Page MenuHomePhabricator

Deploy Sentry (JavaScript error logging) to production, configured to log only a limited subset of users/pages
Closed, DeclinedPublic

Description

Noticing, tracking and debugging errors should be easy. Wikimedia developers and users should be able to easily notice new errors (possibly only a subset of them that they are interested in), find out details, and share with others. At the same time security and privacy standards should be enforced.

Sentry is the most popular open-source software for error logging and aggregation; we should use it to (initially) collect errors from logged-in users (maybe leaving out the largest wikis, if the high traffic is problematic - those wikis are usually better at noticing problems quickly anyway) and/or errors on some specific pages with smaller traffic and more problematic history (e.g. Special:UploadWizard).

Related Objects

StatusSubtypeAssignedTask
OpenTgr
ResolvedTgr
ResolvedGilles
OpenNone
OpenNone
DeclinedTgr
OpenTgr
ResolvedTgr
Resolvedcsteipp
ResolvedTgr
ResolvedTgr
ResolvedAklapper
ResolvedTgr
ResolvedTgr
OpenNone
ResolvedTgr
DeclinedTgr
DeclinedTgr
StalledTgr
ResolvedTgr
StalledTgr
ResolvedTgr
OpenTgr
ResolvedKrinkle
DeclinedNone
OpenTgr
ResolvedTgr
OpenTgr
OpenNone
InvalidNone
StalledTgr
ResolvedTgr
OpenNone
Resolvedjcrespo
ResolvedTgr

Event Timeline

Gilles created this task.Mar 5 2015, 3:58 PM
Gilles assigned this task to Tgr.
Gilles raised the priority of this task from to High.
Gilles updated the task description. (Show Details)
Gilles added subscribers: Gilles, Tgr.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 5 2015, 3:58 PM
Eloquence renamed this task from Deploy Sentry to production, configured to log only UploadWizard to Deploy Sentry (JavaScript error logging) to production, configured to log only UploadWizard.Mar 5 2015, 9:02 PM
Eloquence set Security to None.

Do we have a "week of" ETA for this yet?

Poke -- is this happening next week, or do we need to bump it to April?

Tgr added a comment.Mar 20 2015, 10:36 PM

Poke -- is this happening next week, or do we need to bump it to April?

Sorry for being unresponsive! To a large extent this is blocked on review so it's hard for me to predict an exact date. It's definitely not happening next week though.

Restricted Application added a project: Notice. · View Herald TranscriptMar 25 2015, 9:51 PM
gpaumier moved this task from Backlog to Triaged on the Notice board.
gpaumier moved this task from Triaged to Archive on the Notice board.Apr 2 2015, 7:01 PM
Tgr added a comment.Apr 9 2015, 7:26 AM

Javascript error logging (but not Sentry) has been deployed; the part of this project that's a dependency for UploadWizard work is tracked under T94428.

Restricted Application added a project: Multimedia. · View Herald TranscriptApr 24 2015, 9:45 PM
gpaumier moved this task from August 2015 to June 2015 on the Roadmap board.May 6 2015, 9:34 PM
greg moved this task from June 2015 to July 2015 on the Roadmap board.Jun 18 2015, 4:09 PM
Restricted Application added subscribers: Steinsplitter, Matanya. · View Herald TranscriptJun 29 2015, 10:38 PM
Tgr moved this task from Backlog to Goals on the Sentry board.Jul 20 2015, 3:01 PM
Tgr lowered the priority of this task from High to Medium.Jul 24 2015, 11:29 PM
Jdforrester-WMF moved this task from Untriaged to Backlog on the Multimedia board.Sep 4 2015, 6:25 PM
Tgr renamed this task from Deploy Sentry (JavaScript error logging) to production, configured to log only UploadWizard to Deploy Sentry (JavaScript error logging) to production, configured to log only a limited subset of users/pages.Feb 5 2017, 8:58 AM
Tgr added a project: Developer-Wishlist (2017).
Tgr updated the task description. (Show Details)
Tgr moved this task from To Be Triaged to Backend on the Developer-Wishlist (2017) board.

Sentry is no longer open source (by the definition of OSI and by the admission of upstream as well). More at https://forum.sentry.io/t/re-licensing-sentry-faq-dAiscussion/8044.

Should we re-purpose this for the generic work not using Sentry itself, then?

Tgr added a comment.Nov 28 2019, 9:58 PM

Sentry is no longer open source (by the definition of OSI and by the admission of upstream as well). More at https://forum.sentry.io/t/re-licensing-sentry-faq-dAiscussion/8044.

To be more exact, Sentry is now business source, ie. eventually opensource with a non-compete restriction. (The code can be used in any way, except it cannot be used to offer paid error monitoring services; and it becomes proper Apache-2.0 three years after being published.) That is of course a no-go for any code that needs to be integrated with MediaWiki (using it would probably violate both the Sentry license and the GPL); using the Sentry server as a self-contained service should IMO still be considered. The license meets all the conditions for which we care about open source, and it's a reasonable balance between the spirit of open source (far closer to it than open core, which we do use) and not letting large commercial entities cannibalize your project. But of course that's a far larger discussion that would have to involve WMF Legal and TechCom at the minimum.

In any case, this task does not reflect reality, which is that (for unrelated reasons, mainly the technical complexity of running Sentry) we will deploy error logging based on our event logging stack. That is being tracked in T217142: [WIP] [Proposal] Use the Kafka-Logstash logging infrastructure to log client-side errors.

akosiaris closed this task as Declined.Nov 29 2019, 8:11 AM
In T91649#5700798, @Tgr wrote:

Sentry is no longer open source (by the definition of OSI and by the admission of upstream as well). More at https://forum.sentry.io/t/re-licensing-sentry-faq-dAiscussion/8044.

To be more exact, Sentry is now business source, ie. eventually opensource with a non-compete restriction. (The code can be used in any way, except it cannot be used to offer paid error monitoring services; and it becomes proper Apache-2.0 three years after being published.) That is of course a no-go for any code that needs to be integrated with MediaWiki (using it would probably violate both the Sentry license and the GPL); using the Sentry server as a self-contained service should IMO still be considered. The license meets all the conditions for which we care about open source, and it's a reasonable balance between the spirit of open source (far closer to it than open core, which we do use) and not letting large commercial entities cannibalize your project. But of course that's a far larger discussion that would have to involve WMF Legal and TechCom at the minimum.

Indeed. There's a huge discussion around this trend in licensing and counter arguments (and counter-counter arguments and so on) to the above, but I too see little value in having this discussion in this task.

In any case, this task does not reflect reality, which is that (for unrelated reasons, mainly the technical complexity of running Sentry) we will deploy error logging based on our event logging stack. That is being tracked in T217142: [WIP] [Proposal] Use the Kafka-Logstash logging infrastructure to log client-side errors.

I 'll resolve this as Declined per the above, feel free to reopen/change status.