chore(deps): update dependency @sentry/browser to v7 [security] #5150

renovate · 2024-10-03T18:33:16Z

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@sentry/browser (source)	`5.21.4` → `7.119.1`

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

GitHub Vulnerability Alerts

GHSA-593m-55hh-j8gv

Impact

In case a Prototype Pollution vulnerability is present in a user's application or bundled libraries, the Sentry SDK could potentially serve as a gadget to exploit that vulnerability. The exploitability depends on the specific details of the underlying Prototype Pollution issue.

Note

This advisory does not indicate the presence of a Prototype Pollution within the Sentry SDK itself. Users are strongly advised to first address any Prototype Pollution vulnerabilities in their application, as they pose a more critical security risk.

Patches

The issue was patched in all Sentry JavaScript SDKs starting from the 8.33.0 version.
Also, the fix was backported to SDK v7 in 7.119.1.

References

Release Notes

getsentry/sentry-javascript (@sentry/browser)

`v7.119.1`

Compare Source

fix(browser/v7): Ensure wrap() only returns functions (#13838 backport)

Work in this release contributed by @legobeat. Thank you for your contribution!

`v7.119.0`

Compare Source

backport(tracing): Report dropped spans for transactions (#13343)

Bundle size 📦

Path	Size
@sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped)	80.96 KB
@sentry/browser (incl. Tracing, Replay) - Webpack (gzipped)	71.89 KB
@sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped)	76.14 KB
@sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped)	65.52 KB
@sentry/browser (incl. Tracing) - Webpack (gzipped)	35.77 KB
@sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped)	35.66 KB
@sentry/browser (incl. Feedback) - Webpack (gzipped)	31.71 KB
@sentry/browser (incl. sendFeedback) - Webpack (gzipped)	31.72 KB
@sentry/browser - Webpack (gzipped)	22.91 KB
@sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped)	79.17 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped)	70.49 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped)	36.17 KB
@sentry/browser - ES6 CDN Bundle (gzipped)	25.41 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed)	221.92 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed)	109.52 KB
@sentry/browser - ES6 CDN Bundle (minified & uncompressed)	76.24 KB
@sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped)	39.45 KB
@sentry/react (incl. Tracing, Replay) - Webpack (gzipped)	72.4 KB
@sentry/react - Webpack (gzipped)	22.94 KB
@sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped)	90.16 KB
@sentry/nextjs Client - Webpack (gzipped)	54.27 KB
@sentry-internal/feedback - Webpack (gzipped)	17.34 KB

`v7.118.0`

Compare Source

fix(v7/bundle): Ensure CDN bundles do not overwrite window.Sentry (#12579)

Bundle size 📦

Path	Size
@sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped)	80.83 KB
@sentry/browser (incl. Tracing, Replay) - Webpack (gzipped)	71.77 KB
@sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped)	76.02 KB
@sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped)	65.38 KB
@sentry/browser (incl. Tracing) - Webpack (gzipped)	35.64 KB
@sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped)	35.53 KB
@sentry/browser (incl. Feedback) - Webpack (gzipped)	31.6 KB
@sentry/browser (incl. sendFeedback) - Webpack (gzipped)	31.61 KB
@sentry/browser - Webpack (gzipped)	22.78 KB
@sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped)	79.05 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped)	70.38 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped)	36.06 KB
@sentry/browser - ES6 CDN Bundle (gzipped)	25.29 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed)	221.51 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed)	109.1 KB
@sentry/browser - ES6 CDN Bundle (minified & uncompressed)	75.83 KB
@sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped)	39.34 KB
@sentry/react (incl. Tracing, Replay) - Webpack (gzipped)	72.27 KB
@sentry/react - Webpack (gzipped)	22.81 KB
@sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped)	90.03 KB
@sentry/nextjs Client - Webpack (gzipped)	54.15 KB
@sentry-internal/feedback - Webpack (gzipped)	17.34 KB

`v7.117.0`

Compare Source

feat(browser/v7): Publish browserprofling CDN bundle (#12224)
fix(v7/publish): Add v7 tag to @sentry/replay (#12304)

`v7.116.0`

Compare Source

build(craft): Publish lambda layer under its own name for v7 (#12098) (#12099)

This release publishes a new AWS Lambda layer under the name SentryNodeServerlessSDKv7 that users still running v7 can
use instead of pinning themselves to SentryNodeServerlessSDK:235.

Bundle size 📦

Path	Size
@sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped)	80.83 KB
@sentry/browser (incl. Tracing, Replay) - Webpack (gzipped)	71.77 KB
@sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped)	76.02 KB
@sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped)	65.38 KB
@sentry/browser (incl. Tracing) - Webpack (gzipped)	35.64 KB
@sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped)	35.53 KB
@sentry/browser (incl. Feedback) - Webpack (gzipped)	31.6 KB
@sentry/browser (incl. sendFeedback) - Webpack (gzipped)	31.61 KB
@sentry/browser - Webpack (gzipped)	22.78 KB
@sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped)	79.04 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped)	70.37 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped)	36.05 KB
@sentry/browser - ES6 CDN Bundle (gzipped)	25.28 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed)	221.49 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed)	109.08 KB
@sentry/browser - ES6 CDN Bundle (minified & uncompressed)	75.81 KB
@sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped)	39.33 KB
@sentry/react (incl. Tracing, Replay) - Webpack (gzipped)	72.27 KB
@sentry/react - Webpack (gzipped)	22.81 KB
@sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped)	90.03 KB
@sentry/nextjs Client - Webpack (gzipped)	54.15 KB
@sentry-internal/feedback - Webpack (gzipped)	17.34 KB

`v7.115.0`

Compare Source

feat(v7): Add support for global onUnhandled Error/Promise for Bun (#11959)
fix(replay/v7): Fix user activity not being updated in start() (#12003)
ref(api): Remove lastEventId deprecation warnings (#12042)

Bundle size 📦

Path	Size
@sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped)	80.83 KB
@sentry/browser (incl. Tracing, Replay) - Webpack (gzipped)	71.77 KB
@sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped)	76.02 KB
@sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped)	65.38 KB
@sentry/browser (incl. Tracing) - Webpack (gzipped)	35.64 KB
@sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped)	35.53 KB
@sentry/browser (incl. Feedback) - Webpack (gzipped)	31.6 KB
@sentry/browser (incl. sendFeedback) - Webpack (gzipped)	31.61 KB
@sentry/browser - Webpack (gzipped)	22.78 KB
@sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped)	79.04 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped)	70.37 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped)	36.05 KB
@sentry/browser - ES6 CDN Bundle (gzipped)	25.28 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed)	221.49 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed)	109.08 KB
@sentry/browser - ES6 CDN Bundle (minified & uncompressed)	75.81 KB
@sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped)	39.33 KB
@sentry/react (incl. Tracing, Replay) - Webpack (gzipped)	72.27 KB
@sentry/react - Webpack (gzipped)	22.81 KB
@sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped)	90.03 KB
@sentry/nextjs Client - Webpack (gzipped)	54.15 KB
@sentry-internal/feedback - Webpack (gzipped)	17.34 KB

`v7.114.0`

Compare Source

Important Changes

fix(browser/v7): Continuously record CLS (#11935)

This release fixes a bug that caused the cumulative layout shift (CLS) web vital not to be reported in a majority of the
cases where it should have been reported. With this change, the CLS web vital should now always be reported for
pageloads with layout shift. If a pageload did not have layout shift, no CLS web vital should be reported.

Please note that upgrading the SDK to this version may cause data in your dashboards to drastically change.

Other Changes

build(aws-lambda/v7): Turn off lambda layer publishing (#11875)
feat(v7): Add tunnel support to multiplexed transport (#11851)
fix(opentelemetry-node): support HTTP_REQUEST_METHOD attribute (#11929)
fix(react/v7): Fix react router v4/v5 span names (#11940)

`v7.113.0`

Compare Source

Important Changes

feat(node): Support Node 22 (#11754)

This release adds support for Node 22! 🎉

It also adds prebuilt-binaries for Node 22 to @sentry/profiling-node.

Other Changes

feat(feedback): [v7] New feedback button design (#11841)
feat(replay/v7): Upgrade rrweb packages to 2.15.0 (#11752)
fix(ember/v7): Ensure unnecessary spans are avoided (#11848)

`v7.112.2`

Compare Source

fix(nextjs|sveltekit): Ensure we can pass browserTracingIntegration (#11765)

`v7.112.1`

Compare Source

fix(ember/v7): Do not create rendering spans without transaction (#11750)

`v7.112.0`

Compare Source

Important Changes

feat: Export pluggable integrations from SDK packages (#11723)

Instead of installing @sentry/integrations, you can now import the pluggable integrations directly from your SDK
package:

// Before
import * as Sentry fromv '@&#8203;sentry/browser';
import { dedupeIntegration } from '@&#8203;sentry/integrations';

Sentry.init({
  integrations: [dedupeIntegration()],
});

// After
import * as Sentry from '@&#8203;sentry/browser';

Sentry.init({
  integrations: [Sentry.dedupeIntegration()],
});

Note that only the functional integrations (e.g. xxxIntegration()) are re-exported.

Other Changes

feat(replay): Add "maxCanvasSize" option for replay canvases (#11732)
fix(serverless): [v7] Check if cloud event callback is a function (#11734)

Bundle size 📦

Path	Size
@sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped)	80.72 KB
@sentry/browser (incl. Tracing, Replay) - Webpack (gzipped)	71.69 KB
@sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped)	75.91 KB
@sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped)	65.32 KB
@sentry/browser (incl. Tracing) - Webpack (gzipped)	35.62 KB
@sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped)	35.5 KB
@sentry/browser (incl. Feedback) - Webpack (gzipped)	31.57 KB
@sentry/browser (incl. sendFeedback) - Webpack (gzipped)	31.58 KB
@sentry/browser - Webpack (gzipped)	22.78 KB
@sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped)	78.9 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped)	70.27 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped)	36.02 KB
@sentry/browser - ES6 CDN Bundle (gzipped)	25.28 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed)	221.25 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed)	109.01 KB
@sentry/browser - ES6 CDN Bundle (minified & uncompressed)	75.79 KB
@sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped)	39.3 KB
@sentry/react (incl. Tracing, Replay) - Webpack (gzipped)	72.18 KB
@sentry/react - Webpack (gzipped)	22.81 KB
@sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped)	90.01 KB
@sentry/nextjs Client - Webpack (gzipped)	54.15 KB
@sentry-internal/feedback - Webpack (gzipped)	17.32 KB

`v7.111.0`

Compare Source

feat(core): Add server.address to browser http.client spans (#11663)
fix: Ensure next & sveltekit correctly handle browserTracingIntegration (#11647)
fix(browser): Don't assume window.document is available (#11598)

Bundle size 📦

Path	Size
@sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped)	80.71 KB
@sentry/browser (incl. Tracing, Replay) - Webpack (gzipped)	71.68 KB
@sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped)	75.7 KB
@sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped)	65.31 KB
@sentry/browser (incl. Tracing) - Webpack (gzipped)	35.62 KB
@sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped)	35.5 KB
@sentry/browser (incl. Feedback) - Webpack (gzipped)	31.57 KB
@sentry/browser (incl. sendFeedback) - Webpack (gzipped)	31.58 KB
@sentry/browser - Webpack (gzipped)	22.78 KB
@sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped)	78.89 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped)	70.25 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped)	36.02 KB
@sentry/browser - ES6 CDN Bundle (gzipped)	25.27 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed)	221.21 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed)	109.01 KB
@sentry/browser - ES6 CDN Bundle (minified & uncompressed)	75.79 KB
@sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped)	39.3 KB
@sentry/react (incl. Tracing, Replay) - Webpack (gzipped)	72.17 KB
@sentry/react - Webpack (gzipped)	22.81 KB
@sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped)	90 KB
@sentry/nextjs Client - Webpack (gzipped)	54.15 KB
@sentry-internal/feedback - Webpack (gzipped)	17.32 KB

`v7.110.1`

Compare Source

fix(nextjs): Fix tunnelRoute matching logic for hybrid cloud (#11577)

Bundle size 📦

Path	Size
@sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped)	80.58 KB
@sentry/browser (incl. Tracing, Replay) - Webpack (gzipped)	71.55 KB
@sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped)	75.57 KB
@sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped)	65.18 KB
@sentry/browser (incl. Tracing) - Webpack (gzipped)	35.49 KB
@sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped)	35.37 KB
@sentry/browser (incl. Feedback) - Webpack (gzipped)	31.57 KB
@sentry/browser (incl. sendFeedback) - Webpack (gzipped)	31.58 KB
@sentry/browser - Webpack (gzipped)	22.78 KB
@sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped)	78.76 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped)	70.12 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped)	35.9 KB
@sentry/browser - ES6 CDN Bundle (gzipped)	25.27 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed)	220.72 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed)	108.53 KB
@sentry/browser - ES6 CDN Bundle (minified & uncompressed)	75.79 KB
@sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped)	39.17 KB
@sentry/react (incl. Tracing, Replay) - Webpack (gzipped)	72.03 KB
@sentry/react - Webpack (gzipped)	22.81 KB
@sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped)	89.87 KB
@sentry/nextjs Client - Webpack (gzipped)	54.01 KB
@sentry-internal/feedback - Webpack (gzipped)	17.32 KB

`v7.110.0`

Compare Source

Important Changes

feat(tracing): Add interactions sample rate to browser tracing integrations (#11382)

You can now use a interactionsSampleRate to control the sample rate of INP spans. interactionsSampleRate is applied
on top of the global tracesSampleRate. Therefore if interactionsSampleRate is 0.5 and tracesSampleRate is 0.1,
then the actual sample rate for interactions is 0.05.

Sentry.init({
  tracesSampleRate: 0.1,
  integrations: [
    Sentry.browserTracingIntegration({
      interactionsSampleRate: 0.5,
    }),
  ],
});

Deprecations

This release deprecates the Hub class, as well as the addRequestDataToTransaction method. The trpcMiddleware
method is no longer on the Handlers export, but instead is a standalone export.

Please see the detailed Migration docs on how to migrate to the new APIs.

feat: Deprecate and relocate trpcMiddleware (#11389)
feat(core): Deprecate Hub class (#11528)
feat(types): Deprecate Hub interface (#11530)
ref: Deprecate addRequestDataToTransaction (#11368)

Other Changes

feat(core): Update metric normalization (#11519)
feat(feedback): Customize feedback placeholder text color (#11521)
feat(remix): Skip span creation for OPTIONS and HEAD request. (#11485)
feat(utils): Add metric buckets rate limit (#11506)
fix(core): unref timer to not block node exit (#11483)
fix(metrics): Map statsd to metric_bucket (#11505)
fix(spans): Allow zero exclusive time for INP spans (#11408)
ref(feedback): Configure feedback fonts (#11520)

Bundle size 📦

Path	Size
@sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped)	80.58 KB
@sentry/browser (incl. Tracing, Replay) - Webpack (gzipped)	71.55 KB
@sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped)	75.57 KB
@sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped)	65.18 KB
@sentry/browser (incl. Tracing) - Webpack (gzipped)	35.49 KB
@sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped)	35.37 KB
@sentry/browser (incl. Feedback) - Webpack (gzipped)	31.57 KB
@sentry/browser (incl. sendFeedback) - Webpack (gzipped)	31.58 KB
@sentry/browser - Webpack (gzipped)	22.78 KB
@sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped)	78.76 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped)	70.12 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped)	35.9 KB
@sentry/browser - ES6 CDN Bundle (gzipped)	25.27 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed)	220.72 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed)	108.53 KB
@sentry/browser - ES6 CDN Bundle (minified & uncompressed)	75.79 KB
@sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped)	39.17 KB
@sentry/react (incl. Tracing, Replay) - Webpack (gzipped)	72.03 KB
@sentry/react - Webpack (gzipped)	22.81 KB
@sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped)	89.87 KB
@sentry/nextjs Client - Webpack (gzipped)	54.01 KB
@sentry-internal/feedback - Webpack (gzipped)	17.32 KB

`v7.109.0`

Compare Source

This release deprecates some exports from the @sentry/replay package. These exports have been moved to the browser SDK
(or related framework SDKs like @sentry/react).

feat(feedback): Make "required" text for input elements configurable (#11287)
feat(node): Add scope to ANR events (#11267)
feat(replay): Bump rrweb to 2.12.0 (#11317)
fix(node): Local variables skipped after Promise (#11248)
fix(node): Skip capturing Hapi Boom error responses (#11324)
fix(web-vitals): Check for undefined navigation entry (#11312)
ref(replay): Deprecate @sentry/replay exports (#11242)

Work in this release contributed by @soerface. Thank you for your contribution!

Bundle size 📦

Path	Size
@sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped)	80.48 KB
@sentry/browser (incl. Tracing, Replay) - Webpack (gzipped)	71.47 KB
@sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped)	75.49 KB
@sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped)	65.11 KB
@sentry/browser (incl. Tracing) - Webpack (gzipped)	35.41 KB
@sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped)	35.29 KB
@sentry/browser (incl. Feedback) - Webpack (gzipped)	31.52 KB
@sentry/browser (incl. sendFeedback) - Webpack (gzipped)	31.53 KB
@sentry/browser - Webpack (gzipped)	22.74 KB
@sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped)	78.59 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped)	69.97 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped)	35.77 KB
@sentry/browser - ES6 CDN Bundle (gzipped)	25.17 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed)	220.31 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed)	108.12 KB
@sentry/browser - ES6 CDN Bundle (minified & uncompressed)	75.48 KB
@sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped)	39 KB
@sentry/react (incl. Tracing, Replay) - Webpack (gzipped)	71.97 KB
@sentry/react - Webpack (gzipped)	22.77 KB
@sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped)	89.81 KB
@sentry/nextjs Client - Webpack (gzipped)	53.95 KB
@sentry-internal/feedback - Webpack (gzipped)	17.3 KB

`v7.108.0`

Compare Source

This release fixes issues with Time to First Byte (TTFB) calculation in the SDK that was introduced with 7.95.0. It
also fixes some bugs with Interaction to First Paint (INP) instrumentation. This may impact your Sentry Performance
Score calculation.

feat(serverless): Add Node.js 20 to compatible runtimes (#11104)
feat(core): Backport ResizeObserver and googletag default filters (#11210)
feat(webvitals): Adds event entry names for INP handler. Also guard against empty metric value
fix(metrics): use correct statsd data category (#11187)
fix(node): Record local variables with falsy values (v7) (#11190)
fix(node): Use unique variable for ANR context transfer (v7) (#11162)
fix(node): Time zone handling for cron (#11225)
fix(tracing): use web-vitals ttfb calculation (#11231)
fix(types): Fix incorrect sampled type on Transaction (#11146)
fix(webvitals): Fix mapping not being maintained properly and sometimes not sending INP spans (#11183)

Work in this release contributed by @quisido and @joshkel. Thank you for your contributions!

Bundle size 📦

Path	Size
@sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped)	80.45 KB
@sentry/browser (incl. Tracing, Replay) - Webpack (gzipped)	71.47 KB
@sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped)	75.47 KB
@sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped)	65.1 KB
@sentry/browser (incl. Tracing) - Webpack (gzipped)	35.4 KB
@sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped)	35.29 KB
@sentry/browser (incl. Feedback) - Webpack (gzipped)	31.49 KB
@sentry/browser (incl. sendFeedback) - Webpack (gzipped)	31.5 KB
@sentry/browser - Webpack (gzipped)	22.74 KB
@sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped)	78.55 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped)	69.97 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped)	35.77 KB
@sentry/browser - ES6 CDN Bundle (gzipped)	25.17 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed)	220.29 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed)	108.1 KB
@sentry/browser - ES6 CDN Bundle (minified & uncompressed)	75.48 KB
@sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped)	38.99 KB
@sentry/react (incl. Tracing, Replay) - Webpack (gzipped)	71.96 KB
@sentry/react - Webpack (gzipped)	22.77 KB
@sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped)	89.81 KB
@sentry/nextjs Client - Webpack (gzipped)	53.95 KB
@sentry-internal/feedback - Webpack (gzipped)	17.28 KB

`v7.107.0`

Compare Source

This release fixes issues with INP instrumentation with the Next.js SDK and adds support for the enableInp option in
the deprecated BrowserTracing integration for backwards compatibility.

feat(performance): Port INP span instrumentation to old browser tracing (#11085)
fix(ember): Ensure browser tracing is correctly lazy loaded (#11027)
fix(node): Do not assert in vendored proxy code (v7 backport) (#11009)
fix(react): Set handled value in ErrorBoundary depending on fallback [v7] (#11037)

Bundle size 📦

Path	Size
@sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped)	79.95 KB
@sentry/browser (incl. Tracing, Replay) - Webpack (gzipped)	71.06 KB
@sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped)	75.04 KB
@sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped)	64.7 KB
@sentry/browser (incl. Tracing) - Webpack (gzipped)	35.02 KB
@sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped)	34.9 KB
@sentry/browser (incl. Feedback) - Webpack (gzipped)	31.44 KB
@sentry/browser (incl. sendFeedback) - Webpack (gzipped)	31.45 KB
@sentry/browser - Webpack (gzipped)	22.68 KB
@sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped)	78.18 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped)	69.57 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped)	35.34 KB
@sentry/browser - ES6 CDN Bundle (gzipped)	25.11 KB
@sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed)	219.07 KB
@sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed)	106.88 KB
@sentry/browser - ES6 CDN Bundle (minified & uncompressed)	75.38 KB
@sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped)	38.62 KB
[@sentry/re

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

renovate bot added the renovate PR automatically generated by renovate label Oct 3, 2024

renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 4488a07 to a2ac841 Compare October 4, 2024 16:38

renovate bot changed the title ~~chore(deps): update dependency @sentry/browser to v8 [security]~~ chore(deps): update dependency @sentry/browser to v7 [security] Oct 4, 2024

renovate bot changed the title ~~chore(deps): update dependency @sentry/browser to v7 [security]~~ Update dependency @sentry/browser to v7 [SECURITY] Jan 22, 2025

renovate bot changed the title ~~Update dependency @sentry/browser to v7 [SECURITY]~~ chore(deps): update dependency @sentry/browser to v7 [security] Feb 10, 2025

renovate bot changed the title ~~chore(deps): update dependency @sentry/browser to v7 [security]~~ Update dependency @sentry/browser to v7 [SECURITY] Mar 26, 2025

renovate bot changed the title ~~Update dependency @sentry/browser to v7 [SECURITY]~~ chore(deps): update dependency @sentry/browser to v7 [security] Apr 3, 2025

renovate bot changed the title ~~chore(deps): update dependency @sentry/browser to v7 [security]~~ Update dependency @sentry/browser to v7 [SECURITY] Jun 12, 2025

renovate bot changed the title ~~Update dependency @sentry/browser to v7 [SECURITY]~~ chore(deps): update dependency @sentry/browser to v7 [security] Jul 10, 2025

renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch 2 times, most recently from 46277f1 to 2525bfd Compare August 13, 2025 14:59

renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 2525bfd to 8723ac8 Compare August 19, 2025 16:36

renovate bot changed the title ~~chore(deps): update dependency @sentry/browser to v7 [security]~~ Update dependency @sentry/browser to v7 [SECURITY] Aug 20, 2025

renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 8723ac8 to befc36c Compare August 31, 2025 10:08

renovate bot changed the title ~~Update dependency @sentry/browser to v7 [SECURITY]~~ chore(deps): update dependency @sentry/browser to v7 [security] Sep 18, 2025

renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from befc36c to 5af70b7 Compare September 25, 2025 15:29

renovate bot changed the title ~~chore(deps): update dependency @sentry/browser to v7 [security]~~ Update dependency @sentry/browser to v7 [SECURITY] Sep 29, 2025

renovate bot changed the title ~~Update dependency @sentry/browser to v7 [SECURITY]~~ chore(deps): update dependency @sentry/browser to v7 [security] Sep 29, 2025

renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 5af70b7 to 812d0ce Compare October 21, 2025 16:44

renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 812d0ce to b8e50ac Compare November 10, 2025 17:51

renovate bot changed the title ~~chore(deps): update dependency @sentry/browser to v7 [security]~~ chore(deps): update dependency @sentry/browser to v7 [security] - autoclosed Nov 19, 2025

renovate bot closed this Nov 19, 2025

renovate bot deleted the renovate/npm-sentry-browser-vulnerability branch November 19, 2025 16:28

renovate bot changed the title ~~chore(deps): update dependency @sentry/browser to v7 [security] - autoclosed~~ chore(deps): update dependency @sentry/browser to v7 [security] Nov 19, 2025

renovate bot reopened this Nov 19, 2025

renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch 2 times, most recently from b8e50ac to 82c4e93 Compare November 19, 2025 17:45

renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 82c4e93 to d803402 Compare December 3, 2025 19:03

renovate bot changed the title ~~chore(deps): update dependency @sentry/browser to v7 [security]~~ Update dependency @sentry/browser to v7 [SECURITY] Dec 4, 2025

renovate bot changed the title ~~Update dependency @sentry/browser to v7 [SECURITY]~~ chore(deps): update dependency @sentry/browser to v7 [security] Dec 18, 2025

renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from d803402 to 35dfd7b Compare December 31, 2025 15:56

renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from 35dfd7b to a65ffe7 Compare January 8, 2026 17:51

chore(deps): update dependency @sentry/browser to v7 [security]

6ae83b6

renovate bot force-pushed the renovate/npm-sentry-browser-vulnerability branch from a65ffe7 to 6ae83b6 Compare January 19, 2026 14:37

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): update dependency @sentry/browser to v7 [security] #5150

chore(deps): update dependency @sentry/browser to v7 [security] #5150

renovate bot commented Oct 3, 2024 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

chore(deps): update dependency @sentry/browser to v7 [security] #5150

Are you sure you want to change the base?

chore(deps): update dependency @sentry/browser to v7 [security] #5150

Conversation

renovate bot commented Oct 3, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

GitHub Vulnerability Alerts

Impact

Patches

References

Release Notes

Bundle size 📦

Bundle size 📦

Bundle size 📦

Bundle size 📦

Important Changes

Other Changes

Important Changes

Other Changes

Important Changes

Other Changes

Bundle size 📦

Bundle size 📦

Bundle size 📦

Important Changes

Other Changes

Bundle size 📦

Bundle size 📦

Bundle size 📦

Bundle size 📦

Configuration

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

renovate bot commented Oct 3, 2024 •

edited

Loading