Skip to content

feat(web): enable Sentry node and browser profiling#1431

Merged
brendan-kellam merged 3 commits into
mainfrom
brendan-kellam/sentry-profiling
Jul 10, 2026
Merged

feat(web): enable Sentry node and browser profiling#1431
brendan-kellam merged 3 commits into
mainfrom
brendan-kellam/sentry-profiling

Conversation

@brendan-kellam

@brendan-kellam brendan-kellam commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

Enables Sentry profiling in the web app, on both the server and the browser.

Changes

  • Added @sentry/profiling-node to packages/web.
  • sentry.server.config.ts: registered nodeProfilingIntegration().
  • instrumentation-client.ts: registered Sentry.browserProfilingIntegration().
  • Both set profileSessionSampleRate: 1.0 and profileLifecycle: 'trace', so a profiler runs only while a sampled root span is active rather than continuously.
  • next.config.mjs: added a Document-Policy: js-profiling response header, which browser profiling requires in order to opt the document into the JS Self-Profiling API.

Notes

Version pinning. @sentry/profiling-node is pinned to ^10.40.0 to match @sentry/nextjs, rather than the latest 10.64.0. It depends on @sentry/core and @sentry/node at exact versions, so a newer minor would install a second copy of the SDK alongside the one @sentry/nextjs pulls in, and the profiler would register against a different global carrier and silently emit nothing. Verified the tree still resolves to a single @sentry/core@10.40.0. Moving to 10.64.0 would need a coordinated bump of @sentry/nextjs (web) and @sentry/node + @sentry/profiling-node (backend) together.

No serverExternalPackages entry needed. @sentry/profiling-node loads a native .node addon through a require() whose path is computed at runtime, which normally means it has to be marked external. Next.js already ships it in its built-in external list (next/dist/lib/server-external-packages.jsonc), so no config is required. Confirmed by building with and without an explicit entry: instrumentation.js hashed identically and the file trace was unchanged.

browserTracingIntegration is not listed explicitly. @sentry/nextjs pushes its own App Router-aware version into the default integrations, and passing integrations as an array merges with the defaults rather than replacing them. Listing the generic one would shadow it.

Verification

  • Ran the node profiler against a capturing transport: emits ["profile_chunk", "transaction"] for a sampled span, confirming the native addon loads and profileLifecycle: 'trace' behaves as configured. With the option omitted (SDK default 'manual') only ["transaction"] is emitted.
  • next build passes, and .next/standalone traces the profiler plus all 28 prebuilt binaries, including the two linux-*-musl-137 ones the node:24-alpine runtime image needs.
  • Typecheck and lint clean on the touched files.

Follow-up worth considering

Server-side profileSessionSampleRate: 1.0 profiles every process. app.sourcebot.dev runs a single web replica whose event loop already saturates under /browse render bursts, so it may be worth dialing this down on the server. Browser profiling is client-side and costs nothing there.

🤖 Generated with Claude Code


Note

Medium Risk
Server profiling uses a native addon at 100% session sampling alongside full trace sampling, which can add CPU/overhead on hot paths; changes are observability-only, not auth or data handling.

Overview
Turns on Sentry performance profiling for the Next.js web app on both the server and client, tied to sampled traces instead of always-on profiling.

Server init registers nodeProfilingIntegration() (new @sentry/profiling-node, version-matched to @sentry/nextjs) with profileSessionSampleRate: 1.0 and profileLifecycle: 'trace'. Client init adds browserProfilingIntegration() with the same profiling options. debug: false is dropped from both inits.

next.config.mjs adds a global Document-Policy: js-profiling header so browser profiling can use the JS Self-Profiling API.

Reviewed by Cursor Bugbot for commit a992a80. Bugbot is set up for automated code reviews on this repo. Configure here.

Summary by CodeRabbit

  • New Features
    • Added enhanced performance monitoring for web sessions.
    • Enabled browser and server-side profiling to provide deeper insight into application performance.
    • Expanded monitoring coverage across all application routes for more consistent diagnostics.

Adds @sentry/profiling-node and wires up profiling on both the server
(nodeProfilingIntegration) and the browser (browserProfilingIntegration).

Both use profileLifecycle: 'trace', so a profiler only runs while a sampled
root span is active rather than continuously.

Browser profiling additionally requires the document to opt into the JS
Self-Profiling API, so a `Document-Policy: js-profiling` response header is
added alongside the existing security headers.

@sentry/profiling-node is pinned to ^10.40.0 to match @sentry/nextjs. It
depends on @sentry/core and @sentry/node at exact versions, so a newer minor
would pull a second copy of the SDK into the tree and the profiler would
register against a different global.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@github-actions

This comment has been minimized.

brendan-kellam and others added 2 commits July 9, 2026 21:59
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0e44652e-025e-4883-b6c2-8a62f7475d65

📥 Commits

Reviewing files that changed from the base of the PR and between 139b238 and a992a80.

⛔ Files ignored due to path filters (1)
  • yarn.lock is excluded by !**/yarn.lock, !**/*.lock
📒 Files selected for processing (4)
  • packages/web/next.config.mjs
  • packages/web/package.json
  • packages/web/src/instrumentation-client.ts
  • packages/web/src/sentry.server.config.ts

Walkthrough

Changes

Sentry profiling

Layer / File(s) Summary
Configure client and server profiling
packages/web/package.json, packages/web/src/instrumentation-client.ts, packages/web/src/sentry.server.config.ts, packages/web/next.config.mjs
Adds browser and Node Sentry profiling integrations, profiling sampling and lifecycle settings, the Node profiling dependency, and the Document-Policy: js-profiling header for all routes.

Estimated code review effort: 2 (Simple) | ~10 minutes

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch brendan-kellam/sentry-profiling

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@brendan-kellam brendan-kellam merged commit 4aec5d9 into main Jul 10, 2026
10 checks passed
@brendan-kellam brendan-kellam deleted the brendan-kellam/sentry-profiling branch July 10, 2026 05:01
@github-actions

github-actions Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

License Audit

⚠️ Status: PASS

Metric Count
Total packages 2222
Resolved (non-standard) 17
Unresolved 0
Strong copyleft 0
Weak copyleft 38

Weak Copyleft Packages (informational)

Package Version License
@img/sharp-libvips-darwin-arm64 1.0.4 LGPL-3.0-or-later
@img/sharp-libvips-darwin-arm64 1.2.4 LGPL-3.0-or-later
@img/sharp-libvips-darwin-x64 1.0.4 LGPL-3.0-or-later
@img/sharp-libvips-darwin-x64 1.2.4 LGPL-3.0-or-later
@img/sharp-libvips-linux-arm 1.0.5 LGPL-3.0-or-later
@img/sharp-libvips-linux-arm 1.2.4 LGPL-3.0-or-later
@img/sharp-libvips-linux-arm64 1.0.4 LGPL-3.0-or-later
@img/sharp-libvips-linux-arm64 1.2.4 LGPL-3.0-or-later
@img/sharp-libvips-linux-ppc64 1.2.4 LGPL-3.0-or-later
@img/sharp-libvips-linux-riscv64 1.2.4 LGPL-3.0-or-later
@img/sharp-libvips-linux-s390x 1.0.4 LGPL-3.0-or-later
@img/sharp-libvips-linux-s390x 1.2.4 LGPL-3.0-or-later
@img/sharp-libvips-linux-x64 1.0.4 LGPL-3.0-or-later
@img/sharp-libvips-linux-x64 1.2.4 LGPL-3.0-or-later
@img/sharp-libvips-linuxmusl-arm64 1.0.4 LGPL-3.0-or-later
@img/sharp-libvips-linuxmusl-arm64 1.2.4 LGPL-3.0-or-later
@img/sharp-libvips-linuxmusl-x64 1.0.4 LGPL-3.0-or-later
@img/sharp-libvips-linuxmusl-x64 1.2.4 LGPL-3.0-or-later
@img/sharp-wasm32 0.33.5 Apache-2.0 AND LGPL-3.0-or-later AND MIT
@img/sharp-wasm32 0.34.5 Apache-2.0 AND LGPL-3.0-or-later AND MIT
@img/sharp-win32-arm64 0.34.5 Apache-2.0 AND LGPL-3.0-or-later
@img/sharp-win32-ia32 0.33.5 Apache-2.0 AND LGPL-3.0-or-later
@img/sharp-win32-ia32 0.34.5 Apache-2.0 AND LGPL-3.0-or-later
@img/sharp-win32-x64 0.33.5 Apache-2.0 AND LGPL-3.0-or-later
@img/sharp-win32-x64 0.34.5 Apache-2.0 AND LGPL-3.0-or-later
axe-core 4.10.3 MPL-2.0
lightningcss 1.32.0 MPL-2.0
lightningcss-android-arm64 1.32.0 MPL-2.0
lightningcss-darwin-arm64 1.32.0 MPL-2.0
lightningcss-darwin-x64 1.32.0 MPL-2.0
lightningcss-freebsd-x64 1.32.0 MPL-2.0
lightningcss-linux-arm-gnueabihf 1.32.0 MPL-2.0
lightningcss-linux-arm64-gnu 1.32.0 MPL-2.0
lightningcss-linux-arm64-musl 1.32.0 MPL-2.0
lightningcss-linux-x64-gnu 1.32.0 MPL-2.0
lightningcss-linux-x64-musl 1.32.0 MPL-2.0
lightningcss-win32-arm64-msvc 1.32.0 MPL-2.0
lightningcss-win32-x64-msvc 1.32.0 MPL-2.0
Resolved Packages (17)
Package Version Original Resolved Source
codemirror-lang-elixir 4.0.0 UNKNOWN Apache-2.0 GitHub repo (livebook-dev/codemirror-lang-elixir) LICENSE via GitHub license API
khroma 2.1.0 UNKNOWN MIT GitHub repo (fabiospampinato/khroma) LICENSE via GitHub license API
lezer-elixir 1.1.2 UNKNOWN Apache-2.0 GitHub repo (livebook-dev/lezer-elixir) LICENSE via GitHub license API
map-stream 0.1.0 UNKNOWN MIT GitHub repo (dominictarr/map-stream) LICENSE via GitHub license API
memorystream 0.3.1 UNKNOWN MIT extracted from 'licenses' object [{type:MIT}] in npm registry metadata; confirmed via GitHub repo LICENSE
valid-url 1.0.9 UNKNOWN MIT GitHub repo (ogt/valid-url) LICENSE file text (MIT license)
posthog-js 1.369.0 SEE LICENSE IN LICENSE Apache-2.0 GitHub repo (PostHog/posthog-js) LICENSE file text (Apache License 2.0)
pause-stream 0.0.11 ["MIT","Apache2"] MIT OR Apache-2.0 GitHub repo (dominictarr/pause-stream) LICENSE file (dual licensed MIT and Apache 2)
@sentry/cli 2.58.5 FSL-1.1-MIT FSL-1.1-MIT (Functional Source License 1.1, MIT Future License) known license identifier (source-available, converts to MIT after 2 years; not copyleft)
@sentry/cli-darwin 2.58.5 FSL-1.1-MIT FSL-1.1-MIT (Functional Source License 1.1, MIT Future License) known license identifier (source-available, converts to MIT after 2 years; not copyleft)
@sentry/cli-linux-arm 2.58.5 FSL-1.1-MIT FSL-1.1-MIT (Functional Source License 1.1, MIT Future License) known license identifier (source-available, converts to MIT after 2 years; not copyleft)
@sentry/cli-linux-arm64 2.58.5 FSL-1.1-MIT FSL-1.1-MIT (Functional Source License 1.1, MIT Future License) known license identifier (source-available, converts to MIT after 2 years; not copyleft)
@sentry/cli-linux-i686 2.58.5 FSL-1.1-MIT FSL-1.1-MIT (Functional Source License 1.1, MIT Future License) known license identifier (source-available, converts to MIT after 2 years; not copyleft)
@sentry/cli-linux-x64 2.58.5 FSL-1.1-MIT FSL-1.1-MIT (Functional Source License 1.1, MIT Future License) known license identifier (source-available, converts to MIT after 2 years; not copyleft)
@sentry/cli-win32-arm64 2.58.5 FSL-1.1-MIT FSL-1.1-MIT (Functional Source License 1.1, MIT Future License) known license identifier (source-available, converts to MIT after 2 years; not copyleft)
@sentry/cli-win32-i686 2.58.5 FSL-1.1-MIT FSL-1.1-MIT (Functional Source License 1.1, MIT Future License) known license identifier (source-available, converts to MIT after 2 years; not copyleft)
@sentry/cli-win32-x64 2.58.5 FSL-1.1-MIT FSL-1.1-MIT (Functional Source License 1.1, MIT Future License) known license identifier (source-available, converts to MIT after 2 years; not copyleft)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant