Remove bandit from default excluded domains and recommend PlugCapture only for Cowboy

[martosaur]

Closes #895

See the issue for a write up. The PR here mostly updates the docs. The important change is removing :bandit from the list of excluded domains. Not sure if this counts as a breaking change or not. Users who use default excluded_domains with PlugCapture will see duplicated errors after upgrade 🤔 Let me know what you think!

[whatyouhide]

My gut feeling is that removing :bandit from the default is not really necessary. It's mostly going to be ignored, right?

[martosaur]

My gut feeling is that removing :bandit from the default is not really necessary. It's mostly going to be ignored, right?

Currently logger handler ignores them to let PlugCapture log them directly. If Bandit users remove PlugCapture from their apps, logger handler (or backend) has to step in!

Check out this test modification. If we both exclude :bandit and comment out Sentry.PlugCapture in Sentry.ExamplePlugApplication there's no path to log this error:

    @tag handler_config: %{excluded_domains: [:bandit]}
    test "sends two errors when a Plug process crashes if PlugCapture is used and :bandit not excluded",
         %{sender_ref: ref} do
      start_supervised!({Sentry.ExamplePlugApplication, server: :bandit}, restart: :temporary)

      :hackney.get("http://127.0.0.1:8003/error_route", [], "", [])

      assert_receive {^ref, _event}, 1000 # This assertion fails
      # assert_receive {^ref, _event}, 1000
    end

[whatyouhide]

You are totally correct, sorry! 💯

[martosaur]

That was fast 😅 I'll make a PR to https://github.com/getsentry/sentry-docs tomorrow morning!

[whatyouhide]

Thank you @martosaur! Please tag me in there because I don't have notifications on for that.