Skip to content

fix(deps): update dependency @sentry/browser to v7 [security] #475

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(deps): update dependency @sentry/browser to v7 [security] #475

wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Oct 3, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
@sentry/browser (source) ^6.12.0 -> ^7.0.0 age confidence

GitHub Vulnerability Alerts

GHSA-593m-55hh-j8gv

Impact

In case a Prototype Pollution vulnerability is present in a user's application or bundled libraries, the Sentry SDK could potentially serve as a gadget to exploit that vulnerability. The exploitability depends on the specific details of the underlying Prototype Pollution issue.

Note

This advisory does not indicate the presence of a Prototype Pollution within the Sentry SDK itself. Users are strongly advised to first address any Prototype Pollution vulnerabilities in their application, as they pose a more critical security risk.

Patches

The issue was patched in all Sentry JavaScript SDKs starting from the 8.33.0 version.
Also, the fix was backported to SDK v7 in 7.119.1.

References

Release Notes

getsentry/sentry-javascript (@​sentry/browser)

v7.119.1

Compare Source

  • fix(browser/v7): Ensure wrap() only returns functions (#​13838 backport)

Work in this release contributed by @​legobeat. Thank you for your contribution!

v7.119.0

Compare Source

  • backport(tracing): Report dropped spans for transactions (#​13343)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.96 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.89 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 76.14 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.52 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.77 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.66 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.71 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.72 KB
@​sentry/browser - Webpack (gzipped) 22.91 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 79.17 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.49 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 36.17 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.41 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 221.92 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 109.52 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 76.24 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.45 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.4 KB
@​sentry/react - Webpack (gzipped) 22.94 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 90.16 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.27 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.34 KB

v7.118.0

Compare Source

  • fix(v7/bundle): Ensure CDN bundles do not overwrite window.Sentry (#​12579)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.83 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.77 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 76.02 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.38 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.64 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.53 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.6 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.61 KB
@​sentry/browser - Webpack (gzipped) 22.78 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 79.05 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.38 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 36.06 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.29 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 221.51 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 109.1 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.83 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.34 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.27 KB
@​sentry/react - Webpack (gzipped) 22.81 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 90.03 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.15 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.34 KB

v7.117.0

Compare Source

  • feat(browser/v7): Publish browserprofling CDN bundle (#​12224)
  • fix(v7/publish): Add v7 tag to @sentry/replay (#​12304)

v7.116.0

Compare Source

This release publishes a new AWS Lambda layer under the name SentryNodeServerlessSDKv7 that users still running v7 can
use instead of pinning themselves to SentryNodeServerlessSDK:235.

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.83 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.77 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 76.02 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.38 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.64 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.53 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.6 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.61 KB
@​sentry/browser - Webpack (gzipped) 22.78 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 79.04 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.37 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 36.05 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.28 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 221.49 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 109.08 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.81 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.33 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.27 KB
@​sentry/react - Webpack (gzipped) 22.81 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 90.03 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.15 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.34 KB

v7.115.0

Compare Source

  • feat(v7): Add support for global onUnhandled Error/Promise for Bun (#​11959)
  • fix(replay/v7): Fix user activity not being updated in start() (#​12003)
  • ref(api): Remove lastEventId deprecation warnings (#​12042)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.83 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.77 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 76.02 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.38 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.64 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.53 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.6 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.61 KB
@​sentry/browser - Webpack (gzipped) 22.78 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 79.04 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.37 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 36.05 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.28 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 221.49 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 109.08 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.81 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.33 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.27 KB
@​sentry/react - Webpack (gzipped) 22.81 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 90.03 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.15 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.34 KB

v7.114.0

Compare Source

Important Changes
  • fix(browser/v7): Continuously record CLS (#​11935)

This release fixes a bug that caused the cumulative layout shift (CLS) web vital not to be reported in a majority of the
cases where it should have been reported. With this change, the CLS web vital should now always be reported for
pageloads with layout shift. If a pageload did not have layout shift, no CLS web vital should be reported.

Please note that upgrading the SDK to this version may cause data in your dashboards to drastically change.

Other Changes
  • build(aws-lambda/v7): Turn off lambda layer publishing (#​11875)
  • feat(v7): Add tunnel support to multiplexed transport (#​11851)
  • fix(opentelemetry-node): support HTTP_REQUEST_METHOD attribute (#​11929)
  • fix(react/v7): Fix react router v4/v5 span names (#​11940)

v7.113.0

Compare Source

Important Changes

This release adds support for Node 22! 🎉

It also adds prebuilt-binaries for Node 22 to @sentry/profiling-node.

Other Changes
  • feat(feedback): [v7] New feedback button design (#​11841)
  • feat(replay/v7): Upgrade rrweb packages to 2.15.0 (#​11752)
  • fix(ember/v7): Ensure unnecessary spans are avoided (#​11848)

v7.112.2

Compare Source

  • fix(nextjs|sveltekit): Ensure we can pass browserTracingIntegration (#​11765)

v7.112.1

Compare Source

  • fix(ember/v7): Do not create rendering spans without transaction (#​11750)

v7.112.0

Compare Source

Important Changes
  • feat: Export pluggable integrations from SDK packages (#​11723)

Instead of installing @sentry/integrations, you can now import the pluggable integrations directly from your SDK
package:

// Before
import * as Sentry fromv '@​sentry/browser';
import { dedupeIntegration } from '@​sentry/integrations';

Sentry.init({
  integrations: [dedupeIntegration()],
});

// After
import * as Sentry from '@​sentry/browser';

Sentry.init({
  integrations: [Sentry.dedupeIntegration()],
});

Note that only the functional integrations (e.g. xxxIntegration()) are re-exported.

Other Changes
  • feat(replay): Add "maxCanvasSize" option for replay canvases (#​11732)
  • fix(serverless): [v7] Check if cloud event callback is a function (#​11734)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.72 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.69 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.91 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.32 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.62 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.5 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.57 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.58 KB
@​sentry/browser - Webpack (gzipped) 22.78 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.9 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.27 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 36.02 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.28 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 221.25 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 109.01 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.79 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.3 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.18 KB
@​sentry/react - Webpack (gzipped) 22.81 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 90.01 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.15 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.32 KB

v7.111.0

Compare Source

  • feat(core): Add server.address to browser http.client spans (#​11663)
  • fix: Ensure next & sveltekit correctly handle browserTracingIntegration (#​11647)
  • fix(browser): Don't assume window.document is available (#​11598)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.71 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.68 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.7 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.31 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.62 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.5 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.57 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.58 KB
@​sentry/browser - Webpack (gzipped) 22.78 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.89 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.25 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 36.02 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.27 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 221.21 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 109.01 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.79 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.3 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.17 KB
@​sentry/react - Webpack (gzipped) 22.81 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 90 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.15 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.32 KB

v7.110.1

Compare Source

  • fix(nextjs): Fix tunnelRoute matching logic for hybrid cloud (#​11577)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.58 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.55 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.57 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.18 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.49 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.37 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.57 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.58 KB
@​sentry/browser - Webpack (gzipped) 22.78 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.76 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.12 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 35.9 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.27 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 220.72 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 108.53 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.79 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.17 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.03 KB
@​sentry/react - Webpack (gzipped) 22.81 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 89.87 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.01 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.32 KB

v7.110.0

Compare Source

Important Changes
  • feat(tracing): Add interactions sample rate to browser tracing integrations (#​11382)

You can now use a interactionsSampleRate to control the sample rate of INP spans. interactionsSampleRate is applied
on top of the global tracesSampleRate. Therefore if interactionsSampleRate is 0.5 and tracesSampleRate is 0.1,
then the actual sample rate for interactions is 0.05.

Sentry.init({
  tracesSampleRate: 0.1,
  integrations: [
    Sentry.browserTracingIntegration({
      interactionsSampleRate: 0.5,
    }),
  ],
});
  • Deprecations

This release deprecates the Hub class, as well as the addRequestDataToTransaction method. The trpcMiddleware
method is no longer on the Handlers export, but instead is a standalone export.

Please see the detailed Migration docs on how to migrate to the new APIs.

  • feat: Deprecate and relocate trpcMiddleware (#​11389)
  • feat(core): Deprecate Hub class (#​11528)
  • feat(types): Deprecate Hub interface (#​11530)
  • ref: Deprecate addRequestDataToTransaction (#​11368)
Other Changes
  • feat(core): Update metric normalization (#​11519)
  • feat(feedback): Customize feedback placeholder text color (#​11521)
  • feat(remix): Skip span creation for OPTIONS and HEAD request. (#​11485)
  • feat(utils): Add metric buckets rate limit (#​11506)
  • fix(core): unref timer to not block node exit (#​11483)
  • fix(metrics): Map statsd to metric_bucket (#​11505)
  • fix(spans): Allow zero exclusive time for INP spans (#​11408)
  • ref(feedback): Configure feedback fonts (#​11520)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.58 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.55 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.57 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.18 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.49 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.37 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.57 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.58 KB
@​sentry/browser - Webpack (gzipped) 22.78 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.76 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.12 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 35.9 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.27 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 220.72 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 108.53 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.79 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.17 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.03 KB
@​sentry/react - Webpack (gzipped) 22.81 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 89.87 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.01 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.32 KB

v7.109.0

Compare Source

This release deprecates some exports from the @sentry/replay package. These exports have been moved to the browser SDK
(or related framework SDKs like @sentry/react).

  • feat(feedback): Make "required" text for input elements configurable (#​11287)
  • feat(node): Add scope to ANR events (#​11267)
  • feat(replay): Bump rrweb to 2.12.0 (#​11317)
  • fix(node): Local variables skipped after Promise (#​11248)
  • fix(node): Skip capturing Hapi Boom error responses (#​11324)
  • fix(web-vitals): Check for undefined navigation entry (#​11312)
  • ref(replay): Deprecate @sentry/replay exports (#​11242)

Work in this release contributed by @​soerface. Thank you for your contribution!

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.48 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.47 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.49 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.11 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.41 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.29 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.52 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.53 KB
@​sentry/browser - Webpack (gzipped) 22.74 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.59 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 69.97 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 35.77 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.17 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 220.31 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 108.12 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.48 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 71.97 KB
@​sentry/react - Webpack (gzipped) 22.77 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 89.81 KB
@​sentry/nextjs Client - Webpack (gzipped) 53.95 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.3 KB

v7.108.0

Compare Source

This release fixes issues with Time to First Byte (TTFB) calculation in the SDK that was introduced with 7.95.0. It
also fixes some bugs with Interaction to First Paint (INP) instrumentation. This may impact your Sentry Performance
Score calculation.

  • feat(serverless): Add Node.js 20 to compatible runtimes (#​11104)
  • feat(core): Backport ResizeObserver and googletag default filters (#​11210)
  • feat(webvitals): Adds event entry names for INP handler. Also guard against empty metric value
  • fix(metrics): use correct statsd data category (#​11187)
  • fix(node): Record local variables with falsy values (v7) (#​11190)
  • fix(node): Use unique variable for ANR context transfer (v7) (#​11162)
  • fix(node): Time zone handling for cron (#​11225)
  • fix(tracing): use web-vitals ttfb calculation (#​11231)
  • fix(types): Fix incorrect sampled type on Transaction (#​11146)
  • fix(webvitals): Fix mapping not being maintained properly and sometimes not sending INP spans (#​11183)

Work in this release contributed by @​quisido and @​joshkel. Thank you for your contributions!

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.45 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.47 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.47 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.1 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.4 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.29 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.49 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.5 KB
@​sentry/browser - Webpack (gzipped) 22.74 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.55 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 69.97 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 35.77 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.17 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 220.29 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 108.1 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.48 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 38.99 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 71.96 KB
@​sentry/react - Webpack (gzipped) 22.77 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 89.81 KB
@​sentry/nextjs Client - Webpack (gzipped) 53.95 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.28 KB

v7.107.0

Compare Source

This release fixes issues with INP instrumentation with the Next.js SDK and adds support for the enableInp option in
the deprecated BrowserTracing integration for backwards compatibility.

  • feat(performance): Port INP span instrumentation to old browser tracing (#​11085)
  • fix(ember): Ensure browser tracing is correctly lazy loaded (#​11027)
  • fix(node): Do not assert in vendored proxy code (v7 backport) (#​11009)
  • fix(react): Set handled value in ErrorBoundary depending on fallback [v7] (#​11037)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 79.95 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.06 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 75.04 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 64.7 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.02 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 34.9 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.44 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.45 KB
@​sentry/browser - Webpack (gzipped) 22.68 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 78.18 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 69.57 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 35.34 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.11 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 219.07 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 106.88 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 75.38 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 38.62 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 71.53 KB
[@​sentry/react](htt

Configuration

📅 Schedule: Branch creation - "" in timezone Europe/Paris, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Oct 3, 2024
@socket-security
Copy link

socket-security bot commented Oct 3, 2024
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Added@​jest/​globals@​26.6.21001005895100
Added@​jest/​source-map@​26.6.21001006289100
Addedset-blocking@​2.0.01001006276100
Added@​jest/​environment@​26.6.21001006494100
Addedrequire-main-filename@​2.0.01001006476100
Added@​types/​normalize-package-data@​2.4.01001006576100
Added@​jest/​fake-timers@​26.6.21001006794100
Addedjest-matcher-utils@​26.6.21001006795100
Addedshellwords@​0.1.11001006884100
Addedis-docker@​2.2.11001006976100
Addedjest-jasmine2@​26.6.3991007095100
Addeddecamelize@​1.2.01001007276100
Updated@​babel/​helper-validator-identifier@​7.14.9 ⏵ 7.22.20100 +110072 +189100
Addedexpect@​26.6.21001007295100
Addedis-wsl@​2.2.01001007276100
Addedjest-leak-detector@​26.6.21001007393100
Added@​types/​prettier@​2.2.31001007377100
Added@​sinonjs/​commons@​1.8.31001007483100
Addedlines-and-columns@​1.1.61001007477100
Addedgrowly@​1.3.01001009976100
Added@​sentry-internal/​tracing@​7.120.4100100769560
Updatedgraceful-fs@​4.2.6 ⏵ 4.2.11100 +1100100 +176100
Added@​sentry-internal/​feedback@​7.120.410010078100100
Added@​sentry/​types@​7.120.410010078100100
Addedescodegen@​2.0.01001009679100
Added@​sentry/​utils@​7.120.41001007998100
Added@​sentry/​core@​7.120.410010081100100
Addedemittery@​0.7.210010010081100
Addeddecimal.js@​10.2.110010010081100
Updated@​sentry/​integrations@​6.12.0 ⏵ 7.120.4100 +110081 +195 +8100
Addedjsdom@​16.6.0971001008770
Addedreact-test-renderer@​17.0.21001008197100
Addedreact-shallow-renderer@​16.14.1981009182100
See 10 more rows in the dashboard

View full report

@renovate renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 263dddf to 91ec1cf Compare October 4, 2024 19:48
@renovate renovate bot changed the title fix(deps): update dependency @sentry/browser to v8 [security] fix(deps): update dependency @sentry/browser to v7 [security] Oct 4, 2024
@sonarqubecloud
Copy link

sonarqubecloud bot commented Oct 4, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@renovate renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 91ec1cf to 8c7f096 Compare November 21, 2024 10:29
@renovate renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 8c7f096 to 1780475 Compare November 21, 2024 14:58
@renovate renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 1780475 to 571ca53 Compare December 17, 2024 11:47
@sonarqubecloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@renovate renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 571ca53 to 6706b22 Compare February 3, 2025 08:43
@renovate renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 6706b22 to a2152f9 Compare February 13, 2025 13:27
@sonarqubecloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@renovate renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from a2152f9 to 43da6de Compare July 1, 2025 07:39
@renovate renovate bot requested a deployment to build-review July 1, 2025 07:39 Waiting
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jul 1, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@renovate renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 43da6de to 8aad720 Compare August 10, 2025 15:40
@sonarqubecloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant