search

getsentry / sentry

Developer-first error tracking and performance monitoring
https://sentry.io
Other
39.05k stars 4.19k forks source link

Onboarding: Better communicate the ability of persisting minidumps #79395

Open bruno-garcia opened 1 week ago

bruno-garcia commented 1 week ago

Problem Statement

Our Minidump docs touch on the reason why we don't store minidumps automatically.

A Word on Data Privacy Minidumps are memory dumps of the process at the moment it crashes. As such, they might contain sensitive information on the target system, such as environment variables, local pathnames or maybe even in-memory representations of input fields, including passwords. Sentry does not store these memory dumps. Once processed, they are removed immediately, and all sensitive information is stripped from the resulting issues.

Minidumps can have more details besides what we extracted into the event, and developers sometimes need that in their dev environment to better debug a problem. So their expectations is that they'd be able to download it.

The issue is that customers get confused with the fact we don't have the minidump available at all, and the settings to toggle that behavior isn't easy to find.

I recently saw this on a customer slack. As well as online on Discord. Other examples:

We should make it more obvious that it is possible to keep the minidump around so it can be downloaded and debugged in the developers IDE. Doing so while suggesting that customers only use this feature if their application doesn't have sensitive data. Or to toggle the settings temporarily if they are trying to debug a challenging problem

Solution Brainstorm

'New project' wizard

Minidump project type

Onboarding snippet is pretty short, and doesn't mention the possibility of persisting the minidump. Could we have the settings property exposed here so users can't opt-in?

Image

Unity

The Sentry SDK for Unity on Windows. and Linux also rely on minidumps

The settings discussed above could be exposed in the wizard here too

Unreal Engine

Similarly to Unity, Sentry's SDK for Unreal also relies on minidump. But on all 3 desktop OS's (Windows/macOS/Linux)

We also receive minidumps through the Unreal Engine's Crash Reporter Client (CRC)

Settings

Another suggestion is to update the settings to be more clear what this is. It does have the word minidump on it but only in the fine print. It could be on the title like:

Minidumps - Store Native Crash Reports Or simply: Store Minidump As Attachments

Image

Documentation

The confusion also happens due to the docs not being very clear about this setting / capability. That's tracked here:

Product Area

Projects - Project Creation

getsantry[bot] commented 1 week ago

Routing to @getsentry/product-owners-projects-project-creation for triage ⏲️