Skip to content

fix(error-reporting): silence ValidationError from user input#1225

Open
sentry[bot] wants to merge 1 commit into
mainfrom
seer/fix/silence-validation-error
Open

fix(error-reporting): silence ValidationError from user input#1225
sentry[bot] wants to merge 1 commit into
mainfrom
seer/fix/silence-validation-error

Conversation

@sentry

@sentry sentry Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

This PR addresses CLI-1HQ by silencing ValidationError instances in Sentry telemetry.

Previously, ValidationErrors, such as those thrown when an empty or whitespace-only issue identifier was provided (e.g., by AI agents calling sentry issue view), were not explicitly handled by the classifySilenced() function. This led to these user input errors being reported to Sentry as if they were CLI bugs.

The fix involves:

  1. Adding "validation_error" to the SilenceReason union type.
  2. Modifying classifySilenced() to return "validation_error" when an error instanceof ValidationError is encountered.

This change ensures that user-generated validation errors are correctly classified as silenced events, reducing noise in Sentry and accurately reflecting that these are not internal CLI issues.

Fixes CLI-1HQ

Comment @sentry <feedback> on this PR to have Autofix iterate on the changes.

@github-actions github-actions Bot added the risk: medium PR risk score: medium label Jul 10, 2026
@github-actions

Copy link
Copy Markdown
Contributor
PR Preview Action v1.8.1

QR code for preview link

🚀 View preview at
https://cli.sentry.dev/_preview/pr-1225/

Built to branch gh-pages at 2026-07-10 22:41 UTC.
Preview will be ready when the GitHub Pages deployment is complete.

Comment on lines +89 to +91
if (error instanceof ValidationError) {
return "validation_error";
}

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: When a ValidationError is silenced, the recorded metric in recordSilencedError omits the field property, losing context about which validation rule failed.
Severity: LOW

Suggested Fix

In recordSilencedError(), add a condition to include the field attribute in the metric when the error is an instance of ValidationError and the field property is present. This should follow the existing pattern for ContextError.resource. For example: if (error instanceof ValidationError && error.field) { attributes.field = error.field; }.

Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent. Verify if this is a real issue. If it is, propose a fix; if not, explain why it's
not valid.

Location: src/lib/error-reporting.ts#L89-L91

Potential issue: The pull request silences `ValidationError` instances, causing them to
be processed by the `recordSilencedError` function. However, this function fails to
include the `field` property from the error object when creating the
`cli.error.silenced` metric. This is inconsistent with how analogous errors like
`ContextError` are handled, where the `resource` property is explicitly preserved to
maintain context in metrics. This change results in a loss of observability, as it
becomes impossible to distinguish which specific validation rule failed based on the
silenced error metrics, whereas previously the `field` was used for grouping in Sentry.

Did we get this right? 👍 / 👎 to inform future reviews.

@cursor cursor Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 3 potential issues.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit f48ea79. Configure here.

// whole class to avoid noise from AI-agent callers passing bad input.
if (error instanceof ValidationError) {
return "validation_error";
}

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Over-broad ValidationError silencing

Medium Severity

The new branch treats every ValidationError as user input, but some throws come from API or internal state rather than caller arguments. buildFormatFromUrl raises ValidationError when a server install URL has an unrecognized response_format, so those product/API mismatches would now be silenced instead of captured.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit f48ea79. Configure here.

// whole class to avoid noise from AI-agent callers passing bad input.
if (error instanceof ValidationError) {
return "validation_error";
}

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Outdated silence classification test

Medium Severity

classifySilenced now returns validation_error for ValidationError, but the existing classifySilenced suite still expects ValidationError under "does NOT silence". That assertion will fail, and there is no positive coverage for the new silence reason.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit f48ea79. Configure here.

// whole class to avoid noise from AI-agent callers passing bad input.
if (error instanceof ValidationError) {
return "validation_error";
}

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing validation field metric

Low Severity

Silenced ValidationErrors emit cli.error.silenced without the structured field attribute. recordSilencedError already preserves resource for ContextError and auth_reason for AuthError, so validation volume cannot be broken down by which input failed after capture is dropped.

Additional Locations (1)
Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit f48ea79. Configure here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

risk: medium PR risk score: medium

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants