meta(changelog): Update changelog for 10.21.0 #17984
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Closes #17904 This PR adds two methods to the `pinoIntegration` export. `trackLogger` and `untrackLogger`; `untrackLogger` can be used to disable capturing from a specific logger. You can also disable `autoInstrument` and only track specific loggers: ```ts import * as Sentry from '@sentry/node'; import pino from 'pino'; Sentry.init({ dsn: '__DSN__', integrations: [Sentry.pinoIntegration({ autoInstrument: false })], }); const logger = pino({}); Sentry.pinoIntegration.trackLogger(logger); logger.debug('This will be captured!'); ```
…rs (#17786) I was running tests locally and noticed that they are stays running if something wents wrong that's why I've added: 04d2fbf fixes #17514 Is there a way to run e2e tests pipeline without merging to develop? <!-- CURSOR_SUMMARY --> --- > [!NOTE] > Introduce `copyExecutionContext` with tests; make Cloudflare integration test runner accept `AbortSignal` and update tests; ignore JUnit reports. > > - **Cloudflare SDK**: > - **Utility**: Add `packages/cloudflare/src/utils/copyExecutionContext.ts` to clone `ExecutionContext`/`DurableObjectState` with overridable, bound methods. > - **Tests**: Add `packages/cloudflare/test/copy-execution-context.test.ts` covering method overriding, immutability safety, and symbol property preservation. > - **Integration Tests (Cloudflare)**: > - **Runner**: `dev-packages/cloudflare-integration-tests/runner.ts` `start` now accepts optional `AbortSignal` and forwards it to `spawn`. > - **Suites**: Update tests (`basic`, `tracing/anthropic-ai`, `tracing/durableobject`, `tracing/openai`) to pass `{ signal }` from Vitest and call `.start(signal)`. > - **Repo**: > - `.gitignore`: Ignore `packages/**/*.junit.xml` JUnit reports. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit cb97187. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: cod1k <cod1k@centro.team>
…tion (#17884) This PR aims to address #9643 partially by introducing a `onRequestSpanEnd` hook to the browser integration. These changes make it easier for users to enrich tracing spans with response header data. #### Example ```ts import * as Sentry from '@sentry/browser'; Sentry.init({ // ... integrations: [ Sentry.browserTracingIntegration({ onRequestSpanEnd(span, responseInformation) { span.setAttributes({ response_type: 'JSON', }); }, }), ], }); ``` #### Tracing Integration and API Improvements * Added `onRequestSpanEnd` callback to `BrowserTracingOptions` and `RequestInstrumentationOptions`, allowing users to access response headers when a request span ends. This enables custom span annotation based on response data. * Updated internal request instrumentation logic to call `onRequestSpanEnd` for both Fetch and XHR requests, passing parsed response headers to the callback. #### Utility and Refactoring * Centralized header parsing and filtering utilities (`parseXhrResponseHeaders`, `getFetchResponseHeaders`, `filterAllowedHeaders`) in `networkUtils.ts`, and exported them for reuse across packages. * Moved helper functions for baggage header checking, URL resolution, performance timing checks, and safe header creation to a new `utils.ts` file to avoid failing the file size limit lint rule. I was hesitant to hoist up those replay utils initially but a few of them were needed to expose them on the hook callback. #### Type and API Consistency * Introduced new types `RequestHookInfo` and `ResponseHookInfo` to standardize the information passed to request span hooks, and exported them from the core package for use in integrations. I also added the necessary tests to test out the new hook.
chore: Sync master-develop
This PR adds the external contributor to the CHANGELOG.md file, so that they are credited for their contribution. See #17786 Co-authored-by: JPeer264 <10677263+JPeer264@users.noreply.github.com>
## What This PR adds automatic instrumentation for Nuxt's storage layer (powered by [unstorage](https://unstorage.unjs.io/)), enabling performance monitoring for cache and key-value storage operations in Nuxt/Nitro applications. Storage operations will now automatically create performance spans with detailed attributes for observability in Sentry. ### What's New - **Automatic Storage Instrumentation**: Instruments all storage drivers configured in `nuxt.config.ts` via `nitro.storage` - **Comprehensive Coverage**: Tracks all storage operations including: - `getItem`, `setItem`, `hasItem`, `removeItem` - Raw variants: `getItemRaw`, `setItemRaw` - Batch operations: `getItems`, `setItems` - Utility methods: `getKeys`, `clear` - Aliases: `get`, `set`, `has`, `del`, `remove` ### Implementation Details **Span Attributes:** - `sentry.op`: `cache.{operation}` (e.g., `cache.get_item`, `cache.set_item`) - `sentry.origin`: `auto.cache.nuxt` - `cache.key`: Full key including mount prefix - `cache.hit`: `true` for successful get/has operations - `db.operation.name`: Original method name - `db.collection.name`: Storage mount point - `db.system.name`: Driver name (e.g., `memory`, `fs`, `redis`) **Files Changed:** - `packages/nuxt/src/runtime/plugins/storage.server.ts` - Runtime instrumentation plugin - `packages/nuxt/src/vite/storageConfig.ts` - Build-time configuration - `packages/nuxt/src/module.ts` - Module integration - E2E tests for Nuxt 3 & 4
Adds [Nitro/Nuxt Cache API](https://nitro.build/guide/cache) instrumentation by building upon the storage instrumentation in #17858 since both use `unstorage` under the hood. #### How it works Nitro injects the cache storage on either `cache:` or the root mount depending on user configuration, also in production the `cache` storage is placed on the root mount unless the user configures it explicitly to redis or something else. We instrument both mount drivers to cover other cache use cases. --- I made sure to add e2e tests as well for `cachedEventListner` and `cachedFunction` calls which are the main ways to use the Cache API. This PR depends on the storage PR #17858. --------- Co-authored-by: Sigrid Huemer <32902192+s1gr1d@users.noreply.github.com>
### Problem When using Next.js 15 App Router with `next-intl` and `localePrefix: "as-needed"`, Web Vitals and transaction names were inconsistent across locales: - `/foo` (default locale, no prefix) → Transaction: `/:locale` ❌ - `/ar/foo` (non-default locale, with prefix) → Transaction: `/:locale/foo` ✅ This caused all default locale pages to collapse into a single `/:locale` transaction, making Web Vitals data unusable for apps with i18n routing. After investigation it seems like the route parameterization logic couldn't match `/foo` (1 segment) to the `/:locale/foo` pattern (expects 2 segments) because the locale prefix is omitted in default locale URLs. ### Solution Implemented enhanced route matching with automatic i18n prefix detection: 1. **Route Manifest Metadata** - Added `hasOptionalPrefix` flag to route info to identify routes with common i18n parameter names (`locale`, `lang`, `language`) 2. **Smart Fallback Matching** - When a route doesn't match directly, the matcher now tries prepending a placeholder segment for routes flagged with `hasOptionalPrefix` - Example: `/foo` → tries matching as `/PLACEHOLDER/foo` → matches `/:locale/foo` ✓ 3. **Updated Specificity Scoring** - changed route specificity calculation to prefer longer routes when dynamic segment counts are equal - Example: `/:locale/foo` (2 segments) now beats `/:locale` (1 segment) ### Result **After fix:** ``` URL: /foo → Transaction: /:locale/foo ✅ URL: /ar/foo → Transaction: /:locale/foo ✅ URL: /products → Transaction: /:locale/products ✅ URL: /ar/products → Transaction: /:locale/products ✅ ``` All routes now consistently use the same parameterized transaction name regardless of locale, making Web Vitals properly grouped and usable. ### Backwards Compatibility - No breaking changes - only applies when direct matching would fail - Only affects routes with first param named `locale`/`lang`/`language` - Non-i18n apps completely unaffected - Direct matches always take precedence over optional prefix matching Fixes #17775 --- Maybe we should make certain aspects of this configurable, like the `['locale', 'lang', 'language']` collection
This updates the TS version we use to 5.8.0. We still downlevel to 3.8 so this should not be breaking (even if we were to use newer features eventually), downlevel-dts will fail/or our tests anyhow if we use some features that cannot be downlevelled. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > Upgrade TypeScript to 5.8 across the repo, adjust tsconfigs and deps, and fix minor type issues to satisfy stricter checks. > > - **Tooling/Versions**: > - Bump `typescript` to `~5.8.0` and update version guard in `scripts/verify-packages-versions.js`. > - Update `yarn.lock` and package constraints; add new e2e app `dev-packages/e2e-tests/test-applications/generic-ts5.0`. > - **TS Configs**: > - Add `moduleResolution: "Node16"` in multiple `tsconfig.json` files and test configs. > - Add `@types/node` and include `"node"` in `types` where needed (e.g., Hydrogen test app). > - **Type/Code Adjustments**: > - Remove unnecessary casts and add explicit non-null assertions for `Map.keys().next().value`. > - Simplify handler registration (`handlers[type].push(handler)`), and minor TS cleanups in profiling/LRU/debug-id utilities. > - Cloudflare/Nuxt/SvelteKit: relax Request typing and use `@ts-expect-error` for `cf` init property; avoid unused CF type import. > - Next.js webpack: remove unnecessary non-null assertion when joining `appDirPath`. > - Remix: streamline FormData attribute handling and vendor instrumentation check. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 5ec5959. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: s1gr1d <sigrid.huemer@posteo.at>
- Supports providing a `proxy.ts` file for global middleware as `middleware.ts` will be deprecated with Next.js 16 - Forks Isolation Scope on span start in the edge SDK as we don't wrap middleware/proxy files anymore when using turbopack - Adds middleware e2e tests for next-16 closes #17894
This pull request introduces automatic instrumentation for database queries in Nuxt applications in server side handlers using Sentry. #### Implementation Details - Instruments database `.sql`, `.prepare` and `.exec` calls. - Adds breadcrumbs and spans following cloudflare's D1 implementation. This relies on the work done in #17858 and #17886
Change to record an outcome when failed to add to replay event buffer due to size limitations. This also moves up the `internal_sdk_error` outcome to be recorded before we stop the replay. Note we use the `buffer_overflow` outcome as it is the closest in meaning (source https://github.com/getsentry/snuba/blob/6c73be60716c2fb1c30ca627883207887c733cbd/rust_snuba/src/processors/outcomes.rs#L39)
Got inspired at jsconf to do some dep upgrades. There are no breaking changes for nodemon that affect us when going from v2 -> v3: https://github.com/remy/nodemon/releases
Test were failing due to missing value injection, because the bundler was incorrectly detected. We can rely on `process.env.TURBOPACK` being set, confirmed this with Vercel. So this PR - simplifies the bundler detection by just checking the env var - brings back webpack dev tests closes https://linear.app/getsentry/issue/FE-618/webpack-breaks-instrumentation-for-dev-mode-in-next-16
[Ember E2E tests fail](https://github.com/getsentry/sentry-javascript/actions/runs/18656635954/job/53191164591) with `util.isRegExp is not a function`. Apparently, this is a JSDoc/Node issue that was already resolved last year: jsdoc/jsdoc#2126 It is happening since the tests run with Node 24.10.0 instead of 22.20.0. The `isRegExp` API was removed from Node, so I updated the `clean-css` package as it's mentioned in the error stack. However, it could be that we either need to update `ember-cli` or just downgrade the node version for this test.
…17619) Adds the `trace` lifecycle mode and sends `profile_chunk` envelopes. Also adds test for either overlapping root spans (one chunk) or single root spans (multiple chunks). The "manual" mode comes in another PR to keep this from growing too large. **Browser trace-lifecycle profiler (v2):** - Starts when the first sampled root span starts - Stops when the last sampled root span ends - While running, periodically stops and restarts the JS self-profiling API to collect chunks **Profiles are emitted as standalone `profile_chunk` envelopes either when:** - there are no more sampled root spans, or - the 60s chunk timer elapses while profiling is running. **Handling never-ending root spans** In the trace lifecycle, profiling continues as long as a root span is active. To prevent profiling endlessly, each root span has its own profile timeout and is terminated if it is too long (5 minutes). If another root span is still active, profiling will continue regardless. part of #17279 <!-- CURSOR_SUMMARY --> --- > [!NOTE] > Adds UI profiling trace lifecycle mode that samples sessions, streams profile_chunk envelopes, and attaches thread data, with accompanying tests and type options. > > - **Browser Profiling (UI Profiling v2)**: > - Add `profileLifecycle: 'trace'` with session sampling via `profileSessionSampleRate`; defaults lifecycle to `manual` when unspecified. > - Stream profiling as `profile_chunk` envelopes; periodic chunking (60s) and 5‑min root-span timeout. > - New `BrowserTraceLifecycleProfiler` manages start/stop across root spans and chunk sending. > - Attach profiled thread data to events/spans; warn if trace mode without tracing. > - **Profiling Utils**: > - Convert JS self profile to continuous format; validate chunks; main/worker thread constants; helper to attach thread info. > - Split legacy logic: `hasLegacyProfiling`, `shouldProfileSpanLegacy`, `shouldProfileSession`. > - **Integration Changes**: > - Browser integration branches between legacy and trace lifecycle; adds `processEvent` to attach thread data. > - Minor fix in `startProfileForSpan` (processed profile handling). > - **Tests**: > - Add Playwright suites for trace lifecycle (multiple chunks, overlapping spans) and adjust legacy tests. > - Add unit tests for lifecycle behavior, warnings, profiler_id reuse, and option defaults. > - **Types/Config**: > - Extend `BrowserClientProfilingOptions` with `profileSessionSampleRate` and `profileLifecycle`; refine Node types docs. > - Size-limit: add entry for `@sentry/browser` incl. Tracing, Profiling (48 KB). > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 765f89d. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY -->
With the relay now handling cache token attributes (instead of scrubbing them), some Anthropic related token attributes were still missing. This PR adds the missing cache attributes and corrects the types in the Anthropic provider metadata used for extracting token data. Fixes: #17890
I did some benchmarking: - #15862 (comment) ``` ┌─────────┬─────────────────────────────────────────┬──────────────────┬──────────────────┬────────────────────────┬────────────────────────┬─────────┐ │ (index) │ Task name │ Latency avg (ns) │ Latency med (ns) │ Throughput avg (ops/s) │ Throughput med (ops/s) │ Samples │ ├─────────┼─────────────────────────────────────────┼──────────────────┼──────────────────┼────────────────────────┼────────────────────────┼─────────┤ │ 0 │ 'crypto.randomUUID()' │ '269.64 ± 0.24%' │ '250.00 ± 0.00' │ '3879372 ± 0.01%' │ '4000000 ± 0' │ 3708647 │ │ 1 │ 'crypto.randomUUID().replace(/-/g, "")' │ '445.09 ± 6.08%' │ '417.00 ± 0.00' │ '2377301 ± 0.01%' │ '2398082 ± 0' │ 2246729 │ │ 2 │ 'crypto.getRandomValues()' │ '32130 ± 9.11%' │ '28083 ± 834.00' │ '35202 ± 0.07%' │ '35609 ± 1076' │ 31124 │ │ 3 │ 'Math.random()' │ '1929.0 ± 1.02%' │ '1916.0 ± 42.00' │ '525124 ± 0.01%' │ '521921 ± 11413' │ 518396 │ │ 4 │ '@lukeed/uuid' │ '273.79 ± 0.07%' │ '250.00 ± 0.00' │ '3770742 ± 0.01%' │ '4000000 ± 0' │ 3652395 │ │ 5 │ '@lukeed/uuid (custom no hyphens)' │ '262.20 ± 5.68%' │ '250.00 ± 0.00' │ '4089440 ± 0.01%' │ '4000000 ± 0' │ 3813889 │ └─────────┴─────────────────────────────────────────┴──────────────────┴──────────────────┴────────────────────────┴────────────────────────┴─────────┘ ``` I found that in Node.js at least, getting a single byte via `crypto.getRandomValues()` is 10x slower than the `Math.random()` version so we should drop `getRandomValues` usage entirely. I also found that for the `Math.random()` fallback code, we generated the base starting string (`10000000100040008000100000000000`) on every call to `uuid4()`. If we cache this value we get a ~20% improvement in this path. In the browser `crypto.randomUUID()` is only available in secure contexts so our fallback code should have good performance too!
size-limit report 📦
|
node-overhead report 🧳Note: This is a synthetic benchmark with a minimal express app and does not necessarily reflect the real-world performance impact in an application.
|
JPeer264
force-pushed
the
prepare-release/10.21.0
branch
from
60acd7b to
5bc35a7
Compare
|
@AbhiPrasad good catch, I just rebased and added it to the CHANGELOG. |
AbhiPrasad
approved these changes
Oct 21, 2025
chargome
approved these changes
Oct 21, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
12 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.