Update dependency @sentry/node to v10.27.0 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@sentry/node (source)	10.15.0 -> 10.27.0

GitHub Vulnerability Alerts

CVE-2025-65944

Impact

When a Node.js application using the Sentry SDK has sendDefaultPii: true it is possible to inadvertently send certain sensitive HTTP headers, including the Cookie header, to Sentry. Those headers would be stored within the Sentry organization as part of the associated trace. A person with access to the Sentry organization could then view and use these sensitive values to impersonate or escalate their privileges within a user's application.

Users may be impacted if:

1. The Sentry SDK configuration has sendDefaultPii set to true
2. The application uses one of the Node.js Sentry SDKs with version from 10.11.0 to 10.26.0 inclusively:

• @​sentry/astro
• @​sentry/aws-serverless
• @​sentry/bun
• @​sentry/google-cloud-serverless
• @​sentry/nestjs
• @​sentry/nextjs
• @​sentry/node
• @​sentry/node-core
• @​sentry/nuxt
• @​sentry/remix
• @​sentry/solidstart
• @​sentry/sveltekit

Users can check if their project was affected, by visiting Explore → Traces and searching for “http.request.header.authorization”, “http.request.header.cookie” or similar. Any potentially sensitive values will be specific to the users' applications and configurations.

Patches

The issue has been patched in all Sentry JavaScript SDKs starting from the 10.27.0 version.

Workarounds

Sentry strongly encourages customers to upgrade the SDK to the latest available version, 10.27.0 or later.
If it is not possible, consider setting sendDefaultPii: false to avoid unintentionally sending sensitive headers. See here for documentation.

Resources

• https://develop.sentry.dev/sdk/expected-features/data-handling/#sensitive-data
• https://github.com/getsentry/sentry-javascript/releases/tag/10.11.0
• https://github.com/getsentry/sentry-javascript/pull/17475
• https://docs.sentry.io/platforms/javascript/guides/node/data-management/data-collected/#cookies

---

Release Notes

getsentry/sentry-javascript (@​sentry/node)

v10.27.0

Compare Source

Important Changes

• feat(deps): Bump OpenTelemetry (#​18239)

  • Bump @​opentelemetry/context-async-hooks from ^2.1.0 to ^2.2.0
  • Bump @​opentelemetry/core from ^2.1.0 to ^2.2.0
  • Bump @​opentelemetry/resources from ^2.1.0 to ^2.2.0
  • Bump @​opentelemetry/sdk-trace-base from ^2.1.0 to ^2.2.0
  • Bump @​opentelemetry/sdk-trace-node from ^2.1.0 to ^2.2.0
  • Bump @​opentelemetry/instrumentation from 0.204.0 to 0.208.0
  • Bump @​opentelemetry/instrumentation-amqplib from 0.51.0 to 0.55.0
  • Bump @​opentelemetry/instrumentation-aws-sdk from 0.59.0 to 0.64.0
  • Bump @​opentelemetry/instrumentation-connect from 0.48.0 to 0.52.0
  • Bump @​opentelemetry/instrumentation-dataloader from 0.22.0 to 0.26.0
  • Bump @​opentelemetry/instrumentation-express from 0.53.0 to 0.57.0
  • Bump @​opentelemetry/instrumentation-fs from 0.24.0 to 0.28.0
  • Bump @​opentelemetry/instrumentation-generic-pool from 0.48.0 to 0.52.0
  • Bump @​opentelemetry/instrumentation-graphql from 0.52.0 to 0.56.0
  • Bump @​opentelemetry/instrumentation-hapi from 0.51.0 to 0.55.0
  • Bump @​opentelemetry/instrumentation-http from 0.204.0 to 0.208.0
  • Bump @​opentelemetry/instrumentation-ioredis from 0.52.0 to 0.56.0
  • Bump @​opentelemetry/instrumentation-kafkajs from 0.14.0 to 0.18.0
  • Bump @​opentelemetry/instrumentation-knex from 0.49.0 to 0.53.0
  • Bump @​opentelemetry/instrumentation-koa from 0.52.0 to 0.57.0
  • Bump @​opentelemetry/instrumentation-lru-memoizer from 0.49.0 to 0.53.0
  • Bump @​opentelemetry/instrumentation-mongodb from 0.57.0 to 0.61.0
  • Bump @​opentelemetry/instrumentation-mongoose from 0.51.0 to 0.55.0
  • Bump @​opentelemetry/instrumentation-mysql from 0.50.0 to 0.54.0
  • Bump @​opentelemetry/instrumentation-mysql2 from 0.51.0 to 0.55.0
  • Bump @​opentelemetry/instrumentation-nestjs-core from 0.50.0 to 0.55.0
  • Bump @​opentelemetry/instrumentation-pg from 0.57.0 to 0.61.0
  • Bump @​opentelemetry/instrumentation-redis from 0.53.0 to 0.57.0
  • Bump @​opentelemetry/instrumentation-tedious from 0.23.0 to 0.27.0
  • Bump @​opentelemetry/instrumentation-undici from 0.15.0 to 0.19.0
  • Bump @​prisma/instrumentation from 6.15.0 to 6.19.0

• feat(browserprofiling): Add manual mode and deprecate old profiling (#​18189)

  Adds the manual lifecycle mode for UI profiling (the default mode), allowing profiles to be captured manually with Sentry.uiProfiler.startProfiler() and Sentry.uiProfiler.stopProfiler().
  The previous transaction-based profiling is with profilesSampleRate is now deprecated in favor of the new UI Profiling with profileSessionSampleRate.

Other Changes

• feat(core): Add gibibyte and pebibyte to InformationUnit type (#​18241)
• feat(core): Add scope attribute APIs (#​18165)
• feat(core): Re-add _experiments.enableLogs option (#​18299)
• feat(core): Use maxValueLength on error messages (#​18301)
• feat(deps): bump @​sentry/bundler-plugin-core from 4.3.0 to 4.6.1 (#​18273)
• feat(deps): bump @​sentry/cli from 2.56.0 to 2.58.2 (#​18271)
• feat(node): Add tracing support for AzureOpenAI (#​18281)
• feat(node): Fix local variables capturing for out-of-app frames (#​18245)
• fix(core): Add a PromiseBuffer for incoming events on the client (#​18120)
• fix(core): Always redact content of sensitive headers regardless of sendDefaultPii (#​18311)
• fix(metrics): Update return type of beforeSendMetric (#​18261)
• fix(nextjs): universal random tunnel path support (#​18257)
• ref(react): Add more guarding against wildcards in lazy route transactions (#​18155)
• chore(deps): bump glob from 11.0.1 to 11.1.0 in /packages/react-router (#​18243)

Internal Changes

- build(deps): bump hono from 4.9.7 to 4.10.3 in /dev-packages/e2e-tests/test-applications/cloudflare-hono ([#​18038](https://redirect.github.com/getsentry/sentry-javascript/pull/18038)) - chore: Add `bump_otel_instrumentations` cursor command ([#​18253](https://redirect.github.com/getsentry/sentry-javascript/pull/18253)) - chore: Add external contributor to CHANGELOG.md ([#​18297](https://redirect.github.com/getsentry/sentry-javascript/pull/18297)) - chore: Add external contributor to CHANGELOG.md ([#​18300](https://redirect.github.com/getsentry/sentry-javascript/pull/18300)) - chore: Do not update opentelemetry ([#​18254](https://redirect.github.com/getsentry/sentry-javascript/pull/18254)) - chore(angular): Add Angular 21 Support ([#​18274](https://redirect.github.com/getsentry/sentry-javascript/pull/18274)) - chore(deps): bump astro from 4.16.18 to 5.15.9 in /dev-packages/e2e-tests/test-applications/cloudflare-astro ([#​18259](https://redirect.github.com/getsentry/sentry-javascript/pull/18259)) - chore(dev-deps): Update some dev dependencies ([#​17816](https://redirect.github.com/getsentry/sentry-javascript/pull/17816)) - ci(deps): Bump actions/create-github-app-token from 2.1.1 to 2.1.4 ([#​17825](https://redirect.github.com/getsentry/sentry-javascript/pull/17825)) - ci(deps): bump actions/setup-node from 4 to 6 ([#​18077](https://redirect.github.com/getsentry/sentry-javascript/pull/18077)) - ci(deps): bump actions/upload-artifact from 4 to 5 ([#​18075](https://redirect.github.com/getsentry/sentry-javascript/pull/18075)) - ci(deps): bump github/codeql-action from 3 to 4 ([#​18076](https://redirect.github.com/getsentry/sentry-javascript/pull/18076)) - doc(sveltekit): Update documentation link for SvelteKit guide ([#​18298](https://redirect.github.com/getsentry/sentry-javascript/pull/18298)) - test(e2e): Fix astro config in test app ([#​18282](https://redirect.github.com/getsentry/sentry-javascript/pull/18282)) - test(nextjs): Remove debug logs from e2e test ([#​18250](https://redirect.github.com/getsentry/sentry-javascript/pull/18250))

Work in this release was contributed by @​bignoncedric and @​adam-kov. Thank you for your contributions!

Bundle size 📦

Path	Size
@​sentry/browser	24.22 KB
@​sentry/browser - with treeshaking flags	22.76 KB
@​sentry/browser (incl. Tracing)	40.57 KB
@​sentry/browser (incl. Tracing, Profiling)	45.05 KB
@​sentry/browser (incl. Tracing, Replay)	78.08 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	68.05 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	82.65 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	94.61 KB
@​sentry/browser (incl. Feedback)	40.51 KB
@​sentry/browser (incl. sendFeedback)	28.8 KB
@​sentry/browser (incl. FeedbackAsync)	33.62 KB
@​sentry/react	25.9 KB
@​sentry/react (incl. Tracing)	42.71 KB
@​sentry/vue	28.56 KB
@​sentry/vue (incl. Tracing)	42.32 KB
@​sentry/svelte	24.24 KB
CDN Bundle	26.53 KB
CDN Bundle (incl. Tracing)	41.18 KB
CDN Bundle (incl. Tracing, Replay)	76.85 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	82.18 KB
CDN Bundle - uncompressed	77.97 KB
CDN Bundle (incl. Tracing) - uncompressed	122.28 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	235.6 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	248.06 KB
@​sentry/nextjs (client)	44.88 KB
@​sentry/sveltekit (client)	40.92 KB
@​sentry/node-core	49.99 KB
@​sentry/node	155.51 KB
@​sentry/node - without tracing	90.65 KB
@​sentry/aws-serverless	105.54 KB

v10.26.0

Compare Source

Important Changes

• feat(core): Instrument LangGraph Agent (#​18114)

Adds support for instrumenting LangGraph StateGraph operations in Node. The LangGraph integration can be configured as follows:

Sentry.init({
  dsn: '__DSN__',
  sendDefaultPii: false, // Even with PII disabled globally
  integrations: [
    Sentry.langGraphIntegration({
      recordInputs: true, // Force recording input messages
      recordOutputs: true, // Force recording response text
    }),
  ],
});

• feat(cloudflare/vercel-edge): Add manual instrumentation for LangGraph (#​18112)

Instrumentation for LangGraph in Cloudflare Workers and Vercel Edge environments is supported by manually calling instrumentLangGraph:

import * as Sentry from '@​sentry/cloudflare'; // or '@​sentry/vercel-edge'
import { StateGraph, START, END, MessagesAnnotation } from '@​langchain/langgraph';

// Create and instrument the graph
const graph = new StateGraph(MessagesAnnotation)
  .addNode('agent', agentFn)
  .addEdge(START, 'agent')
  .addEdge('agent', END);

Sentry.instrumentLangGraph(graph, {
  recordInputs: true,
  recordOutputs: true,
});

const compiled = graph.compile({ name: 'weather_assistant' });

await compiled.invoke({
  messages: [{ role: 'user', content: 'What is the weather in SF?' }],
});

• feat(node): Add OpenAI SDK v6 support (#​18244)

Other Changes

• feat(core): Support OpenAI embeddings API (#​18224)
• feat(browser-utils): bump web-vitals to 5.1.0 (#​18091)
• feat(core): Support truncation for LangChain integration request messages (#​18157)
• feat(metrics): Add default server.address attribute on server runtimes (#​18242)
• feat(nextjs): Add URL to server-side transaction events (#​18230)
• feat(node-core): Add mechanism to prevent wrapping ai providers multiple times(#​17972)
• feat(replay): Bump limit for minReplayDuration (#​18190)
• fix(browser): Add ok status to successful idleSpans (#​18139)
• fix(core): Check fetch support with data URL (#​18225)
• fix(core): Decrease number of Sentry stack frames for messages from captureConsoleIntegration (#​18096)
• fix(core): Emit processed metric (#​18222)
• fix(core): Ensure logs past MAX_LOG_BUFFER_SIZE are not swallowed (#​18207)
• fix(core): Ensure metrics past MAX_METRIC_BUFFER_SIZE are not swallowed (#​18212)
• fix(core): Fix logs and metrics flush timeout starvation with continuous logging (#​18211)
• fix(core): Flatten gen_ai.request.available_tools in google-genai (#​18194)
• fix(core): Stringify available tools sent from vercelai (#​18197)
• fix(core/vue): Detect and skip normalizing Vue VNode objects with high normalizeDepth (#​18206)
• fix(nextjs): Avoid wrapping middleware files when in standalone mode (#​18172)
• fix(nextjs): Drop meta trace tags if rendered page is ISR (#​18192)
• fix(nextjs): Respect PORT variable for dev error symbolication (#​18227)
• fix(nextjs): use LRU map instead of map for ISR route cache (#​18234)
• fix(node): tracingChannel export missing in older node versions (#​18191)
• fix(node): Fix Spotlight configuration precedence to match specification (#​18195)
• fix(react): Prevent navigation span leaks for consecutive navigations (#​18098)
• ref(react-router): Deprecate ErrorBoundary exports (#​18208)

Internal Changes

• chore: Fix missing changelog quote we use for attribution placement (#​18237)
• chore: move tip about prioritizing issues (#​18071)
• chore(e2e): Pin @embroider/addon-shim to 1.10.0 for the e2e ember-embroider (#​18173)
• chore(react-router): Fix casing on deprecation notices (#​18221)
• chore(test): Use correct testTimeout field in bundler-tests vitest config
• chore(e2e): Bump zod in e2e tests (#​18251)
• test(browser-integration): Fix incorrect tag value assertions (#​18162)
• test(profiling): Add test utils to validate Profile Chunk envelope (#​18170)
• ref(e2e-ember): Remove @embroider/addon-shim override (#​18180)
• ref(browser): Move trace lifecycle listeners to class function (#​18231)
• ref(browserprofiling): Move and rename profiler class to UIProfiler (#​18187)
• ref(core): Move ai integrations from utils to tracing (#​18185)
• ref(core): Optimize Scope.setTag bundle size and adjust test (#​18182)

v10.25.0

Compare Source

v10.24.0

Compare Source

Important Changes

• feat(metrics): Add top level option enableMetrics and beforeSendMetric (#​18088)

  This PR moves enableMetrics and beforeSendMetric out of the _experiments options.
  The metrics feature will now be enabled by default (none of our integrations will auto-emit metrics as of now), but you can disable sending metrics via enableMetrics: false.
  Metric options within _experiments got deprecated but will still work as of now, they will be removed with the next major version of our SDKs.

Other Changes

• feat(aws): Add SENTRY_LAYER_EXTENSION to configure using the lambda layer extension via env variables (#​18101)
• feat(core): Include all exception object keys instead of truncating (#​18044)
• feat(metrics)!: Update types (#​17907)
• feat(replay): ignore background-image when blockAllMedia is enabled (#​18019)
• fix(nextjs): Delete css map files (#​18131)
• fix(nextjs): Stop accessing sync props in template (#​18113)

Internal Changes

• chore: X handle update (#​18117)
• chore(eslint): Add eslint-plugin-regexp rule (dev-packages) (#​18063)
• test(next): fix flakey tests (#​18100)
• test(node-core): Proof that withMonitor doesn't create a new trace (#​18057)

Bundle size 📦

Path	Size
@​sentry/browser	24.02 KB
@​sentry/browser - with treeshaking flags	22.54 KB
@​sentry/browser (incl. Tracing)	40.26 KB
@​sentry/browser (incl. Tracing, Profiling)	44.43 KB
@​sentry/browser (incl. Tracing, Replay)	77.83 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	67.75 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	82.42 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	94.3 KB
@​sentry/browser (incl. Feedback)	40.3 KB
@​sentry/browser (incl. sendFeedback)	28.58 KB
@​sentry/browser (incl. FeedbackAsync)	33.39 KB
@​sentry/react	25.68 KB
@​sentry/react (incl. Tracing)	42.2 KB
@​sentry/vue	28.39 KB
@​sentry/vue (incl. Tracing)	41.99 KB
@​sentry/svelte	24.03 KB
CDN Bundle	26.26 KB
CDN Bundle (incl. Tracing)	40.79 KB
CDN Bundle (incl. Tracing, Replay)	76.46 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	81.81 KB
CDN Bundle - uncompressed	77 KB
CDN Bundle (incl. Tracing) - uncompressed	121.06 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	234.37 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	246.83 KB
@​sentry/nextjs (client)	44.25 KB
@​sentry/sveltekit (client)	40.63 KB
@​sentry/node-core	49.57 KB
@​sentry/node	154.12 KB
@​sentry/node - without tracing	90.46 KB
@​sentry/aws-serverless	103.91 KB

v10.23.0

Compare Source

• feat(core): Send user-agent header with envelope requests in server SDKs (#​17929)
• feat(browser): Limit transport buffer size (#​18046)
• feat(core): Remove default value of maxValueLength: 250 (#​18043)
• feat(react-router): Align options with shared build time options type (#​18014)
• fix(browser-utils): cache element names for INP (#​18052)
• fix(browser): Capture unhandled rejection errors for web worker integration (#​18054)
• fix(cloudflare): Ensure types for cloudflare handlers (#​18064)
• fix(nextjs): Update proxy template wrapping (#​18086)
• fix(nuxt): Added top-level fallback exports (#​18083)
• fix(nuxt): check for H3 error cause before re-capturing (#​18035)
• fix(replay): Linked errors not resetting session id (#​17854)
• fix(tracemetrics): Bump metrics buffer to 1k (#​18039)
• fix(vue): Make options parameter optional on attachErrorHandler (#​18072)
• ref(core): Set span status internal_error instead of unknown_error (#​17909)

Internal Changes

• fix(tests): un-override nitro dep version for nuxt-3 test (#​18056)
• fix(e2e): Add p-map override to fix React Router 7 test builds (#​18068)
• feat: Add a note to save changes before starting (#​17987)
• test(browser): Add test for INP target name after navigation or DOM changes (#​18033)
• chore: Add external contributor to CHANGELOG.md (#​18032)
• chore(aws-serverless): Fix typo in timeout warning function name (#​18031)
• chore(browser): upgrade fake-indexeddb to v6 (#​17975)
• chore(tests): pass test flags through to the test command (#​18062)

Work in this release was contributed by @​hanseo0507. Thank you for your contribution!

Bundle size 📦

Path	Size
@​sentry/browser	24.06 KB
@​sentry/browser - with treeshaking flags	22.58 KB
@​sentry/browser (incl. Tracing)	40.29 KB
@​sentry/browser (incl. Tracing, Profiling)	44.47 KB
@​sentry/browser (incl. Tracing, Replay)	77.64 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	67.58 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	82.23 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	94.12 KB
@​sentry/browser (incl. Feedback)	40.34 KB
@​sentry/browser (incl. sendFeedback)	28.62 KB
@​sentry/browser (incl. FeedbackAsync)	33.44 KB
@​sentry/react	25.71 KB
@​sentry/react (incl. Tracing)	42.23 KB
@​sentry/vue	28.45 KB
@​sentry/vue (incl. Tracing)	42.04 KB
@​sentry/svelte	24.07 KB
CDN Bundle	26.27 KB
CDN Bundle (incl. Tracing)	40.82 KB
CDN Bundle (incl. Tracing, Replay)	76.24 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	81.6 KB
CDN Bundle - uncompressed	77.04 KB
CDN Bundle (incl. Tracing) - uncompressed	121.1 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	233.6 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	246.06 KB
@​sentry/nextjs (client)	44.3 KB
@​sentry/sveltekit (client)	40.69 KB
@​sentry/node-core	49.62 KB
@​sentry/node	154.18 KB
@​sentry/node - without tracing	90.52 KB
@​sentry/aws-serverless	103.93 KB

v10.22.0

Compare Source

Important Changes

• feat(node): Instrument cloud functions for firebase v2 (#​17952)

  We added instrumentation for Cloud Functions for Firebase v2, enabling automatic performance tracking and error monitoring. This will be added automatically if you have enabled tracing.

• feat(core): Instrument LangChain AI (#​17955)

  Instrumentation was added for LangChain AI operations. You can configure what is recorded like this:

  Sentry.init({
    integrations: [
      Sentry.langChainIntegration({
        recordInputs: true, // Record prompts/messages
        recordOutputs: true, // Record responses
      }),
    ],
  });

Other Changes

• feat(cloudflare,vercel-edge): Add support for LangChain instrumentation (#​17986)
• feat: Align sentry origin with documentation (#​17998)
• feat(core): Truncate request messages in AI integrations (#​17921)
• feat(nextjs): Support node runtime on proxy files (#​17995)
• feat(node): Pass requestHook and responseHook option to OTel (#​17996)
• fix(core): Fix wrong async types when instrumenting anthropic's stream api (#​18007)
• fix(nextjs): Remove usage of chalk to avoid runtime errors (#​18010)
• fix(node): Pino capture serialized err (#​17999)
• fix(node): Pino child loggers (#​17934)
• fix(react): Don't trim index route / when getting pathname (#​17985)
• fix(react): Patch spanEnd for potentially cancelled lazy-route transactions (#​17962)

Internal Changes

• chore: Add required size_check for GH Actions (#​18009)
• chore: Upgrade madge to v8 (#​17957)
• test(hono): Fix hono e2e tests (#​18000)
• test(react-router): Fix getMetaTagTransformer tests for Vitest compatibility (#​18013)
• test(react): Add parameterized route tests for createHashRouter (#​17789)

Bundle size 📦

Path	Size
@​sentry/browser	24.05 KB
@​sentry/browser - with treeshaking flags	22.57 KB
@​sentry/browser (incl. Tracing)	40.01 KB
@​sentry/browser (incl. Tracing, Profiling)	44.2 KB
@​sentry/browser (incl. Tracing, Replay)	77.43 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	67.36 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	82.02 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	93.9 KB
@​sentry/browser (incl. Feedback)	40.33 KB
@​sentry/browser (incl. sendFeedback)	28.61 KB
@​sentry/browser (incl. FeedbackAsync)	33.42 KB
@​sentry/react	25.69 KB
@​sentry/react (incl. Tracing)	41.96 KB
@​sentry/vue	28.43 KB
@​sentry/vue (incl. Tracing)	41.75 KB
@​sentry/svelte	24.06 KB
CDN Bundle	26.27 KB
CDN Bundle (incl. Tracing)	40.65 KB
CDN Bundle (incl. Tracing, Replay)	76.05 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	81.39 KB
CDN Bundle - uncompressed	77.01 KB
CDN Bundle (incl. Tracing) - uncompressed	120.55 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	232.89 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	245.35 KB
@​sentry/nextjs (client)	44.05 KB
@​sentry/sveltekit (client)	40.43 KB
@​sentry/node-core	49.56 KB
@​sentry/node	154.11 KB
@​sentry/node - without tracing	90.46 KB
@​sentry/aws-serverless	103.86 KB

v10.21.0

Compare Source

Important Changes

• feat(browserProfiling): Add trace lifecycle mode for UI profiling (#​17619)

  Adds a new trace lifecycle mode for UI profiling, allowing profiles to be captured for the duration of a trace. A manual mode will be added in a future release.

• feat(nuxt): Instrument Database (#​17899)

  Adds instrumentation for Nuxt database operations, enabling better performance tracking of database queries.

• feat(nuxt): Instrument server cache API (#​17886)

  Adds instrumentation for Nuxt's server cache API, providing visibility into cache operations.

• feat(nuxt): Instrument storage API (#​17858)

  Adds instrumentation for Nuxt's storage API, enabling tracking of storage operations.

Other Changes

• feat(browser): Add onRequestSpanEnd hook to browser tracing integration (#​17884)
• feat(nextjs): Support Next.js proxy files (#​17926)
• feat(replay): Record outcome when event buffer size exceeded (#​17946)
• fix(cloudflare): copy execution context in durable objects and handlers (#​17786)
• fix(core): Fix and add missing cache attributes in Vercel AI (#​17982)
• fix(core): Improve uuid performance (#​17938)
• fix(ember): Use updated version for clean-css (#​17979)
• fix(nextjs): Don't set experimental instrumentation hook flag for next 16 (#​17978)
• fix(nextjs): Inconsistent transaction naming for i18n routing (#​17927)
• fix(nextjs): Update bundler detection (#​17976)

Internal Changes

• build: Update to typescript 5.8.0 (#​17710)
• chore: Add external contributor to CHANGELOG.md (#​17949)
• chore(build): Upgrade nodemon to 3.1.10 (#​17956)
• chore(ci): Fix external contributor action when multiple contributions existed (#​17950)
• chore(solid): Remove unnecessary import from README (#​17947)
• test(nextjs): Fix proxy/middleware test (#​17970)

Work in this release was contributed by @​0xbad0c0d3. Thank you for your contribution!

Bundle size 📦

Path	Size
@​sentry/browser	24.05 KB
@​sentry/browser - with treeshaking flags	22.57 KB
@​sentry/browser (incl. Tracing)	40.01 KB
@​sentry/browser (incl. Tracing, Profiling)	44.2 KB
@​sentry/browser (incl. Tracing, Replay)	77.43 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	67.36 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	82.02 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	93.9 KB
@​sentry/browser (incl. Feedback)	40.33 KB
@​sentry/browser (incl. sendFeedback)	28.61 KB
@​sentry/browser (incl. FeedbackAsync)	33.42 KB
@​sentry/react	25.69 KB
@​sentry/react (incl. Tracing)	41.96 KB
@​sentry/vue	28.43 KB
@​sentry/vue (incl. Tracing)	41.75 KB
@​sentry/svelte	24.06 KB
CDN Bundle	26.27 KB
CDN Bundle (incl. Tracing)	40.65 KB
CDN Bundle (incl. Tracing, Replay)	76.05 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	81.39 KB
CDN Bundle - uncompressed	77.01 KB
CDN Bundle (incl. Tracing) - uncompressed	120.55 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	232.89 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	245.35 KB
@​sentry/nextjs (client)	44.05 KB
@​sentry/sveltekit (client)	40.43 KB
@​sentry/node-core	49.56 KB
@​sentry/node	150.82 KB
@​sentry/node - without tracing	90.44 KB
@​sentry/aws-serverless	103.84 KB

v10.20.0

Compare Source

Important Changes

• feat(flags): Add Growthbook integration (#​17440)

  Adds a new Growthbook integration for feature flag support.

• feat(solid): Add support for TanStack Router Solid (#​17735)

  Adds support for TanStack Router in the Solid SDK, enabling better routing instrumentation for Solid applications.

• feat(nextjs): Support native debugIds in turbopack (#​17853)

  Adds support for native Debug IDs in Turbopack, improving source map resolution and error tracking for Next.js applications using Turbopack. Native Debug ID generation will be enabled automatically for compatible versions.

Other Changes

• feat(nextjs): Prepare for next 16 bundler default (#​17868)
• feat(node): Capture pino logger name (#​17930)
• fix(browser): Ignore React 19.2+ component render measure entries (#​17905)
• fix(nextjs): Fix createRouteManifest with basePath (#​17838)
• fix(react): Add POP guard for long-running pageload spans (#​17867)
• fix(tracemetrics): Send boolean for internal replay attribute (#​17908)
• ref(core): Add weight tracking logic to browser logs/metrics (#​17901)

Internal Changes

- chore(nextjs): Add

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.