chore(deps): bump @sentry/node from 7.90.0 to 7.91.0

[dependabot]

Bumps @sentry/node from 7.90.0 to 7.91.0.

Release notes

Sourced from @​sentry/node's releases.

7.91.0

Important Changes

• feat: Add server runtime metrics aggregator (#9894)

The release adds alpha support for Sentry developer metrics in the server runtime SDKs (@sentry/node, @sentry/deno, @sentry/nextjs server-side, etc.). Via the newly introduced APIs, you can now flush metrics directly to Sentry.

To enable capturing metrics, you first need to add the metricsAggregator experiment to your Sentry.init call.

Sentry.init({
  dsn: '__DSN__',
  _experiments: {
    metricsAggregator: true,
  },
});

Then you'll be able to add counters, sets, distributions, and gauges under the Sentry.metrics namespace.

// Add 4 to a counter named `hits`
Sentry.metrics.increment('hits', 4);
// Add 2 to gauge named parallel_requests, tagged with type: "a"
Sentry.metrics.gauge('parallel_requests', 2, { tags: { type: 'a' } });
// Add 4.6 to a distribution named response_time with unit seconds
Sentry.metrics.distribution('response_time', 4.6, { unit: 'seconds' });
// Add 2 to a set named valuable.ids
Sentry.metrics.set('valuable.ids', 2);

• feat(node): Rework ANR to use worker script via an integration (#9945)

The ANR tracking integration for Node has been reworked to use an integration. ANR tracking now requires a minimum Node version of 16 or higher. Previously you had to call Sentry.enableANRDetection before running your application, now you can simply add the Anr integration to your Sentry.init call.

import * as Sentry from '@sentry/node';
Sentry.init({
dsn: 'https://public@dsn.ingest.sentry.io/1337',
integrations: [new Sentry.Integrations.Anr({ captureStackTrace: true, anrThreshold: 200 })],
});

Other Changes

• feat(breadcrumbs): Send component names on UI breadcrumbs (#9946)

... (truncated)

Changelog

Sourced from @​sentry/node's changelog.

7.91.0

Important Changes

• feat: Add server runtime metrics aggregator (#9894)

The release adds alpha support for Sentry developer metrics in the server runtime SDKs (@sentry/node, @sentry/deno, @sentry/nextjs server-side, etc.). Via the newly introduced APIs, you can now flush metrics directly to Sentry.

To enable capturing metrics, you first need to add the metricsAggregator experiment to your Sentry.init call.

Sentry.init({
  dsn: '__DSN__',
  _experiments: {
    metricsAggregator: true,
  },
});

Then you'll be able to add counters, sets, distributions, and gauges under the Sentry.metrics namespace.

// Add 4 to a counter named `hits`
Sentry.metrics.increment('hits', 4);
// Add 2 to gauge named parallel_requests, tagged with type: "a"
Sentry.metrics.gauge('parallel_requests', 2, { tags: { type: 'a' } });
// Add 4.6 to a distribution named response_time with unit seconds
Sentry.metrics.distribution('response_time', 4.6, { unit: 'seconds' });
// Add 2 to a set named valuable.ids
Sentry.metrics.set('valuable.ids', 2);

• feat(node): Rework ANR to use worker script via an integration (#9945)

The ANR tracking integration for Node has been reworked to use an integration. ANR tracking now requires a minimum Node version of 16 or higher. Previously you had to call Sentry.enableANRDetection before running your application, now you can simply add the Anr integration to your Sentry.init call.

import * as Sentry from '@sentry/node';
Sentry.init({
dsn: 'https://public@dsn.ingest.sentry.io/1337',
integrations: [new Sentry.Integrations.Anr({ captureStackTrace: true, anrThreshold: 200 })],
});

Other Changes

... (truncated)

Commits

• 4c19ee3 release: 7.91.0
• 17f490e Merge pull request #9965 from getsentry/prepare-release/7.91.0
• f08bec8 meta(changelog): Update changelog for 7.91.0
• cf412d9 fix(core): Rethrow caught promise rejections in startSpan, `startSpanManual...
• 948e7d3 feat(sveltekit): Add options to configure fetch instrumentation script for CS...
• f56219a build: Fix size limit (#9967)
• 7f8eca7 feat: Add server runtime metrics aggregator (#9894)
• 5d16aae chore(biome): enable noUnusedImports rule (#9895)
• f819d81 feat(breadcrumbs): Send component names on UI breadcrumbs (#9946)
• 9a2570b feat(replay): Send component names in replay breadcrumbs (#9947)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[pull-request-checklist-buddy]

👨‍💻 Dev Branch checks

• All Code checks are successfully?
• No sensetive data leaked?
• Code works as expected?
• Debug Code removed?
• Code Review approved?

[socket-security]

Updated dependencies detected. Learn more about Socket for GitHub ↗︎

Packages	Version	New capabilities	Transitives	Size	Publisher
@sentry/node	7.90.0...7.91.0	None	+4/-4	5.79 MB	sentry-bot

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Issue	Package	Version	Note	Source
Modified license	@ampproject/remapping	2.2.1	License: Apache-2.0 Similarity: 0.99 +1 more instances...	jest@29.7.0 via package.json

Next steps

What is a modified license?

(Experimental) Package contains a modified version of an SPDX license. Please read carefully before using this code.

Packages should avoid making modifications to standard licenses.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore @ampproject/remapping@2.2.1