fix(desktop): set webview src via JSX prop to prevent null-src crash on mount

[nettee]

Relates to #510

What

Set the src attribute on <webview> via JSX prop instead of imperatively in a ref callback.

Why

Fixes a crash reported in Sentry (issue #406): Error processing argument at index 0, conversion failure from null.

When <webview> is inserted into the DOM, Electron fires connectedCallback synchronously. Inside that hook, Electron calls WebViewImpl.createGuest → SrcAttribute.parse(this.getAttribute('src')). Because src was previously set imperatively via a ref callback (which runs after DOM insertion), the attribute was null at the moment Electron read it, causing the native binding to throw.

How

Move src={src} into the JSX so the attribute is present on the element before connectedCallback fires. The ref callback now only handles preload, which is a custom attribute that still needs setAttribute.

Affected areas

• Desktop app (Electron shell)

Checklist

• pnpm typecheck passes
• pnpm lint passes
• pnpm test passes
• pnpm generate-types run (if API routes/schemas changed)
• No credentials or tokens in code or logs
• No any types introduced (use unknown with narrowing)

Summary by CodeRabbit

• Documentation
  • Added Sentry REST API troubleshooting guide with step-by-step workflows, example commands, and practical guidance for inspecting issues, events, and identifying crash sources across different environments.

[coderabbitai]

📝 Walkthrough

Walkthrough

The PR refactors how the webview component applies attributes by moving the src prop to direct rendering instead of the ref callback, while updating the preload logic. Additionally, a new Sentry REST API troubleshooting guide is added covering issue debugging workflows and API patterns.

Changes

Cohort / File(s)	Summary
Component Ref Refactoring apps/desktop/src/components/surface-frame.tsx	Modified ref callback to only set preload attribute when both element and preload exist. The src attribute is now passed directly as a prop to the webview element. Hook dependency array reduced from [preload, src] to [preload].
Documentation specs/current/sentry/troubleshooting.md	New Sentry REST API troubleshooting guide with workflows for fetching issue metadata, inspecting event payloads, and extracting contexts, tags, and entries. Includes curl+jq examples for common entry types and practical tips for debugging Electron child processes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 ✨ A webview hops with attributes anew,
Props flow directly where callbacks once flew,
While Sentry's secrets unfold in the guide,
With curl and with jq, no bugs left to hide! 🔍

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the primary change: moving the webview src attribute from a ref callback to a JSX prop to fix a null-src crash, which aligns with the file changes and objectives.
Description check	✅ Passed	The description covers all required sections (What, Why, How, Affected areas, Checklist) with clear explanations of the problem and solution, though pnpm test was not completed.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/webview-null-src-crash-pr

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

specs/current/sentry/troubleshooting.md (1)

10-12: Make endpoint snippets directly runnable.

Lines 10, 21, 116, and 127 show raw GET paths in bash blocks, which are easy to copy incorrectly during incidents. Prefer full curl commands for consistency with the rest of the guide.

💡 Suggested doc update

-```bash
-GET /api/0/issues/{issue_id}/
-```
+```bash
+curl -sS \
+  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" \
+  "https://sentry.io/api/0/issues/{issue_id}/"
+```

-```bash
-GET /api/0/issues/{issue_id}/events/latest/
-```
+```bash
+curl -sS \
+  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" \
+  "https://sentry.io/api/0/issues/{issue_id}/events/latest/"
+```

-```bash
-GET /api/0/issues/{issue_id}/events/?limit=10
-```
+```bash
+curl -sS \
+  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" \
+  "https://sentry.io/api/0/issues/{issue_id}/events/?limit=10"
+```

-```bash
-GET /api/0/issues/{issue_id}/events/{event_id}/
-```
+```bash
+curl -sS \
+  -H "Authorization: Bearer $SENTRY_AUTH_TOKEN" \
+  "https://sentry.io/api/0/issues/{issue_id}/events/{event_id}/"
+```

Also applies to: 20-22, 116-117, 127-128

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@specs/current/sentry/troubleshooting.md` around lines 10 - 12, Replace the
raw "GET /api/0/..." bash block snippets with runnable curl examples that
include the full https://sentry.io URL, the Authorization header using
$SENTRY_AUTH_TOKEN, and -sS for silent/verbose errors; specifically update the
snippets that show "GET /api/0/issues/{issue_id}/", "GET
/api/0/issues/{issue_id}/events/latest/", "GET
/api/0/issues/{issue_id}/events/?limit=10", and "GET
/api/0/issues/{issue_id}/events/{event_id}/" to use curl -sS with -H
"Authorization: Bearer $SENTRY_AUTH_TOKEN" and the full endpoint URL so readers
can copy-paste and run them directly.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@specs/current/sentry/troubleshooting.md`:
- Line 137: Update the phrasing under the "**Response size**" note that
currently states "the full event JSON is large (40–50KB)" to a less rigid claim
such as "can be large (often tens of KB or more)" so it reflects variability
from attachments, frames, breadcrumbs, and integrations; locate the sentence
labeled "**Response size**" in sentry/troubleshooting.md and replace the numeric
range with the suggested, more general wording.
- Around line 94-95: Replace the hardcoded timestamp window in the breadcrumb
filtering example (the jq expression using map(select(.timestamp >=
"2026-03-22T06:20" and .timestamp <= "2026-03-22T06:35"))) with placeholders or
shell variables (e.g., START/END or TIMESTAMP_START/TIMESTAMP_END) and update
the surrounding text to show how to set those variables before running the
command so the example remains evergreen; keep the jq expression reference
(map(select(.timestamp >= ... and .timestamp <= ...))) so readers can locate and
substitute the variables.

---

Nitpick comments:
In `@specs/current/sentry/troubleshooting.md`:
- Around line 10-12: Replace the raw "GET /api/0/..." bash block snippets with
runnable curl examples that include the full https://sentry.io URL, the
Authorization header using $SENTRY_AUTH_TOKEN, and -sS for silent/verbose
errors; specifically update the snippets that show "GET
/api/0/issues/{issue_id}/", "GET /api/0/issues/{issue_id}/events/latest/", "GET
/api/0/issues/{issue_id}/events/?limit=10", and "GET
/api/0/issues/{issue_id}/events/{event_id}/" to use curl -sS with -H
"Authorization: Bearer $SENTRY_AUTH_TOKEN" and the full endpoint URL so readers
can copy-paste and run them directly.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 8bf6bb04-b7f8-489e-bc9e-87ea2f1ba695

📥 Commits

Reviewing files that changed from the base of the PR and between fbcfe37 and 586df68.

📒 Files selected for processing (2)

• apps/desktop/src/components/surface-frame.tsx
• specs/current/sentry/troubleshooting.md

[nettee]

/cr

[slack-code-review-channel]

✅ CR topic created in Feishu topic group Refly CR.