meta(changelog): Update changelog for 10.12.0 #17660
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…17577) Looks like we tested canary and latest versions of NextJS 13 and 14 in a way that we'd actually always pull in the latest 15 (canary) versions. This PR fixes this by: - removing Next 13 canary tests (these haven't been updated in more than 2 years) - Pinning Next 13 latest to `@next-13` - Pining Next 14 canary to `~14.3.0-canary.0` - Pinning Next 14 latest to `@next-14`
[Gitflow] Merge master into develop
I was looking to add another loader hook but I found some issues with the existing code: - To ensure the hook only gets registered once, `GLOBAL_OBJ._sentryEsmLoaderHookRegistered` is used but it was never set to true anywhere - Hook registration was duplicated in `@sentry/node-core` and `@sentry/node` for preloading - I moved the Node version check/warning to `supportsEsmLoaderHooks()` so it can be reused in multiple hooks
Based on the Cloudflare OTel implementation
Co-authored-by: Lukas Stracke <lukas.stracke@sentry.io>
…g trace in TwP mode (#17526) This PR adjusts how we set treat the `parentSpanId` when propagating it in an SDK configured for [tracing without performance](https://develop.sentry.dev/sdk/telemetry/traces/tracing-without-performance). Previously, we didn't set the `propagationSpanId` on the `propagationContext` (which is supposed to be serialized to the parent span id in the `sentry-trace` (and `traceparent`) header, if no active span is present. This had the consequence that every time `getTraceData()` was called, we'd return a new, random (non-existing) parent span id. Meaning, that if we generate both, `sentry-trace` and `traceparent` headers via `getTraceData()` they'd end up with different parent span ids in the respective hedaers. With this change, we now set a `propagationSpanId` on the PC, which has two effects: 1. consistent parent span id in `sentry-trace` and `traceparent` headers for the same outgoing request 2. consistent parent span ids in all outgoing requests until the next navigation when the PC is recycled So this prolongs the time span in which we propagate the same parent span id. Since this span doesn't exist, I _think_ this is fine. Though happy to drop this if reviewers have concerns. The main benefit with this change is 1 in combination with us generating `traceparent` from raw data rather than parsing the already generated `sentry-trace` header and converting its parts into `traceparent`. (TwP was a mistake)
Add a `<sub>` text at the end of the issue like [seen here](https://github.com/open-telemetry/opentelemetry-js-contrib/blob/main/.github/ISSUE_TEMPLATE/bug_report.md). We are using the issue form syntax, so it's added as pre-filled content.
…ation (#17571) Adds support for AnthropicAI manual instrumentation in @sentry/cloudflare and @sentry/vercel-edge. To instrument the AnthropicAI client, wrap it with Sentry.instrumentAnthropicAiClient and set recording settings. ``` import * as Sentry from '@sentry/cloudflare'; import Anthropic from '@anthropic-ai/sdk'; const anthropic = new Anthropic(); const client = Sentry.instrumentAnthropicAiClient(anthropic, { recordInputs: true, recordOutputs: true }); // use the wrapped client ```
…17596) Since Nitro v2.11.7, the platform-specific properties like `cloudlfare` and `cf` are nested under `_platform` (nitrojs/nitro#3224). The `isEventType` function is updated to reflect this change. stumbled across this while working on this: #17588
This PR fixes the usage of the SDK in v10 with Prisma v5.
We used to require/recommend that users manually installed
`@prisma/instrumentation` v5 and passed this to our `prismaIntegration`
like this:
```js
const { PrismaInstrumentation } = require('@prisma/instrumentation');
prismaIntegration({ prismaInstrumentation: new PrismaInstrumentation() });
```
However, this no longer works in v10 because that version pulls in v1 of
`@opentelemetry/sdk-trace-base`, which is no longer compatible in v10 of
our SDK 😢
So to fix this, this PR removes/deprecates the passing of
`prismaInstrumentation` (this now no-ops). v5 is now supported out of
the box!
To make this work, some hacks and workarounds were necessary 😬 The
problem is that v5 of the prisma instrumentation relies on manually
creating span instances with specified ID and parent IDs. This is no
longer possible in OTEL v2, as all these APIs are no longer exported 😞
(it was also weird from prisma to do this in the first place, and they
no longer do this in v6 of the instrumentation).
To get this to work, we manually overwrite the `tracer._idGenerator`
with a mock that returns the IDs we need, kind of making this work as
expected again. Hopefully this will not break in the future, we'll see -
our tests should at least show us if that ever breaks.
While at this, I also re-wrote our integration tests to run in CJS and
ESM properly and use the new test runner structure instead of manually
calling yarn etc. in there.
Example trace before in v5 (without custom prismaInstrumentation, which
broke at runtime):
https://sentry-sdks.sentry.io/explore/discover/trace/49e2095162e4bb571074e27653586643/?dataset=transactions&field=title&field=project&field=user.display&field=timestamp&name=All%20Errors&node=span-61995a9d80c6925f&project=4508330866769920&query=&queryDataset=transaction-like&sort=-timestamp&source=discover&statsPeriod=1h×tamp=1757575919&yAxis=count%28%29
Example trace with this PR:
https://sentry-sdks.sentry.io/explore/discover/trace/deaaa1990ba6204085779aa09888dc2c/?dataset=transactions&field=title&field=project&field=user.display&field=timestamp&fov=0%2C813.7861328125&name=All%20Errors&node=span-8eb41978be76824e&project=4508330866769920&query=&queryDataset=transaction-like&sort=-timestamp&source=discover&statsPeriod=1h×tamp=1757575780&yAxis=count%28%29
---------
Co-authored-by: Andrei <168741329+andreiborza@users.noreply.github.com>
…for `step.do` (#17582) Previously, our Cloudflare Workflows instrumentation created a new Sentry client inside every `step.do`. This resets the tracing context: a custom span started with `startSpan` around multiple `step.do` would finish under a different client/scope than its children. This change initializes Sentry once per workflow run and preserves the active scope across steps. We capture the current scope in `step.do` and pass it to `startSpan`. A new test was added to check that a `step.do` span becomes a child of a surrounding custom span. fixes #17419 ref (for being able to test this): cloudflare/workerd#5030 Multiple `step.do` with a surrounding `startSpan` call will now result in this: <img width="851" height="265" alt="image" src="https://github.com/user-attachments/assets/298dc085-6555-46cb-93da-a22dd9f7ca02" />
- **ref(node-core): Add `mechanism` to cron instrumentations** - **adjust tests** ref #17260
…her methods for AI (#17580) Vercel AI integration was incorrectly wrapping all patched methods in an async function, causing synchronous methods like streamText to return Promises when they should return synchronous objects. ``` // Before const result = streamText({model: "gpt-5"}); console.log(result); ``` ``` // After const result = streamText({model: "gpt-5"}); console.log(result); // DefaultStreamTextResult { ... } ✅ ``` Resolves: #17553
This PR adjusts/adds the `mechanism.type` field to errors caught from our Nuxt SDK. The name now follows the trace origin as well as possible.
This issue is only observed for Nextjs 13 and specifically for apps that don't use the app router. Similarly to what we do in vercel-edge, we polyfill `performance`. This is only done for dev mode as it's not an issue otherwise. Note: I tried to reproduce this via our existing e2e test apps but they're all using the app router so it's not manifesting there. Closes: #17343
… in `ErrorBoundary` (#17602) Both mechanisms now follow the trace origin naming scheme. Decided to make the `handled` value of `reactErrorHandler` depend on the definedness of the passed callback.
Angular 21 will only support TS 5.9.0 or greater. This breaking change was introduced in the [`next.3` preview release](https://github.com/angular/angular/releases/tag/21.0.0-next.3) and was flagged in our Angular canary test. Bumping the TS version should be safe here since it will be required by NG21 and still fits into the [compatible range of NG20](https://angular.dev/reference/versions). closes #17603
This test flaked before because we used real timers and apparently `setTimeout(_, 10)` sometimes caused an absolute delay <10 ms. Let's use fake timers instead which should(?) ensure that this works correctly in the test fixture. closes #17611
…7614) should have used snake_case instead of kebab-case
…ests/test-applications/nextjs-orpc (#17494) Bumps [next](https://github.com/vercel/next.js) from 14.2.29 to 14.2.32. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">next's releases</a>.</em></p> <blockquote> <h2>v14.2.32</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>fix router handling when setting a location response header <a href="https://redirect.github.com/vercel/next.js/issues/82588">#82588</a></li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/ztanner"><code>@ztanner</code></a> for helping!</p> <h2>v14.2.31</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>fix(next/image): improve and simplify detect-content-type (<a href="https://redirect.github.com/vercel/next.js/issues/82179">#82179</a>)</li> <li>fix(next/image): fix image-optimizer.ts headers (<a href="https://redirect.github.com/vercel/next.js/issues/82178">#82178</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/styfle"><code>@styfle</code></a> and <a href="https://github.com/ztanner"><code>@ztanner</code></a> for helping!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/89ee5615520d593e328be994b30cd445ef5d5c17"><code>89ee561</code></a> v14.2.32</li> <li><a href="https://github.com/vercel/next.js/commit/6a974adc455776b335b0db094d4c2e5349d97c97"><code>6a974ad</code></a> [backport v14]: fix router handling when setting a location response header (...</li> <li><a href="https://github.com/vercel/next.js/commit/55f76620ffb715ca3255bae96fa58f4a1a0848b1"><code>55f7662</code></a> v14.2.31</li> <li><a href="https://github.com/vercel/next.js/commit/5dd68a5853effd435bca664c443211e99f9e6554"><code>5dd68a5</code></a> [backport v14]: fix(next/image): improve and simplify detect-content-type (<a href="https://redirect.github.com/vercel/next.js/issues/8">#8</a>...</li> <li><a href="https://github.com/vercel/next.js/commit/bcc7c65c5abef84c1c977a85fc392e589b74d8f7"><code>bcc7c65</code></a> [backport v14]: fix(next/image): fix image-optimizer.ts headers (<a href="https://redirect.github.com/vercel/next.js/issues/82114">#82114</a>) (<a href="https://redirect.github.com/vercel/next.js/issues/82">#82</a>...</li> <li><a href="https://github.com/vercel/next.js/commit/243072b7a8b7fb3be74a8d9256847669b131ea7e"><code>243072b</code></a> v14.2.30</li> <li><a href="https://github.com/vercel/next.js/commit/f523d4a142913fa9f9f743241cc6132a39f6883b"><code>f523d4a</code></a> [backport]: config.allowedDevOrigins (<a href="https://redirect.github.com/vercel/next.js/issues/80410">#80410</a>)</li> <li>See full diff in <a href="https://github.com/vercel/next.js/compare/v14.2.29...v14.2.32">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/getsentry/sentry-javascript/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ests/test-applications/nextjs-pages-dir (#17620) Bumps [next](https://github.com/vercel/next.js) from 14.2.25 to 14.2.32. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">next's releases</a>.</em></p> <blockquote> <h2>v14.2.32</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>fix router handling when setting a location response header <a href="https://redirect.github.com/vercel/next.js/issues/82588">#82588</a></li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/ztanner"><code>@ztanner</code></a> for helping!</p> <h2>v14.2.31</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>fix(next/image): improve and simplify detect-content-type (<a href="https://redirect.github.com/vercel/next.js/issues/82179">#82179</a>)</li> <li>fix(next/image): fix image-optimizer.ts headers (<a href="https://redirect.github.com/vercel/next.js/issues/82178">#82178</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/styfle"><code>@styfle</code></a> and <a href="https://github.com/ztanner"><code>@ztanner</code></a> for helping!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/89ee5615520d593e328be994b30cd445ef5d5c17"><code>89ee561</code></a> v14.2.32</li> <li><a href="https://github.com/vercel/next.js/commit/6a974adc455776b335b0db094d4c2e5349d97c97"><code>6a974ad</code></a> [backport v14]: fix router handling when setting a location response header (...</li> <li><a href="https://github.com/vercel/next.js/commit/55f76620ffb715ca3255bae96fa58f4a1a0848b1"><code>55f7662</code></a> v14.2.31</li> <li><a href="https://github.com/vercel/next.js/commit/5dd68a5853effd435bca664c443211e99f9e6554"><code>5dd68a5</code></a> [backport v14]: fix(next/image): improve and simplify detect-content-type (<a href="https://redirect.github.com/vercel/next.js/issues/8">#8</a>...</li> <li><a href="https://github.com/vercel/next.js/commit/bcc7c65c5abef84c1c977a85fc392e589b74d8f7"><code>bcc7c65</code></a> [backport v14]: fix(next/image): fix image-optimizer.ts headers (<a href="https://redirect.github.com/vercel/next.js/issues/82114">#82114</a>) (<a href="https://redirect.github.com/vercel/next.js/issues/82">#82</a>...</li> <li><a href="https://github.com/vercel/next.js/commit/243072b7a8b7fb3be74a8d9256847669b131ea7e"><code>243072b</code></a> v14.2.30</li> <li><a href="https://github.com/vercel/next.js/commit/f523d4a142913fa9f9f743241cc6132a39f6883b"><code>f523d4a</code></a> [backport]: config.allowedDevOrigins (<a href="https://redirect.github.com/vercel/next.js/issues/80410">#80410</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/ca9211576c9a21c15980dcc6f022c2cd21542561"><code>ca92115</code></a> v14.2.29</li> <li><a href="https://github.com/vercel/next.js/commit/ec9ee8749e9c6820148ead09a20983afd7ba9482"><code>ec9ee87</code></a> Only share incremental cache for edge in next start (<a href="https://redirect.github.com/vercel/next.js/issues/79389">#79389</a>)</li> <li><a href="https://github.com/vercel/next.js/commit/e65628a237ea76d77d911aedb12d5137fddd90fb"><code>e65628a</code></a> v14.2.28</li> <li>Additional commits viewable in <a href="https://github.com/vercel/next.js/compare/v14.2.25...v14.2.32">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/getsentry/sentry-javascript/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Event mechanism type now follows the trace origin naming scheme closes #17640
Avoid re-creating many sync promises where not needed. We used to wrap every result of an event processor in a sync promise, no matter if needed or not. This is not really necessary, likely having a (very minor) perf impact but also making the stacktraces etc. more complicated then neccessary. With this PR, we only wrap the overall result in a sync promise once, if needed, and otherwise just run the event processors directly. Somewhat inspired by looking into this for #17592, but likely does not actually fix this.
…s/test-applications/cloudflare-hono (#17630) Bumps [hono](https://github.com/honojs/hono) from 4.7.10 to 4.9.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/honojs/hono/releases">hono's releases</a>.</em></p> <blockquote> <h2>v4.9.7</h2> <h2>Security</h2> <ul> <li>Fixed an issue in the <code>bodyLimit</code> middleware where the body size limit could be bypassed when both <code>Content-Length</code> and <code>Transfer-Encoding</code> headers were present. If you are using this middleware, please update immediately. <a href="https://github.com/honojs/hono/security/advisories/GHSA-92vj-g62v-jqhh">Security Advisory</a></li> </ul> <h2>What's Changed</h2> <ul> <li>fix(client): Fix <code>parseResponse</code> not parsing json in react native by <a href="https://github.com/lr0pb"><code>@lr0pb</code></a> in <a href="https://redirect.github.com/honojs/hono/pull/4399">honojs/hono#4399</a></li> <li>chore: add <code>.tool-versions</code> file by <a href="https://github.com/3w36zj6"><code>@3w36zj6</code></a> in <a href="https://redirect.github.com/honojs/hono/pull/4397">honojs/hono#4397</a></li> <li>chore: update <code>bun install</code> commands to use <code>--frozen-lockfile</code> by <a href="https://github.com/3w36zj6"><code>@3w36zj6</code></a> in <a href="https://redirect.github.com/honojs/hono/pull/4398">honojs/hono#4398</a></li> <li>test(jwk): Add tests of JWK token verification by <a href="https://github.com/buckett"><code>@buckett</code></a> in <a href="https://redirect.github.com/honojs/hono/pull/4402">honojs/hono#4402</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/lr0pb"><code>@lr0pb</code></a> made their first contribution in <a href="https://redirect.github.com/honojs/hono/pull/4399">honojs/hono#4399</a></li> <li><a href="https://github.com/buckett"><code>@buckett</code></a> made their first contribution in <a href="https://redirect.github.com/honojs/hono/pull/4402">honojs/hono#4402</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/honojs/hono/compare/v4.9.6...v4.9.7">https://github.com/honojs/hono/compare/v4.9.6...v4.9.7</a></p> <h2>v4.9.6</h2> <h2>Security</h2> <p>Fixed a bug in URL path parsing (<code>getPath</code>) that could cause path confusion under malformed requests.</p> <p>If you rely on reverse proxies (e.g. Nginx) for ACLs or restrict access to endpoints like <code>/admin</code>, please update immediately.</p> <p>See advisory for details: GHSA-9hp6-4448-45g2</p> <h2>What's Changed</h2> <ul> <li>chore: update packages in the router bench by <a href="https://github.com/yusukebe"><code>@yusukebe</code></a> in <a href="https://redirect.github.com/honojs/hono/pull/4386">honojs/hono#4386</a></li> <li>chore(benchmarks): remove comment-out from router bench by <a href="https://github.com/yusukebe"><code>@yusukebe</code></a> in <a href="https://redirect.github.com/honojs/hono/pull/4387">honojs/hono#4387</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/honojs/hono/compare/v4.9.5...v4.9.6">https://github.com/honojs/hono/compare/v4.9.5...v4.9.6</a></p> <h2>v4.9.5</h2> <h2>What's Changed</h2> <ul> <li>chore: replace supertest with undici by <a href="https://github.com/BarryThePenguin"><code>@BarryThePenguin</code></a> in <a href="https://redirect.github.com/honojs/hono/pull/4365">honojs/hono#4365</a></li> <li>fix(aws-lambda): preserve percent-encoded values in query strings by <a href="https://github.com/yusukebe"><code>@yusukebe</code></a> in <a href="https://redirect.github.com/honojs/hono/pull/4372">honojs/hono#4372</a></li> <li>feat(cors): Allow async functions for <code>origin</code> and <code>allowMethods</code> by <a href="https://github.com/jobrk"><code>@jobrk</code></a> in <a href="https://redirect.github.com/honojs/hono/pull/4373">honojs/hono#4373</a></li> <li>feat(cors): Correct origin function return type asynchronously returning null or undefined for origin by <a href="https://github.com/jobrk"><code>@jobrk</code></a> in <a href="https://redirect.github.com/honojs/hono/pull/4375">honojs/hono#4375</a></li> <li>fix(service-worker): correct args for <code>app.fetch</code> in <code>handle</code> by <a href="https://github.com/yusukebe"><code>@yusukebe</code></a> in <a href="https://redirect.github.com/honojs/hono/pull/4374">honojs/hono#4374</a></li> <li>fix(language-detector): Detect language from path after getPath changed by <a href="https://github.com/iflamed"><code>@iflamed</code></a> in <a href="https://redirect.github.com/honojs/hono/pull/4369">honojs/hono#4369</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/jobrk"><code>@jobrk</code></a> made their first contribution in <a href="https://redirect.github.com/honojs/hono/pull/4373">honojs/hono#4373</a></li> <li><a href="https://github.com/iflamed"><code>@iflamed</code></a> made their first contribution in <a href="https://redirect.github.com/honojs/hono/pull/4369">honojs/hono#4369</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/honojs/hono/compare/v4.9.4...v4.9.5">https://github.com/honojs/hono/compare/v4.9.4...v4.9.5</a></p> <h2>v4.9.4</h2> <h2>What's Changed</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/honojs/hono/commit/5ece99500fbcdc1026ab7f458f65cbe9eab29a6b"><code>5ece995</code></a> 4.9.7</li> <li><a href="https://github.com/honojs/hono/commit/605c70560b52f13af10379f79b76717042fafe8d"><code>605c705</code></a> Merge commit from fork</li> <li><a href="https://github.com/honojs/hono/commit/6792789ec06bd14c96ecdf38a368f7d7526e601a"><code>6792789</code></a> test(jwk): Add tests of JWK token verification (<a href="https://redirect.github.com/honojs/hono/issues/4402">#4402</a>)</li> <li><a href="https://github.com/honojs/hono/commit/2f489b3562cd0d29075062b2ea0648ab92b88727"><code>2f489b3</code></a> chore: update <code>bun install</code> commands to use <code>--frozen-lockfile</code> (<a href="https://redirect.github.com/honojs/hono/issues/4398">#4398</a>)</li> <li><a href="https://github.com/honojs/hono/commit/9b0a8f51ed15910b86cd2a6dd8f15b16b45e1c06"><code>9b0a8f5</code></a> chore: add <code>.tool-versions</code> file (<a href="https://redirect.github.com/honojs/hono/issues/4397">#4397</a>)</li> <li><a href="https://github.com/honojs/hono/commit/5b277d811cc655667683ae60141f739fa40b65e1"><code>5b277d8</code></a> fix(client): Fix <code>parseResponse</code> not parsing json in react native (<a href="https://redirect.github.com/honojs/hono/issues/4399">#4399</a>)</li> <li><a href="https://github.com/honojs/hono/commit/7f4311c010dbd15bd25e16551ecf58059887d105"><code>7f4311c</code></a> 4.9.6</li> <li><a href="https://github.com/honojs/hono/commit/1d79aedc3f82d8c9969b115fe61bc4bd705ec8de"><code>1d79aed</code></a> Merge commit from fork</li> <li><a href="https://github.com/honojs/hono/commit/adecab1caeb2665c8da83a470de958566890d6ba"><code>adecab1</code></a> chore(benchmarks): remove comment-out from router bench (<a href="https://redirect.github.com/honojs/hono/issues/4387">#4387</a>)</li> <li><a href="https://github.com/honojs/hono/commit/b3d5b404291a71ec088c5f5c9d6f2940150fbb5b"><code>b3d5b40</code></a> chore: update packages in the router bench (<a href="https://redirect.github.com/honojs/hono/issues/4386">#4386</a>)</li> <li>Additional commits viewable in <a href="https://github.com/honojs/hono/compare/v4.7.10...v4.9.7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/getsentry/sentry-javascript/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
mechanism type now follows the trace origin naming scheme closes #17639
…gration` (#17635) Now follows the same trace origin-esque naming scheme as the [browser version](https://github.com/getsentry/sentry-javascript/blob/4b562bcbf0a81494627ab2c5a153ddbddb2d89ae/packages/browser/src/integrations/globalhandlers.ts#L101) of `globalHandlersIntegration`. ref #17212
…nhandledException` integrations (#17636) mechanism type now follows the trace origin-esque naming, similarly to global handlers [in browser](https://github.com/getsentry/sentry-javascript/blob/4b562bcbf0a81494627ab2c5a153ddbddb2d89ae/packages/browser/src/integrations/globalhandlers.ts#L101) ref #17212
…ests/test-applications/nextjs-t3 (#17656) Bumps [next](https://github.com/vercel/next.js) from 14.2.29 to 14.2.32. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">next's releases</a>.</em></p> <blockquote> <h2>v14.2.32</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>fix router handling when setting a location response header <a href="https://redirect.github.com/vercel/next.js/issues/82588">#82588</a></li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/ztanner"><code>@ztanner</code></a> for helping!</p> <h2>v14.2.31</h2> <blockquote> <p>[!NOTE]<br /> This release is backporting bug fixes. It does <strong>not</strong> include all pending features/changes on canary.</p> </blockquote> <h3>Core Changes</h3> <ul> <li>fix(next/image): improve and simplify detect-content-type (<a href="https://redirect.github.com/vercel/next.js/issues/82179">#82179</a>)</li> <li>fix(next/image): fix image-optimizer.ts headers (<a href="https://redirect.github.com/vercel/next.js/issues/82178">#82178</a>)</li> </ul> <h3>Credits</h3> <p>Huge thanks to <a href="https://github.com/styfle"><code>@styfle</code></a> and <a href="https://github.com/ztanner"><code>@ztanner</code></a> for helping!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vercel/next.js/commit/89ee5615520d593e328be994b30cd445ef5d5c17"><code>89ee561</code></a> v14.2.32</li> <li><a href="https://github.com/vercel/next.js/commit/6a974adc455776b335b0db094d4c2e5349d97c97"><code>6a974ad</code></a> [backport v14]: fix router handling when setting a location response header (...</li> <li><a href="https://github.com/vercel/next.js/commit/55f76620ffb715ca3255bae96fa58f4a1a0848b1"><code>55f7662</code></a> v14.2.31</li> <li><a href="https://github.com/vercel/next.js/commit/5dd68a5853effd435bca664c443211e99f9e6554"><code>5dd68a5</code></a> [backport v14]: fix(next/image): improve and simplify detect-content-type (<a href="https://redirect.github.com/vercel/next.js/issues/8">#8</a>...</li> <li><a href="https://github.com/vercel/next.js/commit/bcc7c65c5abef84c1c977a85fc392e589b74d8f7"><code>bcc7c65</code></a> [backport v14]: fix(next/image): fix image-optimizer.ts headers (<a href="https://redirect.github.com/vercel/next.js/issues/82114">#82114</a>) (<a href="https://redirect.github.com/vercel/next.js/issues/82">#82</a>...</li> <li><a href="https://github.com/vercel/next.js/commit/243072b7a8b7fb3be74a8d9256847669b131ea7e"><code>243072b</code></a> v14.2.30</li> <li><a href="https://github.com/vercel/next.js/commit/f523d4a142913fa9f9f743241cc6132a39f6883b"><code>f523d4a</code></a> [backport]: config.allowedDevOrigins (<a href="https://redirect.github.com/vercel/next.js/issues/80410">#80410</a>)</li> <li>See full diff in <a href="https://github.com/vercel/next.js/compare/v14.2.29...v14.2.32">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/getsentry/sentry-javascript/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
size-limit report 📦
|
node-overhead report 🧳Note: This is a synthetic benchmark with a minimal express app and does not necessarily reflect the real-world performance impact in an application.
|
s1gr1d
approved these changes
Sep 16, 2025
…tests (#17665) - pin all SvelteKit versions used in our e2e tests - adjust one of them to use 2.41.0 (the most recent version) and adjust the test to the bugfix in this version
This PR hopefully helps unflake some tests, e.g. #17658, by: 1. Using async instead of sync methods for the test runner (hopefully a bit more performant) 2. increasing timeout for the beforeAll callback
This changes our fetch transport a bit, making use of async functions and slightly adjusting error handling: 1. Technically there was a bug if fetch is not available, as we would keep increasing the `pendingBodySize`/`pendingCount` and never decrease it. 2. We had some dedicated error messages for edge cases that are IMHO not necessary - we can safe a few bytes by just using default error messages there. 3. No need to use sync promise here, all of this is async anyhow. Extracted this out of #17641
….waitUntil` to prevent multiple instrumentation (#17539)" (#17666) This PR reverts #17539 because it causes e2e test fails on PRs as well as on `develop` and release branches. It seems like when our e2e tests expect errors in websocket, another unrelated error is thrown: ``` ✘ 5 [chromium] › tests/index.test.ts:41:5 › Websocket.webSocketMessage (13ms) [WebServer] ✘ [ERROR] Uncaught TypeError: Illegal invocation: function called with incorrect `this` reference. See https://developers.cloudflare.com/workers/observability/errors/#illegal-invocation-errors for details. Error [WebServer] [WebServer] at fetch (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/src/index.ts:32:18) [WebServer] at null.<anonymous> (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+cloudflare@10.11.0_@cloudflare+workers-types@4.20250913.0/node_modules/@sentry/cloudflare/src/durableobject.ts:219:23) [WebServer] at null.<anonymous> (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+cloudflare@10.11.0_@cloudflare+workers-types@4.20250913.0/node_modules/@sentry/cloudflare/src/request.ts:108:33) [WebServer] at handleCallbackErrors.status.status (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+core@10.11.0/node_modules/@sentry/core/src/tracing/trace.ts:77:15) [WebServer] at handleCallbackErrors (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+core@10.11.0/node_modules/@sentry/core/src/utils/handleCallbackErrors.ts:20:26) [WebServer] at null.<anonymous> (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+core@10.11.0/node_modules/@sentry/core/src/tracing/trace.ts:76:14) [WebServer] at null.<anonymous> (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+core@10.11.0/node_modules/@sentry/core/src/tracing/trace.ts:530:100) [WebServer] at null.<anonymous> (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+core@10.11.0/node_modules/@sentry/core/src/tracing/trace.ts:60:12) [WebServer] at null.<anonymous> (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+cloudflare@10.11.0_@cloudflare+workers-types@4.20250913.0/node_modules/@sentry/cloudflare/src/async.ts:41:14) [WebServer] at withScope (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+cloudflare@10.11.0_@cloudflare+workers-types@4.20250913.0/node_modules/@sentry/cloudflare/src/async.ts:40:25) [WebServer] at withScope (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+core@10.11.0/node_modules/@sentry/core/src/currentScopes.ts:59:18) [WebServer] at startSpan (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+core@10.11.0/node_modules/@sentry/core/src/tracing/trace.ts:56:10) [WebServer] at null.<anonymous> (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+cloudflare@10.11.0_@cloudflare+workers-types@4.20250913.0/node_modules/@sentry/cloudflare/src/request.ts:101:16) [WebServer] at null.<anonymous> (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+core@10.11.0/node_modules/@sentry/core/src/tracing/trace.ts:229:12) [WebServer] at null.<anonymous> (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+cloudflare@10.11.0_@cloudflare+workers-types@4.20250913.0/node_modules/@sentry/cloudflare/src/async.ts:41:14) [WebServer] at withScope (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+cloudflare@10.11.0_@cloudflare+workers-types@4.20250913.0/node_modules/@sentry/cloudflare/src/async.ts:40:25) [WebServer] at withScope (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+core@10.11.0/node_modules/@sentry/core/src/currentScopes.ts:65:14) [WebServer] at continueTrace (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+core@10.11.0/node_modules/@sentry/core/src/tracing/trace.ts:226:10) [WebServer] at null.<anonymous> (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+cloudflare@10.11.0_@cloudflare+workers-types@4.20250913.0/node_modules/@sentry/cloudflare/src/request.ts:95:12) [WebServer] at null.<anonymous> (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+cloudflare@10.11.0_@cloudflare+workers-types@4.20250913.0/node_modules/@sentry/cloudflare/src/async.ts:56:14) [WebServer] at withIsolationScope (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+cloudflare@10.11.0_@cloudflare+workers-types@4.20250913.0/node_modules/@sentry/cloudflare/src/async.ts:55:25) [WebServer] at withIsolationScope (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+core@10.11.0/node_modules/@sentry/core/src/currentScopes.ts:114:14) [WebServer] at wrapRequestHandler (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+cloudflare@10.11.0_@cloudflare+workers-types@4.20250913.0/node_modules/@sentry/cloudflare/src/request.ts:43:10) [WebServer] at apply (file:///private/var/folders/63/gxb4ks2n7wbf_7bbwz86cgsc0000gn/T/sentry-e2e-tests-cloudflare-workers-fU9D9e/node_modules/.pnpm/@sentry+cloudflare@10.11.0_@cloudflare+workers-types@4.20250913.0/node_modules/@sentry/cloudflare/src/durableobject.ts:218:20) [WebServer] [WebServer] ``` The SDK catches this error instead but the tests fail because they expect the other error. Not sure what in #17539 caused this but for now let's unblock ourselves first and follow up with a fix in a new attempt (cc @0xbad0c0d3 )
andreiborza
force-pushed
the
prepare-release/10.12.0
branch
from
eb3bb86 to
114994d
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
I noticed that we actually handled errors in `sendEnvelope` incorrectly - we would resolve this function with the rejection reason, if sending fails. this does not match the type of `TransportMakeRequestResponse`, you could actually get something like this out (and the tests actually incorrectly tested this): ```js // transport.send() rejects with "fetch does not exist" const res = await client.sendEnvelope(envelope); // res --> "fetch does not exist" (string) ``` This PR fixes this to instead resolve with an empty object (which matches the expected return type). Extracted this out of #17641 because it is actually a bug/fix.
andreiborza
force-pushed
the
prepare-release/10.12.0
branch
from
114994d to
c076017
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
12 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.