You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
bug(session): ~2.9k/day anon sessions go dead — fresh-mint-then-401 dominates (~15% of recovery episodes end in a 15-min widget blackout); wm_session_dead (WORLDMONITOR-WG) quantifies it #5251
The new wm_session_dead telemetry (#5245, deployed 2026-07-12 ~14:45 UTC) is the first honest counter of dead anonymous sessions, and it shows the problem is ~20× larger than the old per-endpoint 503 flood implied: ~120 episodes/hour, steady (~2.9k/day), 511 distinct users in the first ~4.7h. Each episode = anonymous API calls suppressed for 15 minutes (#5219 cooldown) = a dashboard of blank widgets.
Hourly event counts since deploy: 128, 111, 120, 102, 119 — flat, not a spike; this is steady state.
609 events / 511 users in ~4.7h ⇒ ~1.2 events/user: a broad population, not a few pathological clients re-marking every cooldown expiry.
Browser spread ∝ traffic mix (Chrome desktop 50%, Chrome Mobile, Edge, Firefox, Safari all present) — not a cookie-blocking-browser skew (and api.worldmonitor.app is same-site with www., so ITP/TCP shouldn't apply anyway).
URL spread: all web dashboards (www + variant subdomains). No desktop app involvement.
Mint endpoint is healthy: /api/wm-session over 07-10→07-12 = 53,085×200 vs 73×403 + 8×429 (~29 failures/day). Mint failure cannot explain ~2.9k dead episodes/day.
Gateway 401 baseline: ~250–280k/day (11–12k/hr, flat through the day). At ~19k mints/day that's ≈13 endpoint-401s per recovery episode (parallel widget fan-out), i.e. ~19k recovery episodes/day of which ~2.9k (≈15%) end dead.
What this means
Since mint returns 200, the dominant dead path in wm-session.ts is fresh-mint-then-401: the retry with a just-minted cookie is still rejected (markWmSessionDead() at the retryResp.status === 401 branch), or the mint response's Set-Cookie never sticks. Candidate mechanisms, unverified:
Set-Cookie/req race — mint response and the immediate retry racing in the browser; would be browser-version-skewed, which we don't clearly see.
Ask
Split the dead-marking telemetry so the two paths are distinguishable (mint-failed vs fresh-mint-401) — one extra tag on the existing captureMessage (reason: mint_failed | retry_401) turns this from hypothesis into measurement.
Summary
The new
wm_session_deadtelemetry (#5245, deployed 2026-07-12 ~14:45 UTC) is the first honest counter of dead anonymous sessions, and it shows the problem is ~20× larger than the old per-endpoint 503 flood implied: ~120 episodes/hour, steady (~2.9k/day), 511 distinct users in the first ~4.7h. Each episode = anonymous API calls suppressed for 15 minutes (#5219 cooldown) = a dashboard of blank widgets.Evidence (Sentry WORLDMONITOR-WG + Axiom, 2026-07-12)
api.worldmonitor.appis same-site withwww., so ITP/TCP shouldn't apply anyway)./api/wm-sessionover 07-10→07-12 = 53,085×200 vs 73×403 + 8×429 (~29 failures/day). Mint failure cannot explain ~2.9k dead episodes/day.What this means
Since mint returns 200, the dominant dead path in
wm-session.tsis fresh-mint-then-401: the retry with a just-minted cookie is still rejected (markWmSessionDead()at theretryResp.status === 401branch), or the mint response's Set-Cookie never sticks. Candidate mechanisms, unverified:Ask
captureMessage(reason: mint_failed | retry_401) turns this from hypothesis into measurement.Related