Review Sentry React and TypeScript changes for bug patterns drawn from real production issues. Use when reviewing a frontend diff or PR, checking Warden findings, auditing the current branch, reviewing production-error patterns, or looking for common regressions in `static/`.
Find bugs in Sentry frontend code by checking for the patterns that cause the most real production errors.
This skill encodes patterns from 428 real production issues (201 resolved, 130 ignored, 97 unresolved) generating over 524,000 error events across 93,000+ affected users. These are not theoretical risks -- they are the actual bugs that ship most often, with known fixes from resolved issues.
Review the code provided by the user, Warden, or the current branch diff. If the user does not provide a target, review the current branch diff. Start from the changed hunk or file, then read outward only as needed to confirm the behavior.
Read and Grep to trace data flow beyond the initial diff when needed. Follow component props, hook return values, API response shapes, and state transitions until the behavior is confirmed.| Confidence | Criteria | Action |
|---|
| HIGH | Traced the code path, confirmed the pattern matches a known bug class | Report with fix |
| MEDIUM | Pattern is present but context may mitigate it | Report as needs verification |
| LOW | Theoretical or mitigated elsewhere | Do not report |
Determine what you are reviewing and load the relevant reference.
| Code Type | Load Reference |
|---|---|
| Null/undefined property access, optional chaining, object destructuring | references/null-reference-errors.md |
| Dashboard widgets, chart visualization, widget URL generation | references/dashboard-widget-errors.md |
| Trace views, span details, trace tree rendering | references/trace-view-errors.md |
| API calls, response handling, error states, fetch wrappers | references/api-response-handling.md |
| React hooks, context providers, render loops, component lifecycle | references/react-lifecycle-errors.md |
| AI Insights, LLM prompt parsing, gen_ai span data | references/ai-insights-parsing.md |
| Array operations, date/time values, numeric formatting | references/range-and-bounds-errors.md |
If the code spans multiple categories, load all relevant references.
These are ordered by combined frequency and impact from real production data.
Code accesses a property on a value that may be null or undefined. This is the single most common bug pattern in the Sentry frontend.
Red flags:
.id, .slug, .name, .type, .match, .length, .charCodeAt without null checksobject.property instead of object?.property on data from API responsesquerySelector or useRef without checking if the element exists.dispatchEvent() on elements that have been unmountedSafe patterns:
obj?.property?.nestedconst value = obj?.field ?? defaultValueif (data) { parser.parse(data); }Widget visualization components throw when receiving data in unexpected formats.
Red flags:
getWidgetExploreUrl() for widget types that do not support multiple queriesfield values to parseFunction() or similar field parsersSafe patterns:
if (!hasPlottableValues(data)) return <EmptyState />if (!field) return nullThe trace tree renderer and trace detail views encounter data that violates structural assumptions.
Red flags:
traceSlug is non-emptycaptureException in render paths without deduplication (fires every render cycle)Safe patterns:
if (!traceSlug) return fallbackLinkif (!capturedRef.current) { captureException(...); capturedRef.current = true; }Frontend code assumes API responses have a specific shape but the response is empty, undefined, or has an unexpected status code.
Red flags:
GET /customers/{orgSlug}/ returns 200 with no body)UndefinedResponseBodyError as unexpected (it indicates the API returned no parseable body)Safe patterns:
if (!response.body) return nullComponents violate React rendering rules, causing infinite loops or crashes.
Red flags:
useEffect without proper dependency arraysuseOrganization() in components that render before organization context is loadeduseContext() outside the provider boundarySafe patterns:
useEffectconst org = useOrganization(); if (!org) return <Loading />if (typeof Component !== 'function') return nullJSON parsing of AI prompt messages and gen_ai span data fails on non-standard formats.
Red flags:
JSON.parse() on ai.prompt.messages span attributes without try-catchSafe patterns:
JSON.parse calls on external data in try-catch[ or { before parsingArray operations and numeric formatting with values that exceed valid ranges.
Red flags:
result.push(...largeArray) (crashes when array is too large)toLocaleString({maximumFractionDigits: n})Safe patterns:
concat or iterative push for potentially large arraysMath.min(100, Math.max(0, precision))if (isNaN(new Date(ts).getTime())) return fallbackAfter checking all known patterns above, reason about the changed code itself:
else / default cases in switches)?Only report if you can trace a specific input that triggers the bug. Do not report theoretical concerns.
If no checks produced a potential finding, stop and report zero findings. Do not invent issues to fill the report. An empty result is the correct output when the code has no bugs matching these patterns.
Each code location should be reported once under the most specific matching pattern. Do not flag the same line under multiple checks.
For each finding, provide the evidence the review harness needs:
Fix suggestions must include actual code. Never suggest a comment or docstring as a fix.
Do not prescribe your own output format — the review harness controls the response structure.