From b2e31c3c1ba0f2e6198a86d0b25f5de764285d23 Mon Sep 17 00:00:00 2001
From: Marcel <marcel@familienarchiv>
Date: Sun, 17 May 2026 10:27:01 +0200
Subject: [PATCH] refactor(observability): lower trace sample rate, add DSN
 comment, improve status visibility
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Lower tracesSampleRate from 1.0 to 0.1 in both hooks (errors still captured
  at 100%; trace volume reduced for self-hosted GlitchTip on shared VPS)
- Add comment explaining VITE_SENTRY_DSN is a write-only ingest key, safe in
  client bundle — prevents accidental rotation as if it were a password
- Restore HTTP status code prominence: text-4xl font-bold (was text-xs text-ink-3)
- Add min-w-[44px] to copy button for WCAG 2.2 minimum touch target

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 frontend/src/hooks.client.ts      | 4 +++-
 frontend/src/hooks.server.ts      | 4 +++-
 frontend/src/routes/+error.svelte | 4 ++--
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/frontend/src/hooks.client.ts b/frontend/src/hooks.client.ts
index c837a49f..3cfcd365 100644
--- a/frontend/src/hooks.client.ts
+++ b/frontend/src/hooks.client.ts
@@ -1,9 +1,11 @@
 import * as Sentry from '@sentry/sveltekit';
 
+// VITE_SENTRY_DSN is a write-only ingest key — it can POST events to GlitchTip
+// but cannot read them. Safe to include in the client bundle per Sentry security model.
 Sentry.init({
 	dsn: import.meta.env.VITE_SENTRY_DSN,
 	environment: import.meta.env.MODE,
-	tracesSampleRate: 1.0,
+	tracesSampleRate: 0.1,
 	sendDefaultPii: false,
 	enabled: !!import.meta.env.VITE_SENTRY_DSN
 });
diff --git a/frontend/src/hooks.server.ts b/frontend/src/hooks.server.ts
index 710e269a..2c155dce 100644
--- a/frontend/src/hooks.server.ts
+++ b/frontend/src/hooks.server.ts
@@ -6,10 +6,12 @@ import { env } from 'process';
 import { cookieName, cookieMaxAge } from '$lib/paraglide/runtime';
 import { detectLocale } from '$lib/shared/server/locale';
 
+// VITE_SENTRY_DSN is a write-only ingest key — it can POST events to GlitchTip
+// but cannot read them. Safe to include in the client bundle per Sentry security model.
 Sentry.init({
 	dsn: import.meta.env.VITE_SENTRY_DSN,
 	environment: import.meta.env.MODE,
-	tracesSampleRate: 1.0,
+	tracesSampleRate: 0.1,
 	sendDefaultPii: false,
 	enabled: !!import.meta.env.VITE_SENTRY_DSN
 });
diff --git a/frontend/src/routes/+error.svelte b/frontend/src/routes/+error.svelte
index 56ce49c4..96f98e57 100644
--- a/frontend/src/routes/+error.svelte
+++ b/frontend/src/routes/+error.svelte
@@ -29,7 +29,7 @@ function copyId() {
 	<p class="mb-8 font-sans text-sm text-ink-2">
 		{page.error?.message ?? m.error_internal_error()}
 	</p>
-	<p class="font-sans text-xs tracking-widest text-ink-3 uppercase">{page.status}</p>
+	<p class="mb-4 font-mono text-4xl font-bold text-ink">{page.status}</p>
 
 	{#if page.error?.errorId}
 		<div class="mt-6 flex flex-col items-center gap-3">
@@ -42,7 +42,7 @@ function copyId() {
 				{page.error.errorId}
 			</code>
 			<button
-				class="min-h-[44px] rounded-sm bg-brand-navy px-5 py-2 font-sans text-sm text-white transition-colors hover:opacity-90 focus-visible:ring-2 focus-visible:ring-brand-navy focus-visible:ring-offset-2"
+				class="min-h-[44px] min-w-[44px] rounded-sm bg-brand-navy px-5 py-2 font-sans text-sm text-white transition-colors hover:opacity-90 focus-visible:ring-2 focus-visible:ring-brand-navy focus-visible:ring-offset-2"
 				onclick={copyId}
 				aria-label={m.error_copy_id_label()}
 			>