🥅 app: deduplicate and fingerprint unknown passkey sentry reports

[cruzdanilo]

---

Summary by CodeRabbit

Release Notes

• Bug Fixes
  • Improved error handling for passkey operations with enhanced deduplication and fingerprinting in error tracking.
  • Expanded error suppression logic to handle additional error types and provide better error reporting context.

[changeset-bot]

🦋 Changeset detected

Latest commit: f7de431

The changes in this PR will be included in the next version bump.

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coderabbitai]

Walkthrough

This PR adds error fingerprinting and deduplication improvements for Sentry reporting. A changeset entry documents the feature. The server utility consolidates error suppression logic and expands it to cover additional error types (ValiError, NotAllowedError, UnknownError, Apple AuthenticationServices errors, and device unlock/cancellation messages). The auth utility now conditionally attaches fingerprint data to error reports based on error code properties.

Changes

Cohort / File(s)	Summary
Changeset Entry .changeset/bright-falcon-catch.md	Adds patch-level changeset for deduplicating and fingerprinting unknown passkey Sentry reports.
Error Handling & Fingerprinting src/utils/server.ts, src/utils/useAuth.ts	Consolidates error suppression logic in server utilities while expanding coverage for ValiError, NotAllowedError, UnknownError, and platform-specific authentication errors. Augments error reporting in useAuth with conditional fingerprint data for standard Error types with code properties.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• 🔖 release: server@0.2.58, mobile@1.1.9 #734 — Both PRs add error fingerprinting for error reporting to improve Sentry deduplication across mobile and server utilities.
• 🥅 server: fix bad session issue, fingerprint validator errors by code #732 — Both PRs modify server-side error handling in src/utils/server.ts and add fingerprinting logic keyed by error codes for better Sentry deduplication.
• 🥅 handle misc errors from sentry #725 — Both PRs expand error handling in src/utils/server.ts and src/utils/useAuth.ts for Apple WebAuthn and platform-specific authentication error cases.

Suggested reviewers

• dieguezguille
• franm91

🚥 Pre-merge checks | ✅ 2

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly aligns with the main objective stated in the PR: 'deduplicate and fingerprint unknown passkey sentry reports'. All three file changes support this goal.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch sentry

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @cruzdanilo, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refines the application's error management, particularly concerning passkey authentication failures. It introduces logic to prevent the query client from retrying specific known passkey errors and implements a more robust Sentry reporting mechanism by fingerprinting errors based on their unique codes, which will help in identifying and managing recurring issues more efficiently.

Highlights

• Changeset Added: A new changeset file (.changeset/bright-falcon-catch.md) has been added to document the patch for @exactly/mobile.
• Enhanced Error Handling in server.ts: The src/utils/server.ts file has been updated to prevent the query client from retrying authentication queries when specific passkey-related errors occur. This includes error.message === "UnknownError" and errors with a code property equal to "ERR_UNKNOWN".
• Improved Sentry Fingerprinting in useAuth.ts: The src/utils/useAuth.ts file now includes logic to send errors to Sentry with a custom fingerprint if the error object contains a code property. This helps in better deduplication and categorization of errors, especially for unknown passkey issues.

Changelog

• .changeset/bright-falcon-catch.md
  • Added a new changeset file to record the patch for @exactly/mobile.
• src/utils/server.ts
  • Modified the queryClient.setQueryDefaults for authentication queries to include error.message === "UnknownError" as a condition to prevent retries.
  • Added a condition to prevent retries if the error is an Error instance with a code property equal to "ERR_UNKNOWN".
• src/utils/useAuth.ts
  • Updated the handleError function to report errors to Sentry with a custom fingerprint if the error object contains a code property, using ["{{ default }}", error.code].

Activity

• No human activity (comments, reviews, etc.) has been recorded for this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request effectively addresses the goal of deduplicating and fingerprinting unknown passkey errors for Sentry reporting. The changes in src/utils/server.ts correctly suppress known, non-critical errors, while the modifications in src/utils/useAuth.ts add fingerprinting for errors that have a code property. The suggestion to enhance type safety of the new error reporting logic is valid and has been kept.

[devin-ai-integration]

Devin Review found 1 potential issue.

View 3 additional findings in Devin Review.

[sentry]

Codecov Report

❌ Patch coverage is 0% with 9 lines in your changes missing coverage. Please review.
✅ Project coverage is 67.27%. Comparing base (a03ba5a) to head (f7de431).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
src/utils/server.ts	0.00%	5 Missing ⚠️
src/utils/useAuth.ts	0.00%	4 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #739      +/-   ##
==========================================
- Coverage   67.28%   67.27%   -0.01%     
==========================================
  Files         206      206              
  Lines        6908     6909       +1     
  Branches     2147     2151       +4     
==========================================
  Hits         4648     4648              
- Misses       2077     2078       +1     
  Partials      183      183              

Flag	Coverage Δ
e2e	67.23% <0.00%> (+15.18%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In `@src/utils/server.ts`:
- Around line 64-76: The suppressError predicate embedded in the suppressError
option (referencing ValiError and the long series of platform-specific message
checks) is duplicated across server.ts, useAuth.ts and accountClient.ts; extract
the platform/cancellation checks into a shared helper function named
isPasskeyCancellation(error): boolean in a common utils module and replace the
repeated inline checks in suppressError and any similar predicates with calls to
isPasskeyCancellation(error), keeping any file-specific conditions layered on
top (e.g., retain ValiError checks inside suppressError while delegating
Apple/Android/UserCancelled/device-unlock logic to the new helper).

In `@src/utils/useAuth.ts`:
- Around line 87-92: The fingerprint construction passed to reportError can end
up with a non-string because the "(error as Error & { code: string }).code" cast
only affects types; update the logic around reportError (in useAuth.ts where
reportError is called and APIError is checked) to coerce the code to a string
(e.g., use String(error.code)) when building the fingerprint array while
preserving the existing existence and APIError checks.