Skip to content

fix(seer): Catch InvalidSearchQuery for non-hex trace IDs in _get_full_trace_id#119796

Open
sentry[bot] wants to merge 1 commit into
masterfrom
claude/fix-ulid-trace-id-invalid-search-query-seer-5y4
Open

fix(seer): Catch InvalidSearchQuery for non-hex trace IDs in _get_full_trace_id#119796
sentry[bot] wants to merge 1 commit into
masterfrom
claude/fix-ulid-trace-id-invalid-search-query-seer-5y4

Conversation

@sentry

@sentry sentry Bot commented Jul 16, 2026

Copy link
Copy Markdown
Contributor

Fixes SEER-5Y4

Problem

Seer's Explorer agent passes non-hex ULID-format trace IDs (e.g. 01KXGMFF86HYWPMRXXZCG7BXDY) to the get_trace_waterfall RPC. The EAP search query parser raises InvalidSearchQuery because trace must be a valid hex UUID (32-36 chars, a-f only). This exception propagates uncaught through _get_full_trace_idget_trace_waterfallrpc_get_trace_waterfall → the seer_rpc post() handler, which catches all generic Exceptions and re-raises as APIException (HTTP 500).

Solution

Two defense-in-depth changes:

  1. _get_full_trace_id in src/sentry/seer/agent/tools.py: Wrap the Spans.run_table_query call with try/except InvalidSearchQuery and return None, so non-hex trace IDs are treated as "not found" instead of raising.

  2. post() in src/sentry/seer/endpoints/seer_rpc.py: Add InvalidSearchQuery to the explicit except clauses, raising ParseError (HTTP 400) instead of letting it fall through to the generic 500 APIException handler. This protects against any other RPC method that might raise InvalidSearchQuery.

…l_trace_id

Fixes SEER-5Y4

Explorer agent passes non-hex ULID trace IDs (e.g. '01KXGMFF86HYWPMRXXZCG7BXDY')
to get_trace_waterfall RPC. The EAP search query parser raises
InvalidSearchQuery because trace must be valid hex UUID, which propagates
uncaught to the seer_rpc post() handler and results in HTTP 500.

- Wrap the Spans.run_table_query call in _get_full_trace_id with
  try/except InvalidSearchQuery, returning None so non-hex trace IDs are
  treated as 'not found' instead of raising.
- Add InvalidSearchQuery to the explicit except clauses in the seer_rpc
  post() handler, raising ParseError (HTTP 400) instead of letting it
  fall through to the generic 500 APIException handler.
@sentry sentry Bot requested a review from a team as a code owner July 16, 2026 00:52
@github-actions github-actions Bot added the Scope: Backend Automatically applied to PRs that change backend components label Jul 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Scope: Backend Automatically applied to PRs that change backend components

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant