feat: add new envelope transport

[giortzisg]

Description

Create the new transport that accepts envelopes and not events. For now only the implementation for the new transport is added, without deprecating the old one. The PR also includes some misc changes:

• creating an envelope convertible interface, to accept a generic type of events/logs/transactions, etc..
• moving the dsn internally under the protocol folder and re exporting everything on the top level to avoid cyclic imports when using the new transport.

Issues

• resolves: Create new transport that accepts envelopes #1092
• resolves: GO-84

---

Note

Introduce envelope-first Sync/Async HTTP transports, centralize DSN and envelope types under internal/protocol, and adapt SDK to use them with minimal API surface changes.

• Transport (new):
  • Add internal/http transports: AsyncTransport and SyncTransport that send protocol.Envelopes, with queueing, flush/close, rate limiting, proxy/TLS config, headers, and keep-alive handling.
• Protocol (new):
  • Add internal/protocol: Dsn, Envelope (+ items, header), SdkInfo, and interfaces (EnvelopeConvertible, TelemetryTransport).
  • Provide DSN parsing, request headers, API URL, JSON marshal/unmarshal.
• SDK integration/refactor:
  • Wrap and re-export Dsn and DsnParseError in top-level sentry; NewDsn delegates to protocol; RequestHeaders() uses SDK version; minor typo fix in comment.
  • Add Event.ToEnvelope/ToEnvelopeWithTime; include DSC trace info and attachments; fallback JSON marshal path preserved.
  • Update DynamicSamplingContext and transport.go to use DSN getters (GetPublicKey, etc.) and scheme constants from protocol in NewRequest.
• Tests:
  • Add comprehensive tests for protocol DSN/envelope, new transports (queueing, flush, rate limits, errors, keep-alive, proxies/TLS, concurrency, goroutine leaks), and wrapper behavior; expand request and event tests.

^{Written by Cursor Bugbot for commit 1ed184b. This will update automatically on new commits. Configure here.}

[linear]

GO-84 Create new transport that accepts envelopes

[codecov]

Codecov Report

❌ Patch coverage is 84.61538% with 104 lines in your changes missing coverage. Please review.
✅ Project coverage is 86.64%. Comparing base (193c8ad) to head (d61df59).

Files with missing lines	Patch %	Lines
internal/http/transport.go	84.22%	40 Missing and 16 partials ⚠️
internal/protocol/envelope.go	63.73%	22 Missing and 11 partials ⚠️
interfaces.go	87.93%	5 Missing and 2 partials ⚠️
transport.go	86.11%	2 Missing and 3 partials ⚠️
internal/protocol/dsn.go	97.69%	2 Missing and 1 partial ⚠️

Additional details and impacted files

@@                    Coverage Diff                     @@
##           feat/transport-buffers    #1094      +/-   ##
==========================================================
- Coverage                   86.98%   86.64%   -0.35%     
==========================================================
  Files                          57       60       +3     
  Lines                        6356     6894     +538     
==========================================================
+ Hits                         5529     5973     +444     
- Misses                        675      739      +64     
- Partials                      152      182      +30     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[semgrep-code-getsentry]

MinVersion is missing from this TLS configuration. By default, as of Go 1.22, TLS 1.2 is currently used as the minimum. General purpose web applications should default to TLS 1.3 with all other protocols disabled. Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. Add `MinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3.

🧼 Fixed in commit 871ade0 🧼

[cleptric]

can we address this?

[giortzisg]

Since go uses tls1.2 we should be good to this as the min version. We already inherit the min version of the runtime anyways.

[sl0thentr0py]

ideally we'd also abstract the older event types as envelope items, but I'll leave it upto you if you want to do that now or separately later

[lcian]

Left some mostly minor comments, looks good overall. Haven't looked at the tests yet.

[aldy505]

Suggested change

	debuglog.Printf("Failed to convert to envelope: %v", err)
	debuglog.Printf("Failed to convert to envelope: %s", err.Error())

using %v is heavier performance-wise than %s

[giortzisg]

for errors I think this doesn't really apply, both just call err.Error() IIRC.

[aldy505]

Suggested change

	debuglog.Printf("Error sending the envelope: %v", err)
	debuglog.Printf("Error sending the envelope: %s", err.Error())

same goes with this

[aldy505]

Why don't we do something like this?

Suggested change

	return nil, &DsnParseError{fmt.Sprintf("invalid url: %v", err)}
	return nil, &DsnParseError{fmt.Errorf("invalid url: %w", err)}

That way, we can trace what the actual inner error is.

This would modify DsnParseError to:

type DsnParseError struct {
	Message error
}

[giortzisg]

I don't really want to break the signature for message, since it doesn't really give that much value.

[aldy505]

username is confusing, users only understand "public key" and "project id"

Suggested change

	return nil, &DsnParseError{"empty username"}
	return nil, &DsnParseError{"empty public key"}

[aldy505]

Annoying request, but: What about self-hosted users that uses private IPv6 address on their DSN? 😀

[lcian]

Why is this problematic for IPv6?

[aldy505]

For IPv6, you would need to enclose it within [] brackets. Or maybe just create a test case for this one.