🥅 app: fingerprint api errors with status

[cruzdanilo]

---

Summary by CodeRabbit

• Bug Fixes
  • Improved error fingerprinting for API errors with enhanced status tracking for better error diagnosis and tracking accuracy.

[changeset-bot]

🦋 Changeset detected

Latest commit: 8280e78

The changes in this PR will be included in the next version bump.

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[gemini-code-assist]

Summary of Changes

Hello @cruzdanilo, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request enhances the application's error reporting mechanism by introducing the ability to fingerprint API errors based on their HTTP status codes. This change allows for more granular and accurate categorization of errors, particularly when error messages are vague or absent, thereby improving the overall observability and debugging process for API-related issues.

Highlights

• Changeset Added: A new changeset file has been added to document the feature for the @exactly/mobile package.
• Error Status Extraction: The parseError function in src/utils/reportError.ts has been updated to extract a numeric status from error objects, specifically when the error's code property is a finite number.
• Enhanced Error Classification: The classify function now includes the extracted status in the ParsedError type and uses it to create more specific fingerprints for APIError types. This allows for better grouping of API errors based on their status code, even when the error message is generic.

Changelog

• .changeset/quiet-otters-track.md
  • Added a new changeset entry for the @exactly/mobile package.
• src/utils/reportError.ts
  • Updated the parseError function to extract a numeric status from error objects.
  • Modified the classify function to incorporate this status into the error fingerprinting logic for APIError types.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

---

Walkthrough

Introduces a changeset to patch "@exactly/mobile" and enhances the error reporting utility to extract a status field from error codes and use it in fingerprint construction for API errors.

Changes

Cohort / File(s)	Summary
Release metadata .changeset/quiet-otters-track.md	Declares a patch release for "@exactly/mobile" related to fingerprint API errors with status.
Error reporting enhancement src/utils/reportError.ts	Added status field extraction from error.code (when numeric) and extended fingerprinting logic to handle status-aware APIError classification, improving error categorization and tracking.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• 🥅 app: deduplicate and fingerprint unknown passkey sentry reports #739: Updates callers passing error-based fingerprints to reportError, which is the utility being enhanced by this PR's status-aware fingerprinting logic.
• 🥅 app: fingerprint passkey errors by message, drop expected ones #774: Also modifies error parsing and classification logic in reportError.ts, touching overlapping error handling and fingerprinting behavior.

Suggested reviewers

• dieguezguille
• franm91

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: fingerprinting API errors with status information in the error reporting utility.
Merge Conflict Detection	✅ Passed	✅ No merge conflicts detected when merging into main

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch app

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[devin-ai-integration]

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no potential bugs to report.

View in Devin Review to see 3 additional findings.

[gemini-code-assist]

Code Review

This pull request enhances error reporting by adding fingerprinting for API errors based on their HTTP status, correctly extracting the status from error objects to generate a more specific Sentry fingerprint. However, a Medium severity Log Injection vulnerability was identified: unsanitized data from the error object (status and message) is used to construct the Sentry fingerprint, which could allow an attacker to flood the error tracking system with unique fingerprints, hindering monitoring and triage of legitimate issues. Additionally, there is a suggestion to improve the readability and maintainability of the new logic by simplifying a complex conditional expression.

[sentry]

Codecov Report

❌ Patch coverage is 56.25000% with 7 lines in your changes missing coverage. Please review.
✅ Project coverage is 68.83%. Comparing base (9c23adb) to head (8280e78).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
src/utils/reportError.ts	56.25%	7 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #787      +/-   ##
==========================================
- Coverage   69.56%   68.83%   -0.74%     
==========================================
  Files         207      207              
  Lines        7182     7026     -156     
  Branches     2248     2219      -29     
==========================================
- Hits         4996     4836     -160     
- Misses       2003     2010       +7     
+ Partials      183      180       -3     

Flag	Coverage Δ
e2e	52.61% <56.25%> (-16.93%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.