meta(changelog): Update changelog for 9.33.0#16750
Merged
andreiborza merged 13 commits intomasterfrom Jun 27, 2025
Merged
Conversation
) While we eventually want to move the cloudflare SDK over to use OTEL fully under the hood, this PR is an attempt for an intermediate solution to allow us to still get access to e.g. the vercelAi integration, which emits spans via `@opentelemetry/core`. For this, we register a custom trace provider in the cloudflare SDK which then just calls our own `startSpan` APIs. This should translate spans to Sentry spans. The only downside is that it does not handle a `context` being passed in for spans, so this will _not_ work for all integrations and cases etc. But it should work for simple cases like the `ai` package using `trace.startActiveSpan`. TODO: Test this, verify this makes sense, ...
Adding a test for a support case, to ensure that new trace are correctly sampled. --------- Co-authored-by: Sigrid Huemer <32902192+s1gr1d@users.noreply.github.com>
chore: Manual develop sync
) resolves https://github.com/getsentry/sentry-javascript/security/dependabot/538 resolves https://github.com/getsentry/sentry-javascript/security/dependabot/534 resolves https://github.com/getsentry/sentry-javascript/security/dependabot/533 Next.js dependencies were upgraded to address a security vulnerability concerning authorization bypass in middleware. * The `next` dependency in `packages/nextjs/package.json` was updated from `13.2.0` to `13.5.9`. * Test applications were also patched: * `dev-packages/e2e-tests/test-applications/create-next-app/package.json` had `next` upgraded from `14.0.0` to `14.2.25`. * `dev-packages/e2e-tests/test-applications/nextjs-13/package.json` had `next` upgraded from `13.5.7` to `13.5.9`. * The `yarn.lock` file was subsequently updated by running `yarn install` to reflect these new dependency versions and their transitive updates, including `@swc/helpers` and `postcss`. * Code formatting issues were resolved with `yarn fix`. Validation checks were run, confirming the upgrades while noting pre-existing, unrelated failures in other packages. This directly addresses the vulnerability, ensuring the codebase uses patched Next.js versions. --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com>
We have added the 'ai' package to our list of externalized packages for instrumentation purposes. Unfortunately this causes Next.js to incorrectly evaluate the Vercel AI SDK's conditional exports - specifically the `react-server` export condition isn't properly handled when the package is externalized, resulting in client-side code being loaded in server components instead of the server-side functions.
This adds a `modules` and `composables` folder to the Nuxt 4 E2E test. The main purpose is to check, that the build runs through without problems. Additionally, the versions were updated (as this is the Nuxt 4 test and it should use the latest versions for the compatibility mode). Related to this: #15204 (comment)
…16732) This is on top of #16714. This adds the `vercelAiIntegration` to the cloudflare SDK, as well as to the vercel-edge SDK. I moved the critical code from node to core package, so we can reuse this (the code to process spans). The integration is not added by default, but needs to be added manually. then it will "force" add the event processors etc. We cannot auto-detect the `ai` package, sadly, because this does not work in workers 😢 so for now it needs to be added manually to avoid overhead for users that don't need this. @andreiborza let's verify that this works when deployed to cloudflare, esp. also the auto-enablement via the modules integration etc 🤔 --------- Co-authored-by: Andrei Borza <andrei.borza@sentry.io> Co-authored-by: Andrei <168741329+andreiborza@users.noreply.github.com>
Resolves: #15621 Adds instrumentation for https://github.com/porsager/postgres Sampled event: (Emitted from the integration tests added here): [Link](https://sentry-sdks.sentry.io/insights/backend/summary/trace/72c94a37c9907cc2c7f4bef9c56b0196/?fov=0%2C32.09936037659645&node=span-b3505cfada7dea73&project=5429215&query=transaction.op%3Atransaction&referrer=insights-backend-overview&source=performance_transaction_summary&statsPeriod=5m×tamp=1750718572&transaction=Test%20Transaction) This implementation patches `connection` and `query` classes to create database transactions: - From `connection`, we pick up the database `name`, `url` and `port` to use in the db query spans - For each `query` instance, we create a `db` span - This implementation does not create a separate span for each `cursor` used Initially, I implemented a way to capture `db.operation` (as `command` is available when the query resolves) but it seems the ingestion extracts the operation anyway, so I removed it. Also added sanitization/normalization for raw query, which we use as the span description, also seems to be normalized by the ingestion engine. We can remove it too if it's not worth having, as it creates a possibly-unnecessary performance overhead on the SDK side. --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
This PR adds the external contributor to the CHANGELOG.md file, so that they are credited for their contribution. See #16681 Co-authored-by: AbhiPrasad <18689448+AbhiPrasad@users.noreply.github.com>
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
Contributor
size-limit report 📦
|
❌ Unsupported file formatUpload processing failed due to unsupported file format. Please review the parser error message:
For more help, visit our troubleshooting guide. |
mydea
reviewed
Jun 27, 2025
CHANGELOG.md
Outdated
Comment on lines
+20
to
+23
| Sentry.vercelAIIntegration({ | ||
| recordInputs: true, | ||
| recordOutputs: true, | ||
| }), |
Member
There was a problem hiding this comment.
Suggested change
| Sentry.vercelAIIntegration({ | |
| recordInputs: true, | |
| recordOutputs: true, | |
| }), | |
| Sentry.vercelAIIntegration(), |
these options do not exist there, they are only used where we can monkey patch 😅
Member
Author
There was a problem hiding this comment.
Ahh, thanks. Updated.
andreiborza
force-pushed
the
prepare-release/9.33.0
branch
from
d433747 to
e8eb291
Compare
mydea
approved these changes
Jun 27, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.