Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update dependency @sentry/browser to v7 [security] #71

Closed
wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 3, 2024

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@sentry/browser (source) ^5.7.1 -> ^7.0.0 age adoption passing confidence

GitHub Vulnerability Alerts

GHSA-593m-55hh-j8gv

Impact

In case a Prototype Pollution vulnerability is present in a user's application or bundled libraries, the Sentry SDK could potentially serve as a gadget to exploit that vulnerability. The exploitability depends on the specific details of the underlying Prototype Pollution issue.

Note

This advisory does not indicate the presence of a Prototype Pollution within the Sentry SDK itself. Users are strongly advised to first address any Prototype Pollution vulnerabilities in their application, as they pose a more critical security risk.

Patches

The issue was patched in all Sentry JavaScript SDKs starting from the 8.33.0 version.
Also, the fix was backported to SDK v7 in 7.119.1.

References


Release Notes

getsentry/sentry-javascript (@​sentry/browser)

v7.119.1

Compare Source

  • fix(browser/v7): Ensure wrap() only returns functions (#​13838 backport)

Work in this release contributed by @​legobeat. Thank you for your contribution!

v7.119.0

Compare Source

  • backport(tracing): Report dropped spans for transactions (#​13343)
Bundle size 📦
Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.96 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.89 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 76.14 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.52 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.77 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.66 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.71 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.72 KB
@​sentry/browser - Webpack (gzipped) 22.91 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 79.17 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.49 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 36.17 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.41 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 221.92 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 109.52 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 76.24 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.45 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.4 KB
@​sentry/react - Webpack (gzipped) 22.94 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 90.16 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.27 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.34 KB

v7.118.0

Compare Source

  • fix(v7/bundle): Ensure CDN bundles do not overwrite window.Sentry (#​12579)

v7.117.0

Compare Source

  • feat(browser/v7): Publish browserprofling CDN bundle (#​12224)
  • fix(v7/publish): Add v7 tag to @sentry/replay (#​12304)

v7.116.0

Compare Source

This release publishes a new AWS Lambda layer under the name SentryNodeServerlessSDKv7 that users still running v7 can
use instead of pinning themselves to SentryNodeServerlessSDK:235.

Bundle size 📦
Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.83 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.77 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 76.02 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.38 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.64 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.53 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.6 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.61 KB
@​sentry/browser - Webpack (gzipped) 22.78 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 79.04 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.37 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 36.05 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.28 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 221.49 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 109.08 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.81 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.33 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.27 KB
@​sentry/react - Webpack (gzipped) 22.81 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 90.03 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.15 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.34 KB

v7.115.0

Compare Source

  • feat(v7): Add support for global onUnhandled Error/Promise for Bun (#​11959)
  • fix(replay/v7): Fix user activity not being updated in start() (#​12003)
  • ref(api): Remove lastEventId deprecation warnings (#​12042)
Bundle size 📦
Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.83 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.77 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 76.02 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.38 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.64 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.53 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.6 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.61 KB
@​sentry/browser - Webpack (gzipped) 22.78 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 79.04 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.37 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 36.05 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.28 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 221.49 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 109.08 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.81 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.33 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.27 KB
@​sentry/react - Webpack (gzipped) 22.81 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 90.03 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.15 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.34 KB

v7.114.0

Compare Source

Important Changes
  • fix(browser/v7): Continuously record CLS (#​11935)

This release fixes a bug that caused the cumulative layout shift (CLS) web vital not to be reported in a majority of the
cases where it should have been reported. With this change, the CLS web vital should now always be reported for
pageloads with layout shift. If a pageload did not have layout shift, no CLS web vital should be reported.

Please note that upgrading the SDK to this version may cause data in your dashboards to drastically change.

Other Changes
  • build(aws-lambda/v7): Turn off lambda layer publishing (#​11875)
  • feat(v7): Add tunnel support to multiplexed transport (#​11851)
  • fix(opentelemetry-node): support HTTP_REQUEST_METHOD attribute (#​11929)
  • fix(react/v7): Fix react router v4/v5 span names (#​11940)

v7.113.0

Compare Source

Important Changes

This release adds support for Node 22! 🎉

It also adds prebuilt-binaries for Node 22 to @sentry/profiling-node.

Other Changes
  • feat(feedback): [v7] New feedback button design (#​11841)
  • feat(replay/v7): Upgrade rrweb packages to 2.15.0 (#​11752)
  • fix(ember/v7): Ensure unnecessary spans are avoided (#​11848)

v7.112.2

Compare Source

  • fix(nextjs|sveltekit): Ensure we can pass browserTracingIntegration (#​11765)

v7.112.1

Compare Source

  • fix(ember/v7): Do not create rendering spans without transaction (#​11750)

v7.112.0

Compare Source

Important Changes
  • feat: Export pluggable integrations from SDK packages (#​11723)

Instead of installing @sentry/integrations, you can now import the pluggable integrations directly from your SDK
package:

// Before
import * as Sentry fromv '@​sentry/browser';
import { dedupeIntegration } from '@​sentry/integrations';

Sentry.init({
  integrations: [dedupeIntegration()],
});

// After
import * as Sentry from '@​sentry/browser';

Sentry.init({
  integrations: [Sentry.dedupeIntegration()],
});

Note that only the functional integrations (e.g. xxxIntegration()) are re-exported.

Other Changes
  • feat(replay): Add "maxCanvasSize" option for replay canvases (#​11732)
  • fix(serverless): [v7] Check if cloud event callback is a function (#​11734)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.72 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.69 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.91 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.32 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.62 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.5 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.57 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.58 KB
@​sentry/browser - Webpack (gzipped) 22.78 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.9 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.27 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 36.02 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.28 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 221.25 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 109.01 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.79 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.3 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.18 KB
@​sentry/react - Webpack (gzipped) 22.81 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 90.01 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.15 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.32 KB

v7.111.0

Compare Source

  • feat(core): Add server.address to browser http.client spans (#​11663)
  • fix: Ensure next & sveltekit correctly handle browserTracingIntegration (#​11647)
  • fix(browser): Don't assume window.document is available (#​11598)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.71 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.68 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.7 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.31 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.62 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.5 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.57 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.58 KB
@​sentry/browser - Webpack (gzipped) 22.78 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.89 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.25 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 36.02 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.27 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 221.21 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 109.01 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.79 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.3 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.17 KB
@​sentry/react - Webpack (gzipped) 22.81 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 90 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.15 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.32 KB

v7.110.1

Compare Source

  • fix(nextjs): Fix tunnelRoute matching logic for hybrid cloud (#​11577)
Bundle size 📦
Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.58 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.55 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.57 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.18 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.49 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.37 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.57 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.58 KB
@​sentry/browser - Webpack (gzipped) 22.78 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.76 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.12 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 35.9 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.27 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 220.72 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 108.53 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.79 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.17 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.03 KB
@​sentry/react - Webpack (gzipped) 22.81 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 89.87 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.01 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.32 KB

v7.110.0

Compare Source

Important Changes
  • feat(tracing): Add interactions sample rate to browser tracing integrations (#​11382)

You can now use a interactionsSampleRate to control the sample rate of INP spans. interactionsSampleRate is applied
on top of the global tracesSampleRate. Therefore if interactionsSampleRate is 0.5 and tracesSampleRate is 0.1,
then the actual sample rate for interactions is 0.05.

Sentry.init({
  tracesSampleRate: 0.1,
  integrations: [
    Sentry.browserTracingIntegration({
      interactionsSampleRate: 0.5,
    }),
  ],
});
  • Deprecations

This release deprecates the Hub class, as well as the addRequestDataToTransaction method. The trpcMiddleware
method is no longer on the Handlers export, but instead is a standalone export.

Please see the detailed Migration docs on how to migrate to the new APIs.

  • feat: Deprecate and relocate trpcMiddleware (#​11389)
  • feat(core): Deprecate Hub class (#​11528)
  • feat(types): Deprecate Hub interface (#​11530)
  • ref: Deprecate addRequestDataToTransaction (#​11368)
Other Changes
  • feat(core): Update metric normalization (#​11519)
  • feat(feedback): Customize feedback placeholder text color (#​11521)
  • feat(remix): Skip span creation for OPTIONS and HEAD request. (#​11485)
  • feat(utils): Add metric buckets rate limit (#​11506)
  • fix(core): unref timer to not block node exit (#​11483)
  • fix(metrics): Map statsd to metric_bucket (#​11505)
  • fix(spans): Allow zero exclusive time for INP spans (#​11408)
  • ref(feedback): Configure feedback fonts (#​11520)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.58 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.55 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.57 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.18 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.49 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.37 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.57 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.58 KB
@​sentry/browser - Webpack (gzipped) 22.78 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.76 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.12 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 35.9 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.27 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 220.72 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 108.53 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.79 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.17 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.03 KB
@​sentry/react - Webpack (gzipped) 22.81 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 89.87 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.01 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.32 KB

v7.109.0

Compare Source

This release deprecates some exports from the @sentry/replay package. These exports have been moved to the browser SDK
(or related framework SDKs like @sentry/react).

  • feat(feedback): Make "required" text for input elements configurable (#​11287)
  • feat(node): Add scope to ANR events (#​11267)
  • feat(replay): Bump rrweb to 2.12.0 (#​11317)
  • fix(node): Local variables skipped after Promise (#​11248)
  • fix(node): Skip capturing Hapi Boom error responses (#​11324)
  • fix(web-vitals): Check for undefined navigation entry (#​11312)
  • ref(replay): Deprecate @sentry/replay exports (#​11242)

Work in this release contributed by @​soerface. Thank you for your contribution!

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.48 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.47 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.49 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.11 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.41 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.29 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.52 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.53 KB
@​sentry/browser - Webpack (gzipped) 22.74 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.59 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 69.97 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 35.77 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.17 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 220.31 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 108.12 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.48 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 71.97 KB
@​sentry/react - Webpack (gzipped) 22.77 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 89.81 KB
@​sentry/nextjs Client - Webpack (gzipped) 53.95 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.3 KB

v7.108.0

Compare Source

This release fixes issues with Time to First Byte (TTFB) calculation in the SDK that was introduced with 7.95.0. It
also fixes some bugs with Interaction to First Paint (INP) instrumentation. This may impact your Sentry Performance
Score calculation.

  • feat(serverless): Add Node.js 20 to compatible runtimes (#​11104)
  • feat(core): Backport ResizeObserver and googletag default filters (#​11210)
  • feat(webvitals): Adds event entry names for INP handler. Also guard against empty metric value
  • fix(metrics): use correct statsd data category (#​11187)
  • fix(node): Record local variables with falsy values (v7) (#​11190)
  • fix(node): Use unique variable for ANR context transfer (v7) (#​11162)
  • fix(node): Time zone handling for cron (#​11225)
  • fix(tracing): use web-vitals ttfb calculation (#​11231)
  • fix(types): Fix incorrect sampled type on Transaction (#​11146)
  • fix(webvitals): Fix mapping not being maintained properly and sometimes not sending INP spans (#​11183)

Work in this release contributed by @​quisido and @​joshkel. Thank you for your contributions!

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.45 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.47 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.47 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.1 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.4 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.29 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.49 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.5 KB
@​sentry/browser - Webpack (gzipped) 22.74 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.55 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 69.97 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 35.77 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.17 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 220.29 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 108.1 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.48 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 38.99 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 71.96 KB
@​sentry/react - Webpack (gzipped) 22.77 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 89.81 KB
@​sentry/nextjs Client - Webpack (gzipped) 53.95 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.28 KB

v7.107.0

Compare Source

This release fixes issues with INP instrumentation with the Next.js SDK and adds support for the enableInp option in
the deprecated BrowserTracing integration for backwards compatibility.

  • feat(performance): Port INP span instrumentation to old browser tracing (#​11085)
  • fix(ember): Ensure browser tracing is correctly lazy loaded (#​11027)
  • fix(node): Do not assert in vendored proxy code (v7 backport) (#​11009)
  • fix(react): Set handled value in ErrorBoundary depending on fallback [v7] (#​11037)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 79.95 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.06 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.04 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 64.7 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.02 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 34.9 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.44 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.45 KB
@​sentry/browser - Webpack (gzipped) 22.68 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.18 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 69.57 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 35.34 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.11 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 219.07 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 106.88 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.38 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 38.62 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 71.53 KB
@​sentry/react - Webpack (gzipped) 22.71 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 89.35 KB
@​sentry/nextjs Client - Webpack (gzipped) 53.51 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.28 KB

v7.106.1

Compare Source

  • fix(nextjs/v7): Use passthrough createReduxEnhancer on server (#​11010)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 78.71 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 69.87 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 73.83 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 63.48 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 33.84 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 34.88 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.44 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.45 KB
@​sentry/browser - Webpack (gzipped) 22.68 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 76.98 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 68.4 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 34.2 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.11 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 215.54 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 103.35 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.38 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 37.38 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 70.25 KB
@​sentry/react - Webpack (gzipped) 22.71 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 89.13 KB
@​sentry/nextjs Client - Webpack (gzipped) 53.3 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.28 KB

v7.106.0

Compare Source

  • feat(nextjs): Support Hybrid Cloud DSNs with tunnelRoute option (#​10958)
  • feat(remix): Add Vite dev-mode support to Express instrumentation (#​10811)
  • fix(core): Undeprecate setTransactionName
  • fix(browser): Don't use chrome variable name (#​10874)
  • fix(nextjs): Client code should not use Node global (#​10925)
  • fix(node): support undici headers as strings or arrays (#​10938)
  • fix(types): Add AttachmentType and use for envelope attachment_type property (#​10946)
  • ref(ember): Avoid namespace import to hopefully resolve minification issue ([#​10885](https://redirect.github.com/g

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.


Thanks for the PR!

Deployments, as required, will be available below:

Please create PRs in draft mode. Mark as ready to enable:

After merge, new images are deployed in:

@renovate renovate bot requested review from DerekRoberts and a team as code owners October 3, 2024 22:15
@renovate renovate bot enabled auto-merge (squash) October 3, 2024 22:15
@renovate renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from acd6460 to 8ea7f9c Compare October 4, 2024 18:47
@renovate renovate bot changed the title fix(deps): update dependency @sentry/browser to v8 [security] fix(deps): update dependency @sentry/browser to v7 [security] Oct 4, 2024
@renovate renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 8ea7f9c to d60324e Compare October 9, 2024 07:51
@renovate renovate bot changed the title fix(deps): update dependency @sentry/browser to v7 [security] fix(deps): update dependency @sentry/browser to v8 [security] Oct 9, 2024
@renovate renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from d60324e to 1d30143 Compare October 9, 2024 10:17
@renovate renovate bot changed the title fix(deps): update dependency @sentry/browser to v8 [security] fix(deps): update dependency @sentry/browser to v7 [security] Oct 9, 2024
@renovate renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 1d30143 to 516acf0 Compare October 11, 2024 16:53
Copy link
Contributor Author

renovate bot commented Oct 11, 2024

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: frontend/package-lock.json
ERROR: npm v10.8.2 is known not to run on Node.js v14.21.3.  This version of npm supports the following node versions: `^18.17.0 || >=20.5.0`. You can find the latest version at https://nodejs.org/.

ERROR:
/opt/containerbase/tools/npm/10.8.2/14.21.3/node_modules/npm/lib/utils/error-message.js:11
  er.message &&= replaceInfo(er.message)
             ^^^

SyntaxError: Unexpected token '&&='
    at wrapSafe (internal/modules/cjs/loader.js:1029:16)
    at Module._compile (internal/modules/cjs/loader.js:1078:27)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1143:10)
    at Module.load (internal/modules/cjs/loader.js:979:32)
    at Function.Module._load (internal/modules/cjs/loader.js:819:12)
    at Module.require (internal/modules/cjs/loader.js:1003:19)
    at require (internal/modules/cjs/helpers.js:107:18)
    at Object.<anonymous> (/opt/containerbase/tools/npm/10.8.2/14.21.3/node_modules/npm/lib/cli/exit-handler.js:2:48)
    at Module._compile (internal/modules/cjs/loader.js:1114:14)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1143:10)

@renovate renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 516acf0 to 5c02c04 Compare October 11, 2024 23:13
@PaulGarewal
Copy link
Contributor

@renovate ignore this minor

auto-merge was automatically disabled October 16, 2024 21:29

Pull request was closed

Copy link
Contributor Author

renovate bot commented Oct 16, 2024

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for any future 7.x releases. But if you manually upgrade to 7.x then Renovate will re-enable minor and patch updates automatically.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.

@renovate renovate bot deleted the renovate/npm-sentry-browser-vulnerability branch October 16, 2024 21:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant