOptions();
+      DefaultPii = options.sendDefaultPii;
+      if (DefaultPii) {
+        client.on('beforeSendEvent', event => {
+          if (event.user?.ip_address === '{{auto}}') {
+            delete event.user.ip_address;
+          }
+        });
+      }
+    },
     setupOnce: () => {
       // noop
     },
@@ -37,15 +56,24 @@ async function processEvent(event: Event, fetchNativeSdkInfo: () => Promise<Pack
   const nativeSdkPackage = await fetchNativeSdkInfo();
 
   event.platform = event.platform || 'javascript';
-  event.sdk = event.sdk || {};
-  event.sdk.name = event.sdk.name || defaultSdkInfo.name;
-  event.sdk.version = event.sdk.version || defaultSdkInfo.version;
-  event.sdk.packages = [
+  const sdk = (event.sdk || {}) as IpPatchedSdkInfo;
+  sdk.name = sdk.name || defaultSdkInfo.name;
+  sdk.version = sdk.version || defaultSdkInfo.version;
+  sdk.packages = [
     // default packages are added by baseclient and should not be added here
-    ...(event.sdk.packages || []),
+    ...(sdk.packages || []),
     ...((nativeSdkPackage && [nativeSdkPackage]) || []),
   ];
 
+  // Patch missing infer_ip.
+  sdk.settings = {
+    infer_ip: DefaultPii ? 'auto' : 'never',
+    // purposefully allowing already passed settings to override the default
+    ...sdk.settings,
+  };
+
+  event.sdk = sdk;
+
   return event;
 }
 

packages/core/src/js/tracing/timetodisplay.tsx

@@ -3,13 +3,10 @@ import { fill, getActiveSpan, getSpanDescendants, logger, SEMANTIC_ATTRIBUTE_SEN
 import * as React from 'react';
 import { useState } from 'react';
 
-import { isTurboModuleEnabled } from '../utils/environment';
 import { SPAN_ORIGIN_AUTO_UI_TIME_TO_DISPLAY, SPAN_ORIGIN_MANUAL_UI_TIME_TO_DISPLAY } from './origin';
-import { getRNSentryOnDrawReporter, nativeComponentExists } from './timetodisplaynative';
+import { getRNSentryOnDrawReporter } from './timetodisplaynative';
 import { setSpanDurationAsMeasurement, setSpanDurationAsMeasurementOnSpan } from './utils';
 
-let nativeComponentMissingLogged = false;
-
 /**
  * Flags of active spans with manual initial display.
  */
@@ -62,17 +59,6 @@ function TimeToDisplay(props: {
   parentSpanId?: string;
 }): React.ReactElement {
   const RNSentryOnDrawReporter = getRNSentryOnDrawReporter();
-  const isNewArchitecture = isTurboModuleEnabled();
-
-  if (__DEV__ && (isNewArchitecture || (!nativeComponentExists && !nativeComponentMissingLogged))){
-    nativeComponentMissingLogged = true;
-    // Using setTimeout with a delay of 0 milliseconds to defer execution and avoid printing the React stack trace.
-    setTimeout(() => {
-      logger.warn(
-          'TimeToInitialDisplay and TimeToFullDisplay are not supported on the web, Expo Go and New Architecture. Run native build or report an issue at https://github.com/getsentry/sentry-react-native');
-    }, 0);
-  }
-
   return (
     <>
       <RNSentryOnDrawReporter

packages/core/test/integrations/sdkinfo.test.ts

@@ -1,4 +1,4 @@
-import type { Event, EventHint, Package } from '@sentry/core';
+import type { Client, Event, EventHint, Package } from '@sentry/core';
 
 import { SDK_NAME, SDK_VERSION } from '../../src/js';
 import { sdkInfoIntegration } from '../../src/js/integrations/sdkinfo';
@@ -86,9 +86,93 @@ describe('Sdk Info', () => {
     expect(processedEvent?.sdk?.name).toEqual(SDK_NAME);
     expect(processedEvent?.sdk?.version).toEqual(SDK_VERSION);
   });
+
+  it('Add none setting when defaultIp is undefined', async () => {
+    mockedFetchNativeSdkInfo = jest.fn().mockResolvedValue(null);
+    const mockEvent: Event = {};
+    const processedEvent = await processEvent(mockEvent, {}, undefined);
+
+    expect(processedEvent?.sdk?.name).toEqual(SDK_NAME);
+    expect(processedEvent?.sdk?.version).toEqual(SDK_VERSION);
+    // @ts-expect-error injected type.
+    expect(processedEvent?.sdk?.settings?.infer_ip).toEqual('never');
+  });
+
+  it('Add none setting when defaultIp is false', async () => {
+    mockedFetchNativeSdkInfo = jest.fn().mockResolvedValue(null);
+    const mockEvent: Event = {};
+    const processedEvent = await processEvent(mockEvent, {}, false);
+
+    expect(processedEvent?.sdk?.name).toEqual(SDK_NAME);
+    expect(processedEvent?.sdk?.version).toEqual(SDK_VERSION);
+    // @ts-expect-error injected type.
+    expect(processedEvent?.sdk?.settings?.infer_ip).toEqual('never');
+  });
+
+  it('Add auto setting when defaultIp is true', async () => {
+    mockedFetchNativeSdkInfo = jest.fn().mockResolvedValue(null);
+    const mockEvent: Event = {};
+    const processedEvent = await processEvent(mockEvent, {}, true);
+
+    expect(processedEvent?.sdk?.name).toEqual(SDK_NAME);
+    expect(processedEvent?.sdk?.version).toEqual(SDK_VERSION);
+    // @ts-expect-error injected type.
+    expect(processedEvent?.sdk?.settings?.infer_ip).toEqual('auto');
+  });
+
+  it('removes ip_address if it is "{{auto}}"', () => {
+    const mockHandler = jest.fn();
+
+    const client = {
+      getOptions: () => ({ sendDefaultPii: true }),
+      on: (eventName: string, cb: (event: any) => void) => {
+        if (eventName === 'beforeSendEvent') {
+          mockHandler.mockImplementation(cb);
+        }
+      },
+    };
+
+    sdkInfoIntegration().setup!(client as any);
+
+    const testEvent = { user: { ip_address: '{{auto}}' } };
+    mockHandler(testEvent);
+
+    expect(testEvent.user.ip_address).toBeUndefined();
+  });
+
+  it('keeps ip_address if it is not "{{auto}}"', () => {
+    const mockHandler = jest.fn();
+
+    const client = {
+      getOptions: () => ({ sendDefaultPii: true }),
+      on: (eventName: string, cb: (event: any) => void) => {
+        if (eventName === 'beforeSendEvent') {
+          mockHandler.mockImplementation(cb);
+        }
+      },
+    };
+
+    sdkInfoIntegration().setup!(client as any);
+
+    const testEvent = { user: { ip_address: '1.2.3.4' } };
+    mockHandler(testEvent);
+
+    expect(testEvent.user.ip_address).toBe('1.2.3.4');
+  });
 });
 
-function processEvent(mockedEvent: Event, mockedHint: EventHint = {}): Event | null | PromiseLike<Event | null> {
+function processEvent(
+  mockedEvent: Event,
+  mockedHint: EventHint = {},
+  sendDefaultPii?: boolean,
+): Event | null | PromiseLike<Event | null> {
   const integration = sdkInfoIntegration();
+  if (sendDefaultPii != null) {
+    const mockClient: jest.Mocked<Client> = {
+      getOptions: jest.fn().mockReturnValue({ sendDefaultPii: sendDefaultPii }),
+      on: jest.fn(),
+    } as any;
+    integration.setup!(mockClient);
+  }
   return integration.processEvent!(mockedEvent, mockedHint, {} as any);
 }

packages/core/test/tracing/timetodisplay.test.tsx

@@ -7,7 +7,6 @@ jest.mock('../../src/js/wrapper', () => mockWrapper);
 import * as mockedtimetodisplaynative from './mockedtimetodisplaynative';
 jest.mock('../../src/js/tracing/timetodisplaynative', () => mockedtimetodisplaynative);
 
-import { isTurboModuleEnabled } from '../../src/js/utils/environment';
 jest.mock('../../src/js/utils/environment', () => ({
   isWeb: jest.fn().mockReturnValue(false),
   isTurboModuleEnabled: jest.fn().mockReturnValue(false),
@@ -290,24 +289,6 @@ describe('TimeToDisplay', () => {
     expect(getInitialDisplaySpanJSON(client.event!.spans!)!.timestamp).toEqual(initialDisplayEndTimestampMs / 1_000);
     expect(getFullDisplaySpanJSON(client.event!.spans!)!.timestamp).toEqual(initialDisplayEndTimestampMs / 1_000);
   });
-
-  test('should not log a warning if native component exists and not in new architecture', async () => {
-    (isTurboModuleEnabled as jest.Mock).mockReturnValue(false);
-
-    TestRenderer.create(<TimeToInitialDisplay record={true} />);
-    await jest.runOnlyPendingTimersAsync(); // Flush setTimeout.
-
-    expect(logger.warn).not.toHaveBeenCalled();
-  });
-
-  test('should log a warning if in new architecture', async () => {
-    (isTurboModuleEnabled as jest.Mock).mockReturnValue(true);
-    TestRenderer.create(<TimeToInitialDisplay record={true} />);
-    await jest.runOnlyPendingTimersAsync(); // Flush setTimeout.
-
-    expect(logger.warn).toHaveBeenCalledWith(
-      'TimeToInitialDisplay and TimeToFullDisplay are not supported on the web, Expo Go and New Architecture. Run native build or report an issue at https://github.com/getsentry/sentry-react-native');
-  });
 });
 
 function getInitialDisplaySpanJSON(spans: SpanJSON[]) {