rails_error_dashboard 0.6.3 → 0.6.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 938ab24cad38b8b20bc0dd0f2a1eb6e5c9e46a4634fb97e2c01b3487221c9fc3
-  data.tar.gz: 6e053a3f8c41e3c3f75f95ab1f9bd8908e9bcea4c473e2d1d3a0c11b7bdf0bdb
+  metadata.gz: 3d2151cd1323d1261e27376d1d7d8eb9f47fcb6ec171fcc6c3dbab36fcf52f6a
+  data.tar.gz: 68367fa080c8532c9e69f3aecf13eef84ef8638ac91f83a586cce56341f38b1c
 SHA512:
-  metadata.gz: 2b84b4a4f917863e7577e253f2324100a06b6fef6f33d56cef211f28a4f1dc4688932f618489f19924baa8aa065135cfcaeffb2c7431f15bea898d3e334395b7
-  data.tar.gz: 4149d8da317c77751e04db12b46f02924fe46e1a420075232e3fa7c96f12218166249596b33a55f1790e696b5fca3580cd5da62d38a39585e356660a702a518c
+  metadata.gz: fd3167ec31230e80ca89eb723b78f4d97f073a2c68efa4fbc9fe83e85bfa6b1361fdc43f1f822fb1eadd9d00254d12f105e863d09825843bdeb14386a1cef95a
+  data.tar.gz: da46299157c3cc47a45e55d006ff6657f4d9728832fefc0c051b8e94c1c919be6320b22663742a94ebfd1f8df8cd93e19ac27e9d8e0f45e578a6a2f6d047712e

data/README.md

@@ -63,7 +63,7 @@ gem 'rails_error_dashboard'
 
 ### Core (Always Enabled)
 
-Error capture from controllers, jobs, and middleware. Beautiful Bootstrap 5 dashboard with dark/light mode, search, filtering, and real-time updates. Analytics with trend charts, severity breakdown, and spike detection. Workflow management with assignment, priority, snooze, mute/unmute (notification suppression), comments, and batch operations. Security via HTTP Basic Auth or custom lambda (Devise, Warden, session-based). Exception cause chains, enriched HTTP context, custom fingerprinting, CurrentAttributes integration, auto-reopen on recurrence, and sensitive data filtering — all built in.
+Error capture from controllers, jobs, and middleware. Custom-designed dashboard with dark/light mode, search, filtering, and real-time updates. Analytics with trend charts, severity breakdown, and spike detection. Workflow management with assignment, priority, snooze, mute/unmute (notification suppression), comments, and batch operations. Security via HTTP Basic Auth or custom lambda (Devise, Warden, session-based). Exception cause chains, enriched HTTP context, custom fingerprinting, CurrentAttributes integration, auto-reopen on recurrence, and sensitive data filtering — all built in.
 
 ### Optional Features
 
@@ -521,7 +521,7 @@ Available as open source under the [MIT License](https://opensource.org/licenses
 
 ## Acknowledgments
 
-Built with [Rails](https://rubyonrails.org/) · UI by [Bootstrap 5](https://getbootstrap.com/) · Charts by [Chart.js](https://www.chartjs.org/) · Pagination by [Pagy](https://github.com/ddnexus/pagy) · Docs theme by [Jekyll VitePress Theme](https://jekyll-vitepress.dev/) by [@crmne](https://github.com/crmne)
+Built with [Rails](https://rubyonrails.org/) · Custom design tokens with [Bootstrap 5 JS](https://getbootstrap.com/) for tooltips and modals · Charts by [Chart.js](https://www.chartjs.org/) · Pagination by [Pagy](https://github.com/ddnexus/pagy) · Docs theme by [Jekyll VitePress Theme](https://jekyll-vitepress.dev/) by [@crmne](https://github.com/crmne)
 
 ## Contributors
 

data/app/controllers/rails_error_dashboard/application_controller.rb

@@ -46,10 +46,16 @@ module RailsErrorDashboard
       )
     end
 
-    # Handle Pagy pagination errors — redirect to page 1
+    # Handle Pagy pagination errors — redirect to page 1, preserving filters.
+    # Drop both :page and :per_page from the preserved query string. Either can
+    # trigger the rescue (page out of range, per_page negative or non-numeric);
+    # carrying them into the redirect would loop the user right back into the
+    # same error.
     rescue_from Pagy::RangeError, Pagy::OptionError do |exception|
       Rails.logger.warn("[RailsErrorDashboard] Pagination error: #{exception.message}")
-      redirect_to request.path, status: :moved_permanently
+      preserved = request.query_parameters.except("page", :page, "per_page", :per_page)
+      target = preserved.any? ? "#{request.path}?#{preserved.to_query}" : request.path
+      redirect_to target, status: :moved_permanently
     end
 
     private

data/app/controllers/rails_error_dashboard/errors_controller.rb

@@ -22,6 +22,9 @@ module RailsErrorDashboard
       hide_snoozed
       hide_muted
       reopened
+      user_id
+      app_version
+      git_sha
       sort_by
       sort_direction
     ].freeze
@@ -171,7 +174,7 @@ module RailsErrorDashboard
     end
 
     def analytics
-      days = (params[:days] || 30).to_i
+      days = days_param(default: 30)
       @days = days
 
       # Use Query to get analytics data (pass application filter)
@@ -212,7 +215,7 @@ module RailsErrorDashboard
         return
       end
 
-      days = (params[:days] || 7).to_i
+      days = days_param(default: 7)
       @days = days
 
       # Use Query to get platform comparison data (pass application filter)
@@ -266,7 +269,7 @@ module RailsErrorDashboard
         return
       end
 
-      days = (params[:days] || 30).to_i
+      days = days_param(default: 30)
       @days = days
       correlation = Queries::ErrorCorrelation.new(days: days, application_id: @current_application_id)
 
@@ -280,7 +283,7 @@ module RailsErrorDashboard
     end
 
     def releases
-      days = (params[:days] || 30).to_i
+      days = days_param(default: 30)
       @days = days
       result = Queries::ReleaseTimeline.call(days, application_id: @current_application_id)
       all_releases = result[:releases]
@@ -290,7 +293,7 @@ module RailsErrorDashboard
     end
 
     def user_impact
-      days = (params[:days] || 30).to_i
+      days = days_param(default: 30)
       @days = days
       result = Queries::UserImpactSummary.call(days, application_id: @current_application_id)
       all_entries = result[:entries]
@@ -306,7 +309,7 @@ module RailsErrorDashboard
         return
       end
 
-      days = (params[:days] || 30).to_i
+      days = days_param(default: 30)
       @days = days
       result = Queries::DeprecationWarnings.call(days, application_id: @current_application_id)
       all_deprecations = result[:deprecations]
@@ -326,7 +329,7 @@ module RailsErrorDashboard
         return
       end
 
-      days = (params[:days] || 30).to_i
+      days = days_param(default: 30)
       @days = days
       result = Queries::NplusOneSummary.call(days, application_id: @current_application_id)
       all_patterns = result[:patterns]
@@ -346,7 +349,7 @@ module RailsErrorDashboard
         return
       end
 
-      days = (params[:days] || 30).to_i
+      days = days_param(default: 30)
       @days = days
       result = Queries::CacheHealthSummary.call(days, application_id: @current_application_id)
       all_entries = result[:entries]
@@ -367,7 +370,7 @@ module RailsErrorDashboard
         return
       end
 
-      days = (params[:days] || 30).to_i
+      days = days_param(default: 30)
       @days = days
       result = Queries::JobHealthSummary.call(days, application_id: @current_application_id)
       all_entries = result[:entries]
@@ -387,7 +390,7 @@ module RailsErrorDashboard
         return
       end
 
-      days = (params[:days] || 30).to_i
+      days = days_param(default: 30)
       @days = days
 
       # Live database health (display-time only)
@@ -423,7 +426,7 @@ module RailsErrorDashboard
         return
       end
 
-      days = (params[:days] || 30).to_i
+      days = days_param(default: 30)
       @days = days
       result = Queries::SwallowedExceptionSummary.call(days, application_id: @current_application_id)
       all_entries = result[:entries]
@@ -444,7 +447,7 @@ module RailsErrorDashboard
         return
       end
 
-      days = (params[:days] || 30).to_i
+      days = days_param(default: 30)
       @days = days
       result = Queries::RackAttackSummary.call(days, application_id: @current_application_id)
       all_events = result[:events]
@@ -465,7 +468,7 @@ module RailsErrorDashboard
         return
       end
 
-      days = (params[:days] || 30).to_i
+      days = days_param(default: 30)
       @days = days
       result = Queries::ActionCableSummary.call(days, application_id: @current_application_id)
       all_channels = result[:channels]
@@ -486,7 +489,7 @@ module RailsErrorDashboard
         return
       end
 
-      days = (params[:days] || 30).to_i
+      days = days_param(default: 30)
       @days = days
       result = Queries::ActiveStorageSummary.call(days, application_id: @current_application_id)
       all_services = result[:services]
@@ -610,6 +613,14 @@ module RailsErrorDashboard
       params.permit(*FILTERABLE_PARAMS).to_h.symbolize_keys
     end
 
+    # Coerce params[:days] into a sane integer in [1, 365]. Without clamping,
+    # a request like ?days=99999999 would scan the full table on every health
+    # query, defeating index pruning and burning CPU.
+    def days_param(default:)
+      raw = params[:days].presence || default
+      raw.to_i.clamp(1, 365)
+    end
+
     def set_application_context
       @current_application_id = params[:application_id].presence
       @applications = Application.ordered_by_name.pluck(:name, :id)

data/app/helpers/rails_error_dashboard/application_helper.rb

@@ -27,6 +27,16 @@ module RailsErrorDashboard
       end
     end
 
+    # Serialize a value to JSON safely for inlining inside a <script> block.
+    # Ruby's #to_json escapes JSON special chars but does NOT escape "</" — a
+    # value containing the literal string "</script>" would break out of the
+    # surrounding <script> tag. Replace "</" with "<\/" (semantically equivalent
+    # in JSON and in JavaScript string literals) to neutralize the close tag.
+    # Returns html_safe for direct interpolation into a script body.
+    def js_safe_json(value)
+      value.to_json.gsub("</", '<\/').html_safe
+    end
+
     # Returns Bootstrap color class for error severity
     # Uses Catppuccin Mocha colors in dark theme via CSS variables
     # @param severity [Symbol] The severity level (:critical, :high, :medium, :low, :info)
@@ -209,6 +219,17 @@ module RailsErrorDashboard
       )
     end
 
+    # Raw connection.select_all returns timestamps as Time in some PG configs
+    # and as ISO8601 strings in others — accept both shapes.
+    def parse_pg_timestamp(value)
+      return nil if value.blank?
+      return value if value.is_a?(Time) || value.is_a?(DateTime)
+
+      Time.parse(value.to_s)
+    rescue ArgumentError
+      nil
+    end
+
     # Renders a relative time ("3 hours ago") that updates automatically
     # @param time [Time, DateTime, nil] The timestamp to display
     # @param fallback [String] Text to show if time is nil
@@ -265,6 +286,13 @@ module RailsErrorDashboard
     def auto_link_urls(text, error: nil)
       return "" if text.blank?
 
+      # SECURITY: escape HTML special chars in the input before any further
+      # processing. simple_format(..., sanitize: false) at the end means
+      # whatever survives this pipeline is rendered as raw HTML; any unescaped
+      # `<script>` or `<img onerror=>` in the user's text would XSS.
+      # We only intentionally inject our own <a> / <code> tags after this point.
+      text = ERB::Util.html_escape(text)
+
       # Get repository URL from error's application or global config
       repo_url = if error&.application.respond_to?(:repository_url) && error.application.repository_url.present?
         error.application.repository_url
@@ -302,32 +330,34 @@ module RailsErrorDashboard
         )
       }xi
 
-      # Replace URLs with clickable links
+      # Replace URLs with clickable links. The url, code_content, and file_path
+      # values below are slices of `text` which we already escaped at function
+      # entry, so we don't re-escape them here (would double-escape `&amp;`,
+      # breaking visual rendering). repo_url is from config so we escape it
+      # explicitly before interpolating.
+      escaped_repo_url = repo_url ? ERB::Util.html_escape(repo_url.chomp("/")) : nil
+
       linked_text = text_with_placeholders.gsub(url_regex) do |url|
-        # Clean up the URL
         clean_url = url.strip
 
-        # Add protocol if missing
         href = clean_url.start_with?("http://", "https://") ? clean_url : "https://#{clean_url}"
 
-        # Truncate display text for very long URLs
         display_text = clean_url.length > 60 ? "#{clean_url[0..57]}..." : clean_url
 
-        "<a href=\"#{ERB::Util.html_escape(href)}\" target=\"_blank\" rel=\"noopener noreferrer\" class=\"text-primary text-decoration-underline\">#{ERB::Util.html_escape(display_text)}</a>"
+        "<a href=\"#{href}\" target=\"_blank\" rel=\"noopener noreferrer\" class=\"text-primary text-decoration-underline\">#{display_text}</a>"
       end
 
-      # Restore file paths with GitHub links (elvish magic! 🧝‍♀️)
+      # Restore file paths with GitHub links
       linked_text.gsub!(/###FILE_PATH_(\d+)###/) do
         file_path = file_paths[Regexp.last_match(1).to_i]
-        github_url = "#{repo_url.chomp('/')}/blob/main/#{file_path}"
-        "<a href=\"#{ERB::Util.html_escape(github_url)}\" target=\"_blank\" rel=\"noopener noreferrer\" class=\"text-decoration-none\" title=\"View on GitHub\">" \
-        "<code class=\"inline-code-highlight file-path-link\">#{ERB::Util.html_escape(file_path)}</code></a>"
+        "<a href=\"#{escaped_repo_url}/blob/main/#{file_path}\" target=\"_blank\" rel=\"noopener noreferrer\" class=\"text-decoration-none\" title=\"View on GitHub\">" \
+        "<code class=\"inline-code-highlight file-path-link\">#{file_path}</code></a>"
       end
 
       # Restore code blocks with styling
       linked_text.gsub!(/###CODE_BLOCK_(\d+)###/) do
         code_content = code_blocks[Regexp.last_match(1).to_i]
-        "<code class=\"inline-code-highlight\">#{ERB::Util.html_escape(code_content)}</code>"
+        "<code class=\"inline-code-highlight\">#{code_content}</code>"
       end
 
       # Preserve line breaks and return as HTML safe

data/app/views/rails_error_dashboard/errors/_breadcrumbs_group.html.erb

@@ -1,6 +1,7 @@
       <!-- Breadcrumbs (Request Activity Trail) -->
       <% if RailsErrorDashboard.configuration.enable_breadcrumbs && error.respond_to?(:breadcrumbs) && error.breadcrumbs.present? %>
         <% breadcrumbs = JSON.parse(error.breadcrumbs) rescue [] %>
+        <% breadcrumbs = [] unless breadcrumbs.is_a?(Array) %>
         <% if breadcrumbs.any? %>
           <% deprecation_crumbs = breadcrumbs.select { |c| c["c"] == "deprecation" } %>
           <% if deprecation_crumbs.any? %>

data/app/views/rails_error_dashboard/errors/_error_row.html.erb

@@ -57,11 +57,11 @@
     <% end %>
   </td>
   <td style="padding: var(--space-3) var(--space-4); text-align: right; font-weight: 600; font-variant-numeric: tabular-nums; color: var(--text-primary);">
-    <%= error.occurrence_count.to_s(:delimited) rescue error.occurrence_count %>
+    <%= number_with_delimiter(error.occurrence_count) %>
   </td>
   <td style="padding: var(--space-3) var(--space-4); text-align: right; font-variant-numeric: tabular-nums; color: var(--text-secondary);">
     <% if error.user_id %>
-      <%= error.user_id %>
+      <%= link_to error.user_id, errors_path(user_id: error.user_id, unresolved: '0'), style: "color: inherit; text-decoration: none;", title: "View all errors for user #{error.user_id}" %>
     <% else %>
       <span style="color: var(--text-tertiary);">&mdash;</span>
     <% end %>

data/app/views/rails_error_dashboard/errors/_instance_variables.html.erb

@@ -1,6 +1,7 @@
       <!-- Instance Variables (captured from receiver object at raise time) -->
       <% if RailsErrorDashboard.configuration.enable_instance_variables && error.class.column_names.include?("instance_variables") && error.read_attribute(:instance_variables).present? %>
         <% instance_vars = JSON.parse(error.read_attribute(:instance_variables)) rescue {} %>
+        <% instance_vars = {} unless instance_vars.is_a?(Hash) %>
         <% self_class = instance_vars.delete("_self_class") %>
         <% if instance_vars.any? %>
           <div class="card mb-4" id="section-instance-variables">

data/app/views/rails_error_dashboard/errors/_local_variables.html.erb

@@ -1,6 +1,7 @@
       <!-- Local Variables (captured via TracePoint) -->
       <% if RailsErrorDashboard.configuration.enable_local_variables && error.respond_to?(:local_variables) && error.local_variables.present? %>
         <% local_vars = JSON.parse(error.local_variables) rescue {} %>
+        <% local_vars = {} unless local_vars.is_a?(Hash) %>
         <% if local_vars.any? %>
           <div class="card mb-4" id="section-local-variables">
             <div class="card-header">

data/app/views/rails_error_dashboard/errors/_modals.html.erb

@@ -2,7 +2,7 @@
 <div class="modal fade" id="resolveModal" tabindex="-1" aria-labelledby="resolveModalLabel" aria-hidden="true">
   <div class="modal-dialog">
     <div class="modal-content">
-      <%= form_with url: resolve_error_path(error), method: :post, class: "modal-content" do |f| %>
+      <%= form_with url: resolve_error_path(error), method: :post do |f| %>
         <div class="modal-header">
           <h5 class="modal-title" id="resolveModalLabel">
             <i class="bi bi-check-circle"></i> Mark Error as Resolved

data/app/views/rails_error_dashboard/errors/_show_scripts.html.erb

@@ -1,32 +1,33 @@
 <script<%= " nonce=\"#{red_csp_nonce}\"".html_safe if red_csp_nonce %>>
   window.downloadErrorJSON = function(event) {
     const errorData = {
-      id: <%= raw error.id.to_json %>,
-      error_type: <%= raw error.error_type.to_json %>,
-      message: <%= raw error.message.to_json %>,
-      backtrace: <%= raw error.backtrace.to_json %>,
-      occurred_at: <%= raw error.occurred_at.to_json %>,
-      first_seen_at: <%= raw error.first_seen_at.to_json %>,
-      last_seen_at: <%= raw error.last_seen_at.to_json %>,
-      occurrence_count: <%= raw error.occurrence_count.to_json %>,
-      resolved: <%= raw error.resolved?.to_json %>,
-      resolved_at: <%= raw error.resolved_at.to_json %>,
-      resolved_by_name: <%= raw error.resolved_by_name.to_json %>,
-      platform: <%= raw error.platform.to_json %>,
-      user_id: <%= raw error.user_id.to_json %>,
-      severity: <%= raw error.severity.to_json %>,
-      priority_level: <%= raw (error.priority_level || 0).to_json %>,
+      id: <%= js_safe_json(error.id) %>,
+      error_type: <%= js_safe_json(error.error_type) %>,
+      message: <%= js_safe_json(error.message) %>,
+      backtrace: <%= js_safe_json(error.backtrace) %>,
+      occurred_at: <%= js_safe_json(error.occurred_at) %>,
+      first_seen_at: <%= js_safe_json(error.first_seen_at) %>,
+      last_seen_at: <%= js_safe_json(error.last_seen_at) %>,
+      occurrence_count: <%= js_safe_json(error.occurrence_count) %>,
+      resolved: <%= js_safe_json(error.resolved?) %>,
+      resolved_at: <%= js_safe_json(error.resolved_at) %>,
+      resolved_by_name: <%= js_safe_json(error.resolved_by_name) %>,
+      platform: <%= js_safe_json(error.platform) %>,
+      user_id: <%= js_safe_json(error.user_id) %>,
+      severity: <%= js_safe_json(error.severity) %>,
+      priority_level: <%= js_safe_json(error.priority_level || 0) %>,
       <% if error.respond_to?(:exception_cause) && error.exception_cause.present? %>
-      exception_cause: <%= raw error.exception_cause %>,
+      <% parsed_cause = (JSON.parse(error.exception_cause) rescue nil) %>
+      exception_cause: <%= js_safe_json(parsed_cause) %>,
       <% end %>
       <% if error.respond_to?(:app_version) %>
-      app_version: <%= raw error.app_version.to_json %>,
+      app_version: <%= js_safe_json(error.app_version) %>,
       <% end %>
       <% if error.respond_to?(:git_commit) %>
-      git_commit: <%= raw error.git_commit.to_json %>,
+      git_commit: <%= js_safe_json(error.git_commit) %>,
       <% end %>
-      created_at: <%= raw error.created_at.to_json %>,
-      updated_at: <%= raw error.updated_at.to_json %>
+      created_at: <%= js_safe_json(error.created_at) %>,
+      updated_at: <%= js_safe_json(error.updated_at) %>
     };
 
     const jsonString = JSON.stringify(errorData, null, 2);

data/app/views/rails_error_dashboard/errors/_sidebar_metadata.html.erb

@@ -35,37 +35,49 @@
           <div class="mb-3">
             <small class="metadata-label d-block mb-1">Severity Level</small>
             <% severity = error.severity %>
-            <% if severity == :critical %>
-              <span class="badge bg-danger fs-6">CRITICAL</span>
-            <% elsif severity == :high %>
-              <span class="badge bg-warning text-dark fs-6">HIGH</span>
-            <% elsif severity == :medium %>
-              <span class="badge bg-info text-dark fs-6">MEDIUM</span>
-            <% else %>
-              <span class="badge bg-secondary fs-6">LOW</span>
+            <%= link_to errors_path(severity: severity, unresolved: '0'), class: "text-decoration-none", title: "View all #{severity} errors" do %>
+              <% if severity == :critical %>
+                <span class="badge bg-danger fs-6">CRITICAL</span>
+              <% elsif severity == :high %>
+                <span class="badge bg-warning text-dark fs-6">HIGH</span>
+              <% elsif severity == :medium %>
+                <span class="badge bg-info text-dark fs-6">MEDIUM</span>
+              <% else %>
+                <span class="badge bg-secondary fs-6">LOW</span>
+              <% end %>
             <% end %>
           </div>
 
           <div class="mb-3">
             <small class="metadata-label d-block mb-1">Platform</small>
-            <% if error.platform == 'iOS' %>
-              <span class="badge badge-ios"><i class="bi bi-apple"></i> iOS</span>
-            <% elsif error.platform == 'Android' %>
-              <span class="badge badge-android"><i class="bi bi-android2"></i> Android</span>
-            <% elsif error.platform == 'Web' %>
-              <span class="badge badge-web"><i class="bi bi-globe"></i> Web</span>
+            <% if error.platform.present? %>
+              <%= link_to errors_path(platform: error.platform, unresolved: '0'), class: "text-decoration-none", title: "View all #{error.platform} errors" do %>
+                <% if error.platform == 'iOS' %>
+                  <span class="badge badge-ios"><i class="bi bi-apple"></i> iOS</span>
+                <% elsif error.platform == 'Android' %>
+                  <span class="badge badge-android"><i class="bi bi-android2"></i> Android</span>
+                <% elsif error.platform == 'Web' %>
+                  <span class="badge badge-web"><i class="bi bi-globe"></i> Web</span>
+                <% else %>
+                  <span class="badge badge-api"><i class="bi bi-server"></i> <%= error.platform %></span>
+                <% end %>
+              <% end %>
             <% else %>
-              <span class="badge badge-api"><i class="bi bi-server"></i> <%= error.platform || 'API' %></span>
+              <span class="badge badge-api"><i class="bi bi-server"></i> API</span>
             <% end %>
           </div>
 
           <div class="mb-3">
             <small class="metadata-label d-block mb-1">User</small>
             <% if error.respond_to?(:user) && error.user %>
-              <strong><%= error.user.email %></strong><br>
-              <small class="text-muted">ID: <%= error.user_id %></small>
+              <%= link_to errors_path(user_id: error.user_id, unresolved: '0'), class: "text-decoration-none", title: "View all errors for this user" do %>
+                <strong><%= error.user.email %></strong><br>
+                <small class="text-muted">ID: <%= error.user_id %></small>
+              <% end %>
             <% elsif error.user_id %>
-              <span class="text-muted">User ID: <%= error.user_id %></span>
+              <%= link_to errors_path(user_id: error.user_id, unresolved: '0'), class: "text-decoration-none text-muted", title: "View all errors for this user" do %>
+                User ID: <%= error.user_id %>
+              <% end %>
             <% else %>
               <span class="text-muted">Guest / Unauthenticated</span>
             <% end %>
@@ -249,7 +261,9 @@
               <% if error.app_version.present? %>
                 <div class="mb-1">
                   <small class="text-muted">App Version:</small>
-                  <code class="ms-1"><%= error.app_version %></code>
+                  <%= link_to errors_path(app_version: error.app_version, unresolved: '0'), class: "ms-1 text-decoration-none", title: "View all errors in #{error.app_version}" do %>
+                    <code><%= error.app_version %></code>
+                  <% end %>
                 </div>
               <% end %>
 

data/app/views/rails_error_dashboard/errors/_timeline.html.erb

@@ -78,8 +78,7 @@
                         <% if error.resolution_comment.present? %>
                           data-bs-toggle="tooltip"
                           data-bs-placement="top"
-                          data-bs-html="true"
-                          title="<strong>Resolution Notes:</strong><br><%= error.resolution_comment.truncate(150).gsub('"', '&quot;') %>"
+                          title="Resolution Notes: <%= error.resolution_comment.truncate(150) %>"
                         <% end %>>
                     <i class="bi bi-check-circle"></i> Resolved
                   </span>

data/app/views/rails_error_dashboard/errors/analytics.html.erb

@@ -339,7 +339,11 @@
             <tbody>
               <% @recurring_data[:high_frequency_errors].first(10).each do |error| %>
                 <tr>
-                  <td><code class="small"><%= error[:error_type] %></code></td>
+                  <td>
+                    <%= link_to errors_path(error_type: error[:error_type], unresolved: '0'), class: "text-decoration-none" do %>
+                      <code class="small"><%= error[:error_type] %></code>
+                    <% end %>
+                  </td>
                   <td><span class="badge bg-danger"><%= error[:total_occurrences] %></span></td>
                   <td><%= error[:duration_days] %> days</td>
                   <td><small class="text-muted"><%= local_time(error[:first_seen], format: :date_only) %></small></td>

data/app/views/rails_error_dashboard/errors/correlation.html.erb

@@ -90,7 +90,11 @@
             <tbody>
               <% @problematic_releases.each do |release| %>
                 <tr>
-                  <td><code><%= release[:version] %></code></td>
+                  <td>
+                    <%= link_to errors_path(app_version: release[:version], unresolved: '0'), class: "text-decoration-none" do %>
+                      <code><%= release[:version] %></code>
+                    <% end %>
+                  </td>
                   <td><strong class="text-danger"><%= release[:error_count] %></strong></td>
                   <td>
                     <span class="badge bg-danger">
@@ -105,7 +109,7 @@
                     <% end %>
                   </td>
                   <td>
-                    <%= link_to "View", errors_path(search: release[:version], unresolved: '0'), class: "btn btn-sm btn-outline-primary" %>
+                    <%= link_to "View", errors_path(app_version: release[:version], unresolved: '0'), class: "btn btn-sm btn-outline-primary" %>
                   </td>
                 </tr>
               <% end %>
@@ -141,7 +145,11 @@
                 <tbody>
                   <% @errors_by_version.sort_by { |_, v| -v[:count] }.first(10).each do |version, data| %>
                     <tr>
-                      <td><code><%= version %></code></td>
+                      <td>
+                        <%= link_to errors_path(app_version: version, unresolved: '0'), class: "text-decoration-none" do %>
+                          <code><%= version %></code>
+                        <% end %>
+                      </td>
                       <td><%= data[:count] %></td>
                       <td><%= data[:error_types] %></td>
                       <td>
@@ -185,7 +193,11 @@
                 <tbody>
                   <% @errors_by_git_sha.sort_by { |_, v| -v[:count] }.first(10).each do |sha, data| %>
                     <tr>
-                      <td><code class="small"><%= sha[0..7] %></code></td>
+                      <td>
+                        <%= link_to errors_path(git_sha: sha, unresolved: '0'), class: "text-decoration-none" do %>
+                          <code class="small"><%= sha[0..7] %></code>
+                        <% end %>
+                      </td>
                       <td><%= data[:count] %></td>
                       <td><%= data[:error_types] %></td>
                       <td>

data/app/views/rails_error_dashboard/errors/database_health_summary.html.erb

@@ -150,7 +150,7 @@
                         <%= number_with_delimiter(table[:dead_tuples]) %>
                       <% end %>
                     </td>
-                    <td><%= table[:last_autovacuum] ? local_time_ago(Time.parse(table[:last_autovacuum])) : "Never" %></td>
+                    <td><%= table[:last_autovacuum] ? local_time_ago(parse_pg_timestamp(table[:last_autovacuum])) : "Never" %></td>
                   </tr>
                 <% end %>
               </tbody>
@@ -203,7 +203,7 @@
                           <%= number_with_delimiter(table[:dead_tuples]) %>
                         <% end %>
                       </td>
-                      <td><%= table[:last_autovacuum] ? local_time_ago(Time.parse(table[:last_autovacuum])) : "Never" %></td>
+                      <td><%= table[:last_autovacuum] ? local_time_ago(parse_pg_timestamp(table[:last_autovacuum])) : "Never" %></td>
                     </tr>
                   <% end %>
                 </tbody>
@@ -338,7 +338,11 @@
               <% @entries.each do |entry| %>
                 <tr>
                   <td><%= link_to "##{entry[:error_id]}", error_path(entry[:error_id]), class: "text-decoration-none" %></td>
-                  <td><code><%= truncate(entry[:error_type].to_s, length: 40) %></code></td>
+                  <td>
+                    <%= link_to errors_path(error_type: entry[:error_type], unresolved: '0'), class: "text-decoration-none" do %>
+                      <code><%= truncate(entry[:error_type].to_s, length: 40) %></code>
+                    <% end %>
+                  </td>
                   <td>
                     <% util = entry[:utilization] %>
                     <% util_badge = util >= 80 ? "danger" : (util >= 60 ? "warning" : "success") %>

data/app/views/rails_error_dashboard/errors/diagnostic_dumps.html.erb

@@ -139,7 +139,7 @@
                 <small class="text-muted d-block">GC</small>
                 <small>
                   <% gc_health = health["gc"] || {} %>
-                  Live: <%= gc_health["heap_live_slots"]&.to_s(:delimited) rescue gc_health["heap_live_slots"] || "?" %> /
+                  Live: <%= gc_health["heap_live_slots"] ? number_with_delimiter(gc_health["heap_live_slots"]) : "?" %> /
                   Major GC: <%= gc_health["major_gc_count"] || "?" %>
                 </small>
               </div>

data/app/views/rails_error_dashboard/errors/index.html.erb

@@ -172,7 +172,13 @@
     active_filters << { label: "Timeframe: #{params[:timeframe].humanize}", param: :timeframe } if params[:timeframe].present?
     active_filters << { label: "Frequency: #{params[:frequency].humanize}", param: :frequency } if params[:frequency].present?
     active_filters << { label: "Status: #{params[:status].humanize}", param: :status } if params[:status].present?
-    active_filters << { label: "Priority: P#{params[:priority_level]}", param: :priority_level } if params[:priority_level].present?
+    if params[:priority_level].present?
+      # priority_level is the integer key (3=Critical/P0, 0=Low/P3); look up the short_label
+      # rather than interpolating the raw integer, which inverts the P-number.
+      priority_data = RailsErrorDashboard::ErrorLog::PRIORITY_LEVELS[params[:priority_level].to_i]
+      priority_short = priority_data ? priority_data[:short_label] : "P?"
+      active_filters << { label: "Priority: #{priority_short}", param: :priority_level }
+    end
     if params[:assigned_to] == '__unassigned__'
       active_filters << { label: "Unassigned", param: :assigned_to }
     elsif params[:assigned_to] == '__assigned__'

data/app/views/rails_error_dashboard/errors/overview.html.erb

@@ -92,7 +92,7 @@
   <div style="display: grid; grid-template-columns: repeat(3, 1fr); gap: var(--space-4); margin-bottom: var(--space-6);">
     <!-- Affected Users -->
     <div class="card stat-card" style="padding: var(--space-5) var(--space-6);">
-      <div class="stat-label" style="margin-bottom: 4px;">Affected Users</div>
+      <div class="stat-label" style="margin-bottom: 4px;">Affected Users (Today)</div>
       <div style="display: flex; align-items: baseline; gap: 8px;">
         <span class="stat-value"><%= @stats[:affected_users_today] %></span>
         <% if @stats[:affected_users_change] != 0 %>
@@ -149,7 +149,7 @@
               <div style="font-size: 12px; color: var(--text-tertiary); white-space: nowrap; overflow: hidden; text-overflow: ellipsis;"><%= error[:message]&.truncate(80) %></div>
             </div>
             <div style="text-align: right; flex-shrink: 0;">
-              <div style="font-size: 14px; font-weight: 600; color: var(--text-primary); font-variant-numeric: tabular-nums;"><%= error[:occurrence_count]&.to_s(:delimited) rescue error[:occurrence_count] %></div>
+              <div style="font-size: 14px; font-weight: 600; color: var(--text-primary); font-variant-numeric: tabular-nums;"><%= number_with_delimiter(error[:occurrence_count]) %></div>
               <div style="font-size: 11px; color: var(--text-tertiary);"><%= error[:affected_users] %> users</div>
             </div>
           <% end %>

data/app/views/rails_error_dashboard/errors/platform_comparison.html.erb

@@ -227,7 +227,9 @@
                 <% @cross_platform_errors.first(10).each do |error| %>
                   <tr>
                     <td>
-                      <code class="small"><%= error[:error_type] %></code>
+                      <%= link_to errors_path(error_type: error[:error_type], unresolved: '0'), class: "text-decoration-none" do %>
+                        <code class="small"><%= error[:error_type] %></code>
+                      <% end %>
                     </td>
                     <td>
                       <% error[:platforms].each do |platform| %>

data/app/views/rails_error_dashboard/errors/releases.html.erb

@@ -185,7 +185,9 @@
               <% @releases.each do |release| %>
                 <tr class="<%= 'table-active' if release[:current] %>">
                   <td>
-                    <strong><%= release[:version] %></strong>
+                    <%= link_to errors_path(app_version: release[:version], unresolved: '0'), class: "text-decoration-none" do %>
+                      <strong><%= release[:version] %></strong>
+                    <% end %>
                     <% if release[:current] %>
                       <span class="badge bg-primary ms-1">Current</span>
                     <% end %>

data/app/views/rails_error_dashboard/errors/settings.html.erb

@@ -213,7 +213,6 @@
   <div class="card" style="margin-bottom: var(--space-4);">
     <div style="padding: var(--space-4) var(--space-6); border-bottom: 1px solid var(--border-primary);">
       <span style="font-size: 14px; font-weight: 600; color: var(--text-primary);"><i class="bi bi-puzzle" style="margin-right: 6px;"></i> Active Plugins</span>
-      </h5>
     </div>
     <div class="card-body">
       <% if RailsErrorDashboard::PluginRegistry.any? %>

data/app/views/rails_error_dashboard/errors/show.html.erb

@@ -211,8 +211,10 @@
               <i class="bi bi-person"></i> View User's Errors
             <% end %>
           <% end %>
-          <%= link_to errors_path(app_context.merge(platform: @error.platform, unresolved: '0')), class: "btn btn-sm" do %>
-            <i class="bi bi-phone"></i> View <%= @error.platform %> Errors
+          <% if @error.platform.present? %>
+            <%= link_to errors_path(app_context.merge(platform: @error.platform, unresolved: '0')), class: "btn btn-sm" do %>
+              <i class="bi bi-phone"></i> View <%= @error.platform %> Errors
+            <% end %>
           <% end %>
           <%= link_to analytics_errors_path(app_context), class: "btn btn-sm" do %>
             <i class="bi bi-bar-chart-line"></i> Analytics

data/app/views/rails_error_dashboard/errors/swallowed_exceptions.html.erb

@@ -93,7 +93,11 @@
             <tbody>
               <% @entries.each do |entry| %>
                 <tr>
-                  <td><code style="font-size: 0.85em;"><%= entry[:exception_class] %></code></td>
+                  <td>
+                    <%= link_to errors_path(error_type: entry[:exception_class], unresolved: '0'), class: "text-decoration-none", title: "View any unrescued #{entry[:exception_class]} errors that leaked into error_log" do %>
+                      <code style="font-size: 0.85em;"><%= entry[:exception_class] %></code>
+                    <% end %>
+                  </td>
                   <td style="color: var(--text-secondary); font-size: 12px; word-break: break-all;"><%= entry[:raise_location] %></td>
                   <td style="color: var(--text-secondary); font-size: 12px; word-break: break-all;"><%= entry[:rescue_location] || "Unknown" %></td>
                   <td><span class="badge bg-info text-dark"><%= number_with_delimiter(entry[:raise_count]) %></span></td>

data/app/views/rails_error_dashboard/errors/user_impact.html.erb

@@ -107,7 +107,9 @@
                 <tr>
                   <td><strong><%= (@pagy.from || 1) + index %></strong></td>
                   <td>
-                    <strong><%= entry[:error_type] %></strong>
+                    <%= link_to errors_path(error_type: entry[:error_type], unresolved: '0'), class: "text-decoration-none" do %>
+                      <strong><%= entry[:error_type] %></strong>
+                    <% end %>
                     <br><small class="text-muted"><%= entry[:message] %></small>
                   </td>
                   <td>

data/lib/rails_error_dashboard/queries/analytics_stats.rb

@@ -89,7 +89,10 @@ module RailsErrorDashboard
       end
 
       def errors_by_hour
-        base_query.group_by_hour(:occurred_at).count
+        # group_by_hour_of_day buckets into 0..23 to show diurnal patterns
+        # (when in the day errors peak). The chart title says "Errors by Hour
+        # of Day" — group_by_hour produced a chronological time series instead.
+        base_query.group_by_hour_of_day(:occurred_at).count
       end
 
       def top_affected_users

data/lib/rails_error_dashboard/queries/error_correlation.rb

@@ -37,11 +37,13 @@ module RailsErrorDashboard
         versions.each_with_object({}) do |(version, count), result|
           errors = base_query.where(app_version: version)
 
-          # Count unique error types
-          error_types = errors.distinct.pluck(:error_type).count
-
-          # Count critical errors
-          critical_count = errors.select { |error| error.severity == :critical }.count
+          # Pluck error_types once; both the unique-types count and the critical
+          # count classify off this string array. Avoids loading full ErrorLog
+          # records into memory just to compute counts (severity is a Ruby-side
+          # method on error_type, not a column).
+          types_for_version = errors.pluck(:error_type)
+          error_types = types_for_version.uniq.size
+          critical_count = types_for_version.count { |t| Services::SeverityClassifier.classify(t) == :critical }
 
           # Get platforms for this version
           platforms = errors.distinct.pluck(:platform).compact
@@ -180,15 +182,17 @@ module RailsErrorDashboard
         error_types = base_query.distinct.pluck(:error_type)
         return {} if error_types.count < 2
 
-        hourly_distributions = {}
-        error_types.each do |error_type|
-          distribution = base_query
-            .where(error_type: error_type)
-            .group_by { |error| error.occurred_at.hour }
-            .transform_values(&:count)
+        # Bucket counts by (error_type, hour-of-day) in a single SQL GROUP BY.
+        # Groupdate's group_by_hour_of_day generates database-portable SQL
+        # (PG/MySQL/SQLite) so we don't load full ErrorLog records into Ruby.
+        # Result shape: { [hour_int, error_type] => count }
+        grouped = base_query
+          .group_by_hour_of_day(:occurred_at)
+          .group(:error_type)
+          .count
 
-          # Normalize to 0-23 hours
-          hourly_distributions[error_type] = (0..23).map { |h| distribution[h] || 0 }
+        hourly_distributions = error_types.each_with_object({}) do |error_type, h|
+          h[error_type] = (0..23).map { |hour| grouped[[ hour, error_type ]] || 0 }
         end
 
         # Calculate correlation between error type pairs

data/lib/rails_error_dashboard/queries/errors_list.rb

@@ -30,6 +30,8 @@ module RailsErrorDashboard
         query = filter_by_platform(query)
         query = filter_by_application(query)
         query = filter_by_user_id(query)
+        query = filter_by_app_version(query)
+        query = filter_by_git_sha(query)
         query = filter_by_search(query)
         query = filter_by_severity(query)
         query = filter_by_timeframe(query)
@@ -44,6 +46,18 @@ module RailsErrorDashboard
         query
       end
 
+      def filter_by_app_version(query)
+        return query unless @filters[:app_version].present?
+        return query unless ErrorLog.column_names.include?("app_version")
+        query.where(app_version: @filters[:app_version])
+      end
+
+      def filter_by_git_sha(query)
+        return query unless @filters[:git_sha].present?
+        return query unless ErrorLog.column_names.include?("git_sha")
+        query.where(git_sha: @filters[:git_sha])
+      end
+
       def filter_by_error_type(query)
         return query unless @filters[:error_type].present?
 

data/lib/rails_error_dashboard/services/cascade_detector.rb

@@ -28,27 +28,37 @@ module RailsErrorDashboard
       def detect_cascades
         return { detected: 0, updated: 0 } unless can_detect?
 
-        # Get recent error occurrences
+        # Pluck (error_log_id, occurred_at) for every occurrence in the window
+        # ordered chronologically. Using pluck instead of loading full
+        # ActiveRecord rows keeps memory bounded to ~16 bytes/row instead of
+        # ~5KB/row, which matters because the host app schedules this job and
+        # the lookback window may contain a lot of occurrences.
         start_time = @lookback_hours.hours.ago
-        occurrences = ErrorOccurrence.where("occurred_at >= ?", start_time).order(:occurred_at)
-
-        # For each error occurrence, find potential children
+        rows = ErrorOccurrence
+          .where("occurred_at >= ?", start_time)
+          .order(:occurred_at)
+          .pluck(:error_log_id, :occurred_at)
+
+        # Two-pointer sweep: occurrences are time-sorted, so for each parent we
+        # only advance the child pointer forward through occurrences within the
+        # detection window. O(N + pairs) instead of O(N) inner SQL queries.
         patterns_found = Hash.new { |h, k| h[k] = { delays: [], count: 0 } }
 
-        occurrences.each do |parent_occ|
-          # Find occurrences within detection window
-          potential_children = ErrorOccurrence
-            .where("occurred_at > ? AND occurred_at <= ?",
-                   parent_occ.occurred_at,
-                   parent_occ.occurred_at + DETECTION_WINDOW)
-            .where.not(error_log_id: parent_occ.error_log_id)
-
-          potential_children.each do |child_occ|
-            key = [ parent_occ.error_log_id, child_occ.error_log_id ]
-            delay = (child_occ.occurred_at - parent_occ.occurred_at).to_f
-
-            patterns_found[key][:delays] << delay
-            patterns_found[key][:count] += 1
+        rows.each_with_index do |(parent_id, parent_time), i|
+          window_end = parent_time + DETECTION_WINDOW
+          j = i + 1
+          while j < rows.length
+            child_id, child_time = rows[j]
+            break if child_time > window_end
+
+            # Match the original SQL `occurred_at > parent` — strict, so two
+            # occurrences with identical timestamps don't form a cascade pair.
+            if child_id != parent_id && child_time > parent_time
+              key = [ parent_id, child_id ]
+              patterns_found[key][:delays] << (child_time - parent_time).to_f
+              patterns_found[key][:count] += 1
+            end
+            j += 1
           end
         end
 

data/lib/rails_error_dashboard/version.rb

@@ -1,3 +1,3 @@
 module RailsErrorDashboard
-  VERSION = "0.6.3"
+  VERSION = "0.6.4"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rails_error_dashboard
 version: !ruby/object:Gem::Version
-  version: 0.6.3
+  version: 0.6.4
 platform: ruby
 authors:
 - Anjan Jagirdar
@@ -498,7 +498,7 @@ metadata:
   funding_uri: https://github.com/sponsors/AnjanJ
 post_install_message: |
   ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-    RED (Rails Error Dashboard) v0.6.3
+    RED (Rails Error Dashboard) v0.6.4
   ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
 
   First install:
@@ -534,7 +534,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 4.0.3
+rubygems_version: 3.6.9
 specification_version: 4
 summary: Self-hosted error tracking and exception monitoring for Rails. Free, forever.
 test_files: []