Skip to content

deps(minimatch): Upgrade patch version to use new brace-expansion peer-dep#20198

Merged
s1gr1d merged 6 commits intodevelopfrom
sig/brace-expansion-update
Apr 28, 2026
Merged

deps(minimatch): Upgrade patch version to use new brace-expansion peer-dep#20198
s1gr1d merged 6 commits intodevelopfrom
sig/brace-expansion-update

Conversation

@s1gr1d
Copy link
Copy Markdown
Member

@s1gr1d s1gr1d commented Apr 10, 2026
edited
Loading

brace-expansion package causes zero-step sequence causes process hang and memory exhaustion (range: >=4.0.0 <5.0.5).

Updating the patch version of minimatch uses the newer version.

Related GHSA: GHSA-f886-m6hf-6m8v
Related issue (comment): #19447 (comment)

@s1gr1d s1gr1d requested a review from isaacs April 10, 2026 11:53
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 10, 2026
edited
Loading

Semver Impact of This PR

None (no version bump detected)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

New Features ✨

Core

  • Add enableTruncation option to Google GenAI integration by andreiborza in #20184
  • Add enableTruncation option to Anthropic AI integration by andreiborza in #20181
  • Add enableTruncation option to LangGraph integration by andreiborza in #20183
  • Add enableTruncation option to LangChain integration by andreiborza in #20182
  • Add enableTruncation option to OpenAI integration by andreiborza in #20167
  • Export a reusable function to add tracing headers by JPeer264 in #20076

Deps

  • Bump axios from 1.13.5 to 1.15.0 by dependabot in #20180
  • Bump hono from 4.12.7 to 4.12.12 by dependabot in #20118
  • Bump defu from 6.1.4 to 6.1.6 by dependabot in #20104

Other

  • (cloudflare) Propagate traceparent to RPC calls - via fetch by JPeer264 in #19991

Bug Fixes 🐛

  • (deno) Avoid inferring invalid span op from Deno tracer by Lms24 in #20128
  • (e2e) Add op check to waitForTransaction in React Router e2e tests by copilot-swe-agent in #20193

Internal Changes 🔧

Deps

  • Bump hono from 4.12.7 to 4.12.12 in /dev-packages/e2e-tests/test-applications/cloudflare-hono by dependabot in #20119
  • Bump axios from 1.13.5 to 1.15.0 in /dev-packages/e2e-tests/test-applications/nestjs-basic by dependabot in #20179

Other

  • (bugbot) Add rules to flag test-flake-provoking patterns by Lms24 in #20192
  • (deps-dev) Bump vite from 7.2.0 to 7.3.2 in /dev-packages/e2e-tests/test-applications/tanstackstart-react by dependabot in #20107
  • (react) Remove duplicated test mock by s1gr1d in #20200
  • (size-limit) Bump failing size limit scenario by Lms24 in #20186

Other

  • deps(minimatch): Upgrade patch version to use new brace-expansion peer-dep by s1gr1d in #20198

🤖 This preview updates automatically when you update the PR.

@s1gr1d s1gr1d mentioned this pull request Apr 10, 2026
Open
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 10, 2026
edited
Loading

size-limit report 📦

Path Size % Change Change
@sentry/browser 26.16 kB - -
@sentry/browser - with treeshaking flags 24.63 kB - -
@sentry/browser (incl. Tracing) 44.11 kB - -
@sentry/browser (incl. Tracing + Span Streaming) 46.16 kB - -
@sentry/browser (incl. Tracing, Profiling) 49.06 kB - -
@sentry/browser (incl. Tracing, Replay) 83.36 kB - -
@sentry/browser (incl. Tracing, Replay) - with treeshaking flags 72.84 kB - -
@sentry/browser (incl. Tracing, Replay with Canvas) 88.03 kB - -
@sentry/browser (incl. Tracing, Replay, Feedback) 100.69 kB - -
@sentry/browser (incl. Feedback) 43.4 kB - -
@sentry/browser (incl. sendFeedback) 30.96 kB - -
@sentry/browser (incl. FeedbackAsync) 36.14 kB - -
@sentry/browser (incl. Metrics) 27.44 kB - -
@sentry/browser (incl. Logs) 27.59 kB - -
@sentry/browser (incl. Metrics & Logs) 28.28 kB - -
@sentry/react 27.9 kB - -
@sentry/react (incl. Tracing) 46.35 kB - -
@sentry/vue 31.03 kB - -
@sentry/vue (incl. Tracing) 45.95 kB - -
@sentry/svelte 26.18 kB - -
CDN Bundle 28.84 kB - -
CDN Bundle (incl. Tracing) 46.71 kB - -
CDN Bundle (incl. Logs, Metrics) 30.25 kB - -
CDN Bundle (incl. Tracing, Logs, Metrics) 47.8 kB - -
CDN Bundle (incl. Replay, Logs, Metrics) 69.25 kB - -
CDN Bundle (incl. Tracing, Replay) 83.79 kB - -
CDN Bundle (incl. Tracing, Replay, Logs, Metrics) 84.86 kB - -
CDN Bundle (incl. Tracing, Replay, Feedback) 89.61 kB - -
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics) 90.7 kB - -
CDN Bundle - uncompressed 84.55 kB - -
CDN Bundle (incl. Tracing) - uncompressed 139.68 kB - -
CDN Bundle (incl. Logs, Metrics) - uncompressed 88.75 kB - -
CDN Bundle (incl. Tracing, Logs, Metrics) - uncompressed 143.14 kB - -
CDN Bundle (incl. Replay, Logs, Metrics) - uncompressed 212.39 kB - -
CDN Bundle (incl. Tracing, Replay) - uncompressed 257.17 kB - -
CDN Bundle (incl. Tracing, Replay, Logs, Metrics) - uncompressed 260.61 kB - -
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed 270.86 kB - -
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics) - uncompressed 274.3 kB - -
@sentry/nextjs (client) 48.84 kB - -
@sentry/sveltekit (client) 44.56 kB - -
@sentry/node-core 59 kB +0.02% +10 B 🔺
@sentry/node 170.11 kB +0.01% +12 B 🔺
@sentry/node - without tracing 97.81 kB +0.02% +12 B 🔺
@sentry/aws-serverless 114.53 kB +0.05% +49 B 🔺
@sentry/cloudflare (withSentry) - minified 164.13 kB - -
@sentry/cloudflare (withSentry) 415.2 kB - -

View base workflow run

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 10, 2026
edited
Loading

node-overhead report 🧳

Note: This is a synthetic benchmark with a minimal express app and does not necessarily reflect the real-world performance impact in an application.

Scenario Requests/s % of Baseline Prev. Requests/s Change %
GET Baseline 9,031 - 9,190 -2%
GET With Sentry 1,721 19% 1,711 +1%
GET With Sentry (error only) 5,975 66% 6,115 -2%
POST Baseline 1,191 - 1,202 -1%
POST With Sentry 595 50% 584 +2%
POST With Sentry (error only) 1,036 87% 1,032 +0%
MYSQL Baseline 3,170 - 3,247 -2%
MYSQL With Sentry 490 15% 431 +14%
MYSQL With Sentry (error only) 2,613 82% 2,603 +0%

View base workflow run

@s1gr1d s1gr1d mentioned this pull request Apr 10, 2026
Closed
isaacs
isaacs approved these changes Apr 21, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@isaacs isaacs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@s1gr1d s1gr1d enabled auto-merge (squash) April 22, 2026 09:08
@s1gr1d s1gr1d merged commit 7b6325a into develop Apr 28, 2026
252 of 255 checks passed
@s1gr1d s1gr1d deleted the sig/brace-expansion-update branch April 28, 2026 14:37
@sentry-release-bot sentry-release-bot Bot mentioned this pull request Apr 29, 2026
Closed
47 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@isaacs isaacs isaacs approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@s1gr1d @isaacs