fix(core): Record client report with reason for HTTP 413 responses

[logaretm]

Implements handling of HTTP 413 (Content Too Large) responses in the base transport according to the updated SDK spec.

• Detect 413 status code in transport response handling
• Record client reports with send_error discard reason for all envelope items
• Log an error message informing users that the envelope was discarded due to size limits
• Skip rate limit updates for 413 responses (not a rate limit scenario)

Closes #18935

[linear]

JS-1531 SDK Handling HTTP 413 [JavaScript]

[Copilot]

Pull request overview

This PR implements proper handling for HTTP 413 (Content Too Large) responses from Relay, aligning with the updated SDK specification. When an envelope exceeds size limits, the SDK now records client reports with the send_error discard reason and logs a clear error message for users.

Changes:

• Added 413 status code detection in the base transport's response handler
• Records client reports with send_error reason for all envelope items (except client reports themselves to avoid feedback loops)
• Logs an informative error message when envelopes are rejected due to size limits
• Ensures 413 responses don't trigger rate limiting behavior (early return before rate limit update)

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
packages/core/src/transports/base.ts	Added HTTP 413 status code handling with client report recording and error logging, positioned before rate limit updates
packages/core/test/lib/transports/base.test.ts	Added comprehensive test suite covering single/multi-item envelopes, client report handling, and no rate limiting verification

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

size-limit report 📦

Path	Size	% Change	Change
@sentry/browser	25.4 kB	+0.19%	+46 B 🔺
@sentry/browser - with treeshaking flags	23.85 kB	-0.02%	-4 B 🔽
@sentry/browser (incl. Tracing)	42.21 kB	+0.1%	+41 B 🔺
@sentry/browser (incl. Tracing, Profiling)	46.85 kB	+0.09%	+42 B 🔺
@sentry/browser (incl. Tracing, Replay)	80.83 kB	+0.06%	+46 B 🔺
@sentry/browser (incl. Tracing, Replay) - with treeshaking flags	70.44 kB	-0.01%	-1 B 🔽
@sentry/browser (incl. Tracing, Replay with Canvas)	85.54 kB	+0.06%	+45 B 🔺
@sentry/browser (incl. Tracing, Replay, Feedback)	97.73 kB	+0.05%	+46 B 🔺
@sentry/browser (incl. Feedback)	42.12 kB	+0.11%	+45 B 🔺
@sentry/browser (incl. sendFeedback)	30.09 kB	+0.15%	+45 B 🔺
@sentry/browser (incl. FeedbackAsync)	35.08 kB	+0.13%	+45 B 🔺
@sentry/browser (incl. Metrics)	26.5 kB	+0.14%	+37 B 🔺
@sentry/browser (incl. Logs)	26.66 kB	+0.18%	+47 B 🔺
@sentry/browser (incl. Metrics & Logs)	27.32 kB	+0.18%	+49 B 🔺
@sentry/react	27.13 kB	+0.16%	+43 B 🔺
@sentry/react (incl. Tracing)	44.45 kB	+0.11%	+45 B 🔺
@sentry/vue	29.83 kB	+0.15%	+43 B 🔺
@sentry/vue (incl. Tracing)	44 kB	+0.1%	+43 B 🔺
@sentry/svelte	25.41 kB	+0.19%	+46 B 🔺
CDN Bundle	27.94 kB	+0.07%	+18 B 🔺
CDN Bundle (incl. Tracing)	42.98 kB	+0.05%	+19 B 🔺
CDN Bundle (incl. Logs, Metrics)	28.78 kB	+0.06%	+16 B 🔺
CDN Bundle (incl. Tracing, Logs, Metrics)	43.8 kB	+0.05%	+19 B 🔺
CDN Bundle (incl. Replay, Logs, Metrics)	67.72 kB	+0.04%	+22 B 🔺
CDN Bundle (incl. Tracing, Replay)	79.71 kB	+0.03%	+19 B 🔺
CDN Bundle (incl. Tracing, Replay, Logs, Metrics)	80.58 kB	+0.03%	+18 B 🔺
CDN Bundle (incl. Tracing, Replay, Feedback)	85.16 kB	+0.02%	+14 B 🔺
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics)	86.09 kB	+0.03%	+19 B 🔺
CDN Bundle - uncompressed	81.73 kB	+0.05%	+39 B 🔺
CDN Bundle (incl. Tracing) - uncompressed	127.27 kB	+0.04%	+39 B 🔺
CDN Bundle (incl. Logs, Metrics) - uncompressed	84.56 kB	+0.05%	+39 B 🔺
CDN Bundle (incl. Tracing, Logs, Metrics) - uncompressed	130.1 kB	+0.03%	+39 B 🔺
CDN Bundle (incl. Replay, Logs, Metrics) - uncompressed	207.94 kB	+0.02%	+39 B 🔺
CDN Bundle (incl. Tracing, Replay) - uncompressed	243.87 kB	+0.02%	+39 B 🔺
CDN Bundle (incl. Tracing, Replay, Logs, Metrics) - uncompressed	246.69 kB	+0.02%	+39 B 🔺
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	256.67 kB	+0.02%	+39 B 🔺
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics) - uncompressed	259.48 kB	+0.02%	+39 B 🔺
@sentry/nextjs (client)	46.8 kB	+0.08%	+37 B 🔺
@sentry/sveltekit (client)	42.58 kB	+0.11%	+43 B 🔺
@sentry/node-core	52.15 kB	+0.09%	+46 B 🔺
@sentry/node	166.16 kB	+0.04%	+51 B 🔺
@sentry/node - without tracing	93.91 kB	+0.06%	+53 B 🔺
@sentry/aws-serverless	109.43 kB	+0.05%	+49 B 🔺

View base workflow run

[github-actions]

node-overhead report 🧳

Note: This is a synthetic benchmark with a minimal express app and does not necessarily reflect the real-world performance impact in an application.

Scenario	Requests/s	% of Baseline	Prev. Requests/s	Change %
GET Baseline	8,779	-	9,248	-5%
GET With Sentry	1,551	18%	1,733	-11%
GET With Sentry (error only)	5,962	68%	6,010	-1%
POST Baseline	1,182	-	1,182	-
POST With Sentry	575	49%	587	-2%
POST With Sentry (error only)	1,038	88%	1,033	+0%
MYSQL Baseline	3,233	-	3,299	-2%
MYSQL With Sentry	387	12%	427	-9%
MYSQL With Sentry (error only)	2,597	80%	2,615	-1%

View base workflow run

[Lms24]

super-l: Suggestion for a follow-up: Do you think we could save some bytes here by combining the two debug warns (the one added here and the one below)? I think we could even guard the entire if block in line 87 with DEBUG_BUILD which should shake out some more bytes. We can check that when running size checks in the PR and looking at the non-debug CDN bundles. Feel free to disregard!

[logaretm]

I added a check to treeshake the block down there, but could not refactor the message in a way that saves up some byte, since both messages will get dropped if debug is disabled.