Add consent-gated Android Sentry runtime init#96
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: db8b439609
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
Pull request overview
This PR adds consent-gated Sentry Android runtime initialization so the Android SDK only starts after a persisted observability opt-in is present, while explicitly disabling Sentry’s auto-init ContentProvider path.
Changes:
- Introduces an Android
Applicationsubclass (CharmApplication) that initializesSentryAndroidonly when a build-time DSN is present andobservability.jsonindicatessentryEnabled: true. - Updates the Android manifest to disable/remove Sentry provider auto-init and wire up the new
CharmApplication. - Adds Android build-time
BuildConfigfields for DSN/environment/release and documents the Android runtime scope/limitations inSENTRY.md.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| src-tauri/gen/android/app/src/main/java/social/cloudhub/charm/CharmApplication.kt | Adds consent-gated runtime Sentry Android initialization and a beforeSend re-check. |
| src-tauri/gen/android/app/src/main/AndroidManifest.xml | Disables Sentry auto-init providers and sets the app Application class. |
| src-tauri/gen/android/app/build.gradle.kts | Adds Sentry Android dependency and build-time BuildConfig DSN/env/release fields. |
| SENTRY.md | Documents Android runtime initialization behavior and current scope (crash/ANR, no Mobile Vitals). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: ac01ae01d8
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
…runtime # Conflicts: # SENTRY.md
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 5 changed files in this pull request and generated no new comments.
Comments suppressed due to low confidence (1)
.github/workflows/sentry-release-artifacts.yml:59
- The frontend build expects
VITE_SENTRY_DSN(seesrc/observability/instrument.ts), but this step now setsSENTRY_DSNinstead. Since the prior "Configure Sentry release upload" step does not exportVITE_SENTRY_DSNinto$GITHUB_ENV, the release build will run without a DSN embedded and Sentry will be disabled at runtime.
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
VITE_SENTRY_DSN: ${{ secrets.VITE_SENTRY_DSN }}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 9f3968bf4a
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
9e48392 to
b1550ba
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b1550ba67f
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| } catch (error) { | ||
| if (isTauri()) { | ||
| console.warn("Failed to persist observability settings to the Tauri store", error); | ||
| } |
There was a problem hiding this comment.
Don't report Android opt-out success after store save failure
When Android Sentry has already initialized and the user turns error monitoring off, the only native consent signal in this commit is the persisted observability.json watched by CharmApplication; there is no native IPC update here. If store.set() or store.save() rejects, this catch only logs and lets the settings mutation resolve, so the UI proceeds to close the WebView client while Android's in-memory sentryConsentEnabled remains true from the old file and native crashes/ANRs can still be sent despite the opt-out. Please fail/rollback this opt-out path or update the native gate before reporting success.
Useful? React with 👍 / 👎.
| if (path == null) { | ||
| sentryConsentEnabled = false | ||
| return |
There was a problem hiding this comment.
Ignore null observer paths instead of disabling consent
Because this observer is attached to the whole app-data/filesDir directory, Android's documented null-path callbacks for the watched directory itself are not evidence that observability.json was deleted or changed. In that scenario this branch flips the consent cache to false, so an opted-in Android session silently drops all later Sentry events until another settings write restores the cache; ignore null/non-store paths or re-read the actual store instead of treating them as opt-out.
Useful? React with 👍 / 👎.
Summary
SentryAndroidfrom a newCharmApplicationonly after persisted observability opt-inVerification
git diff --check./node_modules/.bin/tsc --noEmit./node_modules/.bin/oxfmt --check ../node_modules/.bin/oxlint .(passes with existing warnings)./node_modules/.bin/vite buildAndroid build notes:
./node_modules/.bin/tauri android build --debug --apk --target aarch64 --ci --config '{"build":{"beforeBuildCommand":""}}'progressed into Android Rust compilation, then failed before Gradle/Kotlin on local OpenSSL cross-compilation becauseaarch64-linux-android-ranlibis not on PATH../gradlew :app:compileDebugKotlin -x rustBuildDebugis also blocked locally before app Kotlin compilation because the only installed JDK is OpenJDK 25.0.2, which this Gradle/Kotlin DSL toolchain rejects while configuringbuildSrc.Related to #87.