[Sentry] Fix N+1 API calls for package permissions #8534
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Optimized TRPC query batching to prevent individual authenticated requests from failing with 401 errors outside the initial batch window. Fixes APP-12T 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🔗 Links
🤖 Seer AI Analysis Summary
Seer identified that N+1 TRPC queries for package permissions made outside the initial batch window fail authentication due to missing or stale credentials. The root cause is that multiple
PackageHitandAssistantHitcomponents each trigger individual authenticatedgetAllowedOrgsForPackagequeries asynchronously, resulting in 401 errors when authentication context is lost between the initial batch request (HTTP 207) and subsequent individual requests.Seer Actionability Score:
0.24(0-1 scale, higher is more actionable)🔍 Full Seer Analysis
{ "analysis_status": "complete", "run_id": 2321106, "root_cause": "N+1 TRPC queries for package permissions, made outside the initial batch window, fail authentication due to missing or stale credentials.", "issue_description": "The core issue stems from an N+1 pattern triggering subsequent, unauthorized individual API calls. The initial large batch TRPC request returns status 207 (Multi-Status), immediately followed by numerous individual GET requests to the same endpoint (getAllowedOrgsForPackage) that all return 401 Unauthorized, indicating a failure in authentication for the subsequent, non-batched calls.", "key_observations": [ "The initial large batch request returns 207 Multi-Status", "Subsequent requests fail with 401s immediately following the batch completion", "These authed calls trigger after a significant delay, suggesting session loss" ], "execution_flow": [ "User navigates to the homepage, triggering initial data fetch", "Homepage loads, triggering multiple TRPC queries in a single batch", "Initial large TRPC batch request succeeds with HTTP 207 Multi-Status", "Algolia search results render multiple PackageHit components", "Each rendered hit component triggers an unbatched, authenticated query", "Individual authenticated requests fail with 401 Unauthorized", "The repeated 401 errors trigger a cascading failure, including the RSC fetch error" ], "affected_files": [ "app/components/Providers/index.tsx", "app/components/UseAgentOrBlockButtons/agent/hooks/useAssistantData.ts", "services/control-plane/src/trpc/routers/package/router.ts" ], "code_context": { "batching_config": "httpBatchLink in app/components/Providers/index.tsx with credentials: 'include'", "query_usage": "trpc.package.getAllowedOrgsForPackage.useQuery({ packageId }) in useAssistantData.ts", "auth_requirement": "authedProcedure requiring workOsUserId in package router" } }📋 Follow-up Prompts
get_issue_detailsSentry tool to get details for APP-12T💡 Additional Context
📦 Webhook Payload
{ "timestamp": "2025-10-30T21:17:05.670Z", "resource": "issue", "action": "unresolved", "webhook": { "action": "unresolved", "installation": { "uuid": "6f4757c1-bca5-463f-9e99-85dcdd3646de" }, "data": { "issue": { "id": "6967971082", "shareId": null, "shortId": "APP-12T", "title": "N+1 API Call", "culprit": "/explore", "permalink": "https://continue-xd.sentry.io/issues/6967971082/", "logger": null, "level": "info", "status": "unresolved", "statusDetails": {}, "substatus": "regressed", "isPublic": false, "platform": "javascript", "project": { "id": "4508150678028288", "name": "app", "slug": "app", "platform": "javascript-nextjs" }, "type": "transaction", "metadata": { "title": "N+1 API Call", "location": "/explore", "value": "https://api.continue.dev/trpc/package.getAllowedOrgsForPackage,package.getAllowedOrgsForPackage,package.getAllowedOrgsForPackage,package.getAllowedOrgsForPackage,package.getAllowedOrgsForPackage,package.getAllowedOrgsForPackage?batch=*&input=*", "initial_priority": 25, "sdk": { "name": "sentry.javascript.nextjs", "name_normalized": "sentry.javascript.nextjs" } }, "numComments": 0, "assignedTo": null, "isBookmarked": false, "isSubscribed": false, "subscriptionDetails": null, "hasSeen": false, "annotations": [], "issueType": "performance_n_plus_one_api_calls", "issueCategory": "http_client", "priority": "low", "priorityLockedAt": null, "seerFixabilityScore": 0.23967063426971436, "seerAutofixLastTriggered": null, "isUnhandled": false, "count": "4", "userCount": 0, "firstSeen": "2025-10-23T08:53:03.570100Z", "lastSeen": "2025-10-30T21:16:59.850400Z" } }, "actor": { "type": "application", "id": "sentry", "name": "Sentry" } } }Summary by cubic
Fixed N+1 API calls for package permissions on the explore page by batching getAllowedOrgsForPackage requests. Prevents 401s from late individual calls and reduces duplicate network traffic.
Written for commit cfa5012. Summary will update automatically on new commits.