From b64f3c24775c4a85f6f645aae06fd88ef41e0ac4 Mon Sep 17 00:00:00 2001 From: mathuraditya724 Date: Thu, 22 Jan 2026 03:18:14 +0530 Subject: [PATCH 01/80] feat: added support for the new codecov action --- .github/workflows/build.yml | 57 +++++++------------ codecov.yml | 5 -- .../rollup-utils/plugins/npmPlugins.mjs | 15 ----- 3 files changed, 19 insertions(+), 58 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5c26bded3ddf..e59854337b1d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -175,9 +175,6 @@ jobs: 'nx-never-restore'}} - name: Build packages - # Set the CODECOV_TOKEN for Bundle Analysis - env: - CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} run: yarn build - name: Upload build artifacts @@ -432,17 +429,9 @@ jobs: if: github.event_name != 'pull_request' - name: Compute test coverage - uses: codecov/codecov-action@v5 - with: - token: ${{ secrets.CODECOV_TOKEN }} - - - name: Upload test results to Codecov - if: cancelled() == false - continue-on-error: true - uses: codecov/test-results-action@v1 + uses: getsentry/codecov-action@main with: - files: packages/**/*.junit.xml - token: ${{ secrets.CODECOV_TOKEN }} + token: ${{ secrets.GITHUB_TOKEN }} job_bun_unit_tests: name: Bun Unit Tests @@ -539,17 +528,9 @@ jobs: NODE_VERSION: ${{ matrix.node }} - name: Compute test coverage - uses: codecov/codecov-action@v5 + uses: getsentry/codecov-action@main with: - token: ${{ secrets.CODECOV_TOKEN }} - - - name: Upload test results to Codecov - if: cancelled() == false - continue-on-error: true - uses: codecov/test-results-action@v1 - with: - files: packages/**/*.junit.xml - token: ${{ secrets.CODECOV_TOKEN }} + token: ${{ secrets.GITHUB_TOKEN }} job_browser_playwright_tests: name: @@ -641,13 +622,13 @@ jobs: overwrite: true retention-days: 7 - - name: Upload test results to Codecov + - name: Compute test coverage if: cancelled() == false continue-on-error: true - uses: codecov/test-results-action@v1 + uses: getsentry/codecov-action@main with: + token: ${{ secrets.GITHUB_TOKEN }} directory: dev-packages/browser-integration-tests - token: ${{ secrets.CODECOV_TOKEN }} job_browser_loader_tests: name: PW ${{ matrix.bundle }} Tests @@ -702,13 +683,13 @@ jobs: overwrite: true retention-days: 7 - - name: Upload test results to Codecov + - name: Compute test coverage + uses: getsentry/codecov-action@main if: cancelled() == false continue-on-error: true - uses: codecov/test-results-action@v1 with: + token: ${{ secrets.GITHUB_TOKEN }} directory: dev-packages/browser-integration-tests - token: ${{ secrets.CODECOV_TOKEN }} job_check_for_faulty_dts: name: Check for faulty .d.ts files @@ -776,13 +757,13 @@ jobs: working-directory: dev-packages/node-integration-tests run: yarn test - - name: Upload test results to Codecov + - name: Compute test coverage if: cancelled() == false continue-on-error: true - uses: codecov/test-results-action@v1 + uses: getsentry/codecov-action@main with: + token: ${{ secrets.GITHUB_TOKEN }} directory: dev-packages/node-integration-tests - token: ${{ secrets.CODECOV_TOKEN }} job_cloudflare_integration_tests: name: Cloudflare Integration Tests @@ -843,13 +824,13 @@ jobs: cd packages/remix yarn test:integration:ci - - name: Upload test results to Codecov + - name: Compute test coverage if: cancelled() == false continue-on-error: true - uses: codecov/test-results-action@v1 + uses: getsentry/codecov-action@main with: directory: packages/remix - token: ${{ secrets.CODECOV_TOKEN }} + token: ${{ secrets.GITHUB_TOKEN }} job_e2e_prepare: name: Prepare E2E tests @@ -1034,13 +1015,13 @@ jobs: retention-days: 7 if-no-files-found: ignore - - name: Upload test results to Codecov + - name: Compute test coverage if: cancelled() == false continue-on-error: true - uses: codecov/test-results-action@v1 + uses: getsentry/codecov-action@main with: directory: dev-packages/e2e-tests - token: ${{ secrets.CODECOV_TOKEN }} + token: ${{ secrets.GITHUB_TOKEN }} # - We skip optional tests on release branches job_optional_e2e_tests: diff --git a/codecov.yml b/codecov.yml index f8c0cbc17ba5..fcc0885b060b 100644 --- a/codecov.yml +++ b/codecov.yml @@ -3,11 +3,6 @@ codecov: notify: require_ci_to_pass: no -ai_pr_review: - enabled: true - method: 'label' - label_name: 'ci-codecov-ai-review' - coverage: precision: 2 round: down diff --git a/dev-packages/rollup-utils/plugins/npmPlugins.mjs b/dev-packages/rollup-utils/plugins/npmPlugins.mjs index 7f08873f1c80..3cb9ca7d50f9 100644 --- a/dev-packages/rollup-utils/plugins/npmPlugins.mjs +++ b/dev-packages/rollup-utils/plugins/npmPlugins.mjs @@ -167,18 +167,3 @@ export function makeRrwebBuildPlugin({ excludeShadowDom, excludeIframe } = {}) { values, }); } - -/** - * Plugin that uploads bundle analysis to codecov. - * - * @param type The type of bundle being uploaded. - * @param prefix The prefix for the codecov bundle name. Defaults to 'npm'. - */ -export function makeCodeCovPlugin() { - const packageJson = JSON.parse(fs.readFileSync(path.resolve(process.cwd(), './package.json'), { encoding: 'utf8' })); - return codecovRollupPlugin({ - enableBundleAnalysis: process.env.CODECOV_TOKEN !== undefined, - bundleName: packageJson.name, - uploadToken: process.env.CODECOV_TOKEN, - }); -} From a370dfc764810f68a644ded4a370dbd473760fac Mon Sep 17 00:00:00 2001 From: mathuraditya724 Date: Thu, 29 Jan 2026 14:35:37 +0530 Subject: [PATCH 02/80] fix: removed the codecov badge from the readme --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 3fdd9ddfc452..5a3453dbe004 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,6 @@ faster, so we can get back to enjoying technology. If you want to join us [**Check out our open positions**](https://sentry.io/careers/)_ [![Build & Test](https://github.com/getsentry/sentry-javascript/workflows/CI:%20Build%20&%20Test/badge.svg)](https://github.com/getsentry/sentry-javascript/actions) -[![codecov](https://codecov.io/gh/getsentry/sentry-javascript/branch/develop/graph/badge.svg)](https://codecov.io/gh/getsentry/sentry-javascript) [![npm version](https://img.shields.io/npm/v/@sentry/core.svg)](https://www.npmjs.com/package/@sentry/core) [![Discord](https://img.shields.io/discord/621778831602221064)](https://discord.gg/Ww9hbqr) From 8113e907fcf47bf0f2b3355b439aa4e3858bb386 Mon Sep 17 00:00:00 2001 From: mathuraditya724 Date: Thu, 29 Jan 2026 22:35:11 +0530 Subject: [PATCH 03/80] fix: updated the job name --- .github/workflows/build.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 3a7a2400d018..bba544314dae 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -428,7 +428,7 @@ jobs: run: yarn test:ci:browser if: github.event_name != 'pull_request' - - name: Compute test coverage + - name: Parse and Upload Coverage uses: getsentry/codecov-action@main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -527,7 +527,7 @@ jobs: env: NODE_VERSION: ${{ matrix.node }} - - name: Compute test coverage + - name: Parse and Upload Coverage uses: getsentry/codecov-action@main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -625,7 +625,7 @@ jobs: overwrite: true retention-days: 7 - - name: Compute test coverage + - name: Parse and Upload Coverage if: cancelled() == false continue-on-error: true uses: getsentry/codecov-action@main @@ -686,7 +686,7 @@ jobs: overwrite: true retention-days: 7 - - name: Compute test coverage + - name: Parse and Upload Coverage uses: getsentry/codecov-action@main if: cancelled() == false continue-on-error: true @@ -760,7 +760,7 @@ jobs: working-directory: dev-packages/node-integration-tests run: yarn test - - name: Compute test coverage + - name: Parse and Upload Coverage if: cancelled() == false continue-on-error: true uses: getsentry/codecov-action@main @@ -827,7 +827,7 @@ jobs: cd packages/remix yarn test:integration:ci - - name: Compute test coverage + - name: Parse and Upload Coverage if: cancelled() == false continue-on-error: true uses: getsentry/codecov-action@main @@ -1018,7 +1018,7 @@ jobs: retention-days: 7 if-no-files-found: ignore - - name: Compute test coverage + - name: Parse and Upload Coverage if: cancelled() == false continue-on-error: true uses: getsentry/codecov-action@main From 167acdc706312761050b79b0727cb4376b8aa988 Mon Sep 17 00:00:00 2001 From: mathuraditya724 Date: Thu, 29 Jan 2026 22:58:11 +0530 Subject: [PATCH 04/80] chore: minor changes --- .github/workflows/build.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index bba544314dae..b409c53136b2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -429,6 +429,8 @@ jobs: if: github.event_name != 'pull_request' - name: Parse and Upload Coverage + if: cancelled() == false + continue-on-error: true uses: getsentry/codecov-action@main with: token: ${{ secrets.GITHUB_TOKEN }} @@ -528,6 +530,8 @@ jobs: NODE_VERSION: ${{ matrix.node }} - name: Parse and Upload Coverage + if: cancelled() == false + continue-on-error: true uses: getsentry/codecov-action@main with: token: ${{ secrets.GITHUB_TOKEN }} From c61baee5f6b88e9b49e3aedf592d437cbd821974 Mon Sep 17 00:00:00 2001 From: Copilot <198982749+Copilot@users.noreply.github.com> Date: Thu, 29 Jan 2026 19:25:56 +0100 Subject: [PATCH 05/80] fix(core): Avoid blocking the process when calling `flush` on empty buffer (#19062) This PR fixes a bug when calling `Sentry.flush()` (or `client.flush()`) and there's no telemetry being processed by the SDK. While previously we'd wait for the passed-in timeout, we now exit immediately. --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Lms24 <8420481+Lms24@users.noreply.github.com> Co-authored-by: Lukas Stracke Co-authored-by: Charly Gomez --- .size-limit.js | 2 +- packages/core/src/client.ts | 1 - packages/core/src/transports/offline.ts | 33 +++++++------ packages/core/src/utils/promisebuffer.ts | 8 ++-- packages/core/src/utils/timer.ts | 15 ++++++ packages/core/test/lib/client.test.ts | 47 +++++++++++++++++++ .../core/test/lib/utils/promisebuffer.test.ts | 12 +++++ packages/core/test/lib/utils/timer.test.ts | 32 +++++++++++++ packages/node-core/test/sdk/client.test.ts | 22 +++++++++ 9 files changed, 150 insertions(+), 22 deletions(-) create mode 100644 packages/core/src/utils/timer.ts create mode 100644 packages/core/test/lib/utils/timer.test.ts diff --git a/.size-limit.js b/.size-limit.js index 2a14a40df88b..361e2026f2c7 100644 --- a/.size-limit.js +++ b/.size-limit.js @@ -255,7 +255,7 @@ module.exports = [ path: createCDNPath('bundle.tracing.logs.metrics.min.js'), gzip: false, brotli: false, - limit: '130 KB', + limit: '131 KB', }, { name: 'CDN Bundle (incl. Replay, Logs, Metrics) - uncompressed', diff --git a/packages/core/src/client.ts b/packages/core/src/client.ts index 56b382a2860e..1ed447ab802d 100644 --- a/packages/core/src/client.ts +++ b/packages/core/src/client.ts @@ -1150,7 +1150,6 @@ export abstract class Client { protected async _isClientDoneProcessing(timeout?: number): Promise { let ticked = 0; - // if no timeout is provided, we wait "forever" until everything is processed while (!timeout || ticked < timeout) { await new Promise(resolve => setTimeout(resolve, 1)); diff --git a/packages/core/src/transports/offline.ts b/packages/core/src/transports/offline.ts index 88211a4378e7..b799bf691efb 100644 --- a/packages/core/src/transports/offline.ts +++ b/packages/core/src/transports/offline.ts @@ -4,6 +4,7 @@ import type { InternalBaseTransportOptions, Transport, TransportMakeRequestRespo import { debug } from '../utils/debug-logger'; import { envelopeContainsItemType } from '../utils/envelope'; import { parseRetryAfterHeader } from '../utils/ratelimit'; +import { safeUnref } from '../utils/timer'; export const MIN_DELAY = 100; // 100 ms export const START_DELAY = 5_000; // 5 seconds @@ -97,26 +98,24 @@ export function makeOfflineTransport( clearTimeout(flushTimer as ReturnType); } - flushTimer = setTimeout(async () => { - flushTimer = undefined; - - const found = await store.shift(); - if (found) { - log('Attempting to send previously queued event'); + // We need to unref the timer in node.js, otherwise the node process never exit. + flushTimer = safeUnref( + setTimeout(async () => { + flushTimer = undefined; - // We should to update the sent_at timestamp to the current time. - found[0].sent_at = new Date().toISOString(); + const found = await store.shift(); + if (found) { + log('Attempting to send previously queued event'); - void send(found, true).catch(e => { - log('Failed to retry sending', e); - }); - } - }, delay) as Timer; + // We should to update the sent_at timestamp to the current time. + found[0].sent_at = new Date().toISOString(); - // We need to unref the timer in node.js, otherwise the node process never exit. - if (typeof flushTimer !== 'number' && flushTimer.unref) { - flushTimer.unref(); - } + void send(found, true).catch(e => { + log('Failed to retry sending', e); + }); + } + }, delay), + ) as Timer; } function flushWithBackOff(): void { diff --git a/packages/core/src/utils/promisebuffer.ts b/packages/core/src/utils/promisebuffer.ts index f66077a76fd5..4868e30f14b8 100644 --- a/packages/core/src/utils/promisebuffer.ts +++ b/packages/core/src/utils/promisebuffer.ts @@ -1,4 +1,5 @@ import { rejectedSyncPromise, resolvedSyncPromise } from './syncpromise'; +import { safeUnref } from './timer'; export interface PromiseBuffer { // exposes the internal array so tests can assert on the state of it. @@ -77,10 +78,11 @@ export function makePromiseBuffer(limit: number = 100): PromiseBuffer { return drainPromise; } - const promises = [drainPromise, new Promise(resolve => setTimeout(() => resolve(false), timeout))]; + const promises = [ + drainPromise, + new Promise(resolve => safeUnref(setTimeout(() => resolve(false), timeout))), + ]; - // Promise.race will resolve to the first promise that resolves or rejects - // So if the drainPromise resolves, the timeout promise will be ignored return Promise.race(promises); } diff --git a/packages/core/src/utils/timer.ts b/packages/core/src/utils/timer.ts new file mode 100644 index 000000000000..f08b698a8e67 --- /dev/null +++ b/packages/core/src/utils/timer.ts @@ -0,0 +1,15 @@ +/** + * Calls `unref` on a timer, if the method is available on @param timer. + * + * `unref()` is used to allow processes to exit immediately, even if the timer + * is still running and hasn't resolved yet. + * + * Use this in places where code can run on browser or server, since browsers + * do not support `unref`. + */ +export function safeUnref(timer: ReturnType): ReturnType { + if (typeof timer === 'object' && typeof timer.unref === 'function') { + timer.unref(); + } + return timer; +} diff --git a/packages/core/test/lib/client.test.ts b/packages/core/test/lib/client.test.ts index 0945af5f019f..09ec34bf4fcc 100644 --- a/packages/core/test/lib/client.test.ts +++ b/packages/core/test/lib/client.test.ts @@ -2205,6 +2205,53 @@ describe('Client', () => { }), ]); }); + + test('flush returns immediately when nothing is processing', async () => { + vi.useFakeTimers(); + expect.assertions(2); + + const options = getDefaultTestClientOptions({ dsn: PUBLIC_DSN }); + const client = new TestClient(options); + + // just to ensure the client init'd + vi.advanceTimersByTime(100); + + const elapsed = Date.now(); + const done = client.flush(1000).then(result => { + expect(result).toBe(true); + expect(Date.now() - elapsed).toBeLessThan(2); + }); + + // ensures that only after 1 ms, we're already done flushing + vi.advanceTimersByTime(1); + await done; + }); + + test('flush with early exit when processing completes', async () => { + vi.useRealTimers(); + expect.assertions(3); + + const { makeTransport, getSendCalled, getSentCount } = makeFakeTransport(50); + + const client = new TestClient( + getDefaultTestClientOptions({ + dsn: PUBLIC_DSN, + enableSend: true, + transport: makeTransport, + }), + ); + + client.captureMessage('test'); + expect(getSendCalled()).toEqual(1); + + const startTime = Date.now(); + await client.flush(5000); + const elapsed = Date.now() - startTime; + + expect(getSentCount()).toEqual(1); + // if this flakes, remove the test + expect(elapsed).toBeLessThan(1000); + }); }); describe('sendEvent', () => { diff --git a/packages/core/test/lib/utils/promisebuffer.test.ts b/packages/core/test/lib/utils/promisebuffer.test.ts index d1b4b9abc48d..8d45d426b1a4 100644 --- a/packages/core/test/lib/utils/promisebuffer.test.ts +++ b/packages/core/test/lib/utils/promisebuffer.test.ts @@ -252,4 +252,16 @@ describe('PromiseBuffer', () => { expect(e).toEqual(new Error('whoops')); } }); + + test('drain returns immediately when buffer is empty', async () => { + const buffer = makePromiseBuffer(); + expect(buffer.$.length).toEqual(0); + + const startTime = Date.now(); + const result = await buffer.drain(5000); + const elapsed = Date.now() - startTime; + + expect(result).toBe(true); + expect(elapsed).toBeLessThan(100); + }); }); diff --git a/packages/core/test/lib/utils/timer.test.ts b/packages/core/test/lib/utils/timer.test.ts new file mode 100644 index 000000000000..cd3b99fa4246 --- /dev/null +++ b/packages/core/test/lib/utils/timer.test.ts @@ -0,0 +1,32 @@ +import { describe, expect, it, vi } from 'vitest'; +import { safeUnref } from '../../../src/utils/timer'; + +describe('safeUnref', () => { + it('calls unref on a NodeJS timer', () => { + const timeout = setTimeout(() => {}, 1000); + const unrefSpy = vi.spyOn(timeout, 'unref'); + safeUnref(timeout); + expect(unrefSpy).toHaveBeenCalledOnce(); + }); + + it('returns the timer', () => { + const timeout = setTimeout(() => {}, 1000); + const result = safeUnref(timeout); + expect(result).toBe(timeout); + }); + + it('handles multiple unref calls', () => { + const timeout = setTimeout(() => {}, 1000); + const unrefSpy = vi.spyOn(timeout, 'unref'); + + const result = safeUnref(timeout); + result.unref(); + + expect(unrefSpy).toHaveBeenCalledTimes(2); + }); + + it("doesn't throw for a browser timer", () => { + const timer = safeUnref(385 as unknown as ReturnType); + expect(timer).toBe(385); + }); +}); diff --git a/packages/node-core/test/sdk/client.test.ts b/packages/node-core/test/sdk/client.test.ts index 0bcef2669095..cf33049c1ffa 100644 --- a/packages/node-core/test/sdk/client.test.ts +++ b/packages/node-core/test/sdk/client.test.ts @@ -386,4 +386,26 @@ describe('NodeClient', () => { expect(processOffSpy).toHaveBeenNthCalledWith(1, 'beforeExit', expect.any(Function)); }); }); + + describe('flush', () => { + it('flush returns immediately when nothing is processing', async () => { + const options = getDefaultNodeClientOptions(); + const client = new NodeClient(options); + + const startTime = Date.now(); + const result = await client.flush(1000); + const elapsed = Date.now() - startTime; + + expect(result).toBe(true); + expect(elapsed).toBeLessThan(100); + }); + + it('flush does not block process exit with unref timers', async () => { + const options = getDefaultNodeClientOptions(); + const client = new NodeClient(options); + + const result = await client.flush(5000); + expect(result).toBe(true); + }); + }); }); From 1727485497375f3d22ca04c8225de824eeeeef4c Mon Sep 17 00:00:00 2001 From: Abdelrahman Awad Date: Thu, 29 Jan 2026 21:47:07 +0200 Subject: [PATCH 06/80] fix(nuxt): Avoid logging database skip warning when `debug` is disabled (#19095) Previously this was left as-is since the `DEBUG_BUILD` flag doesn't work in build-time scripts. This PR ensures the warn is only logged by checking the user options by passing it to the nuxt/vite instrumentation plugin. Closes #19094 --- packages/nuxt/src/module.ts | 2 +- packages/nuxt/src/vite/databaseConfig.ts | 18 +++-- .../nuxt/test/vite/databaseConfig.test.ts | 81 +++++++++++++++++++ 3 files changed, 93 insertions(+), 8 deletions(-) create mode 100644 packages/nuxt/test/vite/databaseConfig.test.ts diff --git a/packages/nuxt/src/module.ts b/packages/nuxt/src/module.ts index 813fb9385066..f2968d70482d 100644 --- a/packages/nuxt/src/module.ts +++ b/packages/nuxt/src/module.ts @@ -117,7 +117,7 @@ export default defineNuxtModule({ if (serverConfigFile) { addMiddlewareImports(); addStorageInstrumentation(nuxt); - addDatabaseInstrumentation(nuxt.options.nitro); + addDatabaseInstrumentation(nuxt.options.nitro, moduleOptions); } // Add the sentry config file to the include array diff --git a/packages/nuxt/src/vite/databaseConfig.ts b/packages/nuxt/src/vite/databaseConfig.ts index dfe27fd9821d..c806a8f662c2 100644 --- a/packages/nuxt/src/vite/databaseConfig.ts +++ b/packages/nuxt/src/vite/databaseConfig.ts @@ -1,19 +1,23 @@ import { addServerPlugin, createResolver } from '@nuxt/kit'; import { consoleSandbox } from '@sentry/core'; import type { NitroConfig } from 'nitropack/types'; +import type { SentryNuxtModuleOptions } from '../common/types'; import { addServerTemplate } from '../vendor/server-template'; /** * Sets up the database instrumentation. */ -export function addDatabaseInstrumentation(nitro: NitroConfig): void { +export function addDatabaseInstrumentation(nitro: NitroConfig, moduleOptions?: SentryNuxtModuleOptions): void { if (!nitro.experimental?.database) { - consoleSandbox(() => { - // eslint-disable-next-line no-console - console.log( - '[Sentry] [Nitro Database Plugin]: No database configuration found. Skipping database instrumentation.', - ); - }); + // We cannot use DEBUG_BUILD here because it is a runtime flag, so it is not available for build time scripts + // So we have to pass in the module options to the build time script + moduleOptions?.debug && + consoleSandbox(() => { + // eslint-disable-next-line no-console + console.log( + '[Sentry] [Nitro Database Plugin]: No database configuration found. Skipping database instrumentation.', + ); + }); return; } diff --git a/packages/nuxt/test/vite/databaseConfig.test.ts b/packages/nuxt/test/vite/databaseConfig.test.ts new file mode 100644 index 000000000000..4d95fc7a4df0 --- /dev/null +++ b/packages/nuxt/test/vite/databaseConfig.test.ts @@ -0,0 +1,81 @@ +import type { NitroConfig } from 'nitropack/types'; +import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'; +import type { SentryNuxtModuleOptions } from '../../src/common/types'; +import { addDatabaseInstrumentation } from '../../src/vite/databaseConfig'; + +vi.mock('@sentry/core', () => ({ + consoleSandbox: (callback: () => void) => callback(), +})); + +vi.mock('@nuxt/kit', () => ({ + addServerPlugin: vi.fn(), + createResolver: vi.fn(() => ({ + resolve: vi.fn((path: string) => path), + })), +})); + +vi.mock('../../src/vendor/server-template', () => ({ + addServerTemplate: vi.fn(), +})); + +describe('addDatabaseInstrumentation', () => { + const consoleLogSpy = vi.spyOn(console, 'log').mockImplementation(() => {}); + + beforeEach(() => { + consoleLogSpy.mockClear(); + }); + + afterEach(() => { + vi.clearAllMocks(); + }); + + describe('debug logging when no database configuration', () => { + it('should log debug message when debug is enabled and no database config', () => { + const nitroConfig: NitroConfig = {}; + const moduleOptions: SentryNuxtModuleOptions = { debug: true }; + + addDatabaseInstrumentation(nitroConfig, moduleOptions); + + expect(consoleLogSpy).toHaveBeenCalledWith( + '[Sentry] [Nitro Database Plugin]: No database configuration found. Skipping database instrumentation.', + ); + }); + + it('should not log debug message when debug is disabled and no database config', () => { + const nitroConfig: NitroConfig = {}; + const moduleOptions: SentryNuxtModuleOptions = { debug: false }; + + addDatabaseInstrumentation(nitroConfig, moduleOptions); + + expect(consoleLogSpy).not.toHaveBeenCalled(); + }); + + it('should not log debug message when moduleOptions is undefined', () => { + const nitroConfig: NitroConfig = {}; + + addDatabaseInstrumentation(nitroConfig, undefined); + + expect(consoleLogSpy).not.toHaveBeenCalled(); + }); + + it('should not log debug message when debug is not set in moduleOptions', () => { + const nitroConfig: NitroConfig = {}; + const moduleOptions: SentryNuxtModuleOptions = {}; + + addDatabaseInstrumentation(nitroConfig, moduleOptions); + + expect(consoleLogSpy).not.toHaveBeenCalled(); + }); + + it('should log debug message when experimental.database is explicitly false and debug is true', () => { + const nitroConfig: NitroConfig = { experimental: { database: false } }; + const moduleOptions: SentryNuxtModuleOptions = { debug: true }; + + addDatabaseInstrumentation(nitroConfig, moduleOptions); + + expect(consoleLogSpy).toHaveBeenCalledWith( + '[Sentry] [Nitro Database Plugin]: No database configuration found. Skipping database instrumentation.', + ); + }); + }); +}); From 8b2aff02685d5b0380560a035d45ea412b32238d Mon Sep 17 00:00:00 2001 From: Abdelrahman Awad Date: Thu, 29 Jan 2026 23:17:27 +0200 Subject: [PATCH 07/80] fix(core): Record client report with reason for HTTP 413 responses (#19093) Implements handling of HTTP 413 (Content Too Large) responses in the base transport according to the [updated SDK spec](https://arc.net/l/quote/pveldaha). - Detect 413 status code in transport response handling - Record client reports with `send_error` discard reason for all envelope items - Log an error message informing users that the envelope was discarded due to size limits - Skip rate limit updates for 413 responses (not a rate limit scenario) Closes #18935 --- .size-limit.js | 4 +- packages/core/src/transports/base.ts | 20 ++++- .../core/test/lib/transports/base.test.ts | 76 +++++++++++++++++++ 3 files changed, 96 insertions(+), 4 deletions(-) diff --git a/.size-limit.js b/.size-limit.js index 361e2026f2c7..761905a49ef3 100644 --- a/.size-limit.js +++ b/.size-limit.js @@ -82,7 +82,7 @@ module.exports = [ path: 'packages/browser/build/npm/esm/prod/index.js', import: createImport('init', 'browserTracingIntegration', 'replayIntegration', 'replayCanvasIntegration'), gzip: true, - limit: '85.5 KB', + limit: '85.55 KB', }, { name: '@sentry/browser (incl. Tracing, Replay, Feedback)', @@ -163,7 +163,7 @@ module.exports = [ path: 'packages/vue/build/esm/index.js', import: createImport('init', 'browserTracingIntegration'), gzip: true, - limit: '44 KB', + limit: '44.1 KB', }, // Svelte SDK (ESM) { diff --git a/packages/core/src/transports/base.ts b/packages/core/src/transports/base.ts index b0fc1abcb433..a4da7545d5c6 100644 --- a/packages/core/src/transports/base.ts +++ b/packages/core/src/transports/base.ts @@ -71,9 +71,25 @@ export function createTransport( const requestTask = (): PromiseLike => makeRequest({ body: serializeEnvelope(filteredEnvelope) }).then( response => { + // Handle 413 Content Too Large + // Loss of envelope content is expected so we record a send_error client report + // https://develop.sentry.dev/sdk/expected-features/#dealing-with-network-failures + if (response.statusCode === 413) { + DEBUG_BUILD && + debug.error( + 'Sentry responded with status code 413. Envelope was discarded due to exceeding size limits.', + ); + recordEnvelopeLoss('send_error'); + return response; + } + // We don't want to throw on NOK responses, but we want to at least log them - if (response.statusCode !== undefined && (response.statusCode < 200 || response.statusCode >= 300)) { - DEBUG_BUILD && debug.warn(`Sentry responded with status code ${response.statusCode} to sent event.`); + if ( + DEBUG_BUILD && + response.statusCode !== undefined && + (response.statusCode < 200 || response.statusCode >= 300) + ) { + debug.warn(`Sentry responded with status code ${response.statusCode} to sent event.`); } rateLimits = updateRateLimits(rateLimits, response); diff --git a/packages/core/test/lib/transports/base.test.ts b/packages/core/test/lib/transports/base.test.ts index df11d0fafc29..5908e4f1877e 100644 --- a/packages/core/test/lib/transports/base.test.ts +++ b/packages/core/test/lib/transports/base.test.ts @@ -391,5 +391,81 @@ describe('createTransport', () => { expect(mockRecordDroppedEventCallback).toHaveBeenCalledWith('network_error', 'error'); }); }); + + describe('HTTP 413 Content Too Large', () => { + it('should record send_error outcome when receiving 413 response', async () => { + const mockRecordDroppedEventCallback = vi.fn(); + + const transport = createTransport({ recordDroppedEvent: mockRecordDroppedEventCallback }, () => + resolvedSyncPromise({ statusCode: 413 }), + ); + + const result = await transport.send(ERROR_ENVELOPE); + + // Should resolve without throwing + expect(result).toEqual({ statusCode: 413 }); + // recordDroppedEvent SHOULD be called with send_error reason + expect(mockRecordDroppedEventCallback).toHaveBeenCalledWith('send_error', 'error'); + }); + + it('should record send_error for each item in envelope when receiving 413', async () => { + const mockRecordDroppedEventCallback = vi.fn(); + + const multiItemEnvelope = createEnvelope( + { event_id: 'aa3ff046696b4bc6b609ce6d28fde9e2', sent_at: '123' }, + [ + [{ type: 'event' }, { event_id: 'aa3ff046696b4bc6b609ce6d28fde9e2' }] as EventItem, + [{ type: 'transaction' }, { event_id: 'bb3ff046696b4bc6b609ce6d28fde9e2' }] as EventItem, + ], + ); + + const transport = createTransport({ recordDroppedEvent: mockRecordDroppedEventCallback }, () => + resolvedSyncPromise({ statusCode: 413 }), + ); + + await transport.send(multiItemEnvelope); + + // recordDroppedEvent SHOULD be called for each item + expect(mockRecordDroppedEventCallback).toHaveBeenCalledTimes(2); + expect(mockRecordDroppedEventCallback).toHaveBeenCalledWith('send_error', 'error'); + expect(mockRecordDroppedEventCallback).toHaveBeenCalledWith('send_error', 'transaction'); + }); + + it('should not record outcomes for client reports when receiving 413', async () => { + const mockRecordDroppedEventCallback = vi.fn(); + + const transport = createTransport({ recordDroppedEvent: mockRecordDroppedEventCallback }, () => + resolvedSyncPromise({ statusCode: 413 }), + ); + + const result = await transport.send(CLIENT_REPORT_ENVELOPE); + + // Should resolve without throwing + expect(result).toEqual({ statusCode: 413 }); + // recordDroppedEvent should NOT be called for client reports to avoid feedback loop + expect(mockRecordDroppedEventCallback).not.toHaveBeenCalled(); + }); + + it('should not apply rate limits after receiving 413', async () => { + const mockRecordDroppedEventCallback = vi.fn(); + const mockRequestExecutor = vi.fn(() => resolvedSyncPromise({ statusCode: 413 })); + + const transport = createTransport({ recordDroppedEvent: mockRecordDroppedEventCallback }, mockRequestExecutor); + + // First request gets 413 + await transport.send(ERROR_ENVELOPE); + expect(mockRequestExecutor).toHaveBeenCalledTimes(1); + expect(mockRecordDroppedEventCallback).toHaveBeenCalledWith('send_error', 'error'); + mockRequestExecutor.mockClear(); + mockRecordDroppedEventCallback.mockClear(); + + // Second request should still be sent (no rate limiting applied from 413) + mockRequestExecutor.mockImplementation(() => resolvedSyncPromise({})); + await transport.send(ERROR_ENVELOPE); + expect(mockRequestExecutor).toHaveBeenCalledTimes(1); + // No send_error recorded for successful request + expect(mockRecordDroppedEventCallback).not.toHaveBeenCalled(); + }); + }); }); }); From 83860c2cccd11c76c04ac4a5ed588b0d50cdfa6b Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Fri, 30 Jan 2026 10:53:07 +0100 Subject: [PATCH 08/80] test(e2e): Delete `create-next-app` test --- .../create-next-app/.gitignore | 41 ------- .../test-applications/create-next-app/.npmrc | 2 - .../create-next-app/globals.d.ts | 0 .../create-next-app/instrumentation.ts | 13 --- .../create-next-app/next-env.d.ts | 5 - .../create-next-app/next.config.js | 3 - .../create-next-app/package.json | 39 ------- .../create-next-app/pages/_app.tsx | 5 - .../create-next-app/pages/_document.tsx | 13 --- .../create-next-app/pages/_error.tsx | 40 ------- .../create-next-app/pages/api/error.ts | 6 -- .../create-next-app/pages/api/success.ts | 11 -- .../create-next-app/pages/index.tsx | 28 ----- .../create-next-app/playwright.config.mjs | 13 --- .../create-next-app/sentry.client.config.ts | 12 --- .../create-next-app/start-event-proxy.mjs | 6 -- .../tests/client-errors.test.ts | 30 ------ .../tests/client-transactions.test.ts | 101 ------------------ .../tests/server-errors.test.ts | 31 ------ .../tests/server-transactions.test.ts | 59 ---------- .../create-next-app/tsconfig.json | 20 ---- .../nextjs-pages-dir/pages/index.tsx | 4 + .../pages/user/[id].tsx | 2 +- .../tests/transactions.test.ts | 58 ++++++++++ 24 files changed, 63 insertions(+), 479 deletions(-) delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/.gitignore delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/.npmrc delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/globals.d.ts delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/instrumentation.ts delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/next-env.d.ts delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/next.config.js delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/package.json delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/pages/_app.tsx delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/pages/_document.tsx delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/pages/_error.tsx delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/pages/api/error.ts delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/pages/api/success.ts delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/pages/index.tsx delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/playwright.config.mjs delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/sentry.client.config.ts delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/start-event-proxy.mjs delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/tests/client-errors.test.ts delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/tests/client-transactions.test.ts delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/tests/server-errors.test.ts delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/tests/server-transactions.test.ts delete mode 100644 dev-packages/e2e-tests/test-applications/create-next-app/tsconfig.json rename dev-packages/e2e-tests/test-applications/{create-next-app => nextjs-pages-dir}/pages/user/[id].tsx (54%) diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/.gitignore b/dev-packages/e2e-tests/test-applications/create-next-app/.gitignore deleted file mode 100644 index d9f766878259..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/.gitignore +++ /dev/null @@ -1,41 +0,0 @@ -# See https://help.github.com/articles/ignoring-files/ for more about ignoring files. - -# dependencies -/node_modules -/.pnp -.pnp.js - -# testing -/coverage - -# next.js -/.next/ -/out/ - -# production -/build - -# misc -.DS_Store -*.pem - -# debug -npm-debug.log* -yarn-debug.log* -yarn-error.log* -.pnpm-debug.log* - -# local env files -.env*.local - -# vercel -.vercel - -# typescript -*.tsbuildinfo -next-env.d.ts - -!*.d.ts - -# Sentry -.sentryclirc diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/.npmrc b/dev-packages/e2e-tests/test-applications/create-next-app/.npmrc deleted file mode 100644 index 070f80f05092..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/.npmrc +++ /dev/null @@ -1,2 +0,0 @@ -@sentry:registry=http://127.0.0.1:4873 -@sentry-internal:registry=http://127.0.0.1:4873 diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/globals.d.ts b/dev-packages/e2e-tests/test-applications/create-next-app/globals.d.ts deleted file mode 100644 index e69de29bb2d1..000000000000 diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/instrumentation.ts b/dev-packages/e2e-tests/test-applications/create-next-app/instrumentation.ts deleted file mode 100644 index dd214cc7a7bc..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/instrumentation.ts +++ /dev/null @@ -1,13 +0,0 @@ -import * as Sentry from '@sentry/nextjs'; - -export function register() { - if (process.env.NEXT_RUNTIME === 'nodejs') { - Sentry.init({ - environment: 'qa', // dynamic sampling bias to keep transactions - dsn: process.env.NEXT_PUBLIC_E2E_TEST_DSN, - // Adjust this value in production, or use tracesSampler for greater control - tracesSampleRate: 1.0, - tunnel: 'http://localhost:3031', - }); - } -} diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/next-env.d.ts b/dev-packages/e2e-tests/test-applications/create-next-app/next-env.d.ts deleted file mode 100644 index 4f11a03dc6cc..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/next-env.d.ts +++ /dev/null @@ -1,5 +0,0 @@ -/// -/// - -// NOTE: This file should not be edited -// see https://nextjs.org/docs/basic-features/typescript for more information. diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/next.config.js b/dev-packages/e2e-tests/test-applications/create-next-app/next.config.js deleted file mode 100644 index 5de673a830d7..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/next.config.js +++ /dev/null @@ -1,3 +0,0 @@ -const { withSentryConfig } = require('@sentry/nextjs'); - -module.exports = withSentryConfig(); diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/package.json b/dev-packages/e2e-tests/test-applications/create-next-app/package.json deleted file mode 100644 index b484016785b9..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/package.json +++ /dev/null @@ -1,39 +0,0 @@ -{ - "name": "create-next-app", - "version": "0.1.0", - "private": true, - "scripts": { - "build": "next build", - "clean": "npx rimraf node_modules pnpm-lock.yaml .next", - "test:prod": "TEST_ENV=prod playwright test", - "test:dev": "TEST_ENV=dev playwright test", - "test:build": "pnpm install && pnpm build", - "test:build-13": "pnpm install && pnpm add next@13.5.11 && pnpm build", - "test:assert": "pnpm test:prod && pnpm test:dev" - }, - "dependencies": { - "@sentry/nextjs": "latest || *", - "@types/node": "^18.19.1", - "@types/react": "18.0.26", - "@types/react-dom": "18.0.9", - "next": "14.2.35", - "react": "18.2.0", - "react-dom": "18.2.0", - "typescript": "~5.0.0" - }, - "devDependencies": { - "@playwright/test": "~1.56.0", - "@sentry-internal/test-utils": "link:../../../test-utils" - }, - "volta": { - "extends": "../../package.json" - }, - "sentryTest": { - "variants": [ - { - "build-command": "pnpm test:build-13", - "label": "create-next-app (next@13)" - } - ] - } -} diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/pages/_app.tsx b/dev-packages/e2e-tests/test-applications/create-next-app/pages/_app.tsx deleted file mode 100644 index da826ed16c72..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/pages/_app.tsx +++ /dev/null @@ -1,5 +0,0 @@ -import type { AppProps } from 'next/app'; - -export default function App({ Component, pageProps }: AppProps) { - return ; -} diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/pages/_document.tsx b/dev-packages/e2e-tests/test-applications/create-next-app/pages/_document.tsx deleted file mode 100644 index af2f1aba391f..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/pages/_document.tsx +++ /dev/null @@ -1,13 +0,0 @@ -import { Head, Html, Main, NextScript } from 'next/document'; - -export default function Document() { - return ( - - - -
- - - - ); -} diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/pages/_error.tsx b/dev-packages/e2e-tests/test-applications/create-next-app/pages/_error.tsx deleted file mode 100644 index fb1fca2a0ad7..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/pages/_error.tsx +++ /dev/null @@ -1,40 +0,0 @@ -/** - * NOTE: This requires `@sentry/nextjs` version 7.3.0 or higher. - * - * NOTE: If using this with `next` version 12.2.0 or lower, uncomment the - * penultimate line in `CustomErrorComponent`. - * - * This page is loaded by Nextjs: - * - on the server, when data-fetching methods throw or reject - * - on the client, when `getInitialProps` throws or rejects - * - on the client, when a React lifecycle method throws or rejects, and it's - * caught by the built-in Nextjs error boundary - * - * See: - * - https://nextjs.org/docs/basic-features/data-fetching/overview - * - https://nextjs.org/docs/api-reference/data-fetching/get-initial-props - * - https://reactjs.org/docs/error-boundaries.html - */ - -import * as Sentry from '@sentry/nextjs'; -import { NextPageContext } from 'next'; -import NextErrorComponent from 'next/error'; - -const CustomErrorComponent = (props: { statusCode: any }) => { - // If you're using a Nextjs version prior to 12.2.1, uncomment this to - // compensate for https://github.com/vercel/next.js/issues/8592 - // Sentry.captureUnderscoreErrorException(props); - - return ; -}; - -CustomErrorComponent.getInitialProps = async (contextData: NextPageContext) => { - // In case this is running in a serverless function, await this in order to give Sentry - // time to send the error before the lambda exits - await Sentry.captureUnderscoreErrorException(contextData); - - // This will contain the status code of the response - return NextErrorComponent.getInitialProps(contextData); -}; - -export default CustomErrorComponent; diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/pages/api/error.ts b/dev-packages/e2e-tests/test-applications/create-next-app/pages/api/error.ts deleted file mode 100644 index 6debfd151870..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/pages/api/error.ts +++ /dev/null @@ -1,6 +0,0 @@ -// Next.js API route support: https://nextjs.org/docs/api-routes/introduction -import type { NextApiRequest, NextApiResponse } from 'next'; - -export default async function handler(req: NextApiRequest, res: NextApiResponse) { - throw new Error('I am a server error!'); -} diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/pages/api/success.ts b/dev-packages/e2e-tests/test-applications/create-next-app/pages/api/success.ts deleted file mode 100644 index d3504dc73d98..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/pages/api/success.ts +++ /dev/null @@ -1,11 +0,0 @@ -import * as Sentry from '@sentry/nextjs'; -// Next.js API route support: https://nextjs.org/docs/api-routes/introduction -import type { NextApiRequest, NextApiResponse } from 'next'; - -export default function handler(req: NextApiRequest, res: NextApiResponse) { - Sentry.startSpan({ name: 'test-span' }, () => undefined); - - Sentry.flush().then(() => { - res.status(200).json({}); - }); -} diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/pages/index.tsx b/dev-packages/e2e-tests/test-applications/create-next-app/pages/index.tsx deleted file mode 100644 index 6bb62f18deb4..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/pages/index.tsx +++ /dev/null @@ -1,28 +0,0 @@ -import Head from 'next/head'; -import Link from 'next/link'; - -export default function Home() { - return ( - <> - - Create Next App - - - - -
- { - throw new Error('I am an error!'); - }} - /> - - navigate - -
- - ); -} diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/playwright.config.mjs b/dev-packages/e2e-tests/test-applications/create-next-app/playwright.config.mjs deleted file mode 100644 index f97facbf0cc5..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/playwright.config.mjs +++ /dev/null @@ -1,13 +0,0 @@ -import { getPlaywrightConfig } from '@sentry-internal/test-utils'; - -const testEnv = process.env.TEST_ENV; - -if (!testEnv) { - throw new Error('No test env defined'); -} - -const config = getPlaywrightConfig({ - startCommand: testEnv === 'development' ? `pnpm next dev -p 3030` : `pnpm next start -p 3030`, -}); - -export default config; diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/sentry.client.config.ts b/dev-packages/e2e-tests/test-applications/create-next-app/sentry.client.config.ts deleted file mode 100644 index e24170711a83..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/sentry.client.config.ts +++ /dev/null @@ -1,12 +0,0 @@ -// This file configures the initialization of Sentry on the browser. -// The config you add here will be used whenever a page is visited. -// https://docs.sentry.io/platforms/javascript/guides/nextjs/ - -import * as Sentry from '@sentry/nextjs'; - -Sentry.init({ - environment: 'qa', // dynamic sampling bias to keep transactions - dsn: process.env.NEXT_PUBLIC_E2E_TEST_DSN, - tracesSampleRate: 1.0, - tunnel: 'http://localhost:3031', -}); diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/start-event-proxy.mjs b/dev-packages/e2e-tests/test-applications/create-next-app/start-event-proxy.mjs deleted file mode 100644 index db6c74e4afe3..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/start-event-proxy.mjs +++ /dev/null @@ -1,6 +0,0 @@ -import { startEventProxyServer } from '@sentry-internal/test-utils'; - -startEventProxyServer({ - port: 3031, - proxyServerName: 'create-next-app', -}); diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/tests/client-errors.test.ts b/dev-packages/e2e-tests/test-applications/create-next-app/tests/client-errors.test.ts deleted file mode 100644 index e0effa285b9f..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/tests/client-errors.test.ts +++ /dev/null @@ -1,30 +0,0 @@ -import { expect, test } from '@playwright/test'; -import { waitForError } from '@sentry-internal/test-utils'; - -test('Sends a client-side exception to Sentry', async ({ page }) => { - const errorEventPromise = waitForError('create-next-app', event => { - return event.exception?.values?.[0]?.value === 'I am an error!'; - }); - - await page.goto('/'); - - const exceptionButton = page.locator('id=exception-button'); - await exceptionButton.click(); - - const errorEvent = await errorEventPromise; - - expect(errorEvent.exception?.values).toHaveLength(1); - expect(errorEvent.exception?.values?.[0]?.value).toBe('I am an error!'); - - expect(errorEvent.request).toEqual({ - headers: expect.any(Object), - url: 'http://localhost:3030/', - }); - - expect(errorEvent.transaction).toEqual('/'); - - expect(errorEvent.contexts?.trace).toEqual({ - trace_id: expect.stringMatching(/[a-f0-9]{32}/), - span_id: expect.stringMatching(/[a-f0-9]{16}/), - }); -}); diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/tests/client-transactions.test.ts b/dev-packages/e2e-tests/test-applications/create-next-app/tests/client-transactions.test.ts deleted file mode 100644 index a539216efee7..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/tests/client-transactions.test.ts +++ /dev/null @@ -1,101 +0,0 @@ -import { expect, test } from '@playwright/test'; -import { waitForTransaction } from '@sentry-internal/test-utils'; - -test('Sends a pageload transaction to Sentry', async ({ page }) => { - const pageloadTransactionEventPromise = waitForTransaction('create-next-app', transactionEvent => { - return transactionEvent.contexts?.trace?.op === 'pageload' && transactionEvent.transaction === '/'; - }); - - await page.goto('/'); - - const transactionEvent = await pageloadTransactionEventPromise; - - expect(transactionEvent).toEqual( - expect.objectContaining({ - transaction: '/', - transaction_info: { source: 'route' }, - type: 'transaction', - contexts: { - react: { - version: '18.2.0', - }, - trace: { - span_id: expect.stringMatching(/[a-f0-9]{16}/), - trace_id: expect.stringMatching(/[a-f0-9]{32}/), - op: 'pageload', - origin: 'auto.pageload.nextjs.pages_router_instrumentation', - status: 'ok', - data: expect.objectContaining({ - 'sentry.idle_span_finish_reason': 'idleTimeout', - 'sentry.op': 'pageload', - 'sentry.origin': 'auto.pageload.nextjs.pages_router_instrumentation', - 'sentry.sample_rate': 1, - 'sentry.source': 'route', - }), - }, - }, - request: { - headers: { - 'User-Agent': expect.any(String), - }, - url: 'http://localhost:3030/', - }, - }), - ); -}); - -test('captures a navigation transaction to Sentry', async ({ page }) => { - const clientNavigationTxnEventPromise = waitForTransaction('create-next-app', txnEvent => { - return txnEvent?.transaction === '/user/[id]'; - }); - - await page.goto('/'); - - // navigation to page - const clickPromise = page.getByText('navigate').click(); - - const [clientTxnEvent, serverTxnEvent] = await Promise.all([clientNavigationTxnEventPromise, clickPromise]); - - expect(clientTxnEvent).toEqual( - expect.objectContaining({ - transaction: '/user/[id]', - transaction_info: { source: 'route' }, - type: 'transaction', - contexts: { - react: { - version: '18.2.0', - }, - trace: { - span_id: expect.stringMatching(/[a-f0-9]{16}/), - trace_id: expect.stringMatching(/[a-f0-9]{32}/), - op: 'navigation', - origin: 'auto.navigation.nextjs.pages_router_instrumentation', - status: 'ok', - data: expect.objectContaining({ - 'sentry.idle_span_finish_reason': 'idleTimeout', - 'sentry.op': 'navigation', - 'sentry.origin': 'auto.navigation.nextjs.pages_router_instrumentation', - 'sentry.sample_rate': 1, - 'sentry.source': 'route', - }), - links: [ - { - attributes: { - 'sentry.link.type': 'previous_trace', - }, - sampled: true, - span_id: expect.stringMatching(/[a-f0-9]{16}/), - trace_id: expect.stringMatching(/[a-f0-9]{32}/), - }, - ], - }, - }, - request: { - headers: { - 'User-Agent': expect.any(String), - }, - url: 'http://localhost:3030/user/5', - }, - }), - ); -}); diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/tests/server-errors.test.ts b/dev-packages/e2e-tests/test-applications/create-next-app/tests/server-errors.test.ts deleted file mode 100644 index 08a47ace671f..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/tests/server-errors.test.ts +++ /dev/null @@ -1,31 +0,0 @@ -import { expect, test } from '@playwright/test'; -import { waitForError } from '@sentry-internal/test-utils'; - -test('Sends a server-side exception to Sentry', async ({ baseURL }) => { - const errorEventPromise = waitForError('create-next-app', event => { - return event.exception?.values?.[0]?.value === 'I am a server error!'; - }); - - const response = await fetch(`${baseURL}/api/error`); - - expect(response.status).toBe(500); - - const errorEvent = await errorEventPromise; - - expect(errorEvent.exception?.values).toHaveLength(1); - expect(errorEvent.exception?.values?.[0]?.value).toBe('I am a server error!'); - - expect(errorEvent.request).toEqual({ - headers: expect.any(Object), - cookies: {}, - method: 'GET', - url: expect.stringContaining('/api/error'), - }); - - expect(errorEvent.transaction).toEqual('GET /api/error'); - - expect(errorEvent.contexts?.trace).toEqual({ - trace_id: expect.stringMatching(/[a-f0-9]{32}/), - span_id: expect.stringMatching(/[a-f0-9]{16}/), - }); -}); diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/tests/server-transactions.test.ts b/dev-packages/e2e-tests/test-applications/create-next-app/tests/server-transactions.test.ts deleted file mode 100644 index 731d1820ee61..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/tests/server-transactions.test.ts +++ /dev/null @@ -1,59 +0,0 @@ -import { expect, test } from '@playwright/test'; -import { waitForTransaction } from '@sentry-internal/test-utils'; - -test('Sends server-side transactions to Sentry', async ({ baseURL }) => { - const transactionEventPromise = waitForTransaction('create-next-app', transactionEvent => { - return ( - transactionEvent.contexts?.trace?.op === 'http.server' && transactionEvent.transaction === 'GET /api/success' - ); - }); - - await fetch(`${baseURL}/api/success`); - - const transactionEvent = await transactionEventPromise; - - expect(transactionEvent).toEqual( - expect.objectContaining({ - transaction: 'GET /api/success', - transaction_info: { source: 'route' }, - type: 'transaction', - contexts: expect.objectContaining({ - trace: { - span_id: expect.stringMatching(/[a-f0-9]{16}/), - trace_id: expect.stringMatching(/[a-f0-9]{32}/), - op: 'http.server', - origin: 'auto.http.nextjs', - data: expect.objectContaining({ - 'http.response.status_code': 200, - 'sentry.op': 'http.server', - 'sentry.origin': 'auto.http.nextjs', - 'sentry.sample_rate': 1, - 'sentry.source': 'route', - }), - status: 'ok', - }, - }), - spans: [ - { - data: { - 'sentry.origin': 'manual', - }, - description: 'test-span', - origin: 'manual', - parent_span_id: transactionEvent.contexts?.trace?.span_id, - span_id: expect.stringMatching(/[a-f0-9]{16}/), - start_timestamp: expect.any(Number), - status: 'ok', - timestamp: expect.any(Number), - trace_id: transactionEvent.contexts?.trace?.trace_id, - }, - ], - request: { - headers: expect.any(Object), - method: 'GET', - cookies: {}, - url: expect.stringContaining('/api/success'), - }, - }), - ); -}); diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/tsconfig.json b/dev-packages/e2e-tests/test-applications/create-next-app/tsconfig.json deleted file mode 100644 index 73c09112c46a..000000000000 --- a/dev-packages/e2e-tests/test-applications/create-next-app/tsconfig.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "compilerOptions": { - "target": "es2018", - "lib": ["dom", "dom.iterable", "esnext"], - "allowJs": true, - "skipLibCheck": true, - "strict": true, - "forceConsistentCasingInFileNames": true, - "noEmit": true, - "esModuleInterop": true, - "module": "esnext", - "moduleResolution": "node", - "resolveJsonModule": true, - "isolatedModules": true, - "jsx": "preserve", - "incremental": true - }, - "include": ["next-env.d.ts", "**/*.ts", "**/*.tsx", "next.config.js"], - "exclude": ["node_modules"] -} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-pages-dir/pages/index.tsx b/dev-packages/e2e-tests/test-applications/nextjs-pages-dir/pages/index.tsx index 109542e2fba5..9dd0cc0aaa96 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-pages-dir/pages/index.tsx +++ b/dev-packages/e2e-tests/test-applications/nextjs-pages-dir/pages/index.tsx @@ -1,3 +1,4 @@ +import Link from 'next/link'; import { ClientErrorDebugTools } from '../components/client-error-debug-tools'; export default function Page() { @@ -5,6 +6,9 @@ export default function Page() {

Page (/)

+ + navigate +
); } diff --git a/dev-packages/e2e-tests/test-applications/create-next-app/pages/user/[id].tsx b/dev-packages/e2e-tests/test-applications/nextjs-pages-dir/pages/user/[id].tsx similarity index 54% rename from dev-packages/e2e-tests/test-applications/create-next-app/pages/user/[id].tsx rename to dev-packages/e2e-tests/test-applications/nextjs-pages-dir/pages/user/[id].tsx index 08f65a85273d..7c7aff559fd1 100644 --- a/dev-packages/e2e-tests/test-applications/create-next-app/pages/user/[id].tsx +++ b/dev-packages/e2e-tests/test-applications/nextjs-pages-dir/pages/user/[id].tsx @@ -1,5 +1,5 @@ const User = () => { - return

I am a blank page :)

; + return

I am a user page

; }; export default User; diff --git a/dev-packages/e2e-tests/test-applications/nextjs-pages-dir/tests/transactions.test.ts b/dev-packages/e2e-tests/test-applications/nextjs-pages-dir/tests/transactions.test.ts index 5b648065e45a..9d9dd6e90168 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-pages-dir/tests/transactions.test.ts +++ b/dev-packages/e2e-tests/test-applications/nextjs-pages-dir/tests/transactions.test.ts @@ -50,3 +50,61 @@ test('Sends a pageload transaction', async ({ page }) => { }), ); }); + +test('Sends a navigation transaction', async ({ page }) => { + // Skip in dev mode - flaky due to slow compilation affecting transaction timing + test.skip(isDevMode, 'Skipped in dev mode due to flakiness from slow compilation'); + + await page.goto('/'); + + const clientNavigationTxnEventPromise = waitForTransaction('nextjs-pages-dir', txnEvent => { + return txnEvent?.contexts?.trace?.op === 'navigation' && txnEvent?.transaction === '/user/[id]'; + }); + + await page.getByText('navigate').click(); + + const clientTxnEvent = await clientNavigationTxnEventPromise; + + expect(clientTxnEvent).toEqual( + expect.objectContaining({ + transaction: '/user/[id]', + transaction_info: { source: 'route' }, + type: 'transaction', + contexts: { + react: { + version: expect.any(String), + }, + trace: { + span_id: expect.stringMatching(/[a-f0-9]{16}/), + trace_id: expect.stringMatching(/[a-f0-9]{32}/), + op: 'navigation', + origin: 'auto.navigation.nextjs.pages_router_instrumentation', + status: 'ok', + data: expect.objectContaining({ + 'sentry.idle_span_finish_reason': 'idleTimeout', + 'sentry.op': 'navigation', + 'sentry.origin': 'auto.navigation.nextjs.pages_router_instrumentation', + 'sentry.sample_rate': 1, + 'sentry.source': 'route', + }), + links: [ + { + attributes: { + 'sentry.link.type': 'previous_trace', + }, + sampled: true, + span_id: expect.stringMatching(/[a-f0-9]{16}/), + trace_id: expect.stringMatching(/[a-f0-9]{32}/), + }, + ], + }, + }, + request: { + headers: { + 'User-Agent': expect.any(String), + }, + url: 'http://localhost:3030/user/5', + }, + }), + ); +}); From 91737fd357a44330e0803e51162b85f5bc1ad120 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Jan 2026 10:56:47 +0100 Subject: [PATCH 09/80] feat(deps): bump hono from 4.11.1 to 4.11.7 (#19068) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [hono](https://github.com/honojs/hono) from 4.11.1 to 4.11.7.
Release notes

Sourced from hono's releases.

v4.11.7

Security Release

This release includes security fixes for multiple vulnerabilities in Hono and related middleware. We recommend upgrading if you are using any of the affected components.

Components

IP Restriction Middleware

Fixed an IPv4 address validation bypass that could allow IP-based access control to be bypassed under certain configurations.

Cache Middleware

Fixed an issue where responses marked with Cache-Control: private or no-store could be cached, potentially leading to information disclosure on some runtimes.

Serve Static Middleware (Cloudflare Workers adapter)

Fixed an issue that could allow unintended access to internal asset keys when serving static files with user-controlled paths.

hono/jsx ErrorBoundary

Fixed a reflected Cross-Site Scripting (XSS) issue in the ErrorBoundary component that could occur when untrusted strings were rendered without proper escaping.

Recommendation

Users are encouraged to upgrade to this release, especially if they:

  • Use IP Restriction Middleware
  • Use Cache Middleware on Deno, Bun, or Node.js
  • Use Serve Static Middleware with user-controlled paths on Cloudflare Workers
  • Render untrusted data inside ErrorBoundary components

Security Advisories & CVEs

... (truncated)

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=hono&package-manager=npm_and_yarn&previous-version=4.11.1&new-version=4.11.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/getsentry/sentry-javascript/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- dev-packages/cloudflare-integration-tests/package.json | 2 +- dev-packages/node-integration-tests/package.json | 2 +- yarn.lock | 9 +++++---- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/dev-packages/cloudflare-integration-tests/package.json b/dev-packages/cloudflare-integration-tests/package.json index b6365823b8a5..fbeaa52b65d4 100644 --- a/dev-packages/cloudflare-integration-tests/package.json +++ b/dev-packages/cloudflare-integration-tests/package.json @@ -15,7 +15,7 @@ "dependencies": { "@langchain/langgraph": "^1.0.1", "@sentry/cloudflare": "10.38.0", - "hono": "^4.0.0" + "hono": "^4.11.7" }, "devDependencies": { "@cloudflare/workers-types": "^4.20250922.0", diff --git a/dev-packages/node-integration-tests/package.json b/dev-packages/node-integration-tests/package.json index da5a7c7895e8..357cd34c0772 100644 --- a/dev-packages/node-integration-tests/package.json +++ b/dev-packages/node-integration-tests/package.json @@ -55,7 +55,7 @@ "express": "^4.21.1", "generic-pool": "^3.9.0", "graphql": "^16.3.0", - "hono": "^4.9.8", + "hono": "^4.11.7", "http-terminator": "^3.2.0", "ioredis": "^5.4.1", "kafkajs": "2.2.4", diff --git a/yarn.lock b/yarn.lock index a4bbb153d7be..53acb327da12 100644 --- a/yarn.lock +++ b/yarn.lock @@ -18854,10 +18854,10 @@ homedir-polyfill@^1.0.1: dependencies: parse-passwd "^1.0.0" -hono@^4.0.0, hono@^4.9.8: - version "4.11.1" - resolved "https://registry.yarnpkg.com/hono/-/hono-4.11.1.tgz#cb1b0c045fc74a96c693927234c95a45fb46ab0b" - integrity sha512-KsFcH0xxHes0J4zaQgWbYwmz3UPOOskdqZmItstUG93+Wk1ePBLkLGwbP9zlmh1BFUiL8Qp+Xfu9P7feJWpGNg== +hono@^4.11.7: + version "4.11.7" + resolved "https://registry.yarnpkg.com/hono/-/hono-4.11.7.tgz#f5b8d0b0b503ef0d913a246012dda52ea23dbe53" + integrity sha512-l7qMiNee7t82bH3SeyUCt9UF15EVmaBvsppY2zQtrbIhl/yzBTny+YUxsVjSjQ6gaqaeVtZmGocom8TzBlA4Yw== hookable@^5.5.3: version "5.5.3" @@ -29076,6 +29076,7 @@ stylus@0.59.0, stylus@^0.59.0: sucrase@^3.27.0, sucrase@^3.35.0, sucrase@getsentry/sucrase#es2020-polyfills: version "3.36.0" + uid fd682f6129e507c00bb4e6319cc5d6b767e36061 resolved "https://codeload.github.com/getsentry/sucrase/tar.gz/fd682f6129e507c00bb4e6319cc5d6b767e36061" dependencies: "@jridgewell/gen-mapping" "^0.3.2" From 8a1287488b3d6de3452fb8fe877a989a3181297a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Jan 2026 10:58:39 +0100 Subject: [PATCH 10/80] chore(deps-dev): bump yaml from 2.2.2 to 2.8.2 (#19087) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [yaml](https://github.com/eemeli/yaml) from 2.2.2 to 2.8.2.
Release notes

Sourced from yaml's releases.

v2.8.2

  • Serialize -0 as -0 (#638)
  • Do not double newlines for empty map values (#642)

v2.8.1

  • Preserve empty block literals (#634)

v2.8.0

  • Add node cache for faster alias resolution (#612)
  • Re-introduce compatibility with Node.js 14.6 (#614)
  • Add --merge option to CLI tool (#611)
  • Improve error for tag resolution error on null value (#616)
  • Allow empty string as plain scalar representation, for failsafe schema (#616)
  • docs: include cli example (#617)

v2.7.1

  • Do not allow seq with single-line collection value on same line with map key (#603)
  • Improve warning & avoid TypeError on bad YAML 1.1 nodes (#610)

v2.7.0

The library is now available on JSR as @​eemeli/yaml and on deno.land/x as yaml. In addition to Node.js and browsers, it should work in Deno, Bun, and Cloudflare Workers.

  • Use .ts extension in all relative imports (#591)
  • Ignore newline after block seq indicator as space before value (#590)
  • Require Node.js 14.18 or later (was 14.6) (#598)

v2.6.1

  • Do not strip :00 seconds from !!timestamp values (#578, with thanks to @​qraynaud)
  • Tighten regexp for JSON !!bool (#587, with thanks to @​vra5107)
  • Default to literal block scalar if folded would overflow (#585)

v2.6.0

  • Use a proper tag for !!merge << keys (#580)
  • Add stringKeys parse option (#581)
  • Stringify a Document as a Document (#576)
  • Add sponsorship by Manifest

v2.5.1

  • Include range in flow sequence pair maps (#573)

v2.5.0

  • Add --indent option to CLI tool (#559, with thanks to @​danielbayley)
  • Require newline in all cases for props on block sequence (#557)
  • Always reset indentation in lexer on ... (#558)
  • Ignore minContentWidth if greater than lineWidth (#562)
  • Drop unused Collection.maxFlowStringSingleLineLength (#522, #421)

v2.4.5

  • Improve tab handling (#553, yaml-test-suite tests DK95 & Y79Y)

... (truncated)

Commits
  • 086fa6b 2.8.2
  • 95f01e9 chore: Add funding to package.json
  • 152e204 style: Apply updated Prettier rules & satisfy updated ESLint
  • 3f3378c chore: Drop unused dependency cross-env
  • f0b9af7 chore: Update to @​rollup/plugin-replace v6
  • e3cafc7 chore: Update to eslint-config-prettier v10
  • 553c1b5 chore: Refresh lockfile
  • 70a8db3 fix: Do not double newlines for empty map values (#642)
  • 92821f2 ci: Limit action permissions to minimum required
  • 95285f8 fix: Serialize -0 as -0 (fixes #638)
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=yaml&package-manager=npm_and_yarn&previous-version=2.2.2&new-version=2.8.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- dev-packages/e2e-tests/package.json | 2 +- yarn.lock | 13 ++++--------- 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/dev-packages/e2e-tests/package.json b/dev-packages/e2e-tests/package.json index 3bb4563cbc50..cec25ead945f 100644 --- a/dev-packages/e2e-tests/package.json +++ b/dev-packages/e2e-tests/package.json @@ -29,7 +29,7 @@ "glob": "8.0.3", "rimraf": "^5.0.10", "ts-node": "10.9.1", - "yaml": "2.2.2" + "yaml": "2.8.2" }, "volta": { "extends": "../../package.json" diff --git a/yarn.lock b/yarn.lock index 53acb327da12..5bb06580b99a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -32021,21 +32021,16 @@ yam@^1.0.0: fs-extra "^4.0.2" lodash.merge "^4.6.0" -yaml@2.2.2: - version "2.2.2" - resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.2.2.tgz#ec551ef37326e6d42872dad1970300f8eb83a073" - integrity sha512-CBKFWExMn46Foo4cldiChEzn7S7SRV+wqiluAb6xmueD/fGyRHIhX8m14vVGgeFWjN540nKCNVj6P21eQjgTuA== +yaml@2.8.2, yaml@^2.5.0, yaml@^2.6.0: + version "2.8.2" + resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.8.2.tgz#5694f25eca0ce9c3e7a9d9e00ce0ddabbd9e35c5" + integrity sha512-mplynKqc1C2hTVYxd0PU2xQAc22TI1vShAYGksCCfxbn/dFwnHTNi1bvYsBTkhdUNtGIf5xNOg938rrSSYvS9A== yaml@^1.10.0: version "1.10.2" resolved "https://registry.yarnpkg.com/yaml/-/yaml-1.10.2.tgz#2301c5ffbf12b467de8da2333a459e29e7920e4b" integrity sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg== -yaml@^2.5.0, yaml@^2.6.0: - version "2.8.2" - resolved "https://registry.yarnpkg.com/yaml/-/yaml-2.8.2.tgz#5694f25eca0ce9c3e7a9d9e00ce0ddabbd9e35c5" - integrity sha512-mplynKqc1C2hTVYxd0PU2xQAc22TI1vShAYGksCCfxbn/dFwnHTNi1bvYsBTkhdUNtGIf5xNOg938rrSSYvS9A== - yargs-parser@21.1.1, yargs-parser@^21.0.0, yargs-parser@^21.1.1: version "21.1.1" resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-21.1.1.tgz#9096bceebf990d21bb31fa9516e0ede294a77d35" From 5dfc086ab361ca4a978d3a75e04f33a17023219e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Jan 2026 10:59:20 +0100 Subject: [PATCH 11/80] chore(deps-dev): bump @sveltejs/kit from 2.49.5 to 2.50.1 (#19089) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit) from 2.49.5 to 2.50.1.
Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.50.1

Patch Changes

  • fix: include hooks.server and hooks.universal as explicit Vite build inputs to ensure assets imported by hooks files are correctly discovered (#15178)

  • fix: improves fields type for generic components (#14974)

  • fix: preload links if href changes (#15191)

@​sveltejs/kit@​2.50.0

Minor Changes

  • breaking: remove buttonProps from experimental remote form functions; use e.g. <button {...myForm.fields.action.as('submit', 'register')}>Register</button> button instead (#15144)
Changelog

Sourced from @​sveltejs/kit's changelog.

2.50.1

Patch Changes

  • fix: include hooks.server and hooks.universal as explicit Vite build inputs to ensure assets imported by hooks files are correctly discovered (#15178)

  • fix: improves fields type for generic components (#14974)

  • fix: preload links if href changes (#15191)

2.50.0

Minor Changes

  • breaking: remove buttonProps from experimental remote form functions; use e.g. <button {...myForm.fields.action.as('submit', 'register')}>Register</button> button instead (#15144)
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@sveltejs/kit&package-manager=npm_and_yarn&previous-version=2.49.5&new-version=2.50.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- packages/sveltekit/package.json | 2 +- yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/sveltekit/package.json b/packages/sveltekit/package.json index c8d8aec1d407..45dbceaa642f 100644 --- a/packages/sveltekit/package.json +++ b/packages/sveltekit/package.json @@ -59,7 +59,7 @@ }, "devDependencies": { "@babel/types": "^7.26.3", - "@sveltejs/kit": "^2.49.5", + "@sveltejs/kit": "^2.50.1", "@sveltejs/vite-plugin-svelte": "^3.0.0", "svelte": "^4.2.8", "vite": "^5.4.11" diff --git a/yarn.lock b/yarn.lock index 5bb06580b99a..f03469ec13ce 100644 --- a/yarn.lock +++ b/yarn.lock @@ -8158,10 +8158,10 @@ resolved "https://registry.yarnpkg.com/@sveltejs/acorn-typescript/-/acorn-typescript-1.0.8.tgz#69c746a7c232094c117c50dedbd1279fc64887b7" integrity sha512-esgN+54+q0NjB0Y/4BomT9samII7jGwNy/2a3wNZbT2A2RpmXsXwUt24LvLhx6jUq2gVk4cWEvcRO6MFQbOfNA== -"@sveltejs/kit@^2.49.5": - version "2.49.5" - resolved "https://registry.yarnpkg.com/@sveltejs/kit/-/kit-2.49.5.tgz#da173805592e3ebd483bb77d45ef424078f0aaff" - integrity sha512-dCYqelr2RVnWUuxc+Dk/dB/SjV/8JBndp1UovCyCZdIQezd8TRwFLNZctYkzgHxRJtaNvseCSRsuuHPeUgIN/A== +"@sveltejs/kit@^2.50.1": + version "2.50.1" + resolved "https://registry.yarnpkg.com/@sveltejs/kit/-/kit-2.50.1.tgz#22dd5cb7e3013560289b30c7876bd90bad2b1836" + integrity sha512-XRHD2i3zC4ukhz2iCQzO4mbsts081PAZnnMAQ7LNpWeYgeBmwMsalf0FGSwhFXBbtr2XViPKnFJBDCckWqrsLw== dependencies: "@standard-schema/spec" "^1.0.0" "@sveltejs/acorn-typescript" "^1.0.5" From 33518aff163f2132339a8eebf833d101f8ed83b7 Mon Sep 17 00:00:00 2001 From: Nicolas Hrubec Date: Fri, 30 Jan 2026 13:17:28 +0100 Subject: [PATCH 12/80] feat(tanstackstart-react): Auto-instrument server function middleware (#19001) Extending auto-instrumentation to non-global server function middleware. [TSS function middleware docs](https://tanstack.com/start/latest/docs/framework/react/guide/middleware#using-server-function-middleware) Closes https://github.com/getsentry/sentry-javascript/issues/18847 --- CHANGELOG.md | 6 +- .../tanstackstart-react/src/middleware.ts | 19 ++--- .../src/routes/test-middleware.tsx | 8 +- .../src/vite/autoInstrumentMiddleware.ts | 85 ++++++++++++------- .../vite/autoInstrumentMiddleware.test.ts | 81 ++++++++++++++++++ 5 files changed, 151 insertions(+), 48 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 069812f2dec0..12ab13cf82b0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,13 +4,17 @@ - "You miss 100 percent of the chances you don't take. — Wayne Gretzky" — Michael Scott +- **feat(tanstackstart-react): Auto-instrument server function middleware ([#19001](https://github.com/getsentry/sentry-javascript/pull/19001))** + + The `sentryTanstackStart` Vite plugin now automatically instruments middleware in `createServerFn().middleware([...])` calls. This captures performance data without requiring manual wrapping with `wrapMiddlewaresWithSentry()`. + ## 10.38.0 ### Important Changes - **feat(tanstackstart-react): Auto-instrument request middleware ([#18989](https://github.com/getsentry/sentry-javascript/pull/18989))** -The `sentryTanstackStart` Vite plugin now automatically instruments `middleware` arrays in `createFileRoute()`. This captures performance data without requiring manual wrapping with `wrapMiddlewaresWithSentry()`. + The `sentryTanstackStart` Vite plugin now automatically instruments `middleware` arrays in `createFileRoute()`. This captures performance data without requiring manual wrapping with `wrapMiddlewaresWithSentry()`. ### Other Changes diff --git a/dev-packages/e2e-tests/test-applications/tanstackstart-react/src/middleware.ts b/dev-packages/e2e-tests/test-applications/tanstackstart-react/src/middleware.ts index 60374f8fda60..a15bd3744910 100644 --- a/dev-packages/e2e-tests/test-applications/tanstackstart-react/src/middleware.ts +++ b/dev-packages/e2e-tests/test-applications/tanstackstart-react/src/middleware.ts @@ -1,5 +1,4 @@ import { createMiddleware } from '@tanstack/react-start'; -import { wrapMiddlewaresWithSentry } from '@sentry/tanstackstart-react'; // Global request middleware - runs on every request // NOTE: This is exported unwrapped to test auto-instrumentation via the Vite plugin @@ -15,8 +14,8 @@ export const globalFunctionMiddleware = createMiddleware({ type: 'function' }).s return next(); }); -// Server function middleware -const serverFnMiddleware = createMiddleware({ type: 'function' }).server(async ({ next }) => { +// Server function middleware - exported unwrapped for auto-instrumentation via Vite plugin +export const serverFnMiddleware = createMiddleware({ type: 'function' }).server(async ({ next }) => { console.log('Server function middleware executed'); return next(); }); @@ -28,21 +27,15 @@ export const serverRouteRequestMiddleware = createMiddleware().server(async ({ n }); // Early return middleware - returns without calling next() -const earlyReturnMiddleware = createMiddleware({ type: 'function' }).server(async () => { +// Exported unwrapped for auto-instrumentation via Vite plugin +export const earlyReturnMiddleware = createMiddleware({ type: 'function' }).server(async () => { console.log('Early return middleware executed - not calling next()'); return { earlyReturn: true, message: 'Middleware returned early without calling next()' }; }); // Error middleware - throws an exception -const errorMiddleware = createMiddleware({ type: 'function' }).server(async () => { +// Exported unwrapped for auto-instrumentation via Vite plugin +export const errorMiddleware = createMiddleware({ type: 'function' }).server(async () => { console.log('Error middleware executed - throwing error'); throw new Error('Middleware Error Test'); }); - -// Manually wrap middlewares with Sentry (for middlewares that won't be auto-instrumented) -export const [wrappedServerFnMiddleware, wrappedEarlyReturnMiddleware, wrappedErrorMiddleware] = - wrapMiddlewaresWithSentry({ - serverFnMiddleware, - earlyReturnMiddleware, - errorMiddleware, - }); diff --git a/dev-packages/e2e-tests/test-applications/tanstackstart-react/src/routes/test-middleware.tsx b/dev-packages/e2e-tests/test-applications/tanstackstart-react/src/routes/test-middleware.tsx index 83ac81c75a62..81d621b92a46 100644 --- a/dev-packages/e2e-tests/test-applications/tanstackstart-react/src/routes/test-middleware.tsx +++ b/dev-packages/e2e-tests/test-applications/tanstackstart-react/src/routes/test-middleware.tsx @@ -1,10 +1,10 @@ import { createFileRoute } from '@tanstack/react-router'; import { createServerFn } from '@tanstack/react-start'; -import { wrappedServerFnMiddleware, wrappedEarlyReturnMiddleware, wrappedErrorMiddleware } from '../middleware'; +import { serverFnMiddleware, earlyReturnMiddleware, errorMiddleware } from '../middleware'; // Server function with specific middleware (also gets global function middleware) const serverFnWithMiddleware = createServerFn() - .middleware([wrappedServerFnMiddleware]) + .middleware([serverFnMiddleware]) .handler(async () => { console.log('Server function with specific middleware executed'); return { message: 'Server function middleware test' }; @@ -18,7 +18,7 @@ const serverFnWithoutMiddleware = createServerFn().handler(async () => { // Server function with early return middleware (middleware returns without calling next) const serverFnWithEarlyReturnMiddleware = createServerFn() - .middleware([wrappedEarlyReturnMiddleware]) + .middleware([earlyReturnMiddleware]) .handler(async () => { console.log('This should not be executed - middleware returned early'); return { message: 'This should not be returned' }; @@ -26,7 +26,7 @@ const serverFnWithEarlyReturnMiddleware = createServerFn() // Server function with error middleware (middleware throws an error) const serverFnWithErrorMiddleware = createServerFn() - .middleware([wrappedErrorMiddleware]) + .middleware([errorMiddleware]) .handler(async () => { console.log('This should not be executed - middleware threw error'); return { message: 'This should not be returned' }; diff --git a/packages/tanstackstart-react/src/vite/autoInstrumentMiddleware.ts b/packages/tanstackstart-react/src/vite/autoInstrumentMiddleware.ts index a39d1384e038..07cf2a29e832 100644 --- a/packages/tanstackstart-react/src/vite/autoInstrumentMiddleware.ts +++ b/packages/tanstackstart-react/src/vite/autoInstrumentMiddleware.ts @@ -11,6 +11,12 @@ type WrapResult = { skipped: string[]; }; +type FileTransformState = { + code: string; + needsImport: boolean; + skippedMiddlewares: string[]; +}; + /** * Core function that wraps middleware arrays matching the given regex. */ @@ -26,6 +32,10 @@ function wrapMiddlewareArrays(code: string, id: string, debug: boolean, regex: R // eslint-disable-next-line no-console console.log(`[Sentry] Auto-wrapping ${key} in ${id}`); } + // Handle method call syntax like `.middleware([...])` vs object property syntax like `middleware: [...]` + if (key.endsWith('(')) { + return `${key}wrapMiddlewaresWithSentry(${objContents}))`; + } return `${key}: wrapMiddlewaresWithSentry(${objContents})`; } // Track middlewares that couldn't be auto-wrapped @@ -53,6 +63,30 @@ export function wrapRouteMiddleware(code: string, id: string, debug: boolean): W return wrapMiddlewareArrays(code, id, debug, /(middleware)\s*:\s*\[([^\]]*)\]/g); } +/** + * Wraps middleware arrays in createServerFn().middleware([...]) calls. + */ +export function wrapServerFnMiddleware(code: string, id: string, debug: boolean): WrapResult { + return wrapMiddlewareArrays(code, id, debug, /(\.middleware\s*\()\s*\[([^\]]*)\]\s*\)/g); +} + +/** + * Applies a wrap function to the current state and returns the updated state. + */ +function applyWrap( + state: FileTransformState, + wrapFn: (code: string, id: string, debug: boolean) => WrapResult, + id: string, + debug: boolean, +): FileTransformState { + const result = wrapFn(state.code, id, debug); + return { + code: result.code, + needsImport: state.needsImport || result.didWrap, + skippedMiddlewares: [...state.skippedMiddlewares, ...result.skipped], + }; +} + /** * A Vite plugin that automatically instruments TanStack Start middlewares: * - `requestMiddleware` and `functionMiddleware` arrays in `createStart()` @@ -78,8 +112,9 @@ export function makeAutoInstrumentMiddlewarePlugin(options: AutoInstrumentMiddle // Detect file types that should be instrumented const isStartFile = id.includes('start') && code.includes('createStart('); const isRouteFile = code.includes('createFileRoute(') && /middleware\s*:\s*\[/.test(code); + const isServerFnFile = code.includes('createServerFn') && /\.middleware\s*\(\s*\[/.test(code); - if (!isStartFile && !isRouteFile) { + if (!isStartFile && !isRouteFile && !isServerFnFile) { return null; } @@ -88,48 +123,38 @@ export function makeAutoInstrumentMiddlewarePlugin(options: AutoInstrumentMiddle return null; } - let transformed = code; - let needsImport = false; - const skippedMiddlewares: string[] = []; - - switch (true) { - // global middleware - case isStartFile: { - const result = wrapGlobalMiddleware(transformed, id, debug); - transformed = result.code; - needsImport = needsImport || result.didWrap; - skippedMiddlewares.push(...result.skipped); - break; - } - // route middleware - case isRouteFile: { - const result = wrapRouteMiddleware(transformed, id, debug); - transformed = result.code; - needsImport = needsImport || result.didWrap; - skippedMiddlewares.push(...result.skipped); - break; - } - default: - break; + let fileTransformState: FileTransformState = { + code, + needsImport: false, + skippedMiddlewares: [], + }; + + // Wrap middlewares + if (isStartFile) { + fileTransformState = applyWrap(fileTransformState, wrapGlobalMiddleware, id, debug); + } + if (isRouteFile) { + fileTransformState = applyWrap(fileTransformState, wrapRouteMiddleware, id, debug); + } + if (isServerFnFile) { + fileTransformState = applyWrap(fileTransformState, wrapServerFnMiddleware, id, debug); } // Warn about middlewares that couldn't be auto-wrapped - if (skippedMiddlewares.length > 0) { + if (fileTransformState.skippedMiddlewares.length > 0) { // eslint-disable-next-line no-console console.warn( - `[Sentry] Could not auto-instrument ${skippedMiddlewares.join(' and ')} in ${id}. ` + + `[Sentry] Could not auto-instrument ${fileTransformState.skippedMiddlewares.join(' and ')} in ${id}. ` + 'To instrument these middlewares, use wrapMiddlewaresWithSentry() manually. ', ); } // We didn't wrap any middlewares, so we don't need to import the wrapMiddlewaresWithSentry function - if (!needsImport) { + if (!fileTransformState.needsImport) { return null; } - transformed = addSentryImport(transformed); - - return { code: transformed, map: null }; + return { code: addSentryImport(fileTransformState.code), map: null }; }, }; } diff --git a/packages/tanstackstart-react/test/vite/autoInstrumentMiddleware.test.ts b/packages/tanstackstart-react/test/vite/autoInstrumentMiddleware.test.ts index 4a4bfdf4fd29..7a58fa3237e4 100644 --- a/packages/tanstackstart-react/test/vite/autoInstrumentMiddleware.test.ts +++ b/packages/tanstackstart-react/test/vite/autoInstrumentMiddleware.test.ts @@ -6,6 +6,7 @@ import { makeAutoInstrumentMiddlewarePlugin, wrapGlobalMiddleware, wrapRouteMiddleware, + wrapServerFnMiddleware, } from '../../src/vite/autoInstrumentMiddleware'; type PluginWithTransform = Plugin & { @@ -329,6 +330,86 @@ export const Route = createFileRoute('/foo')({ }); }); +describe('wrapServerFnMiddleware', () => { + it('wraps single middleware in createServerFn().middleware()', () => { + const code = ` +const serverFn = createServerFn() + .middleware([authMiddleware]) + .handler(async () => ({})); +`; + const result = wrapServerFnMiddleware(code, '/app/routes/foo.ts', false); + + expect(result.didWrap).toBe(true); + expect(result.code).toContain('.middleware(wrapMiddlewaresWithSentry({ authMiddleware }))'); + expect(result.skipped).toHaveLength(0); + }); + + it('wraps multiple middlewares in createServerFn().middleware()', () => { + const code = ` +const serverFn = createServerFn() + .middleware([authMiddleware, loggingMiddleware]) + .handler(async () => ({})); +`; + const result = wrapServerFnMiddleware(code, '/app/routes/foo.ts', false); + + expect(result.didWrap).toBe(true); + expect(result.code).toContain('.middleware(wrapMiddlewaresWithSentry({ authMiddleware, loggingMiddleware }))'); + }); + + it('does not wrap empty middleware arrays', () => { + const code = ` +const serverFn = createServerFn() + .middleware([]) + .handler(async () => ({})); +`; + const result = wrapServerFnMiddleware(code, '/app/routes/foo.ts', false); + + expect(result.didWrap).toBe(false); + expect(result.skipped).toHaveLength(0); + }); + + it('does not wrap middleware containing function calls', () => { + const code = ` +const serverFn = createServerFn() + .middleware([createMiddleware()]) + .handler(async () => ({})); +`; + const result = wrapServerFnMiddleware(code, '/app/routes/foo.ts', false); + + expect(result.didWrap).toBe(false); + expect(result.skipped).toContain('.middleware('); + }); + + it('handles multiple server functions in same file', () => { + const code = ` +const serverFn1 = createServerFn() + .middleware([authMiddleware]) + .handler(async () => ({})); + +const serverFn2 = createServerFn() + .middleware([loggingMiddleware]) + .handler(async () => ({})); +`; + const result = wrapServerFnMiddleware(code, '/app/routes/foo.ts', false); + + expect(result.didWrap).toBe(true); + expect(result.code).toContain('.middleware(wrapMiddlewaresWithSentry({ authMiddleware }))'); + expect(result.code).toContain('.middleware(wrapMiddlewaresWithSentry({ loggingMiddleware }))'); + }); + + it('handles trailing commas in middleware arrays', () => { + const code = ` +const serverFn = createServerFn() + .middleware([authMiddleware,]) + .handler(async () => ({})); +`; + const result = wrapServerFnMiddleware(code, '/app/routes/foo.ts', false); + + expect(result.didWrap).toBe(true); + expect(result.code).toContain('.middleware(wrapMiddlewaresWithSentry({ authMiddleware }))'); + }); +}); + describe('addSentryImport', () => { it('prepends import to code without directives', () => { const code = 'const foo = 1;'; From 152891768082cbbcc34abc5c51d39fff43cba7da Mon Sep 17 00:00:00 2001 From: Onur Temizkan Date: Fri, 30 Jan 2026 15:14:46 +0000 Subject: [PATCH 13/80] fix(node): Use snake_case for Fastify's `request-handler` op. (#18729) Following up: https://github.com/getsentry/sentry-javascript/pull/18617 > The span ops should be using snake_case as per our spec: https://develop.sentry.dev/sdk/telemetry/traces/span-operations/ Closes #18730 (added automatically) --- .../nestjs-fastify/tests/transactions.test.ts | 4 ++-- packages/node/src/integrations/tracing/fastify/index.ts | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/dev-packages/e2e-tests/test-applications/nestjs-fastify/tests/transactions.test.ts b/dev-packages/e2e-tests/test-applications/nestjs-fastify/tests/transactions.test.ts index d1c86bac4dfa..b7a8dd5839bd 100644 --- a/dev-packages/e2e-tests/test-applications/nestjs-fastify/tests/transactions.test.ts +++ b/dev-packages/e2e-tests/test-applications/nestjs-fastify/tests/transactions.test.ts @@ -80,7 +80,7 @@ test('Sends an API route transaction', async ({ baseURL }) => { trace_id: expect.stringMatching(/[a-f0-9]{32}/), data: { 'sentry.origin': 'auto.http.otel.fastify', - 'sentry.op': 'request-handler.fastify', + 'sentry.op': 'request_handler.fastify', 'service.name': 'fastify', 'hook.name': 'fastify -> @fastify/otel -> @fastify/middie - route-handler', 'fastify.type': 'request-handler', @@ -88,7 +88,7 @@ test('Sends an API route transaction', async ({ baseURL }) => { 'hook.callback.name': 'anonymous', }, description: '@fastify/middie - route-handler', - op: 'request-handler.fastify', + op: 'request_handler.fastify', parent_span_id: expect.stringMatching(/[a-f0-9]{16}/), start_timestamp: expect.any(Number), timestamp: expect.any(Number), diff --git a/packages/node/src/integrations/tracing/fastify/index.ts b/packages/node/src/integrations/tracing/fastify/index.ts index 02f9a2adde4b..b84875b906e8 100644 --- a/packages/node/src/integrations/tracing/fastify/index.ts +++ b/packages/node/src/integrations/tracing/fastify/index.ts @@ -282,7 +282,7 @@ function addFastifySpanAttributes(span: Span): void { return; } - const opPrefix = isHook ? 'hook' : isHandler ? 'middleware' : isRequestHandler ? 'request-handler' : ''; + const opPrefix = isHook ? 'hook' : isHandler ? 'middleware' : isRequestHandler ? 'request_handler' : ''; span.setAttributes({ [SEMANTIC_ATTRIBUTE_SENTRY_ORIGIN]: 'auto.http.otel.fastify', From 5bd3a791257d73b29dd039d7d0a892cb33ce6ba6 Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Fri, 30 Jan 2026 17:34:11 +0100 Subject: [PATCH 14/80] feat(nextjs): Set cloudflare runtime (#19084) We want to gain better insights how much usage we get from the SDK on Cloudflare. When Next.js apps are deployed to Cloudflare Workers via OpenNext, the Sentry SDK now correctly reports `cloudflare` as the runtime instead of `node` or `vercel-edge`. e2e tests still failing cry --------- Co-authored-by: Claude Opus 4.5 --- .../app/api/test-error/route.ts | 8 ++ .../app/api/test-success/route.ts | 7 ++ .../tests/cloudflare-runtime.test.ts | 34 +++++++++ packages/nextjs/src/edge/index.ts | 16 +++- packages/nextjs/src/server/index.ts | 22 +++++- packages/nextjs/test/serverSdk.test.ts | 76 ++++++++++++++++++- packages/node-core/src/sdk/client.ts | 3 +- packages/node-core/src/types.ts | 7 ++ packages/node-core/test/sdk/client.test.ts | 13 ++++ packages/vercel-edge/src/client.ts | 4 +- packages/vercel-edge/src/types.ts | 8 ++ 11 files changed, 190 insertions(+), 8 deletions(-) create mode 100644 dev-packages/e2e-tests/test-applications/nextjs-16-cf-workers/app/api/test-error/route.ts create mode 100644 dev-packages/e2e-tests/test-applications/nextjs-16-cf-workers/app/api/test-success/route.ts create mode 100644 dev-packages/e2e-tests/test-applications/nextjs-16-cf-workers/tests/cloudflare-runtime.test.ts diff --git a/dev-packages/e2e-tests/test-applications/nextjs-16-cf-workers/app/api/test-error/route.ts b/dev-packages/e2e-tests/test-applications/nextjs-16-cf-workers/app/api/test-error/route.ts new file mode 100644 index 000000000000..01d35550b5ca --- /dev/null +++ b/dev-packages/e2e-tests/test-applications/nextjs-16-cf-workers/app/api/test-error/route.ts @@ -0,0 +1,8 @@ +import { NextResponse } from 'next/server'; + +export const dynamic = 'force-dynamic'; + +export async function GET() { + throw new Error('This is a test error from an API route'); + return NextResponse.json({ success: false }); +} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-16-cf-workers/app/api/test-success/route.ts b/dev-packages/e2e-tests/test-applications/nextjs-16-cf-workers/app/api/test-success/route.ts new file mode 100644 index 000000000000..26d85db4ac28 --- /dev/null +++ b/dev-packages/e2e-tests/test-applications/nextjs-16-cf-workers/app/api/test-success/route.ts @@ -0,0 +1,7 @@ +import { NextResponse } from 'next/server'; + +export const dynamic = 'force-dynamic'; + +export async function GET() { + return NextResponse.json({ success: true }); +} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-16-cf-workers/tests/cloudflare-runtime.test.ts b/dev-packages/e2e-tests/test-applications/nextjs-16-cf-workers/tests/cloudflare-runtime.test.ts new file mode 100644 index 000000000000..cba53fa1970d --- /dev/null +++ b/dev-packages/e2e-tests/test-applications/nextjs-16-cf-workers/tests/cloudflare-runtime.test.ts @@ -0,0 +1,34 @@ +import { expect, test } from '@playwright/test'; +import { waitForError } from '@sentry-internal/test-utils'; + +test.describe('Cloudflare Runtime', () => { + test('Should report cloudflare as the runtime in API route error events', async ({ request }) => { + const errorEventPromise = waitForError('nextjs-16-cf-workers', errorEvent => { + return !!errorEvent?.exception?.values?.some(value => + value.value?.includes('This is a test error from an API route'), + ); + }); + + request.get('/api/test-error').catch(() => { + // Expected to fail + }); + + const errorEvent = await errorEventPromise; + + expect(errorEvent.contexts?.runtime).toEqual({ + name: 'cloudflare', + }); + + // The SDK info should include cloudflare in the packages + expect(errorEvent.sdk?.packages).toEqual( + expect.arrayContaining([ + expect.objectContaining({ + name: 'npm:@sentry/nextjs', + }), + expect.objectContaining({ + name: 'npm:@sentry/cloudflare', + }), + ]), + ); + }); +}); diff --git a/packages/nextjs/src/edge/index.ts b/packages/nextjs/src/edge/index.ts index 9fa05c94e978..3dd74a03c43e 100644 --- a/packages/nextjs/src/edge/index.ts +++ b/packages/nextjs/src/edge/index.ts @@ -28,7 +28,7 @@ import { TRANSACTION_ATTR_SHOULD_DROP_TRANSACTION } from '../common/span-attribu import { addHeadersAsAttributes } from '../common/utils/addHeadersAsAttributes'; import { dropMiddlewareTunnelRequests } from '../common/utils/dropMiddlewareTunnelRequests'; import { isBuild } from '../common/utils/isBuild'; -import { flushSafelyWithTimeout, waitUntil } from '../common/utils/responseEnd'; +import { flushSafelyWithTimeout, isCloudflareWaitUntilAvailable, waitUntil } from '../common/utils/responseEnd'; import { setUrlProcessingMetadata } from '../common/utils/setUrlProcessingMetadata'; import { distDirRewriteFramesIntegration } from './distDirRewriteFramesIntegration'; @@ -73,13 +73,23 @@ export function init(options: VercelEdgeOptions = {}): void { customDefaultIntegrations.push(distDirRewriteFramesIntegration({ distDirName })); } - const opts = { + // Detect if running on OpenNext/Cloudflare + const isRunningOnCloudflare = isCloudflareWaitUntilAvailable(); + + const opts: VercelEdgeOptions = { defaultIntegrations: customDefaultIntegrations, release: process.env._sentryRelease || globalWithInjectedValues._sentryRelease, ...options, + // Override runtime to 'cloudflare' when running on OpenNext/Cloudflare + ...(isRunningOnCloudflare && { runtime: { name: 'cloudflare' } }), }; - applySdkMetadata(opts, 'nextjs', ['nextjs', 'vercel-edge']); + // Use appropriate SDK metadata based on the runtime environment + if (isRunningOnCloudflare) { + applySdkMetadata(opts, 'nextjs', ['nextjs', 'cloudflare']); + } else { + applySdkMetadata(opts, 'nextjs', ['nextjs', 'vercel-edge']); + } const client = vercelEdgeInit(opts); diff --git a/packages/nextjs/src/server/index.ts b/packages/nextjs/src/server/index.ts index 91d1dd65ca06..5821412a4576 100644 --- a/packages/nextjs/src/server/index.ts +++ b/packages/nextjs/src/server/index.ts @@ -31,6 +31,7 @@ import { TRANSACTION_ATTR_SHOULD_DROP_TRANSACTION, } from '../common/span-attributes-with-logic-attached'; import { isBuild } from '../common/utils/isBuild'; +import { isCloudflareWaitUntilAvailable } from '../common/utils/responseEnd'; import { setUrlProcessingMetadata } from '../common/utils/setUrlProcessingMetadata'; import { distDirRewriteFramesIntegration } from './distDirRewriteFramesIntegration'; import { handleOnSpanStart } from './handleOnSpanStart'; @@ -91,6 +92,18 @@ export function showReportDialog(): void { return; } +/** + * Returns the runtime configuration for the SDK based on the environment. + * When running on OpenNext/Cloudflare, returns cloudflare runtime config. + */ +function getCloudflareRuntimeConfig(): { runtime: { name: string } } | undefined { + if (isCloudflareWaitUntilAvailable()) { + // todo: add version information? + return { runtime: { name: 'cloudflare' } }; + } + return undefined; +} + /** Inits the Sentry NextJS SDK on node. */ export function init(options: NodeOptions): NodeClient | undefined { prepareSafeIdGeneratorContext(); @@ -128,11 +141,16 @@ export function init(options: NodeOptions): NodeClient | undefined { customDefaultIntegrations.push(distDirRewriteFramesIntegration({ distDirName })); } + // Detect if running on OpenNext/Cloudflare and get runtime config + const cloudflareConfig = getCloudflareRuntimeConfig(); + const opts: NodeOptions = { environment: process.env.SENTRY_ENVIRONMENT || getVercelEnv(false) || process.env.NODE_ENV, release: process.env._sentryRelease || globalWithInjectedValues._sentryRelease, defaultIntegrations: customDefaultIntegrations, ...options, + // Override runtime to 'cloudflare' when running on OpenNext/Cloudflare + ...cloudflareConfig, }; if (DEBUG_BUILD && opts.debug) { @@ -146,9 +164,11 @@ export function init(options: NodeOptions): NodeClient | undefined { return; } - applySdkMetadata(opts, 'nextjs', ['nextjs', 'node']); + // Use appropriate SDK metadata based on the runtime environment + applySdkMetadata(opts, 'nextjs', ['nextjs', cloudflareConfig ? 'cloudflare' : 'node']); const client = nodeInit(opts); + client?.on('beforeSampling', ({ spanAttributes }, samplingDecision) => { // There are situations where the Next.js Node.js server forwards requests for the Edge Runtime server (e.g. in // middleware) and this causes spans for Sentry ingest requests to be created. These are not exempt from our tracing diff --git a/packages/nextjs/test/serverSdk.test.ts b/packages/nextjs/test/serverSdk.test.ts index 8ea0b060155e..1aa20a5f8295 100644 --- a/packages/nextjs/test/serverSdk.test.ts +++ b/packages/nextjs/test/serverSdk.test.ts @@ -2,7 +2,7 @@ import type { Integration } from '@sentry/core'; import { GLOBAL_OBJ } from '@sentry/core'; import { getCurrentScope } from '@sentry/node'; import * as SentryNode from '@sentry/node'; -import { afterEach, describe, expect, it, vi } from 'vitest'; +import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'; import { init } from '../src/server'; // normally this is set as part of the build process, so mock it here @@ -115,4 +115,78 @@ describe('Server init()', () => { it('returns client from init', () => { expect(init({})).not.toBeUndefined(); }); + + describe('OpenNext/Cloudflare runtime detection', () => { + const cloudflareContextSymbol = Symbol.for('__cloudflare-context__'); + + beforeEach(() => { + // Reset the global scope to allow re-initialization + SentryNode.getGlobalScope().clear(); + SentryNode.getIsolationScope().clear(); + SentryNode.getCurrentScope().clear(); + SentryNode.getCurrentScope().setClient(undefined); + }); + + afterEach(() => { + // Clean up the cloudflare context + // eslint-disable-next-line @typescript-eslint/no-dynamic-delete + delete (GLOBAL_OBJ as unknown as Record)[cloudflareContextSymbol]; + }); + + it('sets cloudflare runtime when OpenNext context is available', () => { + // Mock the OpenNext Cloudflare context + (GLOBAL_OBJ as unknown as Record)[cloudflareContextSymbol] = { + ctx: { + waitUntil: vi.fn(), + }, + }; + + init({}); + + expect(nodeInit).toHaveBeenLastCalledWith( + expect.objectContaining({ + runtime: { name: 'cloudflare' }, + }), + ); + }); + + it('sets cloudflare in SDK metadata when OpenNext context is available', () => { + // Mock the OpenNext Cloudflare context + (GLOBAL_OBJ as unknown as Record)[cloudflareContextSymbol] = { + ctx: { + waitUntil: vi.fn(), + }, + }; + + init({}); + + expect(nodeInit).toHaveBeenLastCalledWith( + expect.objectContaining({ + _metadata: expect.objectContaining({ + sdk: expect.objectContaining({ + name: 'sentry.javascript.nextjs', + packages: expect.arrayContaining([ + expect.objectContaining({ + name: 'npm:@sentry/nextjs', + }), + expect.objectContaining({ + name: 'npm:@sentry/cloudflare', + }), + ]), + }), + }), + }), + ); + }); + + it('does not set cloudflare runtime when OpenNext context is not available', () => { + init({}); + + expect(nodeInit).toHaveBeenLastCalledWith( + expect.not.objectContaining({ + runtime: { name: 'cloudflare' }, + }), + ); + }); + }); }); diff --git a/packages/node-core/src/sdk/client.ts b/packages/node-core/src/sdk/client.ts index 1e783ee24b80..80a233aa3954 100644 --- a/packages/node-core/src/sdk/client.ts +++ b/packages/node-core/src/sdk/client.ts @@ -38,7 +38,8 @@ export class NodeClient extends ServerRuntimeClient { const clientOptions: ServerRuntimeClientOptions = { ...options, platform: 'node', - runtime: { name: 'node', version: global.process.version }, + // Use provided runtime or default to 'node' with current process version + runtime: options.runtime || { name: 'node', version: global.process.version }, serverName, }; diff --git a/packages/node-core/src/types.ts b/packages/node-core/src/types.ts index ee94322089b9..174eb039a8c7 100644 --- a/packages/node-core/src/types.ts +++ b/packages/node-core/src/types.ts @@ -38,6 +38,13 @@ export interface OpenTelemetryServerRuntimeOptions extends ServerRuntimeOptions * Extends the common WinterTC options with OpenTelemetry support shared with Bun and other server-side SDKs. */ export interface BaseNodeOptions extends OpenTelemetryServerRuntimeOptions { + /** + * Override the runtime name reported in events. + * Defaults to 'node' with the current process version if not specified. + * + * @hidden This is primarily used internally to support platforms like Next on OpenNext/Cloudflare. + */ + runtime?: { name: string; version?: string }; /** * Sets profiling sample rate when @sentry/profiling-node is installed * diff --git a/packages/node-core/test/sdk/client.test.ts b/packages/node-core/test/sdk/client.test.ts index cf33049c1ffa..8dcdf33d4067 100644 --- a/packages/node-core/test/sdk/client.test.ts +++ b/packages/node-core/test/sdk/client.test.ts @@ -99,6 +99,19 @@ describe('NodeClient', () => { }); }); + test('uses custom runtime when provided in options', () => { + const options = getDefaultNodeClientOptions({ runtime: { name: 'cloudflare' } }); + const client = new NodeClient(options); + + const event: Event = {}; + const hint: EventHint = {}; + client['_prepareEvent'](event, hint, currentScope, isolationScope); + + expect(event.contexts?.runtime).toEqual({ + name: 'cloudflare', + }); + }); + test('adds server name to event when value passed in options', () => { const options = getDefaultNodeClientOptions({ serverName: 'foo' }); const client = new NodeClient(options); diff --git a/packages/vercel-edge/src/client.ts b/packages/vercel-edge/src/client.ts index a34d1b36f09c..ab7a4e938e96 100644 --- a/packages/vercel-edge/src/client.ts +++ b/packages/vercel-edge/src/client.ts @@ -27,8 +27,8 @@ export class VercelEdgeClient extends ServerRuntimeClient Date: Fri, 30 Jan 2026 19:00:54 +0100 Subject: [PATCH 15/80] fix(core): Ensure partially set SDK metadata options are preserved (#19102) Previously, our `applySdkMetadata` helper in core would only apply default SDK metadata (name, packages, version) if no `sdk` data at all was set. This caused incomplete SDK metadata when manually overriding `sdk.settings` (see https://github.com/getsentry/sentry-javascript/issues/19072). This patch now ensures that only if the `name` is already set, we don't apply our default options. This should be fine-grained enough to still have correct SDK metadata inheritance. I also added a bunch of tests, since `applySdkMetadata` had no unit tests. --- .size-limit.js | 4 +- .../sendDefaultPii/overrideIp/init.js | 16 ++ .../sendDefaultPii/overrideIp/subject.js | 1 + .../sendDefaultPii/overrideIp/test.ts | 12 ++ packages/browser/test/client.test.ts | 27 +++- packages/core/src/utils/sdkMetadata.ts | 18 +-- .../core/test/lib/utils/sdkMetadata.test.ts | 143 ++++++++++++++++++ 7 files changed, 207 insertions(+), 14 deletions(-) create mode 100644 dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/overrideIp/init.js create mode 100644 dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/overrideIp/subject.js create mode 100644 dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/overrideIp/test.ts create mode 100644 packages/core/test/lib/utils/sdkMetadata.test.ts diff --git a/.size-limit.js b/.size-limit.js index 761905a49ef3..7feee4373586 100644 --- a/.size-limit.js +++ b/.size-limit.js @@ -82,7 +82,7 @@ module.exports = [ path: 'packages/browser/build/npm/esm/prod/index.js', import: createImport('init', 'browserTracingIntegration', 'replayIntegration', 'replayCanvasIntegration'), gzip: true, - limit: '85.55 KB', + limit: '86 KB', }, { name: '@sentry/browser (incl. Tracing, Replay, Feedback)', @@ -184,7 +184,7 @@ module.exports = [ name: 'CDN Bundle (incl. Tracing)', path: createCDNPath('bundle.tracing.min.js'), gzip: true, - limit: '43 KB', + limit: '44 KB', }, { name: 'CDN Bundle (incl. Logs, Metrics)', diff --git a/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/overrideIp/init.js b/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/overrideIp/init.js new file mode 100644 index 000000000000..957b42442255 --- /dev/null +++ b/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/overrideIp/init.js @@ -0,0 +1,16 @@ +import * as Sentry from '@sentry/browser'; + +window.Sentry = Sentry; + +Sentry.init({ + dsn: 'https://public@dsn.ingest.sentry.io/1337', + tracesSampleRate: 1, + sendDefaultPii: false, + _metadata: { + sdk: { + settings: { + infer_ip: 'auto', + }, + }, + }, +}); diff --git a/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/overrideIp/subject.js b/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/overrideIp/subject.js new file mode 100644 index 000000000000..1b632e0a9289 --- /dev/null +++ b/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/overrideIp/subject.js @@ -0,0 +1 @@ +Sentry.captureException(new Error('woot')); diff --git a/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/overrideIp/test.ts b/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/overrideIp/test.ts new file mode 100644 index 000000000000..2b55c098bbb4 --- /dev/null +++ b/dev-packages/browser-integration-tests/suites/public-api/sendDefaultPii/overrideIp/test.ts @@ -0,0 +1,12 @@ +import { expect } from '@playwright/test'; +import { sentryTest } from '../../../../utils/fixtures'; +import { envelopeRequestParser, waitForErrorRequestOnUrl } from '../../../../utils/helpers'; + +sentryTest( + 'overrides IP inference by explicitly passing sdk.settings.infer_ip to "auto"', + async ({ getLocalTestUrl, page }) => { + const url = await getLocalTestUrl({ testDir: __dirname }); + const eventData = await envelopeRequestParser(await waitForErrorRequestOnUrl(page, url)); + expect(eventData.sdk?.settings?.infer_ip).toBe('auto'); + }, +); diff --git a/packages/browser/test/client.test.ts b/packages/browser/test/client.test.ts index d99e45984f0a..27135b4fc9a9 100644 --- a/packages/browser/test/client.test.ts +++ b/packages/browser/test/client.test.ts @@ -148,7 +148,7 @@ describe('applyDefaultOptions', () => { describe('SDK metadata', () => { describe('sdk.settings', () => { - it('sets infer_ipto "never" by default', () => { + it('sets infer_ip to "never" by default', () => { const options = getDefaultBrowserClientOptions({}); const client = new BrowserClient(options); @@ -233,5 +233,30 @@ describe('SDK metadata', () => { expect(client.getOptions()._metadata?.sdk?.name).toBe('sentry.javascript.angular'); }); + + it('preserves passed-in partial SDK metadata', () => { + const options = getDefaultBrowserClientOptions({ + _metadata: { + sdk: { + settings: { + infer_ip: 'auto', + }, + }, + }, + // Usually, this would cause infer_ip to be set to 'never' + // but we're passing it in explicitly, so it should be preserved + sendDefaultPii: false, + }); + const client = new BrowserClient(options); + + expect(client.getOptions()._metadata?.sdk).toEqual({ + name: 'sentry.javascript.browser', + version: expect.any(String), + packages: [{ name: 'npm:@sentry/browser', version: expect.any(String) }], + settings: { + infer_ip: 'auto', + }, + }); + }); }); }); diff --git a/packages/core/src/utils/sdkMetadata.ts b/packages/core/src/utils/sdkMetadata.ts index 714a022689e3..e7755537551a 100644 --- a/packages/core/src/utils/sdkMetadata.ts +++ b/packages/core/src/utils/sdkMetadata.ts @@ -15,18 +15,14 @@ import { SDK_VERSION } from '../utils/version'; * @param names list of package names */ export function applySdkMetadata(options: CoreOptions, name: string, names = [name], source = 'npm'): void { - const metadata = options._metadata || {}; + const sdk = ((options._metadata = options._metadata || {}).sdk = options._metadata.sdk || {}); - if (!metadata.sdk) { - metadata.sdk = { - name: `sentry.javascript.${name}`, - packages: names.map(name => ({ - name: `${source}:@sentry/${name}`, - version: SDK_VERSION, - })), + if (!sdk.name) { + sdk.name = `sentry.javascript.${name}`; + sdk.packages = names.map(name => ({ + name: `${source}:@sentry/${name}`, version: SDK_VERSION, - }; + })); + sdk.version = SDK_VERSION; } - - options._metadata = metadata; } diff --git a/packages/core/test/lib/utils/sdkMetadata.test.ts b/packages/core/test/lib/utils/sdkMetadata.test.ts new file mode 100644 index 000000000000..ee502267e673 --- /dev/null +++ b/packages/core/test/lib/utils/sdkMetadata.test.ts @@ -0,0 +1,143 @@ +import { describe, expect, it } from 'vitest'; +import { applySdkMetadata } from '../../../src'; + +describe('applySdkMetadata', () => { + it('applies a custom SDK name', () => { + const options = { + dsn: '123', + }; + + applySdkMetadata(options, 'angular'); + + expect(options).toEqual({ + _metadata: { + sdk: { + name: 'sentry.javascript.angular', + packages: [ + { + name: 'npm:@sentry/angular', + version: expect.any(String), + }, + ], + version: expect.any(String), + }, + }, + dsn: '123', + }); + }); + + it('attaches multiple packages if names is passed in', () => { + const options = { + dsn: '123', + }; + + applySdkMetadata(options, 'angular', ['angular', 'browser']); + + expect(options).toEqual({ + _metadata: { + sdk: { + name: 'sentry.javascript.angular', + packages: [ + { name: 'npm:@sentry/angular', version: expect.any(String) }, + { name: 'npm:@sentry/browser', version: expect.any(String) }, + ], + version: expect.any(String), + }, + }, + dsn: '123', + }); + }); + + it('sets the source if source is passed in', () => { + const options = { + dsn: '123', + }; + + applySdkMetadata(options, 'angular', ['angular', 'browser'], 'cdn'); + + expect(options).toEqual({ + _metadata: { + sdk: { + name: 'sentry.javascript.angular', + packages: [ + { name: 'cdn:@sentry/angular', version: expect.any(String) }, + { name: 'cdn:@sentry/browser', version: expect.any(String) }, + ], + version: expect.any(String), + }, + }, + dsn: '123', + }); + }); + + it('preserves existing SDK metadata if already set', () => { + const options = { + dsn: '123', + _metadata: { + sdk: { + name: 'sentry.javascript.react', + }, + }, + }; + + applySdkMetadata(options, 'angular', ['angular', 'browser'], 'cdn'); + + expect(options).toEqual({ + _metadata: { + sdk: { + name: 'sentry.javascript.react', + }, + }, + dsn: '123', + }); + }); + + it('merges existing SDK metadata with default values', () => { + const options = { + dsn: '123', + _metadata: { + sdk: { + settings: { + infer_ip: 'auto' as const, + }, + }, + }, + }; + + applySdkMetadata(options, 'angular'); + + expect(options).toEqual({ + _metadata: { + sdk: { + name: 'sentry.javascript.angular', + packages: [{ name: 'npm:@sentry/angular', version: expect.any(String) }], + version: expect.any(String), + settings: { + infer_ip: 'auto' as const, + }, + }, + }, + dsn: '123', + }); + }); + + it('handles empty metadata object', () => { + const options = { + dsn: '123', + _metadata: {}, + }; + + applySdkMetadata(options, 'angular'); + + expect(options).toEqual({ + _metadata: { + sdk: { + name: 'sentry.javascript.angular', + packages: [{ name: 'npm:@sentry/angular', version: expect.any(String) }], + version: expect.any(String), + }, + }, + dsn: '123', + }); + }); +}); From ab88d9639d3bce86f69d8c6b8f1854982c2e79da Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Fri, 30 Jan 2026 21:38:13 +0100 Subject: [PATCH 16/80] test(e2e): Migrate test app `nextjs-turbo` into `nextjs-15` (#19107) - Migrates pages router and route handler tests from `nextjs-turbo` to `nextjs-15` - Removes the redundant `nextjs-turbo` test app - All tests are now covered in `nextjs-15` with turbopack variant --- .../app/route-handler/[xoxo]/error/route.ts | 3 + .../app/route-handler/[xoxo]/node/route.ts | 4 + .../app/route-handler}/static/route.ts | 2 +- .../nextjs-15/next.config.js | 3 + .../pages-router-client-trace-propagation.tsx | 2 +- .../pages/_app.tsx | 0 .../tests}/client-trace-propagation.test.ts | 11 +- .../nextjs-15/tests/route-handler.test.ts | 58 +++++- .../test-applications/nextjs-turbo/.gitignore | 46 ----- .../test-applications/nextjs-turbo/.npmrc | 8 - .../app/[param]/rsc-page-error/page.tsx | 9 - .../nextjs-turbo/app/global-error.tsx | 23 --- .../nextjs-turbo/app/layout.tsx | 7 - .../app/pageload-transaction/page.tsx | 3 - .../parameterized/[one]/beep/[two]/page.tsx | 3 - .../app/parameterized/[one]/beep/page.tsx | 3 - .../app/parameterized/[one]/page.tsx | 3 - .../app/parameterized/static/page.tsx | 3 - .../app/route-handlers/[param]/error/route.ts | 3 - .../app/route-handlers/[param]/route.ts | 9 - .../nextjs-turbo/globals.d.ts | 4 - .../nextjs-turbo/instrumentation-client.ts | 11 - .../nextjs-turbo/instrumentation.ts | 13 -- .../nextjs-turbo/next-env.d.ts | 6 - .../nextjs-turbo/next.config.js | 11 - .../nextjs-turbo/package.json | 46 ----- .../nextjs-turbo/playwright.config.mjs | 19 -- .../nextjs-turbo/sentry.edge.config.ts | 13 -- .../nextjs-turbo/sentry.server.config.ts | 13 -- .../nextjs-turbo/start-event-proxy.mjs | 14 -- .../app-router/pageload-transaction.test.ts | 27 --- .../app-router/parameterized-routes.test.ts | 189 ------------------ .../tests/app-router/route-handlers.test.ts | 72 ------- .../tests/app-router/rsc-error.test.ts | 18 -- .../app-router/server-components.test.ts | 48 ----- .../nextjs-turbo/tsconfig.json | 26 --- 36 files changed, 74 insertions(+), 659 deletions(-) create mode 100644 dev-packages/e2e-tests/test-applications/nextjs-15/app/route-handler/[xoxo]/error/route.ts rename dev-packages/e2e-tests/test-applications/{nextjs-turbo/app/route-handlers => nextjs-15/app/route-handler}/static/route.ts (67%) rename dev-packages/e2e-tests/test-applications/{nextjs-turbo/pages/[param] => nextjs-15/pages/[locale]}/pages-router-client-trace-propagation.tsx (86%) rename dev-packages/e2e-tests/test-applications/{nextjs-turbo => nextjs-15}/pages/_app.tsx (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-turbo/tests/pages-router => nextjs-15/tests}/client-trace-propagation.test.ts (73%) delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/.gitignore delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/.npmrc delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/app/[param]/rsc-page-error/page.tsx delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/app/global-error.tsx delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/app/layout.tsx delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/app/pageload-transaction/page.tsx delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/[one]/beep/[two]/page.tsx delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/[one]/beep/page.tsx delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/[one]/page.tsx delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/static/page.tsx delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/app/route-handlers/[param]/error/route.ts delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/app/route-handlers/[param]/route.ts delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/globals.d.ts delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/instrumentation-client.ts delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/instrumentation.ts delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/next-env.d.ts delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/next.config.js delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/package.json delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/playwright.config.mjs delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/sentry.edge.config.ts delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/sentry.server.config.ts delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/start-event-proxy.mjs delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/pageload-transaction.test.ts delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/parameterized-routes.test.ts delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/route-handlers.test.ts delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/rsc-error.test.ts delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/server-components.test.ts delete mode 100644 dev-packages/e2e-tests/test-applications/nextjs-turbo/tsconfig.json diff --git a/dev-packages/e2e-tests/test-applications/nextjs-15/app/route-handler/[xoxo]/error/route.ts b/dev-packages/e2e-tests/test-applications/nextjs-15/app/route-handler/[xoxo]/error/route.ts new file mode 100644 index 000000000000..bdfb525fc735 --- /dev/null +++ b/dev-packages/e2e-tests/test-applications/nextjs-15/app/route-handler/[xoxo]/error/route.ts @@ -0,0 +1,3 @@ +export async function GET() { + throw new Error('Route handler error'); +} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-15/app/route-handler/[xoxo]/node/route.ts b/dev-packages/e2e-tests/test-applications/nextjs-15/app/route-handler/[xoxo]/node/route.ts index 5bc418f077aa..a043231cebf3 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-15/app/route-handler/[xoxo]/node/route.ts +++ b/dev-packages/e2e-tests/test-applications/nextjs-15/app/route-handler/[xoxo]/node/route.ts @@ -5,3 +5,7 @@ export const dynamic = 'force-dynamic'; export async function GET() { return NextResponse.json({ message: 'Hello Node Route Handler' }); } + +export async function POST() { + return NextResponse.json({ name: 'Boop' }, { status: 400 }); +} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/route-handlers/static/route.ts b/dev-packages/e2e-tests/test-applications/nextjs-15/app/route-handler/static/route.ts similarity index 67% rename from dev-packages/e2e-tests/test-applications/nextjs-turbo/app/route-handlers/static/route.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15/app/route-handler/static/route.ts index c2407f908b8b..63710980b77a 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/route-handlers/static/route.ts +++ b/dev-packages/e2e-tests/test-applications/nextjs-15/app/route-handler/static/route.ts @@ -1,5 +1,5 @@ import { NextResponse } from 'next/server'; -export async function GET(request: Request) { +export async function GET() { return NextResponse.json({ name: 'Static' }); } diff --git a/dev-packages/e2e-tests/test-applications/nextjs-15/next.config.js b/dev-packages/e2e-tests/test-applications/nextjs-15/next.config.js index 1098c2ce5a4f..55a7b9361b3a 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-15/next.config.js +++ b/dev-packages/e2e-tests/test-applications/nextjs-15/next.config.js @@ -5,4 +5,7 @@ const nextConfig = {}; module.exports = withSentryConfig(nextConfig, { silent: true, + release: { + name: 'foobar123', + }, }); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/pages/[param]/pages-router-client-trace-propagation.tsx b/dev-packages/e2e-tests/test-applications/nextjs-15/pages/[locale]/pages-router-client-trace-propagation.tsx similarity index 86% rename from dev-packages/e2e-tests/test-applications/nextjs-turbo/pages/[param]/pages-router-client-trace-propagation.tsx rename to dev-packages/e2e-tests/test-applications/nextjs-15/pages/[locale]/pages-router-client-trace-propagation.tsx index be0391c3618e..f9ec42bbffb1 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/pages/[param]/pages-router-client-trace-propagation.tsx +++ b/dev-packages/e2e-tests/test-applications/nextjs-15/pages/[locale]/pages-router-client-trace-propagation.tsx @@ -1,5 +1,5 @@ export default function Page() { -

Hello World!

; + return

Hello World!

; } // getServerSideProps makes this page dynamic and allows tracing data to be inserted diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/pages/_app.tsx b/dev-packages/e2e-tests/test-applications/nextjs-15/pages/_app.tsx similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-turbo/pages/_app.tsx rename to dev-packages/e2e-tests/test-applications/nextjs-15/pages/_app.tsx diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/pages-router/client-trace-propagation.test.ts b/dev-packages/e2e-tests/test-applications/nextjs-15/tests/client-trace-propagation.test.ts similarity index 73% rename from dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/pages-router/client-trace-propagation.test.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15/tests/client-trace-propagation.test.ts index 032aa55b3116..8f555d834a84 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/pages-router/client-trace-propagation.test.ts +++ b/dev-packages/e2e-tests/test-applications/nextjs-15/tests/client-trace-propagation.test.ts @@ -2,23 +2,22 @@ import { expect, test } from '@playwright/test'; import { waitForTransaction } from '@sentry-internal/test-utils'; import { parseSemver } from '@sentry/core'; -const packageJson = require('../../package.json'); +const packageJson = require('../package.json'); const nextjsVersion = packageJson.dependencies.next; const { major, minor } = parseSemver(nextjsVersion); test('Should propagate traces from server to client in pages router', async ({ page }) => { - // TODO: Remove this skippage when Next.js 15.3.0 is released and bump version in package json to 15.3.0 test.skip( major === 15 && minor !== undefined && minor < 3, 'Next.js version does not support clientside instrumentation', ); - const serverTransactionPromise = waitForTransaction('nextjs-turbo', async transactionEvent => { - return transactionEvent?.transaction === 'GET /[param]/pages-router-client-trace-propagation'; + const serverTransactionPromise = waitForTransaction('nextjs-15', async transactionEvent => { + return transactionEvent?.transaction === 'GET /[locale]/pages-router-client-trace-propagation'; }); - const pageloadTransactionPromise = waitForTransaction('nextjs-turbo', async transactionEvent => { - return transactionEvent?.transaction === '/[param]/pages-router-client-trace-propagation'; + const pageloadTransactionPromise = waitForTransaction('nextjs-15', async transactionEvent => { + return transactionEvent?.transaction === '/[locale]/pages-router-client-trace-propagation'; }); await page.goto(`/123/pages-router-client-trace-propagation`); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-15/tests/route-handler.test.ts b/dev-packages/e2e-tests/test-applications/nextjs-15/tests/route-handler.test.ts index d5566a100a5f..09def19c2af9 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-15/tests/route-handler.test.ts +++ b/dev-packages/e2e-tests/test-applications/nextjs-15/tests/route-handler.test.ts @@ -1,5 +1,5 @@ import test, { expect } from '@playwright/test'; -import { waitForTransaction } from '@sentry-internal/test-utils'; +import { waitForError, waitForTransaction } from '@sentry-internal/test-utils'; test('Should create a transaction for node route handlers', async ({ request }) => { const routehandlerTransactionPromise = waitForTransaction('nextjs-15', async transactionEvent => { @@ -37,3 +37,59 @@ test('Should create a transaction for edge route handlers', async ({ request }) expect(routehandlerTransaction.contexts?.trace?.op).toBe('http.server'); expect(routehandlerTransaction.contexts?.trace?.data?.['http.request.header.x_charly']).toBe('gomez'); }); + +test('Should create a transaction for static route handlers', async ({ request }) => { + const routehandlerTransactionPromise = waitForTransaction('nextjs-15', async transactionEvent => { + return transactionEvent?.transaction === 'GET /route-handler/static'; + }); + + const response = await request.get('/route-handler/static'); + expect(await response.json()).toStrictEqual({ name: 'Static' }); + + const routehandlerTransaction = await routehandlerTransactionPromise; + + expect(routehandlerTransaction.contexts?.trace?.status).toBe('ok'); + expect(routehandlerTransaction.contexts?.trace?.op).toBe('http.server'); +}); + +test('Should create a transaction for route handlers and correctly set span status depending on http status', async ({ + request, +}) => { + const routehandlerTransactionPromise = waitForTransaction('nextjs-15', async transactionEvent => { + return transactionEvent?.transaction === 'POST /route-handler/[xoxo]/node'; + }); + + const response = await request.post('/route-handler/123/node'); + expect(await response.json()).toStrictEqual({ name: 'Boop' }); + + const routehandlerTransaction = await routehandlerTransactionPromise; + + expect(routehandlerTransaction.contexts?.trace?.status).toBe('invalid_argument'); + expect(routehandlerTransaction.contexts?.trace?.op).toBe('http.server'); +}); + +test('Should record exceptions and transactions for faulty route handlers', async ({ request }) => { + const errorEventPromise = waitForError('nextjs-15', errorEvent => { + return errorEvent?.exception?.values?.[0]?.value === 'Route handler error'; + }); + + const routehandlerTransactionPromise = waitForTransaction('nextjs-15', async transactionEvent => { + return transactionEvent?.transaction === 'GET /route-handler/[xoxo]/error'; + }); + + await request.get('/route-handler/123/error').catch(() => {}); + + const routehandlerTransaction = await routehandlerTransactionPromise; + const routehandlerError = await errorEventPromise; + + expect(routehandlerTransaction.contexts?.trace?.status).toBe('internal_error'); + expect(routehandlerTransaction.contexts?.trace?.op).toBe('http.server'); + expect(routehandlerTransaction.contexts?.trace?.origin).toContain('auto'); + + expect(routehandlerError.exception?.values?.[0].value).toBe('Route handler error'); + + expect(routehandlerError.request?.method).toBe('GET'); + expect(routehandlerError.request?.url).toContain('/route-handler/123/error'); + + expect(routehandlerError.transaction).toContain('/route-handler/[xoxo]/error'); +}); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/.gitignore b/dev-packages/e2e-tests/test-applications/nextjs-turbo/.gitignore deleted file mode 100644 index ebdbfc025b6a..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/.gitignore +++ /dev/null @@ -1,46 +0,0 @@ -# See https://help.github.com/articles/ignoring-files/ for more about ignoring files. - -# dependencies -/node_modules -/.pnp -.pnp.js - -# testing -/coverage - -# next.js -/.next/ -/out/ - -# production -/build - -# misc -.DS_Store -*.pem - -# debug -npm-debug.log* -yarn-debug.log* -yarn-error.log* -.pnpm-debug.log* - -# local env files -.env*.local - -# vercel -.vercel - -# typescript -*.tsbuildinfo -next-env.d.ts - -!*.d.ts - -# Sentry -.sentryclirc - -.vscode - -test-results -event-dumps diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/.npmrc b/dev-packages/e2e-tests/test-applications/nextjs-turbo/.npmrc deleted file mode 100644 index c0bee06878d1..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/.npmrc +++ /dev/null @@ -1,8 +0,0 @@ -@sentry:registry=http://127.0.0.1:4873 -@sentry-internal:registry=http://127.0.0.1:4873 - -# todo: check if this is still needed in upcoming versions -# Hoist all dependencies to the root level due to issues with import-in-the-middle and require-in-the-middle -# Just adding these as dependencies removed the warnings, but didn't fix the issue -shamefully-hoist=true -strict-peer-dependencies=false diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/[param]/rsc-page-error/page.tsx b/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/[param]/rsc-page-error/page.tsx deleted file mode 100644 index a6ae11918445..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/[param]/rsc-page-error/page.tsx +++ /dev/null @@ -1,9 +0,0 @@ -export const dynamic = 'force-dynamic'; - -export default function Page() { - if (Math.random() > -1) { - throw new Error('page rsc render error'); - } - - return null; -} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/global-error.tsx b/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/global-error.tsx deleted file mode 100644 index 20c175015b03..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/global-error.tsx +++ /dev/null @@ -1,23 +0,0 @@ -'use client'; - -import * as Sentry from '@sentry/nextjs'; -import NextError from 'next/error'; -import { useEffect } from 'react'; - -export default function GlobalError({ error }: { error: Error & { digest?: string } }) { - useEffect(() => { - Sentry.captureException(error); - }, [error]); - - return ( - - - {/* `NextError` is the default Next.js error page component. Its type - definition requires a `statusCode` prop. However, since the App Router - does not expose status codes for errors, we simply pass 0 to render a - generic error message. */} - - - - ); -} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/layout.tsx b/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/layout.tsx deleted file mode 100644 index c8f9cee0b787..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/layout.tsx +++ /dev/null @@ -1,7 +0,0 @@ -export default function Layout({ children }: { children: React.ReactNode }) { - return ( - - {children} - - ); -} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/pageload-transaction/page.tsx b/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/pageload-transaction/page.tsx deleted file mode 100644 index 4d692cbabd9b..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/pageload-transaction/page.tsx +++ /dev/null @@ -1,3 +0,0 @@ -export default function Page() { - return

Hello World!

; -} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/[one]/beep/[two]/page.tsx b/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/[one]/beep/[two]/page.tsx deleted file mode 100644 index f34461c2bb07..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/[one]/beep/[two]/page.tsx +++ /dev/null @@ -1,3 +0,0 @@ -export default function ParameterizedPage() { - return
Dynamic page two
; -} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/[one]/beep/page.tsx b/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/[one]/beep/page.tsx deleted file mode 100644 index a7d9164c8c03..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/[one]/beep/page.tsx +++ /dev/null @@ -1,3 +0,0 @@ -export default function BeepPage() { - return
Beep
; -} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/[one]/page.tsx b/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/[one]/page.tsx deleted file mode 100644 index 9fa617a22381..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/[one]/page.tsx +++ /dev/null @@ -1,3 +0,0 @@ -export default function ParameterizedPage() { - return
Dynamic page one
; -} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/static/page.tsx b/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/static/page.tsx deleted file mode 100644 index 16ef0482d53b..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/parameterized/static/page.tsx +++ /dev/null @@ -1,3 +0,0 @@ -export default function StaticPage() { - return
Static page
; -} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/route-handlers/[param]/error/route.ts b/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/route-handlers/[param]/error/route.ts deleted file mode 100644 index dbc0c6193131..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/route-handlers/[param]/error/route.ts +++ /dev/null @@ -1,3 +0,0 @@ -export async function GET(request: Request) { - throw new Error('Dynamic route handler error'); -} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/route-handlers/[param]/route.ts b/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/route-handlers/[param]/route.ts deleted file mode 100644 index 581a4d68b640..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/app/route-handlers/[param]/route.ts +++ /dev/null @@ -1,9 +0,0 @@ -import { NextResponse } from 'next/server'; - -export async function GET() { - return NextResponse.json({ name: 'Beep' }); -} - -export async function POST() { - return NextResponse.json({ name: 'Boop' }, { status: 400 }); -} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/globals.d.ts b/dev-packages/e2e-tests/test-applications/nextjs-turbo/globals.d.ts deleted file mode 100644 index 109dbcd55648..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/globals.d.ts +++ /dev/null @@ -1,4 +0,0 @@ -interface Window { - recordedTransactions?: string[]; - capturedExceptionId?: string; -} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/instrumentation-client.ts b/dev-packages/e2e-tests/test-applications/nextjs-turbo/instrumentation-client.ts deleted file mode 100644 index 4870c64e7959..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/instrumentation-client.ts +++ /dev/null @@ -1,11 +0,0 @@ -import * as Sentry from '@sentry/nextjs'; - -Sentry.init({ - environment: 'qa', // dynamic sampling bias to keep transactions - dsn: process.env.NEXT_PUBLIC_E2E_TEST_DSN, - tunnel: `http://localhost:3031/`, // proxy server - tracesSampleRate: 1.0, - sendDefaultPii: true, -}); - -export const onRouterTransitionStart = Sentry.captureRouterTransitionStart; diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/instrumentation.ts b/dev-packages/e2e-tests/test-applications/nextjs-turbo/instrumentation.ts deleted file mode 100644 index 964f937c439a..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/instrumentation.ts +++ /dev/null @@ -1,13 +0,0 @@ -import * as Sentry from '@sentry/nextjs'; - -export async function register() { - if (process.env.NEXT_RUNTIME === 'nodejs') { - await import('./sentry.server.config'); - } - - if (process.env.NEXT_RUNTIME === 'edge') { - await import('./sentry.edge.config'); - } -} - -export const onRequestError = Sentry.captureRequestError; diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/next-env.d.ts b/dev-packages/e2e-tests/test-applications/nextjs-turbo/next-env.d.ts deleted file mode 100644 index 3cd7048ed947..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/next-env.d.ts +++ /dev/null @@ -1,6 +0,0 @@ -/// -/// -/// - -// NOTE: This file should not be edited -// see https://nextjs.org/docs/app/api-reference/config/typescript for more information. diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/next.config.js b/dev-packages/e2e-tests/test-applications/nextjs-turbo/next.config.js deleted file mode 100644 index 55a7b9361b3a..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/next.config.js +++ /dev/null @@ -1,11 +0,0 @@ -const { withSentryConfig } = require('@sentry/nextjs'); - -/** @type {import('next').NextConfig} */ -const nextConfig = {}; - -module.exports = withSentryConfig(nextConfig, { - silent: true, - release: { - name: 'foobar123', - }, -}); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/package.json b/dev-packages/e2e-tests/test-applications/nextjs-turbo/package.json deleted file mode 100644 index 999776fa6805..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/package.json +++ /dev/null @@ -1,46 +0,0 @@ -{ - "name": "create-next-app", - "version": "0.1.0", - "private": true, - "scripts": { - "build": "next build --turbopack > .tmp_build_stdout 2> .tmp_build_stderr || (cat .tmp_build_stdout && cat .tmp_build_stderr && exit 1)", - "clean": "npx rimraf node_modules pnpm-lock.yaml", - "test:prod": "TEST_ENV=production playwright test", - "test:dev": "TEST_ENV=development playwright test", - "test:build": "pnpm install && pnpm build", - "test:build-canary": "pnpm install && pnpm add next@canary && pnpm add react@canary && pnpm add react-dom@canary && pnpm build", - "test:build-latest": "pnpm install && pnpm add next@latest && pnpm build", - "test:assert": "pnpm test:prod && pnpm test:dev" - }, - "dependencies": { - "@sentry/nextjs": "latest || *", - "@types/node": "^18.19.1", - "@types/react": "^19", - "@types/react-dom": "^19", - "next": "^15.5.10", - "react": "^19", - "react-dom": "^19", - "typescript": "~5.0.0" - }, - "devDependencies": { - "@playwright/test": "~1.56.0", - "@sentry-internal/test-utils": "link:../../../test-utils", - "@sentry/core": "latest || *" - }, - "volta": { - "extends": "../../package.json" - }, - "sentryTest": { - "optional": true, - "optionalVariants": [ - { - "build-command": "pnpm test:build-canary", - "label": "nextjs-turbo (canary)" - }, - { - "build-command": "pnpm test:build-latest", - "label": "nextjs-turbo (latest)" - } - ] - } -} diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/playwright.config.mjs b/dev-packages/e2e-tests/test-applications/nextjs-turbo/playwright.config.mjs deleted file mode 100644 index 9a74af430808..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/playwright.config.mjs +++ /dev/null @@ -1,19 +0,0 @@ -import { getPlaywrightConfig } from '@sentry-internal/test-utils'; -const testEnv = process.env.TEST_ENV; - -if (!testEnv) { - throw new Error('No test env defined'); -} - -const config = getPlaywrightConfig( - { - startCommand: testEnv === 'development' ? 'pnpm next dev -p 3030 --turbopack' : 'pnpm next start -p 3030', - port: 3030, - }, - { - // This comes with the risk of tests leaking into each other but the tests run quite slow so we should parallelize - workers: '100%', - }, -); - -export default config; diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/sentry.edge.config.ts b/dev-packages/e2e-tests/test-applications/nextjs-turbo/sentry.edge.config.ts deleted file mode 100644 index 067d2ead0b8b..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/sentry.edge.config.ts +++ /dev/null @@ -1,13 +0,0 @@ -import * as Sentry from '@sentry/nextjs'; - -Sentry.init({ - environment: 'qa', // dynamic sampling bias to keep transactions - dsn: process.env.NEXT_PUBLIC_E2E_TEST_DSN, - tunnel: `http://localhost:3031/`, // proxy server - tracesSampleRate: 1.0, - sendDefaultPii: true, - transportOptions: { - // We are doing a lot of events at once in this test - bufferSize: 1000, - }, -}); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/sentry.server.config.ts b/dev-packages/e2e-tests/test-applications/nextjs-turbo/sentry.server.config.ts deleted file mode 100644 index 067d2ead0b8b..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/sentry.server.config.ts +++ /dev/null @@ -1,13 +0,0 @@ -import * as Sentry from '@sentry/nextjs'; - -Sentry.init({ - environment: 'qa', // dynamic sampling bias to keep transactions - dsn: process.env.NEXT_PUBLIC_E2E_TEST_DSN, - tunnel: `http://localhost:3031/`, // proxy server - tracesSampleRate: 1.0, - sendDefaultPii: true, - transportOptions: { - // We are doing a lot of events at once in this test - bufferSize: 1000, - }, -}); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/start-event-proxy.mjs b/dev-packages/e2e-tests/test-applications/nextjs-turbo/start-event-proxy.mjs deleted file mode 100644 index 2773cf8fa977..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/start-event-proxy.mjs +++ /dev/null @@ -1,14 +0,0 @@ -import * as fs from 'fs'; -import * as path from 'path'; -import { startEventProxyServer } from '@sentry-internal/test-utils'; - -const packageJson = JSON.parse(fs.readFileSync(path.join(process.cwd(), 'package.json'))); - -startEventProxyServer({ - port: 3031, - proxyServerName: 'nextjs-turbo', - envelopeDumpPath: path.join( - process.cwd(), - `event-dumps/nextjs-turbo-${packageJson.dependencies.next}-${process.env.TEST_ENV}.dump`, - ), -}); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/pageload-transaction.test.ts b/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/pageload-transaction.test.ts deleted file mode 100644 index 62a072b4ae7f..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/pageload-transaction.test.ts +++ /dev/null @@ -1,27 +0,0 @@ -import { expect, test } from '@playwright/test'; -import { waitForTransaction } from '@sentry-internal/test-utils'; -import { parseSemver } from '@sentry/core'; - -const packageJson = require('../../package.json'); -const nextjsVersion = packageJson.dependencies.next; -const { major, minor } = parseSemver(nextjsVersion); - -test('Should record pageload transactions (this test verifies that the client SDK is initialized)', async ({ - page, -}) => { - // TODO: Remove this skippage when Next.js 15.3.0 is released and bump version in package json to 15.3.0 - test.skip( - major === 15 && minor !== undefined && minor < 3, - 'Next.js version does not support clientside instrumentation', - ); - - const pageloadTransactionPromise = waitForTransaction('nextjs-turbo', async transactionEvent => { - return transactionEvent?.transaction === '/pageload-transaction'; - }); - - await page.goto(`/pageload-transaction`); - - const pageloadTransaction = await pageloadTransactionPromise; - - expect(pageloadTransaction).toBeDefined(); -}); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/parameterized-routes.test.ts b/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/parameterized-routes.test.ts deleted file mode 100644 index 0a2f1dfc0c28..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/parameterized-routes.test.ts +++ /dev/null @@ -1,189 +0,0 @@ -import { expect, test } from '@playwright/test'; -import { waitForTransaction } from '@sentry-internal/test-utils'; - -test('should create a parameterized transaction when the `app` directory is used', async ({ page }) => { - const transactionPromise = waitForTransaction('nextjs-turbo', async transactionEvent => { - return ( - transactionEvent.transaction === '/parameterized/:one' && transactionEvent.contexts?.trace?.op === 'pageload' - ); - }); - - await page.goto(`/parameterized/cappuccino`); - - const transaction = await transactionPromise; - - expect(transaction).toMatchObject({ - breadcrumbs: expect.arrayContaining([ - { - category: 'navigation', - data: { from: '/parameterized/cappuccino', to: '/parameterized/cappuccino' }, - timestamp: expect.any(Number), - }, - ]), - contexts: { - react: { version: expect.any(String) }, - trace: { - data: { - 'sentry.op': 'pageload', - 'sentry.origin': 'auto.pageload.nextjs.app_router_instrumentation', - 'sentry.source': 'route', - }, - op: 'pageload', - origin: 'auto.pageload.nextjs.app_router_instrumentation', - span_id: expect.stringMatching(/[a-f0-9]{16}/), - trace_id: expect.stringMatching(/[a-f0-9]{32}/), - }, - }, - environment: 'qa', - request: { - headers: expect.any(Object), - url: expect.stringMatching(/\/parameterized\/cappuccino$/), - }, - start_timestamp: expect.any(Number), - timestamp: expect.any(Number), - transaction: '/parameterized/:one', - transaction_info: { source: 'route' }, - type: 'transaction', - }); -}); - -test('should create a static transaction when the `app` directory is used and the route is not parameterized', async ({ - page, -}) => { - const transactionPromise = waitForTransaction('nextjs-turbo', async transactionEvent => { - return ( - transactionEvent.transaction === '/parameterized/static' && transactionEvent.contexts?.trace?.op === 'pageload' - ); - }); - - await page.goto(`/parameterized/static`); - - const transaction = await transactionPromise; - - expect(transaction).toMatchObject({ - breadcrumbs: expect.arrayContaining([ - { - category: 'navigation', - data: { from: '/parameterized/static', to: '/parameterized/static' }, - timestamp: expect.any(Number), - }, - ]), - contexts: { - react: { version: expect.any(String) }, - trace: { - data: { - 'sentry.op': 'pageload', - 'sentry.origin': 'auto.pageload.nextjs.app_router_instrumentation', - 'sentry.source': 'url', - }, - op: 'pageload', - origin: 'auto.pageload.nextjs.app_router_instrumentation', - span_id: expect.stringMatching(/[a-f0-9]{16}/), - trace_id: expect.stringMatching(/[a-f0-9]{32}/), - }, - }, - environment: 'qa', - request: { - headers: expect.any(Object), - url: expect.stringMatching(/\/parameterized\/static$/), - }, - start_timestamp: expect.any(Number), - timestamp: expect.any(Number), - transaction: '/parameterized/static', - transaction_info: { source: 'url' }, - type: 'transaction', - }); -}); - -test('should create a partially parameterized transaction when the `app` directory is used', async ({ page }) => { - const transactionPromise = waitForTransaction('nextjs-turbo', async transactionEvent => { - return ( - transactionEvent.transaction === '/parameterized/:one/beep' && transactionEvent.contexts?.trace?.op === 'pageload' - ); - }); - - await page.goto(`/parameterized/cappuccino/beep`); - - const transaction = await transactionPromise; - - expect(transaction).toMatchObject({ - breadcrumbs: expect.arrayContaining([ - { - category: 'navigation', - data: { from: '/parameterized/cappuccino/beep', to: '/parameterized/cappuccino/beep' }, - timestamp: expect.any(Number), - }, - ]), - contexts: { - react: { version: expect.any(String) }, - trace: { - data: { - 'sentry.op': 'pageload', - 'sentry.origin': 'auto.pageload.nextjs.app_router_instrumentation', - 'sentry.source': 'route', - }, - op: 'pageload', - origin: 'auto.pageload.nextjs.app_router_instrumentation', - span_id: expect.stringMatching(/[a-f0-9]{16}/), - trace_id: expect.stringMatching(/[a-f0-9]{32}/), - }, - }, - environment: 'qa', - request: { - headers: expect.any(Object), - url: expect.stringMatching(/\/parameterized\/cappuccino\/beep$/), - }, - start_timestamp: expect.any(Number), - timestamp: expect.any(Number), - transaction: '/parameterized/:one/beep', - transaction_info: { source: 'route' }, - type: 'transaction', - }); -}); - -test('should create a nested parameterized transaction when the `app` directory is used', async ({ page }) => { - const transactionPromise = waitForTransaction('nextjs-turbo', async transactionEvent => { - return ( - transactionEvent.transaction === '/parameterized/:one/beep/:two' && - transactionEvent.contexts?.trace?.op === 'pageload' - ); - }); - - await page.goto(`/parameterized/cappuccino/beep/espresso`); - - const transaction = await transactionPromise; - - expect(transaction).toMatchObject({ - breadcrumbs: expect.arrayContaining([ - { - category: 'navigation', - data: { from: '/parameterized/cappuccino/beep/espresso', to: '/parameterized/cappuccino/beep/espresso' }, - timestamp: expect.any(Number), - }, - ]), - contexts: { - react: { version: expect.any(String) }, - trace: { - data: { - 'sentry.op': 'pageload', - 'sentry.origin': 'auto.pageload.nextjs.app_router_instrumentation', - 'sentry.source': 'route', - }, - op: 'pageload', - origin: 'auto.pageload.nextjs.app_router_instrumentation', - span_id: expect.stringMatching(/[a-f0-9]{16}/), - trace_id: expect.stringMatching(/[a-f0-9]{32}/), - }, - }, - environment: 'qa', - request: { - headers: expect.any(Object), - url: expect.stringMatching(/\/parameterized\/cappuccino\/beep\/espresso$/), - }, - start_timestamp: expect.any(Number), - timestamp: expect.any(Number), - transaction: '/parameterized/:one/beep/:two', - transaction_info: { source: 'route' }, - type: 'transaction', - }); -}); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/route-handlers.test.ts b/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/route-handlers.test.ts deleted file mode 100644 index 13f4f5fa4a58..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/route-handlers.test.ts +++ /dev/null @@ -1,72 +0,0 @@ -import { expect, test } from '@playwright/test'; -import { waitForError, waitForTransaction } from '@sentry-internal/test-utils'; - -test('Should create a transaction for dynamic route handlers', async ({ request }) => { - const routehandlerTransactionPromise = waitForTransaction('nextjs-turbo', async transactionEvent => { - return transactionEvent?.transaction === 'GET /route-handlers/[param]'; - }); - - const response = await request.get('/route-handlers/foo'); - expect(await response.json()).toStrictEqual({ name: 'Beep' }); - - const routehandlerTransaction = await routehandlerTransactionPromise; - - expect(routehandlerTransaction.contexts?.trace?.status).toBe('ok'); - expect(routehandlerTransaction.contexts?.trace?.op).toBe('http.server'); -}); - -test('Should create a transaction for static route handlers', async ({ request }) => { - const routehandlerTransactionPromise = waitForTransaction('nextjs-turbo', async transactionEvent => { - return transactionEvent?.transaction === 'GET /route-handlers/static'; - }); - - const response = await request.get('/route-handlers/static'); - expect(await response.json()).toStrictEqual({ name: 'Static' }); - - const routehandlerTransaction = await routehandlerTransactionPromise; - - expect(routehandlerTransaction.contexts?.trace?.status).toBe('ok'); - expect(routehandlerTransaction.contexts?.trace?.op).toBe('http.server'); -}); - -test('Should create a transaction for route handlers and correctly set span status depending on http status', async ({ - request, -}) => { - const routehandlerTransactionPromise = waitForTransaction('nextjs-turbo', async transactionEvent => { - return transactionEvent?.transaction === 'POST /route-handlers/[param]'; - }); - - const response = await request.post('/route-handlers/bar'); - expect(await response.json()).toStrictEqual({ name: 'Boop' }); - - const routehandlerTransaction = await routehandlerTransactionPromise; - - expect(routehandlerTransaction.contexts?.trace?.status).toBe('invalid_argument'); - expect(routehandlerTransaction.contexts?.trace?.op).toBe('http.server'); -}); - -test('Should record exceptions and transactions for faulty route handlers', async ({ request }) => { - const errorEventPromise = waitForError('nextjs-turbo', errorEvent => { - return errorEvent?.exception?.values?.[0]?.value === 'Dynamic route handler error'; - }); - - const routehandlerTransactionPromise = waitForTransaction('nextjs-turbo', async transactionEvent => { - return transactionEvent?.transaction === 'GET /route-handlers/[param]/error'; - }); - - await request.get('/route-handlers/boop/error').catch(() => {}); - - const routehandlerTransaction = await routehandlerTransactionPromise; - const routehandlerError = await errorEventPromise; - - expect(routehandlerTransaction.contexts?.trace?.status).toBe('internal_error'); - expect(routehandlerTransaction.contexts?.trace?.op).toBe('http.server'); - expect(routehandlerTransaction.contexts?.trace?.origin).toContain('auto'); - - expect(routehandlerError.exception?.values?.[0].value).toBe('Dynamic route handler error'); - - expect(routehandlerError.request?.method).toBe('GET'); - expect(routehandlerError.request?.url).toContain('/route-handlers/boop/error'); - - expect(routehandlerError.transaction).toBe('/route-handlers/[param]/error'); -}); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/rsc-error.test.ts b/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/rsc-error.test.ts deleted file mode 100644 index d9c94de2d2be..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/rsc-error.test.ts +++ /dev/null @@ -1,18 +0,0 @@ -import { expect, test } from '@playwright/test'; -import { waitForError } from '@sentry-internal/test-utils'; - -test('Should capture errors from server components', async ({ page }) => { - const errorEventPromise = waitForError('nextjs-turbo', errorEvent => { - return !!errorEvent?.exception?.values?.some(value => value.value === 'page rsc render error'); - }); - - await page.goto(`/123/rsc-page-error`); - - const errorEvent = await errorEventPromise; - - expect(errorEvent).toBeDefined(); - expect(errorEvent.exception?.values?.[0]?.mechanism).toEqual({ - handled: false, - type: 'auto.function.nextjs.on_request_error', - }); -}); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/server-components.test.ts b/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/server-components.test.ts deleted file mode 100644 index d3a6db69fcd5..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tests/app-router/server-components.test.ts +++ /dev/null @@ -1,48 +0,0 @@ -import { expect, test } from '@playwright/test'; -import { waitForTransaction } from '@sentry-internal/test-utils'; - -test('Sends a transaction for a request to app router with URL', async ({ page }) => { - const serverComponentTransactionPromise = waitForTransaction('nextjs-turbo', transactionEvent => { - return ( - transactionEvent?.transaction === 'GET /parameterized/[one]/beep/[two]' && - transactionEvent.contexts?.trace?.data?.['http.target']?.startsWith('/parameterized/1337/beep/42') - ); - }); - - await page.goto('/parameterized/1337/beep/42'); - - const transactionEvent = await serverComponentTransactionPromise; - - expect(transactionEvent.contexts?.trace).toEqual({ - data: expect.objectContaining({ - 'sentry.op': 'http.server', - 'sentry.origin': 'auto', - 'sentry.sample_rate': 1, - 'sentry.source': 'route', - 'http.method': 'GET', - 'http.response.status_code': 200, - 'http.route': '/parameterized/[one]/beep/[two]', - 'http.status_code': 200, - 'http.target': '/parameterized/1337/beep/42', - 'otel.kind': 'SERVER', - 'next.route': '/parameterized/[one]/beep/[two]', - }), - op: 'http.server', - origin: 'auto', - span_id: expect.stringMatching(/[a-f0-9]{16}/), - status: 'ok', - trace_id: expect.stringMatching(/[a-f0-9]{32}/), - }); - - expect(transactionEvent.request).toMatchObject({ - url: expect.stringContaining('/parameterized/1337/beep/42'), - }); - - // The transaction should not contain any spans with the same name as the transaction - // e.g. "GET /parameterized/[one]/beep/[two]" - expect( - transactionEvent.spans?.filter(span => { - return span.description === transactionEvent.transaction; - }), - ).toHaveLength(0); -}); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tsconfig.json b/dev-packages/e2e-tests/test-applications/nextjs-turbo/tsconfig.json deleted file mode 100644 index 1ed098ed9058..000000000000 --- a/dev-packages/e2e-tests/test-applications/nextjs-turbo/tsconfig.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "compilerOptions": { - "allowImportingTsExtensions": true, - "target": "es2018", - "lib": ["dom", "dom.iterable", "esnext"], - "allowJs": true, - "skipLibCheck": true, - "strict": true, - "forceConsistentCasingInFileNames": true, - "noEmit": true, - "esModuleInterop": true, - "module": "esnext", - "moduleResolution": "node", - "resolveJsonModule": true, - "isolatedModules": true, - "jsx": "preserve", - "plugins": [ - { - "name": "next" - } - ], - "incremental": true - }, - "include": ["next-env.d.ts", "**/*.ts", "**/*.tsx", "next.config.js", ".next/types/**/*.ts"], - "exclude": ["node_modules", "playwright.config.ts"] -} From 170b6f8eec449cbbd2eb0a918b5beafa51826a73 Mon Sep 17 00:00:00 2001 From: Abdelrahman Awad Date: Sat, 31 Jan 2026 00:00:41 +0200 Subject: [PATCH 17/80] fix(core): Prevent infinite recursion when event processor throws (#19110) When an event processor throws an error, the SDK calls `captureException` to report it with `hint.data.__sentry__ = true`. However, this new event still ran through all event processors, causing infinite recursion if the processor throws on every event. I'm not sure what's the best way to resolve this, I had a couple of ideas: 1. Mark an "event processor" as faulty and skip if an error is thrown from there by adding metadata in catch blocks. 2. Outright skip event processors for internal exception events in `prepareEvent()`. I went with (2) because it is consistent with how `beforeSend` is already skipped for these events. The processor error is still captured and sent to Sentry, but it bypasses event processors to break the recursion. Fixes #19108 --- packages/core/src/utils/prepareEvent.ts | 7 ++++++- packages/core/test/lib/client.test.ts | 25 +++++++++++++++++++++++++ 2 files changed, 31 insertions(+), 1 deletion(-) diff --git a/packages/core/src/utils/prepareEvent.ts b/packages/core/src/utils/prepareEvent.ts index 3a127d332686..6528873c3dee 100644 --- a/packages/core/src/utils/prepareEvent.ts +++ b/packages/core/src/utils/prepareEvent.ts @@ -11,6 +11,7 @@ import { addExceptionMechanism, uuid4 } from './misc'; import { normalize } from './normalize'; import { applyScopeDataToEvent, getCombinedScopeData } from './scopeData'; import { truncate } from './string'; +import { resolvedSyncPromise } from './syncpromise'; import { dateTimestampInSeconds } from './time'; /** @@ -93,7 +94,11 @@ export function prepareEvent( ...data.eventProcessors, ]; - const result = notifyEventProcessors(eventProcessors, prepared, hint); + // Skip event processors for internal exceptions to prevent recursion + const isInternalException = hint.data && (hint.data as { __sentry__: boolean }).__sentry__ === true; + const result = isInternalException + ? resolvedSyncPromise(prepared) + : notifyEventProcessors(eventProcessors, prepared, hint); return result.then(evt => { if (evt) { diff --git a/packages/core/test/lib/client.test.ts b/packages/core/test/lib/client.test.ts index 09ec34bf4fcc..21aab0ea609b 100644 --- a/packages/core/test/lib/client.test.ts +++ b/packages/core/test/lib/client.test.ts @@ -2007,6 +2007,31 @@ describe('Client', () => { }); }); + test('client-level event processor that throws on all events does not cause infinite recursion', () => { + const options = getDefaultTestClientOptions({ dsn: PUBLIC_DSN }); + const client = new TestClient(options); + + let processorCallCount = 0; + // Add processor at client level - this runs on ALL events including internal exceptions + client.addEventProcessor(() => { + processorCallCount++; + throw new Error('Processor always throws'); + }); + + client.captureMessage('test message'); + + // Should be called once for the original message + // internal exception events skips event processors entirely. + expect(processorCallCount).toBe(1); + + // Verify the processor error was captured and sent + expect(TestClient.instance!.event!.exception!.values![0]).toStrictEqual({ + type: 'Error', + value: 'Processor always throws', + mechanism: { type: 'internal', handled: false }, + }); + }); + test('records events dropped due to `sampleRate` option', () => { expect.assertions(1); From 5616396dd242608c10200f1e6ed5f34113d89dc1 Mon Sep 17 00:00:00 2001 From: Tim Fish Date: Mon, 2 Feb 2026 09:15:57 +0000 Subject: [PATCH 18/80] feat(browser): Trace continuation from server-timing headers (#18673) Currently the only way to propagate trace context from server to browser is via meta tags. In some cases modifying the page HTML can be difficult or have a performance impact. This PR adds support to the browser SDK to fetch `sentry-trace` and `baggage` from the [Server Timing header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Server-Timing). --- .../pageload-headers/subject.js | 16 ++ .../pageload-headers/template.html | 11 + .../trace-lifetime/pageload-headers/test.ts | 85 +++++++ .../trace-lifetime/pageload-meta/test.ts | 2 +- .../init.js | 10 + .../template.html | 9 + .../test.ts | 51 +++++ .../src/tracing/browserTracingIntegration.ts | 12 +- .../tracing/browserTracingIntegration.test.ts | 208 ++++++++++++++++++ 9 files changed, 401 insertions(+), 3 deletions(-) create mode 100644 dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-headers/subject.js create mode 100644 dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-headers/template.html create mode 100644 dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-headers/test.ts create mode 100644 dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/tracing-without-performance-headers/init.js create mode 100644 dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/tracing-without-performance-headers/template.html create mode 100644 dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/tracing-without-performance-headers/test.ts diff --git a/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-headers/subject.js b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-headers/subject.js new file mode 100644 index 000000000000..bfaa54db4d01 --- /dev/null +++ b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-headers/subject.js @@ -0,0 +1,16 @@ +const errorBtn = document.getElementById('errorBtn'); +errorBtn.addEventListener('click', () => { + throw new Error(`Sentry Test Error ${Math.random()}`); +}); + +const fetchBtn = document.getElementById('fetchBtn'); +fetchBtn.addEventListener('click', async () => { + await fetch('http://sentry-test-site.example'); +}); + +const xhrBtn = document.getElementById('xhrBtn'); +xhrBtn.addEventListener('click', () => { + const xhr = new XMLHttpRequest(); + xhr.open('GET', 'http://sentry-test-site.example'); + xhr.send(); +}); diff --git a/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-headers/template.html b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-headers/template.html new file mode 100644 index 000000000000..a3c17f442605 --- /dev/null +++ b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-headers/template.html @@ -0,0 +1,11 @@ + + + + + + + + + + + diff --git a/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-headers/test.ts b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-headers/test.ts new file mode 100644 index 000000000000..76e015dcb07a --- /dev/null +++ b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-headers/test.ts @@ -0,0 +1,85 @@ +import { expect } from '@playwright/test'; +import { sentryTest } from '../../../../utils/fixtures'; +import type { EventAndTraceHeader } from '../../../../utils/helpers'; +import { + eventAndTraceHeaderRequestParser, + getFirstSentryEnvelopeRequest, + shouldSkipTracingTest, +} from '../../../../utils/helpers'; + +const META_TAG_TRACE_ID = '12345678901234567890123456789012'; +const META_TAG_PARENT_SPAN_ID = '1234567890123456'; +const META_TAG_BAGGAGE = + 'sentry-trace_id=12345678901234567890123456789012,sentry-sample_rate=0.2,sentry-sampled=true,sentry-transaction=my-transaction,sentry-public_key=public,sentry-release=1.0.0,sentry-environment=prod,sentry-sample_rand=0.42'; + +sentryTest( + 'create a new trace for a navigation after the server timing headers', + async ({ getLocalTestUrl, page, enableConsole }) => { + if (shouldSkipTracingTest()) { + sentryTest.skip(); + } + + enableConsole(); + + const url = await getLocalTestUrl({ + testDir: __dirname, + responseHeaders: { + 'Server-Timing': `sentry-trace;desc=${META_TAG_TRACE_ID}-${META_TAG_PARENT_SPAN_ID}-1, baggage;desc="${META_TAG_BAGGAGE}"`, + }, + }); + + const [pageloadEvent, pageloadTraceHeader] = await getFirstSentryEnvelopeRequest( + page, + url, + eventAndTraceHeaderRequestParser, + ); + const [navigationEvent, navigationTraceHeader] = await getFirstSentryEnvelopeRequest( + page, + `${url}#foo`, + eventAndTraceHeaderRequestParser, + ); + + const pageloadTraceContext = pageloadEvent.contexts?.trace; + const navigationTraceContext = navigationEvent.contexts?.trace; + + expect(pageloadEvent.type).toEqual('transaction'); + expect(pageloadTraceContext).toMatchObject({ + op: 'pageload', + trace_id: META_TAG_TRACE_ID, + parent_span_id: META_TAG_PARENT_SPAN_ID, + span_id: expect.stringMatching(/^[\da-f]{16}$/), + }); + + expect(pageloadTraceHeader).toEqual({ + environment: 'prod', + release: '1.0.0', + sample_rate: '0.2', + sampled: 'true', + transaction: 'my-transaction', + public_key: 'public', + trace_id: META_TAG_TRACE_ID, + sample_rand: '0.42', + }); + + expect(navigationEvent.type).toEqual('transaction'); + expect(navigationTraceContext).toMatchObject({ + op: 'navigation', + trace_id: expect.stringMatching(/^[\da-f]{32}$/), + span_id: expect.stringMatching(/^[\da-f]{16}$/), + }); + // navigation span is head of trace, so there's no parent span: + expect(navigationTraceContext).not.toHaveProperty('parent_span_id'); + + expect(navigationTraceHeader).toEqual({ + environment: 'production', + public_key: 'public', + sample_rate: '1', + sampled: 'true', + trace_id: navigationTraceContext?.trace_id, + sample_rand: expect.any(String), + }); + + expect(pageloadTraceContext?.trace_id).not.toEqual(navigationTraceContext?.trace_id); + expect(pageloadTraceHeader?.sample_rand).not.toEqual(navigationTraceHeader?.sample_rand); + }, +); diff --git a/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-meta/test.ts b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-meta/test.ts index 4269f91c2c07..c66d8793e610 100644 --- a/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-meta/test.ts +++ b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/pageload-meta/test.ts @@ -64,7 +64,7 @@ sentryTest( span_id: expect.stringMatching(/^[\da-f]{16}$/), }); // navigation span is head of trace, so there's no parent span: - expect(navigationTraceContext?.trace_id).not.toHaveProperty('parent_span_id'); + expect(navigationTraceContext).not.toHaveProperty('parent_span_id'); expect(navigationTraceHeader).toEqual({ environment: 'production', diff --git a/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/tracing-without-performance-headers/init.js b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/tracing-without-performance-headers/init.js new file mode 100644 index 000000000000..94222159056c --- /dev/null +++ b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/tracing-without-performance-headers/init.js @@ -0,0 +1,10 @@ +import * as Sentry from '@sentry/browser'; + +window.Sentry = Sentry; + +Sentry.init({ + // in browser TwP means not setting tracesSampleRate but adding browserTracingIntegration, + dsn: 'https://public@dsn.ingest.sentry.io/1337', + integrations: [Sentry.browserTracingIntegration()], + tracePropagationTargets: ['http://sentry-test-site.example'], +}); diff --git a/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/tracing-without-performance-headers/template.html b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/tracing-without-performance-headers/template.html new file mode 100644 index 000000000000..a29ad2056a45 --- /dev/null +++ b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/tracing-without-performance-headers/template.html @@ -0,0 +1,9 @@ + + + + + + + + + diff --git a/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/tracing-without-performance-headers/test.ts b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/tracing-without-performance-headers/test.ts new file mode 100644 index 000000000000..3d0262b717d9 --- /dev/null +++ b/dev-packages/browser-integration-tests/suites/tracing/trace-lifetime/tracing-without-performance-headers/test.ts @@ -0,0 +1,51 @@ +import { expect } from '@playwright/test'; +import { sentryTest } from '../../../../utils/fixtures'; +import type { EventAndTraceHeader } from '../../../../utils/helpers'; +import { + eventAndTraceHeaderRequestParser, + getFirstSentryEnvelopeRequest, + shouldSkipTracingTest, +} from '../../../../utils/helpers'; + +const META_TAG_TRACE_ID = '12345678901234567890123456789012'; +const META_TAG_PARENT_SPAN_ID = '1234567890123456'; +const META_TAG_BAGGAGE = + 'sentry-trace_id=12345678901234567890123456789012,sentry-public_key=public,sentry-release=1.0.0,sentry-environment=prod,sentry-sample_rand=0.42'; + +sentryTest('error on initial page has traceId from server timing headers', async ({ getLocalTestUrl, page }) => { + if (shouldSkipTracingTest()) { + sentryTest.skip(); + } + + const url = await getLocalTestUrl({ + testDir: __dirname, + responseHeaders: { + 'Server-Timing': `sentry-trace;desc=${META_TAG_TRACE_ID}-${META_TAG_PARENT_SPAN_ID}, baggage;desc="${META_TAG_BAGGAGE}"`, + }, + }); + await page.goto(url); + + const errorEventPromise = getFirstSentryEnvelopeRequest( + page, + undefined, + eventAndTraceHeaderRequestParser, + ); + + await page.locator('#errorBtn').click(); + const [errorEvent, errorTraceHeader] = await errorEventPromise; + + expect(errorEvent.type).toEqual(undefined); + expect(errorEvent.contexts?.trace).toEqual({ + trace_id: META_TAG_TRACE_ID, + parent_span_id: META_TAG_PARENT_SPAN_ID, + span_id: expect.stringMatching(/^[\da-f]{16}$/), + }); + + expect(errorTraceHeader).toEqual({ + environment: 'prod', + public_key: 'public', + release: '1.0.0', + trace_id: META_TAG_TRACE_ID, + sample_rand: '0.42', + }); +}); diff --git a/packages/browser/src/tracing/browserTracingIntegration.ts b/packages/browser/src/tracing/browserTracingIntegration.ts index 2e3eebe86845..c71acf106258 100644 --- a/packages/browser/src/tracing/browserTracingIntegration.ts +++ b/packages/browser/src/tracing/browserTracingIntegration.ts @@ -594,8 +594,9 @@ export const browserTracingIntegration = ((options: Partial entry.name === name); + return entry?.description; +} + /** Start listener for interaction transactions */ function registerInteractionListener( client: Client, diff --git a/packages/browser/test/tracing/browserTracingIntegration.test.ts b/packages/browser/test/tracing/browserTracingIntegration.test.ts index e3f1060655c2..991fcc1393a4 100644 --- a/packages/browser/test/tracing/browserTracingIntegration.test.ts +++ b/packages/browser/test/tracing/browserTracingIntegration.test.ts @@ -25,6 +25,7 @@ import { BrowserClient } from '../../src/client'; import { WINDOW } from '../../src/helpers'; import { browserTracingIntegration, + getServerTiming, startBrowserTracingNavigationSpan, startBrowserTracingPageLoadSpan, } from '../../src/tracing/browserTracingIntegration'; @@ -72,6 +73,7 @@ describe('browserTracingIntegration', () => { afterEach(() => { getActiveSpan()?.end(); vi.useRealTimers(); + vi.restoreAllMocks(); performance.clearMarks(); }); @@ -1029,6 +1031,212 @@ describe('browserTracingIntegration', () => { }); }); + describe('getServerTiming', () => { + it('retrieves server timing description when available', () => { + // Mock the performance API + const mockServerTiming = [ + { name: 'sentry-trace', duration: 0, description: '12312012123120121231201212312012-1121201211212012-1' }, + { name: 'baggage', duration: 0, description: 'sentry-release=2.1.14,sentry-sample_rand=0.456' }, + ]; + + const mockNavigationEntry = { + serverTiming: mockServerTiming, + }; + + vi.spyOn(WINDOW.performance, 'getEntriesByType').mockReturnValue([mockNavigationEntry as any]); + + const sentryTrace = getServerTiming('sentry-trace'); + const baggage = getServerTiming('baggage'); + + expect(sentryTrace).toBe('12312012123120121231201212312012-1121201211212012-1'); + expect(baggage).toBe('sentry-release=2.1.14,sentry-sample_rand=0.456'); + }); + + it('returns undefined when server timing entry is not found', () => { + const mockServerTiming = [{ name: 'other-timing', duration: 0, description: 'some-value' }]; + + const mockNavigationEntry = { + serverTiming: mockServerTiming, + }; + + vi.spyOn(WINDOW.performance, 'getEntriesByType').mockReturnValue([mockNavigationEntry as any]); + + const result = getServerTiming('sentry-trace'); + + expect(result).toBeUndefined(); + }); + + it('returns undefined when performance API is not available', () => { + const originalPerformance = WINDOW.performance; + // @ts-expect-error - intentionally setting to undefined + WINDOW.performance = undefined; + + const result = getServerTiming('sentry-trace'); + + expect(result).toBeUndefined(); + + // eslint-disable-next-line @typescript-eslint/ban-ts-comment + // @ts-ignore its read only + WINDOW.performance = originalPerformance; + }); + + it('returns undefined when serverTiming is not available', () => { + const mockNavigationEntry = { + serverTiming: undefined, + }; + + vi.spyOn(WINDOW.performance, 'getEntriesByType').mockReturnValue([mockNavigationEntry as any]); + + const result = getServerTiming('sentry-trace'); + + expect(result).toBeUndefined(); + }); + }); + + describe('using Server-Timing headers', () => { + it('uses Server-Timing headers for pageload span', () => { + // Mock the performance API with Server-Timing data + const mockServerTiming = [ + { name: 'sentry-trace', duration: 0, description: '12312012123120121231201212312012-1121201211212012-0' }, + { name: 'baggage', duration: 0, description: 'sentry-release=2.1.14,foo=bar,sentry-sample_rand=0.123' }, + ]; + + const mockNavigationEntry = { + serverTiming: mockServerTiming, + }; + + vi.spyOn(WINDOW.performance, 'getEntriesByType').mockReturnValue([mockNavigationEntry as any]); + + const client = new BrowserClient( + getDefaultBrowserClientOptions({ + tracesSampleRate: 1, + integrations: [browserTracingIntegration()], + }), + ); + setCurrentClient(client); + + // pageload transactions are created as part of the browserTracingIntegration's initialization + client.init(); + + const idleSpan = getActiveSpan()!; + expect(idleSpan).toBeDefined(); + + const dynamicSamplingContext = getDynamicSamplingContextFromSpan(idleSpan); + const propagationContext = getCurrentScope().getPropagationContext(); + + // Span is correct + expect(spanToJSON(idleSpan).op).toBe('pageload'); + expect(spanToJSON(idleSpan).trace_id).toEqual('12312012123120121231201212312012'); + expect(spanToJSON(idleSpan).parent_span_id).toEqual('1121201211212012'); + expect(spanIsSampled(idleSpan)).toBe(false); + + expect(dynamicSamplingContext).toBeDefined(); + expect(dynamicSamplingContext).toStrictEqual({ release: '2.1.14', sample_rand: '0.123' }); + + // Propagation context keeps the Server-Timing trace data for later events on the same route to add them to the trace + expect(propagationContext.traceId).toEqual('12312012123120121231201212312012'); + expect(propagationContext.parentSpanId).toEqual('1121201211212012'); + expect(propagationContext.sampleRand).toBe(0.123); + }); + + it('meta tags take precedence over Server-Timing headers', () => { + // Set up both meta tags and Server-Timing headers + document.head.innerHTML = + '' + + ''; + + const mockServerTiming = [ + { name: 'sentry-trace', duration: 0, description: '12312012123120121231201212312012-1121201211212012-0' }, + { name: 'baggage', duration: 0, description: 'sentry-release=2.1.14,sentry-sample_rand=0.123' }, + ]; + + const mockNavigationEntry = { + serverTiming: mockServerTiming, + }; + + vi.spyOn(WINDOW.performance, 'getEntriesByType').mockReturnValue([mockNavigationEntry as any]); + + const client = new BrowserClient( + getDefaultBrowserClientOptions({ + tracesSampleRate: 1, + integrations: [browserTracingIntegration()], + }), + ); + setCurrentClient(client); + + client.init(); + + const idleSpan = getActiveSpan()!; + expect(idleSpan).toBeDefined(); + + const dynamicSamplingContext = getDynamicSamplingContextFromSpan(idleSpan); + const propagationContext = getCurrentScope().getPropagationContext(); + + // Span should use meta tag data, not Server-Timing data + expect(spanToJSON(idleSpan).trace_id).toEqual('11111111111111111111111111111111'); + expect(spanToJSON(idleSpan).parent_span_id).toEqual('2222222222222222'); + expect(spanIsSampled(idleSpan)).toBe(true); + + expect(dynamicSamplingContext).toStrictEqual({ release: '3.0.0', sample_rand: '0.999' }); + + expect(propagationContext.traceId).toEqual('11111111111111111111111111111111'); + expect(propagationContext.parentSpanId).toEqual('2222222222222222'); + expect(propagationContext.sampleRand).toBe(0.999); + }); + + it('uses passed in tracing data over Server-Timing headers', () => { + const mockServerTiming = [ + { name: 'sentry-trace', duration: 0, description: '12312012123120121231201212312012-1121201211212012-0' }, + { name: 'baggage', duration: 0, description: 'sentry-release=2.1.14,sentry-sample_rand=0.123' }, + ]; + + const mockNavigationEntry = { + serverTiming: mockServerTiming, + }; + + vi.spyOn(WINDOW.performance, 'getEntriesByType').mockReturnValue([mockNavigationEntry as any]); + + const client = new BrowserClient( + getDefaultBrowserClientOptions({ + tracesSampleRate: 1, + integrations: [browserTracingIntegration({ instrumentPageLoad: false })], + }), + ); + setCurrentClient(client); + + client.init(); + + // manually create a pageload span with tracing data + startBrowserTracingPageLoadSpan( + client, + { + name: 'test span', + }, + { + sentryTrace: '99999999999999999999999999999999-8888888888888888-1', + baggage: 'sentry-release=4.0.0,sentry-sample_rand=0.777', + }, + ); + + const idleSpan = getActiveSpan()!; + expect(idleSpan).toBeDefined(); + + const dynamicSamplingContext = getDynamicSamplingContextFromSpan(idleSpan); + const propagationContext = getCurrentScope().getPropagationContext(); + + // Span should use passed-in data, not Server-Timing data + expect(spanToJSON(idleSpan).trace_id).toEqual('99999999999999999999999999999999'); + expect(spanToJSON(idleSpan).parent_span_id).toEqual('8888888888888888'); + expect(spanIsSampled(idleSpan)).toBe(true); + + expect(dynamicSamplingContext).toStrictEqual({ release: '4.0.0', sample_rand: '0.777' }); + + expect(propagationContext.traceId).toEqual('99999999999999999999999999999999'); + expect(propagationContext.parentSpanId).toEqual('8888888888888888'); + expect(propagationContext.sampleRand).toBe(0.777); + }); + }); + describe('idleTimeout', () => { it('is created by default', () => { vi.useFakeTimers(); From 87001a97f4acf032aa710a4ea7564403155004e3 Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Mon, 2 Feb 2026 10:17:50 +0100 Subject: [PATCH 19/80] ci(e2e): Remove `nextjs-turbo` canary tests (#19118) This test got removed in https://github.com/getsentry/sentry-javascript/pull/19107 closes https://github.com/getsentry/sentry-javascript/issues/19111 closes https://github.com/getsentry/sentry-javascript/issues/19112 --- .github/workflows/canary.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/canary.yml b/.github/workflows/canary.yml index 36244b3da154..252bbc831239 100644 --- a/.github/workflows/canary.yml +++ b/.github/workflows/canary.yml @@ -96,12 +96,6 @@ jobs: - test-application: 'nextjs-16' build-command: 'test:build-canary-webpack' label: 'nextjs-16 (canary-webpack)' - - test-application: 'nextjs-turbo' - build-command: 'test:build-canary' - label: 'nextjs-turbo (canary)' - - test-application: 'nextjs-turbo' - build-command: 'test:build-latest' - label: 'nextjs-turbo (latest)' - test-application: 'react-create-hash-router' build-command: 'test:build-canary' label: 'react-create-hash-router (canary)' From f64ed1541f3e809c269966f32a9bb4af331b2ce0 Mon Sep 17 00:00:00 2001 From: Nicolas Hrubec Date: Tue, 3 Feb 2026 10:23:01 +0100 Subject: [PATCH 20/80] fix(tanstackstart-react): Use `auto.middleware.tanstackstart` as middleware trace origin (#19137) Should be auto as they are emitted by the SDK. Closes https://github.com/getsentry/sentry-javascript/issues/19133 --- .size-limit.js | 2 +- .../tests/middleware.test.ts | 18 +++++++++--------- .../tests/transaction.test.ts | 2 +- .../tanstackstart-react/src/server/utils.ts | 2 +- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.size-limit.js b/.size-limit.js index 7feee4373586..7f8e1809522f 100644 --- a/.size-limit.js +++ b/.size-limit.js @@ -148,7 +148,7 @@ module.exports = [ import: createImport('init', 'ErrorBoundary', 'reactRouterV6BrowserTracingIntegration'), ignore: ['react/jsx-runtime'], gzip: true, - limit: '44.5 KB', + limit: '44.6 KB', }, // Vue SDK (ESM) { diff --git a/dev-packages/e2e-tests/test-applications/tanstackstart-react/tests/middleware.test.ts b/dev-packages/e2e-tests/test-applications/tanstackstart-react/tests/middleware.test.ts index 824a611bc2ae..dffab8ea2aa3 100644 --- a/dev-packages/e2e-tests/test-applications/tanstackstart-react/tests/middleware.test.ts +++ b/dev-packages/e2e-tests/test-applications/tanstackstart-react/tests/middleware.test.ts @@ -22,11 +22,11 @@ test('Sends spans for multiple middlewares and verifies they are siblings under // Find both middleware spans const serverFnMiddlewareSpan = transactionEvent?.spans?.find( (span: { description?: string; origin?: string }) => - span.description === 'serverFnMiddleware' && span.origin === 'manual.middleware.tanstackstart', + span.description === 'serverFnMiddleware' && span.origin === 'auto.middleware.tanstackstart', ); const globalFunctionMiddlewareSpan = transactionEvent?.spans?.find( (span: { description?: string; origin?: string }) => - span.description === 'globalFunctionMiddleware' && span.origin === 'manual.middleware.tanstackstart', + span.description === 'globalFunctionMiddleware' && span.origin === 'auto.middleware.tanstackstart', ); // Verify both middleware spans exist with expected properties @@ -34,7 +34,7 @@ test('Sends spans for multiple middlewares and verifies they are siblings under expect.objectContaining({ description: 'serverFnMiddleware', op: 'middleware.tanstackstart', - origin: 'manual.middleware.tanstackstart', + origin: 'auto.middleware.tanstackstart', status: 'ok', }), ); @@ -42,7 +42,7 @@ test('Sends spans for multiple middlewares and verifies they are siblings under expect.objectContaining({ description: 'globalFunctionMiddleware', op: 'middleware.tanstackstart', - origin: 'manual.middleware.tanstackstart', + origin: 'auto.middleware.tanstackstart', status: 'ok', }), ); @@ -73,7 +73,7 @@ test('Sends spans for global function middleware', async ({ page }) => { expect.objectContaining({ description: 'globalFunctionMiddleware', op: 'middleware.tanstackstart', - origin: 'manual.middleware.tanstackstart', + origin: 'auto.middleware.tanstackstart', status: 'ok', }), ]), @@ -100,7 +100,7 @@ test('Sends spans for global request middleware', async ({ page }) => { expect.objectContaining({ description: 'globalRequestMiddleware', op: 'middleware.tanstackstart', - origin: 'manual.middleware.tanstackstart', + origin: 'auto.middleware.tanstackstart', status: 'ok', }), ]), @@ -127,7 +127,7 @@ test('Sends spans for server route request middleware', async ({ page }) => { expect.objectContaining({ description: 'serverRouteRequestMiddleware', op: 'middleware.tanstackstart', - origin: 'manual.middleware.tanstackstart', + origin: 'auto.middleware.tanstackstart', status: 'ok', }), ]), @@ -156,7 +156,7 @@ test('Sends span for middleware that returns early without calling next()', asyn expect.objectContaining({ description: 'earlyReturnMiddleware', op: 'middleware.tanstackstart', - origin: 'manual.middleware.tanstackstart', + origin: 'auto.middleware.tanstackstart', status: 'ok', }), ]), @@ -185,7 +185,7 @@ test('Sends span for middleware that throws an error', async ({ page }) => { expect.objectContaining({ description: 'errorMiddleware', op: 'middleware.tanstackstart', - origin: 'manual.middleware.tanstackstart', + origin: 'auto.middleware.tanstackstart', }), ]), ); diff --git a/dev-packages/e2e-tests/test-applications/tanstackstart-react/tests/transaction.test.ts b/dev-packages/e2e-tests/test-applications/tanstackstart-react/tests/transaction.test.ts index 3ef96e887bd2..5186514d277a 100644 --- a/dev-packages/e2e-tests/test-applications/tanstackstart-react/tests/transaction.test.ts +++ b/dev-packages/e2e-tests/test-applications/tanstackstart-react/tests/transaction.test.ts @@ -87,7 +87,7 @@ test('Sends a server function transaction for a nested server function only if i // Verify that globalFunctionMiddleware and testNestedLog are sibling spans under the root const functionMiddlewareSpan = transactionEvent?.spans?.find( (span: { description?: string; origin?: string }) => - span.description === 'globalFunctionMiddleware' && span.origin === 'manual.middleware.tanstackstart', + span.description === 'globalFunctionMiddleware' && span.origin === 'auto.middleware.tanstackstart', ); const nestedSpan = transactionEvent?.spans?.find( (span: { description?: string; origin?: string }) => diff --git a/packages/tanstackstart-react/src/server/utils.ts b/packages/tanstackstart-react/src/server/utils.ts index 66cfec542dd3..2a94cb79deac 100644 --- a/packages/tanstackstart-react/src/server/utils.ts +++ b/packages/tanstackstart-react/src/server/utils.ts @@ -22,7 +22,7 @@ export function getMiddlewareSpanOptions(name: string): StartSpanOptions { op: 'middleware.tanstackstart', name, attributes: { - [SEMANTIC_ATTRIBUTE_SENTRY_ORIGIN]: 'manual.middleware.tanstackstart', + [SEMANTIC_ATTRIBUTE_SENTRY_ORIGIN]: 'auto.middleware.tanstackstart', [SEMANTIC_ATTRIBUTE_SENTRY_OP]: 'middleware.tanstackstart', }, }; From 65f7b8785e139a23d3699891e251877cb5fd8dca Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Tue, 3 Feb 2026 13:03:59 +0100 Subject: [PATCH 21/80] test(e2e): Bump `nextjs-t3` to next 15 (#19130) Latest [t3](https://create.t3.gg/) runs on next 15 so this makes more sense imo. Closes #19131 (added automatically) --- .../{nextjs-t3 => nextjs-15-t3}/.gitignore | 0 .../{nextjs-t3 => nextjs-15-t3}/.npmrc | 0 .../{nextjs-t3 => nextjs-15-t3}/next-env.d.ts | 0 .../next.config.js | 0 .../{nextjs-t3 => nextjs-15-t3}/package.json | 27 +++++++++--------- .../playwright.config.mjs | 0 .../postcss.config.cjs | 0 .../public/favicon.ico | Bin .../sentry.client.config.ts | 0 .../sentry.edge.config.ts | 0 .../sentry.server.config.ts | 0 .../src/app/_components/post.tsx | 0 .../src/app/api/trpc/[trpc]/route.ts | 2 +- .../src/app/global-error.tsx | 0 .../src/app/layout.tsx | 2 +- .../src/app/page.tsx | 0 .../{nextjs-t3 => nextjs-15-t3}/src/env.js | 2 +- .../src/instrumentation.ts | 0 .../src/server/api/root.ts | 0 .../src/server/api/routers/post.ts | 0 .../src/server/api/trpc.ts | 2 +- .../src/styles/globals.css | 0 .../src/trpc/query-client.ts | 2 +- .../src/trpc/react.tsx | 12 ++++---- .../src/trpc/server.ts | 11 +++---- .../start-event-proxy.mjs | 2 +- .../tailwind.config.ts | 0 .../tests/trpc-error.test.ts | 4 +-- .../tests/trpc-mutation.test.ts | 2 +- .../{nextjs-t3 => nextjs-15-t3}/tsconfig.json | 3 +- 30 files changed, 37 insertions(+), 34 deletions(-) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/.gitignore (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/.npmrc (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/next-env.d.ts (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/next.config.js (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/package.json (70%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/playwright.config.mjs (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/postcss.config.cjs (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/public/favicon.ico (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/sentry.client.config.ts (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/sentry.edge.config.ts (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/sentry.server.config.ts (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/app/_components/post.tsx (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/app/api/trpc/[trpc]/route.ts (95%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/app/global-error.tsx (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/app/layout.tsx (92%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/app/page.tsx (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/env.js (97%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/instrumentation.ts (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/server/api/root.ts (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/server/api/routers/post.ts (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/server/api/trpc.ts (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/styles/globals.css (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/trpc/query-client.ts (90%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/trpc/react.tsx (85%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/src/trpc/server.ts (73%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/start-event-proxy.mjs (76%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/tailwind.config.ts (100%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/tests/trpc-error.test.ts (87%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/tests/trpc-mutation.test.ts (83%) rename dev-packages/e2e-tests/test-applications/{nextjs-t3 => nextjs-15-t3}/tsconfig.json (83%) diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/.gitignore b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/.gitignore similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/.gitignore rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/.gitignore diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/.npmrc b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/.npmrc similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/.npmrc rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/.npmrc diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/next-env.d.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/next-env.d.ts similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/next-env.d.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/next-env.d.ts diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/next.config.js b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/next.config.js similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/next.config.js rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/next.config.js diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/package.json b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/package.json similarity index 70% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/package.json rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/package.json index 99f3acf0725b..b3cf747a0866 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-t3/package.json +++ b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/package.json @@ -9,41 +9,40 @@ "test:prod": "TEST_ENV=production playwright test", "test:dev": "TEST_ENV=development playwright test", "test:build": "pnpm install && pnpm build", - "test:build-canary": "pnpm install && pnpm add next@canary && pnpm add react@beta && pnpm add react-dom@beta && pnpm build", - "test:build-latest": "pnpm install && pnpm add next@rc && pnpm add react@beta && pnpm add react-dom@beta && pnpm build", + "test:build-canary": "pnpm install && pnpm add next@canary && pnpm add react@rc && pnpm add react-dom@rc && pnpm build", + "test:build-latest": "pnpm install && pnpm add next@rc && pnpm add react@rc && pnpm add react-dom@rc && pnpm build", "test:assert": "pnpm test:prod && pnpm test:dev" }, "dependencies": { "@sentry/nextjs": "latest || *", - "@t3-oss/env-nextjs": "^0.10.1", + "@t3-oss/env-nextjs": "^0.12.0", "@tanstack/react-query": "^5.50.0", "@trpc/client": "~11.8.0", "@trpc/react-query": "~11.8.0", "@trpc/server": "~11.8.0", - "next": "14.2.35", - "react": "18.3.1", - "react-dom": "18.3.1", + "next": "^15.5.9", + "react": "^19.1.0", + "react-dom": "^19.1.0", "server-only": "^0.0.1", "superjson": "^2.2.1", - "zod": "^3.23.3" + "zod": "^3.24.2" }, "devDependencies": { "@playwright/test": "~1.56.0", "@sentry-internal/test-utils": "link:../../../test-utils", - "@types/eslint": "^8.56.10", - "@types/node": "^18.19.1", - "@types/react": "18.3.1", - "@types/react-dom": "^18.3.0", + "@types/node": "^22.15.21", + "@types/react": "^19.1.0", + "@types/react-dom": "^19.1.0", "@typescript-eslint/eslint-plugin": "^8.1.0", "@typescript-eslint/parser": "^8.1.0", "eslint": "^8.57.0", - "eslint-config-next": "^14.2.4", + "eslint-config-next": "^15.5.9", "postcss": "^8.4.39", "tailwindcss": "^3.4.3", - "typescript": "^5.5.3" + "typescript": "^5.8.2" }, "ct3aMetadata": { - "initVersion": "7.37.0" + "initVersion": "7.47.1" }, "volta": { "extends": "../../package.json" diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/playwright.config.mjs b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/playwright.config.mjs similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/playwright.config.mjs rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/playwright.config.mjs diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/postcss.config.cjs b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/postcss.config.cjs similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/postcss.config.cjs rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/postcss.config.cjs diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/public/favicon.ico b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/public/favicon.ico similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/public/favicon.ico rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/public/favicon.ico diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/sentry.client.config.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/sentry.client.config.ts similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/sentry.client.config.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/sentry.client.config.ts diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/sentry.edge.config.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/sentry.edge.config.ts similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/sentry.edge.config.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/sentry.edge.config.ts diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/sentry.server.config.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/sentry.server.config.ts similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/sentry.server.config.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/sentry.server.config.ts diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/app/_components/post.tsx b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/app/_components/post.tsx similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/app/_components/post.tsx rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/app/_components/post.tsx diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/app/api/trpc/[trpc]/route.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/app/api/trpc/[trpc]/route.ts similarity index 95% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/app/api/trpc/[trpc]/route.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/app/api/trpc/[trpc]/route.ts index 5756411c583e..ec4524ba65ae 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/app/api/trpc/[trpc]/route.ts +++ b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/app/api/trpc/[trpc]/route.ts @@ -1,5 +1,5 @@ import { fetchRequestHandler } from '@trpc/server/adapters/fetch'; -import { type NextRequest } from 'next/server'; +import type { NextRequest } from 'next/server'; import { env } from '~/env'; import { appRouter } from '~/server/api/root'; diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/app/global-error.tsx b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/app/global-error.tsx similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/app/global-error.tsx rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/app/global-error.tsx diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/app/layout.tsx b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/app/layout.tsx similarity index 92% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/app/layout.tsx rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/app/layout.tsx index 3d32967aa290..fa43defcaf1d 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/app/layout.tsx +++ b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/app/layout.tsx @@ -1,6 +1,6 @@ import '~/styles/globals.css'; -import { type Metadata } from 'next'; +import type { Metadata } from 'next'; import { TRPCReactProvider } from '~/trpc/react'; diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/app/page.tsx b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/app/page.tsx similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/app/page.tsx rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/app/page.tsx diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/env.js b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/env.js similarity index 97% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/env.js rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/env.js index 8c66c421c7ec..c7b62f41a2ac 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/env.js +++ b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/env.js @@ -1,5 +1,5 @@ import { createEnv } from '@t3-oss/env-nextjs'; -import { z } from 'zod'; +import * as z from 'zod'; export const env = createEnv({ /** diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/instrumentation.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/instrumentation.ts similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/instrumentation.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/instrumentation.ts diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/server/api/root.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/server/api/root.ts similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/server/api/root.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/server/api/root.ts diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/server/api/routers/post.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/server/api/routers/post.ts similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/server/api/routers/post.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/server/api/routers/post.ts diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/server/api/trpc.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/server/api/trpc.ts similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/server/api/trpc.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/server/api/trpc.ts index 779fb43a78a5..2268997a53f7 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/server/api/trpc.ts +++ b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/server/api/trpc.ts @@ -1,4 +1,3 @@ -import * as Sentry from '@sentry/nextjs'; /** * YOU PROBABLY DON'T NEED TO EDIT THIS FILE, UNLESS: * 1. You want to modify request context (see Part 1). @@ -7,6 +6,7 @@ import * as Sentry from '@sentry/nextjs'; * TL;DR - This is where all the tRPC server stuff is created and plugged in. The pieces you will * need to use are documented accordingly near the end. */ +import * as Sentry from '@sentry/nextjs'; import { initTRPC } from '@trpc/server'; import superjson from 'superjson'; import { ZodError } from 'zod'; diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/styles/globals.css b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/styles/globals.css similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/styles/globals.css rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/styles/globals.css diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/trpc/query-client.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/trpc/query-client.ts similarity index 90% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/trpc/query-client.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/trpc/query-client.ts index 22319e7c0a5a..6a5021f22730 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/trpc/query-client.ts +++ b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/trpc/query-client.ts @@ -1,4 +1,4 @@ -import { QueryClient, defaultShouldDehydrateQuery } from '@tanstack/react-query'; +import { defaultShouldDehydrateQuery, QueryClient } from '@tanstack/react-query'; import SuperJSON from 'superjson'; export const createQueryClient = () => diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/trpc/react.tsx b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/trpc/react.tsx similarity index 85% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/trpc/react.tsx rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/trpc/react.tsx index 7e6f2fa09c49..91f65cc81290 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/trpc/react.tsx +++ b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/trpc/react.tsx @@ -1,13 +1,13 @@ 'use client'; -import { type QueryClient, QueryClientProvider } from '@tanstack/react-query'; -import { loggerLink, httpBatchStreamLink } from '@trpc/client'; +import { QueryClientProvider, type QueryClient } from '@tanstack/react-query'; +import { httpBatchStreamLink, loggerLink } from '@trpc/client'; import { createTRPCReact } from '@trpc/react-query'; -import { type inferRouterInputs, type inferRouterOutputs } from '@trpc/server'; +import type { inferRouterInputs, inferRouterOutputs } from '@trpc/server'; import { useState } from 'react'; import SuperJSON from 'superjson'; -import { type AppRouter } from '~/server/api/root'; +import type { AppRouter } from '~/server/api/root'; import { createQueryClient } from './query-client'; let clientQueryClientSingleton: QueryClient | undefined = undefined; @@ -17,7 +17,9 @@ const getQueryClient = () => { return createQueryClient(); } // Browser: use singleton pattern to keep the same query client - return (clientQueryClientSingleton ??= createQueryClient()); + clientQueryClientSingleton ??= createQueryClient(); + + return clientQueryClientSingleton; }; export const api = createTRPCReact(); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/trpc/server.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/trpc/server.ts similarity index 73% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/src/trpc/server.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/trpc/server.ts index 7760873eb51d..38bc4bd95830 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-t3/src/trpc/server.ts +++ b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/src/trpc/server.ts @@ -2,8 +2,9 @@ import 'server-only'; import { createHydrationHelpers } from '@trpc/react-query/rsc'; import { headers } from 'next/headers'; +import { cache } from 'react'; -import { type AppRouter, createCaller } from '~/server/api/root'; +import { createCaller, type AppRouter } from '~/server/api/root'; import { createTRPCContext } from '~/server/api/trpc'; import { createQueryClient } from './query-client'; @@ -11,16 +12,16 @@ import { createQueryClient } from './query-client'; * This wraps the `createTRPCContext` helper and provides the required context for the tRPC API when * handling a tRPC call from a React Server Component. */ -const createContext = () => { - const heads = new Headers(headers()); +const createContext = cache(async () => { + const heads = new Headers(await headers()); heads.set('x-trpc-source', 'rsc'); return createTRPCContext({ headers: heads, }); -}; +}); -const getQueryClient = createQueryClient; +const getQueryClient = cache(createQueryClient); const caller = createCaller(createContext); export const { trpc: api, HydrateClient } = createHydrationHelpers(caller, getQueryClient); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/start-event-proxy.mjs b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/start-event-proxy.mjs similarity index 76% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/start-event-proxy.mjs rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/start-event-proxy.mjs index afc5d2e465e7..e3bae031f508 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-t3/start-event-proxy.mjs +++ b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/start-event-proxy.mjs @@ -2,5 +2,5 @@ import { startEventProxyServer } from '@sentry-internal/test-utils'; startEventProxyServer({ port: 3031, - proxyServerName: 'nextjs-t3', + proxyServerName: 'nextjs-15-t3', }); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/tailwind.config.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/tailwind.config.ts similarity index 100% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/tailwind.config.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/tailwind.config.ts diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/tests/trpc-error.test.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/tests/trpc-error.test.ts similarity index 87% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/tests/trpc-error.test.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/tests/trpc-error.test.ts index 2a7af1b14d52..5960c0f6af8f 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-t3/tests/trpc-error.test.ts +++ b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/tests/trpc-error.test.ts @@ -2,7 +2,7 @@ import { expect, test } from '@playwright/test'; import { waitForError, waitForTransaction } from '@sentry-internal/test-utils'; test('should capture error with trpc context', async ({ page }) => { - const errorEventPromise = waitForError('nextjs-t3', errorEvent => { + const errorEventPromise = waitForError('nextjs-15-t3', errorEvent => { return errorEvent?.exception?.values?.[0]?.value === 'Error thrown in trpc router'; }); @@ -27,7 +27,7 @@ test('should capture error with trpc context', async ({ page }) => { }); test('should create transaction with trpc input for error', async ({ page }) => { - const trpcTransactionPromise = waitForTransaction('nextjs-t3', async transactionEvent => { + const trpcTransactionPromise = waitForTransaction('nextjs-15-t3', async transactionEvent => { return transactionEvent?.transaction === 'POST /api/trpc/[trpc]'; }); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/tests/trpc-mutation.test.ts b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/tests/trpc-mutation.test.ts similarity index 83% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/tests/trpc-mutation.test.ts rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/tests/trpc-mutation.test.ts index ee3ebfd099ff..1cb71e14d1a6 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-t3/tests/trpc-mutation.test.ts +++ b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/tests/trpc-mutation.test.ts @@ -2,7 +2,7 @@ import { expect, test } from '@playwright/test'; import { waitForTransaction } from '@sentry-internal/test-utils'; test('should create transaction with trpc input for mutation', async ({ page }) => { - const trpcTransactionPromise = waitForTransaction('nextjs-t3', async transactionEvent => { + const trpcTransactionPromise = waitForTransaction('nextjs-15-t3', async transactionEvent => { return transactionEvent?.transaction === 'POST /api/trpc/[trpc]'; }); diff --git a/dev-packages/e2e-tests/test-applications/nextjs-t3/tsconfig.json b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/tsconfig.json similarity index 83% rename from dev-packages/e2e-tests/test-applications/nextjs-t3/tsconfig.json rename to dev-packages/e2e-tests/test-applications/nextjs-15-t3/tsconfig.json index 246178da2b5e..af6d4b4d114a 100644 --- a/dev-packages/e2e-tests/test-applications/nextjs-t3/tsconfig.json +++ b/dev-packages/e2e-tests/test-applications/nextjs-15-t3/tsconfig.json @@ -8,6 +8,7 @@ "resolveJsonModule": true, "moduleDetection": "force", "isolatedModules": true, + "verbatimModuleSyntax": true, /* Strictness */ "strict": true, @@ -29,6 +30,6 @@ "~/*": ["./src/*"] } }, - "include": [".eslintrc.cjs", "next-env.d.ts", "**/*.ts", "**/*.tsx", "**/*.cjs", "**/*.js", ".next/types/**/*.ts"], + "include": ["next-env.d.ts", "**/*.ts", "**/*.tsx", "**/*.cjs", "**/*.js", ".next/types/**/*.ts"], "exclude": ["node_modules"] } From c432e630028146b7329e554368c9b58fffacde3c Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Tue, 3 Feb 2026 14:09:06 +0100 Subject: [PATCH 22/80] chore(e2e): Add banner to readme (#19138) closes https://linear.app/getsentry/issue/FE-711/add-banner-to-e2e-tests-for-security-vulnerabilities --- dev-packages/e2e-tests/README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/dev-packages/e2e-tests/README.md b/dev-packages/e2e-tests/README.md index 23718eed6dde..15de0fd49ee0 100644 --- a/dev-packages/e2e-tests/README.md +++ b/dev-packages/e2e-tests/README.md @@ -1,5 +1,15 @@ # E2E Tests +> **Warning** +> +> These test applications are **not intended to be used as example apps or templates**. They may contain: +> +> - Outdated or deprecated dependency versions used for backwards compatibility testing +> - Known security vulnerabilities in dependencies that we intentionally test against +> - Non-production-ready configurations and code patterns +> +> For official examples and best practices, please refer to our [official documentation](https://docs.sentry.io/). + E2E tests enable us to verify the behavior of the packages in this repository as if they were to be published in their current state. From 3fa7a86158600ff0423d13cf24c1adbb1347c3ec Mon Sep 17 00:00:00 2001 From: Serhii Snitsaruk Date: Tue, 3 Feb 2026 08:06:16 -0800 Subject: [PATCH 23/80] fix(core): Respect event.event_id in scope.captureEvent return value (#19113) I found a bug while working on the JavaScript SDK integration in [Sentry for Godot](https://github.com/getsentry/sentry-godot) (it's a game engine SDK). When you call `Sentry.captureEvent({ event_id: "" })`, the `event_id` you provide IS actually used when the event is processed and sent to Sentry (because `prepareEvent.ts` correctly checks `event.event_id` first). However, the **return value** from `captureEvent()` is wrong because: In `sentry-javascript/packages/core/src/scope.ts`: https://github.com/getsentry/sentry-javascript/blob/170b6f8eec449cbbd2eb0a918b5beafa51826a73/packages/core/src/scope.ts#L758 This only checks `hint?.event_id`, not `event.event_id`. So while your supplied `event_id` gets sent to Sentry correctly, the function returns a newly generated UUID. Closes #issue_link_here --- packages/core/src/scope.ts | 2 +- packages/core/test/lib/scope.test.ts | 49 ++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+), 1 deletion(-) diff --git a/packages/core/src/scope.ts b/packages/core/src/scope.ts index 8f05cf78c16f..bd2c11b0fa4d 100644 --- a/packages/core/src/scope.ts +++ b/packages/core/src/scope.ts @@ -755,7 +755,7 @@ export class Scope { * @returns {string} The id of the captured event. */ public captureEvent(event: Event, hint?: EventHint): string { - const eventId = hint?.event_id || uuid4(); + const eventId = event.event_id || hint?.event_id || uuid4(); if (!this._client) { DEBUG_BUILD && debug.warn('No client configured on scope - will not capture event!'); diff --git a/packages/core/test/lib/scope.test.ts b/packages/core/test/lib/scope.test.ts index 11fc4cb62fff..34b04cf45a77 100644 --- a/packages/core/test/lib/scope.test.ts +++ b/packages/core/test/lib/scope.test.ts @@ -10,6 +10,7 @@ import { import { Scope } from '../../src/scope'; import type { Breadcrumb } from '../../src/types-hoist/breadcrumb'; import type { Event } from '../../src/types-hoist/event'; +import { uuid4 } from '../../src/utils/misc'; import { applyScopeDataToEvent } from '../../src/utils/scopeData'; import { getDefaultTestClientOptions, TestClient } from '../mocks/client'; import { clearGlobalScope } from '../testutils'; @@ -1009,6 +1010,54 @@ describe('Scope', () => { scope, ); }); + + it('should return event_id from event object when provided', () => { + const fakeCaptureEvent = vi.fn(() => 'mock-event-id'); + const fakeClient = { + captureEvent: fakeCaptureEvent, + } as unknown as Client; + const scope = new Scope(); + scope.setClient(fakeClient); + + const customEventId = uuid4(); + const eventId = scope.captureEvent({ event_id: customEventId }); + + expect(eventId).toBe(customEventId); + expect(fakeCaptureEvent).toHaveBeenCalledWith( + expect.objectContaining({ event_id: customEventId }), + expect.objectContaining({ event_id: customEventId }), + scope, + ); + }); + + it('should prefer event.event_id over hint.event_id', () => { + const fakeCaptureEvent = vi.fn(() => 'mock-event-id'); + const fakeClient = { + captureEvent: fakeCaptureEvent, + } as unknown as Client; + const scope = new Scope(); + scope.setClient(fakeClient); + + const eventEventId = uuid4(); + const hintEventId = uuid4(); + const eventId = scope.captureEvent({ event_id: eventEventId }, { event_id: hintEventId }); + + expect(eventId).toBe(eventEventId); + expect(fakeCaptureEvent).toHaveBeenCalledWith( + expect.objectContaining({ event_id: eventEventId }), + expect.objectContaining({ event_id: eventEventId }), + scope, + ); + }); + + it('should return event_id from event object when no client is configured', () => { + const scope = new Scope(); + + const customEventId = uuid4(); + const eventId = scope.captureEvent({ event_id: customEventId }); + + expect(eventId).toBe(customEventId); + }); }); describe('setConversationId() / getScopeData()', () => { From cf9fed36789dbdc0966af8e8c8ffedab52588da9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 4 Feb 2026 09:42:11 +0100 Subject: [PATCH 24/80] feat(deps): bump @isaacs/brace-expansion from 5.0.0 to 5.0.1 (#19149) Bumps @isaacs/brace-expansion from 5.0.0 to 5.0.1. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@isaacs/brace-expansion&package-manager=npm_and_yarn&previous-version=5.0.0&new-version=5.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/getsentry/sentry-javascript/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/yarn.lock b/yarn.lock index f03469ec13ce..62087a790c8f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4779,9 +4779,9 @@ integrity sha512-yzMTt9lEb8Gv7zRioUilSglI0c0smZ9k5D65677DLWLtWJaXIS3CqcGyUFByYKlnUj6TkjLVs54fBl6+TiGQDQ== "@isaacs/brace-expansion@^5.0.0": - version "5.0.0" - resolved "https://registry.yarnpkg.com/@isaacs/brace-expansion/-/brace-expansion-5.0.0.tgz#4b3dabab7d8e75a429414a96bd67bf4c1d13e0f3" - integrity sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA== + version "5.0.1" + resolved "https://registry.yarnpkg.com/@isaacs/brace-expansion/-/brace-expansion-5.0.1.tgz#0ef5a92d91f2fff2a37646ce54da9e5f599f6eff" + integrity sha512-WMz71T1JS624nWj2n2fnYAuPovhv7EUhk69R6i9dsVyzxt5eM3bjwvgk9L+APE1TRscGysAVMANkB0jh0LQZrQ== dependencies: "@isaacs/balanced-match" "^4.0.1" From 29853f1289ab2fdf678cffd408c8aa3ba3be8d0a Mon Sep 17 00:00:00 2001 From: Lukas Stracke Date: Wed, 4 Feb 2026 09:50:09 +0100 Subject: [PATCH 25/80] chore(bugbot): Add rule to flag not-unref'd timers (#19082) Quick follow-up from https://github.com/getsentry/sentry-javascript/pull/19062. Closes #19083 (added automatically) --- .cursor/BUGBOT.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.cursor/BUGBOT.md b/.cursor/BUGBOT.md index eac3a13be13a..0ac58c1503ec 100644 --- a/.cursor/BUGBOT.md +++ b/.cursor/BUGBOT.md @@ -58,3 +58,8 @@ Do not flag the issues below if they appear in tests. - Flag usage of `expect.objectContaining` and other relaxed assertions, when a test expects something NOT to be included in a payload but there's no respective assertion. - Flag usage of conditionals in one test and recommend splitting up the test for the different paths. - Flag usage of loops testing multiple scenarios in one test and recommend using `(it)|(test).each` instead. + +## Platform-safe code + +- When any `setTimeout` or `setInterval` timers are started in a code path that can end up in server runtime packages (e.g. `@sentry/core` or `@sentry/node`), flag if neither `timeout.unref()` nor `safeUnref()` are called. + Not unref'ing a timer can keep CLI-like applications or node scripts from exiting immediately, due to the process waiting on timers started by the SDK. From ad0f2a0ce0550e6fe730392b3454915c0f85b0b2 Mon Sep 17 00:00:00 2001 From: Lukas Stracke Date: Wed, 4 Feb 2026 11:06:09 +0100 Subject: [PATCH 26/80] chore(deps): Bump solidjs to 1.9.11 to fix `seroval` alerts (#19150) Bumps `solidjs` dev dependencies our solid and solidstart packages to the latest release which should fix multiple dependabot alerts. To be clear: These were only dev dependencies and never shipped in our SDK packages. If CI fails we can also close this PR and dismiss the alerts. ref - https://github.com/getsentry/sentry-javascript/security/dependabot/962 - https://github.com/getsentry/sentry-javascript/security/dependabot/972 - https://github.com/getsentry/sentry-javascript/security/dependabot/964 - https://github.com/getsentry/sentry-javascript/security/dependabot/963 Any remaining ones are likely e2e tests which IMHO we should just close. Closes #19152 (added automatically) --- packages/solid/package.json | 2 +- packages/solidstart/package.json | 2 +- yarn.lock | 33 +++++++++++--------------------- 3 files changed, 13 insertions(+), 24 deletions(-) diff --git a/packages/solid/package.json b/packages/solid/package.json index acf350a4b97c..037a384276d5 100644 --- a/packages/solid/package.json +++ b/packages/solid/package.json @@ -77,7 +77,7 @@ "@testing-library/dom": "^7.21.4", "@testing-library/jest-dom": "^6.4.5", "@testing-library/user-event": "^14.5.2", - "solid-js": "^1.8.11", + "solid-js": "^1.9.11", "vite": "^5.4.11", "vite-plugin-solid": "^2.11.6" }, diff --git a/packages/solidstart/package.json b/packages/solidstart/package.json index d99dffa5c72a..ea12240d1a3e 100644 --- a/packages/solidstart/package.json +++ b/packages/solidstart/package.json @@ -77,7 +77,7 @@ "@solidjs/testing-library": "0.8.5", "@testing-library/jest-dom": "^6.4.5", "@testing-library/user-event": "^14.5.2", - "solid-js": "^1.8.4", + "solid-js": "^1.9.11", "vinxi": "^0.5.11", "vite": "^5.4.11", "vite-plugin-solid": "^2.11.6" diff --git a/yarn.lock b/yarn.lock index 62087a790c8f..4a8fb1a44718 100644 --- a/yarn.lock +++ b/yarn.lock @@ -27709,26 +27709,16 @@ serialize-javascript@^6.0.0, serialize-javascript@^6.0.1, serialize-javascript@^ dependencies: randombytes "^2.1.0" -seroval-plugins@^1.3.2, seroval-plugins@^1.4.0: - version "1.4.0" - resolved "https://registry.yarnpkg.com/seroval-plugins/-/seroval-plugins-1.4.0.tgz#0bd453983a0a26039ca161a341c00eca7d42b19a" - integrity sha512-zir1aWzoiax6pbBVjoYVd0O1QQXgIL3eVGBMsBsNmM8Ukq90yGaWlfx0AB9dTS8GPqrOrbXn79vmItCUP9U3BQ== - -seroval-plugins@~1.3.0: - version "1.3.3" - resolved "https://registry.yarnpkg.com/seroval-plugins/-/seroval-plugins-1.3.3.tgz#51bcacf09e5384080d7ea4002b08fd9f6166daf5" - integrity sha512-16OL3NnUBw8JG1jBLUoZJsLnQq0n5Ua6aHalhJK4fMQkz1lqR7Osz1sA30trBtd9VUDc2NgkuRCn8+/pBwqZ+w== +seroval-plugins@^1.3.2, seroval-plugins@^1.4.0, seroval-plugins@~1.5.0: + version "1.5.0" + resolved "https://registry.yarnpkg.com/seroval-plugins/-/seroval-plugins-1.5.0.tgz#c02ba5f41d50b8105d4d9d4c553a4d01cec4226a" + integrity sha512-EAHqADIQondwRZIdeW2I636zgsODzoBDwb3PT/+7TLDWyw1Dy/Xv7iGUIEXXav7usHDE9HVhOU61irI3EnyyHA== -seroval@^1.3.2, seroval@^1.4.0, seroval@^1.4.1: +seroval@^1.3.2, seroval@^1.4.0, seroval@^1.4.1, seroval@~1.5.0: version "1.5.0" resolved "https://registry.yarnpkg.com/seroval/-/seroval-1.5.0.tgz#aba4cffbd0c4c8a4351358362acf40ee8d74d97b" integrity sha512-OE4cvmJ1uSPrKorFIH9/w/Qwuvi/IMcGbv5RKgcJ/zjA/IohDLU6SVaxFN9FwajbP7nsX0dQqMDes1whk3y+yw== -seroval@~1.3.0: - version "1.3.2" - resolved "https://registry.yarnpkg.com/seroval/-/seroval-1.3.2.tgz#7e5be0dc1a3de020800ef013ceae3a313f20eca7" - integrity sha512-RbcPH1n5cfwKrru7v7+zrZvjLurgHhGyso3HTyGtRivGWgYjbOmGuivCQaORNELjNONoK35nj28EoWul9sb1zQ== - serve-index@^1.9.1: version "1.9.1" resolved "https://registry.yarnpkg.com/serve-index/-/serve-index-1.9.1.tgz#d3768d69b1e7d82e5ce050fff5b453bea12a9239" @@ -28279,14 +28269,14 @@ socks@^2.6.2, socks@^2.8.3: ip-address "^10.0.1" smart-buffer "^4.2.0" -solid-js@^1.8.11, solid-js@^1.8.4: - version "1.9.7" - resolved "https://registry.yarnpkg.com/solid-js/-/solid-js-1.9.7.tgz#96ff7800648a30f22d29275264375589f3a725e9" - integrity sha512-/saTKi8iWEM233n5OSi1YHCCuh66ZIQ7aK2hsToPe4tqGm7qAejU1SwNuTPivbWAYq7SjuHVVYxxuZQNRbICiw== +solid-js@^1.9.11: + version "1.9.11" + resolved "https://registry.yarnpkg.com/solid-js/-/solid-js-1.9.11.tgz#1d36c755d10b7d5f7d016d2421c7e39b5b84f99e" + integrity sha512-WEJtcc5mkh/BnHA6Yrg4whlF8g6QwpmXXRg4P2ztPmcKeHHlH4+djYecBLhSpecZY2RRECXYUwIc/C2r3yzQ4Q== dependencies: csstype "^3.1.0" - seroval "~1.3.0" - seroval-plugins "~1.3.0" + seroval "~1.5.0" + seroval-plugins "~1.5.0" solid-refresh@^0.6.3: version "0.6.3" @@ -29076,7 +29066,6 @@ stylus@0.59.0, stylus@^0.59.0: sucrase@^3.27.0, sucrase@^3.35.0, sucrase@getsentry/sucrase#es2020-polyfills: version "3.36.0" - uid fd682f6129e507c00bb4e6319cc5d6b767e36061 resolved "https://codeload.github.com/getsentry/sucrase/tar.gz/fd682f6129e507c00bb4e6319cc5d6b767e36061" dependencies: "@jridgewell/gen-mapping" "^0.3.2" From 54eb671d4ec084c086fb05c9fe00bbc4bab313f9 Mon Sep 17 00:00:00 2001 From: Sergiy Dybskiy Date: Wed, 4 Feb 2026 07:30:21 -0500 Subject: [PATCH 27/80] feat(vercel-ai): Add rerank support and fix token attribute mapping (#19144) --- .../core/src/tracing/ai/gen-ai-attributes.ts | 5 ++ .../core/src/tracing/vercel-ai/constants.ts | 3 + packages/core/src/tracing/vercel-ai/index.ts | 15 +++- packages/core/src/tracing/vercel-ai/utils.ts | 4 + .../tracing/vercel-ai-parent-tokens.test.ts | 75 +++++++++++++++++++ .../test/lib/tracing/vercel-ai-rerank.test.ts | 14 ++++ .../tracing/vercelai/instrumentation.ts | 11 ++- 7 files changed, 124 insertions(+), 3 deletions(-) create mode 100644 packages/core/test/lib/tracing/vercel-ai-parent-tokens.test.ts create mode 100644 packages/core/test/lib/tracing/vercel-ai-rerank.test.ts diff --git a/packages/core/src/tracing/ai/gen-ai-attributes.ts b/packages/core/src/tracing/ai/gen-ai-attributes.ts index 3476bfb3582a..dc88e6315852 100644 --- a/packages/core/src/tracing/ai/gen-ai-attributes.ts +++ b/packages/core/src/tracing/ai/gen-ai-attributes.ts @@ -234,6 +234,11 @@ export const GEN_AI_EMBED_DO_EMBED_OPERATION_ATTRIBUTE = 'gen_ai.embed'; */ export const GEN_AI_EMBED_MANY_DO_EMBED_OPERATION_ATTRIBUTE = 'gen_ai.embed_many'; +/** + * The span operation name for reranking + */ +export const GEN_AI_RERANK_DO_RERANK_OPERATION_ATTRIBUTE = 'gen_ai.rerank'; + /** * The span operation name for executing a tool */ diff --git a/packages/core/src/tracing/vercel-ai/constants.ts b/packages/core/src/tracing/vercel-ai/constants.ts index 57e8bf2a57c8..82baf0312d7c 100644 --- a/packages/core/src/tracing/vercel-ai/constants.ts +++ b/packages/core/src/tracing/vercel-ai/constants.ts @@ -12,6 +12,7 @@ export const INVOKE_AGENT_OPS = new Set([ 'ai.streamObject', 'ai.embed', 'ai.embedMany', + 'ai.rerank', ]); export const GENERATE_CONTENT_OPS = new Set([ @@ -22,3 +23,5 @@ export const GENERATE_CONTENT_OPS = new Set([ ]); export const EMBEDDINGS_OPS = new Set(['ai.embed.doEmbed', 'ai.embedMany.doEmbed']); + +export const RERANK_OPS = new Set(['ai.rerank.doRerank']); diff --git a/packages/core/src/tracing/vercel-ai/index.ts b/packages/core/src/tracing/vercel-ai/index.ts index ad6ca1256004..d3c4b036e228 100644 --- a/packages/core/src/tracing/vercel-ai/index.ts +++ b/packages/core/src/tracing/vercel-ai/index.ts @@ -19,7 +19,7 @@ import { GEN_AI_USAGE_OUTPUT_TOKENS_ATTRIBUTE, GEN_AI_USAGE_TOTAL_TOKENS_ATTRIBUTE, } from '../ai/gen-ai-attributes'; -import { EMBEDDINGS_OPS, GENERATE_CONTENT_OPS, INVOKE_AGENT_OPS, toolCallSpanMap } from './constants'; +import { EMBEDDINGS_OPS, GENERATE_CONTENT_OPS, INVOKE_AGENT_OPS, RERANK_OPS, toolCallSpanMap } from './constants'; import type { TokenSummary } from './types'; import { accumulateTokensForParent, @@ -70,6 +70,9 @@ function mapVercelAiOperationName(operationName: string): string { if (EMBEDDINGS_OPS.has(operationName)) { return 'embeddings'; } + if (RERANK_OPS.has(operationName)) { + return 'rerank'; + } if (operationName === 'ai.toolCall') { return 'execute_tool'; } @@ -149,6 +152,13 @@ function processEndedVercelAiSpan(span: SpanJSON): void { renameAttributeKey(attributes, AI_USAGE_PROMPT_TOKENS_ATTRIBUTE, GEN_AI_USAGE_INPUT_TOKENS_ATTRIBUTE); renameAttributeKey(attributes, AI_USAGE_CACHED_INPUT_TOKENS_ATTRIBUTE, GEN_AI_USAGE_INPUT_TOKENS_CACHED_ATTRIBUTE); + // Parent spans (ai.streamText, ai.streamObject, etc.) use inputTokens/outputTokens instead of promptTokens/completionTokens + renameAttributeKey(attributes, 'ai.usage.inputTokens', GEN_AI_USAGE_INPUT_TOKENS_ATTRIBUTE); + renameAttributeKey(attributes, 'ai.usage.outputTokens', GEN_AI_USAGE_OUTPUT_TOKENS_ATTRIBUTE); + + // AI SDK uses avgOutputTokensPerSecond, map to our expected attribute name + renameAttributeKey(attributes, 'ai.response.avgOutputTokensPerSecond', 'ai.response.avgCompletionTokensPerSecond'); + // Input tokens is the sum of prompt tokens and cached input tokens if ( typeof attributes[GEN_AI_USAGE_INPUT_TOKENS_ATTRIBUTE] === 'number' && @@ -290,6 +300,9 @@ function processGenerateSpan(span: Span, name: string, attributes: SpanAttribute case 'ai.embedMany.doEmbed': span.updateName(`embed_many ${modelId}`); break; + case 'ai.rerank.doRerank': + span.updateName(`rerank ${modelId}`); + break; } } } diff --git a/packages/core/src/tracing/vercel-ai/utils.ts b/packages/core/src/tracing/vercel-ai/utils.ts index 2a0878f1e591..37690e819537 100644 --- a/packages/core/src/tracing/vercel-ai/utils.ts +++ b/packages/core/src/tracing/vercel-ai/utils.ts @@ -9,6 +9,7 @@ import { GEN_AI_INPUT_MESSAGES_ATTRIBUTE, GEN_AI_INPUT_MESSAGES_ORIGINAL_LENGTH_ATTRIBUTE, GEN_AI_INVOKE_AGENT_OPERATION_ATTRIBUTE, + GEN_AI_RERANK_DO_RERANK_OPERATION_ATTRIBUTE, GEN_AI_STREAM_OBJECT_DO_STREAM_OPERATION_ATTRIBUTE, GEN_AI_STREAM_TEXT_DO_STREAM_OPERATION_ATTRIBUTE, GEN_AI_SYSTEM_INSTRUCTIONS_ATTRIBUTE, @@ -190,6 +191,7 @@ export function getSpanOpFromName(name: string): string | undefined { case 'ai.streamObject': case 'ai.embed': case 'ai.embedMany': + case 'ai.rerank': return GEN_AI_INVOKE_AGENT_OPERATION_ATTRIBUTE; case 'ai.generateText.doGenerate': return GEN_AI_GENERATE_TEXT_DO_GENERATE_OPERATION_ATTRIBUTE; @@ -203,6 +205,8 @@ export function getSpanOpFromName(name: string): string | undefined { return GEN_AI_EMBED_DO_EMBED_OPERATION_ATTRIBUTE; case 'ai.embedMany.doEmbed': return GEN_AI_EMBED_MANY_DO_EMBED_OPERATION_ATTRIBUTE; + case 'ai.rerank.doRerank': + return GEN_AI_RERANK_DO_RERANK_OPERATION_ATTRIBUTE; case 'ai.toolCall': return GEN_AI_EXECUTE_TOOL_OPERATION_ATTRIBUTE; default: diff --git a/packages/core/test/lib/tracing/vercel-ai-parent-tokens.test.ts b/packages/core/test/lib/tracing/vercel-ai-parent-tokens.test.ts new file mode 100644 index 000000000000..ff380243b22d --- /dev/null +++ b/packages/core/test/lib/tracing/vercel-ai-parent-tokens.test.ts @@ -0,0 +1,75 @@ +import { describe, expect, it } from 'vitest'; +import { addVercelAiProcessors } from '../../../src/tracing/vercel-ai'; +import type { SpanJSON } from '../../../src/types-hoist/span'; +import { getDefaultTestClientOptions, TestClient } from '../../mocks/client'; + +describe('vercel-ai parent span token attributes', () => { + it('should map ai.usage.inputTokens to gen_ai.usage.input_tokens', () => { + const options = getDefaultTestClientOptions({ tracesSampleRate: 1.0 }); + const client = new TestClient(options); + client.init(); + addVercelAiProcessors(client); + + const mockSpan: SpanJSON = { + description: 'ai.streamText', + span_id: 'test-span-id', + trace_id: 'test-trace-id', + start_timestamp: 1000, + timestamp: 2000, + origin: 'auto.vercelai.otel', + data: { + 'ai.usage.inputTokens': 100, + 'ai.usage.outputTokens': 50, + }, + }; + + const event = { + type: 'transaction' as const, + spans: [mockSpan], + }; + + const eventProcessor = client['_eventProcessors'].find(processor => processor.id === 'VercelAiEventProcessor'); + expect(eventProcessor).toBeDefined(); + + const processedEvent = eventProcessor!(event, {}); + + expect(processedEvent?.spans?.[0]?.data?.['gen_ai.usage.input_tokens']).toBe(100); + expect(processedEvent?.spans?.[0]?.data?.['gen_ai.usage.output_tokens']).toBe(50); + // Original attributes should be renamed to vercel.ai.* namespace + expect(processedEvent?.spans?.[0]?.data?.['ai.usage.inputTokens']).toBeUndefined(); + expect(processedEvent?.spans?.[0]?.data?.['ai.usage.outputTokens']).toBeUndefined(); + }); + + it('should map ai.response.avgOutputTokensPerSecond to ai.response.avgCompletionTokensPerSecond', () => { + const options = getDefaultTestClientOptions({ tracesSampleRate: 1.0 }); + const client = new TestClient(options); + client.init(); + addVercelAiProcessors(client); + + const mockSpan: SpanJSON = { + description: 'ai.streamText.doStream', + span_id: 'test-span-id', + trace_id: 'test-trace-id', + start_timestamp: 1000, + timestamp: 2000, + origin: 'auto.vercelai.otel', + data: { + 'ai.response.avgOutputTokensPerSecond': 25.5, + }, + }; + + const event = { + type: 'transaction' as const, + spans: [mockSpan], + }; + + const eventProcessor = client['_eventProcessors'].find(processor => processor.id === 'VercelAiEventProcessor'); + expect(eventProcessor).toBeDefined(); + + const processedEvent = eventProcessor!(event, {}); + + // Should be renamed to match the expected attribute name + expect(processedEvent?.spans?.[0]?.data?.['vercel.ai.response.avgCompletionTokensPerSecond']).toBe(25.5); + expect(processedEvent?.spans?.[0]?.data?.['ai.response.avgOutputTokensPerSecond']).toBeUndefined(); + }); +}); diff --git a/packages/core/test/lib/tracing/vercel-ai-rerank.test.ts b/packages/core/test/lib/tracing/vercel-ai-rerank.test.ts new file mode 100644 index 000000000000..7deb331020c3 --- /dev/null +++ b/packages/core/test/lib/tracing/vercel-ai-rerank.test.ts @@ -0,0 +1,14 @@ +import { describe, expect, it } from 'vitest'; +import { getSpanOpFromName } from '../../../src/tracing/vercel-ai/utils'; + +describe('vercel-ai rerank support', () => { + describe('getSpanOpFromName', () => { + it('should map ai.rerank to gen_ai.invoke_agent', () => { + expect(getSpanOpFromName('ai.rerank')).toBe('gen_ai.invoke_agent'); + }); + + it('should map ai.rerank.doRerank to gen_ai.rerank', () => { + expect(getSpanOpFromName('ai.rerank.doRerank')).toBe('gen_ai.rerank'); + }); + }); +}); diff --git a/packages/node/src/integrations/tracing/vercelai/instrumentation.ts b/packages/node/src/integrations/tracing/vercelai/instrumentation.ts index 792032a7314e..19e6a2798b01 100644 --- a/packages/node/src/integrations/tracing/vercelai/instrumentation.ts +++ b/packages/node/src/integrations/tracing/vercelai/instrumentation.ts @@ -26,6 +26,7 @@ const INSTRUMENTED_METHODS = [ 'streamObject', 'embed', 'embedMany', + 'rerank', ] as const; interface MethodFirstArg extends Record { @@ -263,7 +264,10 @@ export class SentryVercelAiInstrumentation extends InstrumentationBase { if (Object.prototype.toString.call(moduleExports) === '[object Module]') { // In ESM we take the usual route and just replace the exports we want to instrument for (const method of INSTRUMENTED_METHODS) { - moduleExports[method] = generatePatch(moduleExports[method]); + // Skip methods that don't exist in this version of the AI SDK (e.g., rerank was added in v6) + if (moduleExports[method] != null) { + moduleExports[method] = generatePatch(moduleExports[method]); + } } return moduleExports; @@ -271,7 +275,10 @@ export class SentryVercelAiInstrumentation extends InstrumentationBase { // In CJS we can't replace the exports in the original module because they // don't have setters, so we create a new object with the same properties const patchedModuleExports = INSTRUMENTED_METHODS.reduce((acc, curr) => { - acc[curr] = generatePatch(moduleExports[curr]); + // Skip methods that don't exist in this version of the AI SDK (e.g., rerank was added in v6) + if (moduleExports[curr] != null) { + acc[curr] = generatePatch(moduleExports[curr]); + } return acc; }, {} as PatchedModuleExports); From bba6a800bc901b8fc2eff3fc0117d6cef3ea8c1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20Peer=20St=C3=B6cklmair?= Date: Wed, 4 Feb 2026 15:14:45 +0100 Subject: [PATCH 28/80] ci: Ignore ticket creation for base branches other than develop/master (#19103) We already had this that #18987 was not closed because it was a PR to another branch (to make it easier for reviewing): https://github.com/getsentry/sentry-javascript/issues/18987#issuecomment-3819973505 When having this a ticket will be opened, but not automatically closed on merge as this workflow is apparently not supported by GitHub if the base branch is not the default (I am not sure if it works for `master`, but if there is a PR to `master` then we should definitely open a ticket, even though it is not autoclosing - just because it might be a mistake that it was opened against `master`) --- .github/workflows/create-issue-for-unreferenced-prs.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/create-issue-for-unreferenced-prs.yml b/.github/workflows/create-issue-for-unreferenced-prs.yml index a47df32738d7..0a833715d854 100644 --- a/.github/workflows/create-issue-for-unreferenced-prs.yml +++ b/.github/workflows/create-issue-for-unreferenced-prs.yml @@ -20,7 +20,8 @@ jobs: check_for_issue_reference: runs-on: ubuntu-latest if: | - !contains(github.event.pull_request.labels.*.name, 'Dev: Gitflow') + (github.event.pull_request.base.ref == 'develop' || github.event.pull_request.base.ref == 'master') + && !contains(github.event.pull_request.labels.*.name, 'Dev: Gitflow') && !startsWith(github.event.pull_request.head.ref, 'external-contributor/') && !startsWith(github.event.pull_request.head.ref, 'prepare-release/') && !startsWith(github.event.pull_request.head.ref, 'dependabot/') From 3f5fe427d3d97bb9d27aaf5810e3042c10ed7729 Mon Sep 17 00:00:00 2001 From: "javascript-sdk-gitflow[bot]" <255134079+javascript-sdk-gitflow[bot]@users.noreply.github.com> Date: Wed, 4 Feb 2026 17:53:05 +0100 Subject: [PATCH 29/80] chore: Add external contributor to CHANGELOG.md (#19143) This PR adds the external contributor to the CHANGELOG.md file, so that they are credited for their contribution. See #19113 Co-authored-by: andreiborza <168741329+andreiborza@users.noreply.github.com> --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 12ab13cf82b0..bc40e91d40fd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,8 @@ - "You miss 100 percent of the chances you don't take. — Wayne Gretzky" — Michael Scott +Work in this release was contributed by @limbonaut. Thank you for your contribution! + - **feat(tanstackstart-react): Auto-instrument server function middleware ([#19001](https://github.com/getsentry/sentry-javascript/pull/19001))** The `sentryTanstackStart` Vite plugin now automatically instruments middleware in `createServerFn().middleware([...])` calls. This captures performance data without requiring manual wrapping with `wrapMiddlewaresWithSentry()`. From ca24c711ebd772a59057b88e843455e2371a20e0 Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Wed, 4 Feb 2026 18:01:32 +0100 Subject: [PATCH 30/80] chore(deps): Bump express in test utils + e2e apps (#19159) Shuold get rid of warnings for vulnerable `path-to-regexp` version https://github.com/getsentry/sentry-javascript/security/dependabot/452 Closes #19160 (added automatically) --- .../package.json | 2 +- .../create-remix-app-express/package.json | 2 +- .../package.json | 2 +- .../package.json | 2 +- .../package.json | 2 +- .../package.json | 2 +- .../node-express-cjs-preload/package.json | 2 +- .../node-express-esm-loader/package.json | 2 +- .../node-express-esm-preload/package.json | 2 +- .../package.json | 2 +- .../package.json | 2 +- .../node-express-send-to-sentry/package.json | 2 +- .../node-firebase/firestore-app/package.json | 2 +- .../node-otel-custom-sampler/package.json | 2 +- .../node-otel-sdk-node/package.json | 2 +- .../node-otel-without-tracing/package.json | 2 +- .../test-applications/node-otel/package.json | 2 +- .../package.json | 2 +- .../react-router-6/package.json | 2 +- .../react-router-7-cross-usage/package.json | 2 +- .../react-router-7-lazy-routes/package.json | 2 +- .../node-core-integration-tests/package.json | 2 +- .../node-integration-tests/package.json | 2 +- .../suites/modules/test.ts | 6 +- .../node-overhead-gh-action/package.json | 2 +- dev-packages/test-utils/package.json | 2 +- package.json | 3 +- yarn.lock | 257 +++++++++--------- 28 files changed, 158 insertions(+), 158 deletions(-) diff --git a/dev-packages/e2e-tests/test-applications/create-remix-app-express-vite-dev/package.json b/dev-packages/e2e-tests/test-applications/create-remix-app-express-vite-dev/package.json index d15e66b030a7..d495d14019b6 100644 --- a/dev-packages/e2e-tests/test-applications/create-remix-app-express-vite-dev/package.json +++ b/dev-packages/e2e-tests/test-applications/create-remix-app-express-vite-dev/package.json @@ -18,7 +18,7 @@ "@remix-run/react": "^2.17.4", "@sentry/remix": "latest || *", "compression": "^1.7.4", - "express": "^4.18.2", + "express": "^4.21.2", "isbot": "^4.1.0", "morgan": "^1.10.0", "react": "^18.2.0", diff --git a/dev-packages/e2e-tests/test-applications/create-remix-app-express/package.json b/dev-packages/e2e-tests/test-applications/create-remix-app-express/package.json index 4981026f9b44..20788a102bc1 100644 --- a/dev-packages/e2e-tests/test-applications/create-remix-app-express/package.json +++ b/dev-packages/e2e-tests/test-applications/create-remix-app-express/package.json @@ -20,7 +20,7 @@ "@sentry/remix": "latest || *", "compression": "^1.7.4", "cross-env": "^7.0.3", - "express": "^4.18.2", + "express": "^4.21.2", "isbot": "^4.1.0", "morgan": "^1.10.0", "react": "^18.2.0", diff --git a/dev-packages/e2e-tests/test-applications/node-core-express-otel-v1-custom-sampler/package.json b/dev-packages/e2e-tests/test-applications/node-core-express-otel-v1-custom-sampler/package.json index 42c05b104b76..d1957655916b 100644 --- a/dev-packages/e2e-tests/test-applications/node-core-express-otel-v1-custom-sampler/package.json +++ b/dev-packages/e2e-tests/test-applications/node-core-express-otel-v1-custom-sampler/package.json @@ -23,7 +23,7 @@ "@sentry/opentelemetry": "latest || *", "@types/express": "4.17.17", "@types/node": "^18.19.1", - "express": "4.19.2", + "express": "^4.21.2", "typescript": "~5.0.0" }, "devDependencies": { diff --git a/dev-packages/e2e-tests/test-applications/node-core-express-otel-v1-sdk-node/package.json b/dev-packages/e2e-tests/test-applications/node-core-express-otel-v1-sdk-node/package.json index 02457a817a33..69decb891620 100644 --- a/dev-packages/e2e-tests/test-applications/node-core-express-otel-v1-sdk-node/package.json +++ b/dev-packages/e2e-tests/test-applications/node-core-express-otel-v1-sdk-node/package.json @@ -25,7 +25,7 @@ "@sentry/opentelemetry": "latest || *", "@types/express": "4.17.17", "@types/node": "^18.19.1", - "express": "4.19.2", + "express": "^4.21.2", "typescript": "~5.0.0" }, "devDependencies": { diff --git a/dev-packages/e2e-tests/test-applications/node-core-express-otel-v2-custom-sampler/package.json b/dev-packages/e2e-tests/test-applications/node-core-express-otel-v2-custom-sampler/package.json index 68e8f7ac1f24..aeca3156526c 100644 --- a/dev-packages/e2e-tests/test-applications/node-core-express-otel-v2-custom-sampler/package.json +++ b/dev-packages/e2e-tests/test-applications/node-core-express-otel-v2-custom-sampler/package.json @@ -23,7 +23,7 @@ "@sentry/opentelemetry": "latest || *", "@types/express": "4.17.17", "@types/node": "^18.19.1", - "express": "4.19.2", + "express": "^4.21.2", "typescript": "~5.0.0" }, "devDependencies": { diff --git a/dev-packages/e2e-tests/test-applications/node-core-express-otel-v2-sdk-node/package.json b/dev-packages/e2e-tests/test-applications/node-core-express-otel-v2-sdk-node/package.json index b79d084997bf..ca99076f8b7a 100644 --- a/dev-packages/e2e-tests/test-applications/node-core-express-otel-v2-sdk-node/package.json +++ b/dev-packages/e2e-tests/test-applications/node-core-express-otel-v2-sdk-node/package.json @@ -25,7 +25,7 @@ "@sentry/opentelemetry": "latest || *", "@types/express": "4.17.17", "@types/node": "^18.19.1", - "express": "4.19.2", + "express": "^4.21.2", "typescript": "~5.0.0" }, "devDependencies": { diff --git a/dev-packages/e2e-tests/test-applications/node-express-cjs-preload/package.json b/dev-packages/e2e-tests/test-applications/node-express-cjs-preload/package.json index 08d51754ed21..532e28769675 100644 --- a/dev-packages/e2e-tests/test-applications/node-express-cjs-preload/package.json +++ b/dev-packages/e2e-tests/test-applications/node-express-cjs-preload/package.json @@ -11,7 +11,7 @@ "dependencies": { "@sentry/node": "latest || *", "@sentry/opentelemetry": "latest || *", - "express": "4.20.0" + "express": "^4.21.2" }, "devDependencies": { "@playwright/test": "~1.56.0", diff --git a/dev-packages/e2e-tests/test-applications/node-express-esm-loader/package.json b/dev-packages/e2e-tests/test-applications/node-express-esm-loader/package.json index 82ace8aa2133..b54247ea1292 100644 --- a/dev-packages/e2e-tests/test-applications/node-express-esm-loader/package.json +++ b/dev-packages/e2e-tests/test-applications/node-express-esm-loader/package.json @@ -11,7 +11,7 @@ "dependencies": { "@sentry/node": "latest || *", "@sentry/opentelemetry": "latest || *", - "express": "4.20.0" + "express": "^4.21.2" }, "devDependencies": { "@playwright/test": "~1.56.0", diff --git a/dev-packages/e2e-tests/test-applications/node-express-esm-preload/package.json b/dev-packages/e2e-tests/test-applications/node-express-esm-preload/package.json index a570df2c60b7..0ce974f5aa43 100644 --- a/dev-packages/e2e-tests/test-applications/node-express-esm-preload/package.json +++ b/dev-packages/e2e-tests/test-applications/node-express-esm-preload/package.json @@ -11,7 +11,7 @@ "dependencies": { "@sentry/node": "latest || *", "@sentry/opentelemetry": "latest || *", - "express": "4.20.0" + "express": "^4.21.2" }, "devDependencies": { "@playwright/test": "~1.56.0", diff --git a/dev-packages/e2e-tests/test-applications/node-express-esm-without-loader/package.json b/dev-packages/e2e-tests/test-applications/node-express-esm-without-loader/package.json index 6ce1390487c4..a389962d4deb 100644 --- a/dev-packages/e2e-tests/test-applications/node-express-esm-without-loader/package.json +++ b/dev-packages/e2e-tests/test-applications/node-express-esm-without-loader/package.json @@ -11,7 +11,7 @@ "dependencies": { "@sentry/node": "latest || *", "@sentry/opentelemetry": "latest || *", - "express": "4.20.0" + "express": "^4.21.2" }, "devDependencies": { "@playwright/test": "~1.56.0", diff --git a/dev-packages/e2e-tests/test-applications/node-express-incorrect-instrumentation/package.json b/dev-packages/e2e-tests/test-applications/node-express-incorrect-instrumentation/package.json index 994100e5d7b9..1036f91cf4e9 100644 --- a/dev-packages/e2e-tests/test-applications/node-express-incorrect-instrumentation/package.json +++ b/dev-packages/e2e-tests/test-applications/node-express-incorrect-instrumentation/package.json @@ -16,7 +16,7 @@ "@trpc/client": "10.45.4", "@types/express": "4.17.17", "@types/node": "^18.19.1", - "express": "4.20.0", + "express": "^4.21.2", "typescript": "~5.0.0", "zod": "~3.22.4" }, diff --git a/dev-packages/e2e-tests/test-applications/node-express-send-to-sentry/package.json b/dev-packages/e2e-tests/test-applications/node-express-send-to-sentry/package.json index 5ba79164fa21..cca96b3e49cb 100644 --- a/dev-packages/e2e-tests/test-applications/node-express-send-to-sentry/package.json +++ b/dev-packages/e2e-tests/test-applications/node-express-send-to-sentry/package.json @@ -14,7 +14,7 @@ "@sentry/node": "latest || *", "@types/express": "4.17.17", "@types/node": "^18.19.1", - "express": "4.19.2", + "express": "^4.21.2", "typescript": "~5.0.0" }, "devDependencies": { diff --git a/dev-packages/e2e-tests/test-applications/node-firebase/firestore-app/package.json b/dev-packages/e2e-tests/test-applications/node-firebase/firestore-app/package.json index b5d19993bdae..e0e0614a23f8 100644 --- a/dev-packages/e2e-tests/test-applications/node-firebase/firestore-app/package.json +++ b/dev-packages/e2e-tests/test-applications/node-firebase/firestore-app/package.json @@ -9,7 +9,7 @@ "dependencies": { "@firebase/app": "^0.13.1", "@sentry/node": "latest || *", - "express": "^4.18.2", + "express": "^4.21.2", "firebase": "^12.0.0" }, "devDependencies": { diff --git a/dev-packages/e2e-tests/test-applications/node-otel-custom-sampler/package.json b/dev-packages/e2e-tests/test-applications/node-otel-custom-sampler/package.json index 681a10ccc39d..d5db893eaa6d 100644 --- a/dev-packages/e2e-tests/test-applications/node-otel-custom-sampler/package.json +++ b/dev-packages/e2e-tests/test-applications/node-otel-custom-sampler/package.json @@ -17,7 +17,7 @@ "@sentry/opentelemetry": "latest || *", "@types/express": "4.17.17", "@types/node": "^18.19.1", - "express": "4.19.2", + "express": "^4.21.2", "typescript": "~5.0.0" }, "devDependencies": { diff --git a/dev-packages/e2e-tests/test-applications/node-otel-sdk-node/package.json b/dev-packages/e2e-tests/test-applications/node-otel-sdk-node/package.json index cadd3c29470c..b08ce5b8894e 100644 --- a/dev-packages/e2e-tests/test-applications/node-otel-sdk-node/package.json +++ b/dev-packages/e2e-tests/test-applications/node-otel-sdk-node/package.json @@ -16,7 +16,7 @@ "@sentry/node": "latest || *", "@types/express": "4.17.17", "@types/node": "^18.19.1", - "express": "4.19.2", + "express": "^4.21.2", "typescript": "~5.0.0" }, "devDependencies": { diff --git a/dev-packages/e2e-tests/test-applications/node-otel-without-tracing/package.json b/dev-packages/e2e-tests/test-applications/node-otel-without-tracing/package.json index b8165a303621..9202de84a2b7 100644 --- a/dev-packages/e2e-tests/test-applications/node-otel-without-tracing/package.json +++ b/dev-packages/e2e-tests/test-applications/node-otel-without-tracing/package.json @@ -20,7 +20,7 @@ "@sentry/node": "latest || *", "@types/express": "4.17.17", "@types/node": "^18.19.1", - "express": "4.19.2", + "express": "^4.21.2", "typescript": "~5.0.0" }, "devDependencies": { diff --git a/dev-packages/e2e-tests/test-applications/node-otel/package.json b/dev-packages/e2e-tests/test-applications/node-otel/package.json index f13c0cdb896e..9b94da03bfdc 100644 --- a/dev-packages/e2e-tests/test-applications/node-otel/package.json +++ b/dev-packages/e2e-tests/test-applications/node-otel/package.json @@ -16,7 +16,7 @@ "@sentry/node": "latest || *", "@types/express": "4.17.17", "@types/node": "^18.19.1", - "express": "4.20.0", + "express": "^4.21.2", "typescript": "~5.0.0" }, "devDependencies": { diff --git a/dev-packages/e2e-tests/test-applications/react-router-6-descendant-routes/package.json b/dev-packages/e2e-tests/test-applications/react-router-6-descendant-routes/package.json index 394f631ffb2c..73b0eb2e0d8b 100644 --- a/dev-packages/e2e-tests/test-applications/react-router-6-descendant-routes/package.json +++ b/dev-packages/e2e-tests/test-applications/react-router-6-descendant-routes/package.json @@ -6,7 +6,7 @@ "@sentry/react": "latest || *", "@types/react": "18.0.0", "@types/react-dom": "18.0.0", - "express": "4.20.0", + "express": "^4.21.2", "react": "18.2.0", "react-dom": "18.2.0", "react-router-dom": "^6.28.0", diff --git a/dev-packages/e2e-tests/test-applications/react-router-6/package.json b/dev-packages/e2e-tests/test-applications/react-router-6/package.json index 20d9b4f85f18..228705bb6493 100644 --- a/dev-packages/e2e-tests/test-applications/react-router-6/package.json +++ b/dev-packages/e2e-tests/test-applications/react-router-6/package.json @@ -6,7 +6,7 @@ "@sentry/react": "latest || *", "@types/react": "18.0.0", "@types/react-dom": "18.0.0", - "express": "4.19.2", + "express": "^4.21.2", "react": "18.2.0", "react-dom": "18.2.0", "react-router-dom": "^6.4.1", diff --git a/dev-packages/e2e-tests/test-applications/react-router-7-cross-usage/package.json b/dev-packages/e2e-tests/test-applications/react-router-7-cross-usage/package.json index ca99556b6c4f..0c312ea52926 100644 --- a/dev-packages/e2e-tests/test-applications/react-router-7-cross-usage/package.json +++ b/dev-packages/e2e-tests/test-applications/react-router-7-cross-usage/package.json @@ -6,7 +6,7 @@ "@sentry/react": "latest || *", "@types/react": "18.0.0", "@types/react-dom": "18.0.0", - "express": "4.20.0", + "express": "^4.21.2", "react": "18.2.0", "react-dom": "18.2.0", "react-router-dom": "7.6.0", diff --git a/dev-packages/e2e-tests/test-applications/react-router-7-lazy-routes/package.json b/dev-packages/e2e-tests/test-applications/react-router-7-lazy-routes/package.json index c9cccd09f60e..afd2a32834aa 100644 --- a/dev-packages/e2e-tests/test-applications/react-router-7-lazy-routes/package.json +++ b/dev-packages/e2e-tests/test-applications/react-router-7-lazy-routes/package.json @@ -6,7 +6,7 @@ "@sentry/react": "latest || *", "@types/react": "18.0.0", "@types/react-dom": "18.0.0", - "express": "4.20.0", + "express": "^4.21.2", "react": "18.2.0", "react-dom": "18.2.0", "react-router-dom": "7.6.0", diff --git a/dev-packages/node-core-integration-tests/package.json b/dev-packages/node-core-integration-tests/package.json index 79b879519dba..82ec182686ee 100644 --- a/dev-packages/node-core-integration-tests/package.json +++ b/dev-packages/node-core-integration-tests/package.json @@ -39,7 +39,7 @@ "body-parser": "^1.20.3", "cors": "^2.8.5", "cron": "^3.1.6", - "express": "^4.21.1", + "express": "^4.21.2", "http-terminator": "^3.2.0", "nock": "^13.5.5", "node-cron": "^3.0.3", diff --git a/dev-packages/node-integration-tests/package.json b/dev-packages/node-integration-tests/package.json index 357cd34c0772..e86b77c64d81 100644 --- a/dev-packages/node-integration-tests/package.json +++ b/dev-packages/node-integration-tests/package.json @@ -52,7 +52,7 @@ "cors": "^2.8.5", "cron": "^3.1.6", "dataloader": "2.2.2", - "express": "^4.21.1", + "express": "^4.21.2", "generic-pool": "^3.9.0", "graphql": "^16.3.0", "hono": "^4.11.7", diff --git a/dev-packages/node-integration-tests/suites/modules/test.ts b/dev-packages/node-integration-tests/suites/modules/test.ts index 89fe98c62867..f47c4c1f8b09 100644 --- a/dev-packages/node-integration-tests/suites/modules/test.ts +++ b/dev-packages/node-integration-tests/suites/modules/test.ts @@ -1,6 +1,6 @@ import { SDK_VERSION } from '@sentry/core'; import { join } from 'path'; -import { afterAll, describe, test } from 'vitest'; +import { afterAll, describe, expect, test } from 'vitest'; import { cleanupChildProcesses, createRunner } from '../../utils/runner'; describe('modulesIntegration', () => { @@ -15,7 +15,7 @@ describe('modulesIntegration', () => { event: { modules: { // exact version comes from require.caches - express: '4.21.1', + express: expect.stringMatching(/^4\.\d+\.\d+$/), // this comes from package.json '@sentry/node': SDK_VERSION, yargs: '^16.2.0', @@ -35,7 +35,7 @@ describe('modulesIntegration', () => { event: { modules: { // this comes from package.json - express: '^4.21.1', + express: expect.stringMatching(/^\^4\.\d+\.\d+$/), '@sentry/node': SDK_VERSION, yargs: '^16.2.0', }, diff --git a/dev-packages/node-overhead-gh-action/package.json b/dev-packages/node-overhead-gh-action/package.json index 58f08228740d..b2355411f92a 100644 --- a/dev-packages/node-overhead-gh-action/package.json +++ b/dev-packages/node-overhead-gh-action/package.json @@ -24,7 +24,7 @@ }, "dependencies": { "@sentry/node": "10.38.0", - "express": "^4.21.1", + "express": "^4.21.2", "mysql2": "^3.14.4" }, "devDependencies": { diff --git a/dev-packages/test-utils/package.json b/dev-packages/test-utils/package.json index 64c6e173e565..57015c1b2efc 100644 --- a/dev-packages/test-utils/package.json +++ b/dev-packages/test-utils/package.json @@ -44,7 +44,7 @@ "@playwright/test": "~1.56.0" }, "dependencies": { - "express": "^4.21.1" + "express": "^4.21.2" }, "devDependencies": { "@playwright/test": "~1.56.0", diff --git a/package.json b/package.json index 1b2a32eb5388..1264edd4db09 100644 --- a/package.json +++ b/package.json @@ -151,7 +151,8 @@ "gauge/strip-ansi": "6.0.1", "wide-align/string-width": "4.2.3", "cliui/wrap-ansi": "7.0.0", - "sucrase": "getsentry/sucrase#es2020-polyfills" + "sucrase": "getsentry/sucrase#es2020-polyfills", + "**/express/path-to-regexp": "0.1.12" }, "version": "0.0.0", "name": "sentry-javascript", diff --git a/yarn.lock b/yarn.lock index 4a8fb1a44718..ce0bdf5005ef 100644 --- a/yarn.lock +++ b/yarn.lock @@ -11965,23 +11965,23 @@ bluebird@^3.4.6, bluebird@^3.7.2: resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.7.2.tgz#9f229c15be272454ffa973ace0dbee79a1b0c36f" integrity sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg== -body-parser@1.20.3, body-parser@^1.19.0, body-parser@^1.20.3: - version "1.20.3" - resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.3.tgz#1953431221c6fb5cd63c4b36d53fab0928e548c6" - integrity sha512-7rAxByjUMqQ3/bHJy7D6OGXvx/MMc4IqBn/X0fcM1QUcAItpZrBEYhWGem+tzXH90c+G01ypMcYJBO9Y30203g== +body-parser@^1.19.0, body-parser@^1.20.3, body-parser@~1.20.3: + version "1.20.4" + resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.20.4.tgz#f8e20f4d06ca8a50a71ed329c15dccad1cdc547f" + integrity sha512-ZTgYYLMOXY9qKU/57FAo8F+HA2dGX7bqGc71txDRC1rS4frdFI5R7NhluHxH6M0YItAP0sHB4uqAOcYKxO6uGA== dependencies: - bytes "3.1.2" + bytes "~3.1.2" content-type "~1.0.5" debug "2.6.9" depd "2.0.0" - destroy "1.2.0" - http-errors "2.0.0" - iconv-lite "0.4.24" - on-finished "2.4.1" - qs "6.13.0" - raw-body "2.5.2" + destroy "~1.2.0" + http-errors "~2.0.1" + iconv-lite "~0.4.24" + on-finished "~2.4.1" + qs "~6.14.0" + raw-body "~2.5.3" type-is "~1.6.18" - unpipe "1.0.0" + unpipe "~1.0.0" body-parser@^2.2.0: version "2.2.0" @@ -12678,7 +12678,7 @@ bytes@3.0.0: resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.0.0.tgz#d32815404d689699f85a4ea4fa8755dd13a96048" integrity sha1-0ygVQE1olpn4Wk6k+odV3ROpYEg= -bytes@3.1.2, bytes@^3.1.2: +bytes@3.1.2, bytes@^3.1.2, bytes@~3.1.2: version "3.1.2" resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.1.2.tgz#8b0beeb98605adf1b128fa4386403c009e0221a5" integrity sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg== @@ -13642,13 +13642,6 @@ consolidate@^0.16.0: dependencies: bluebird "^3.7.2" -content-disposition@0.5.4: - version "0.5.4" - resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-0.5.4.tgz#8b82b4efac82512a02bb0b1dcec9d2c5e8eb5bfe" - integrity sha512-FveZTNuGw04cxlAiWbzi6zTAL/lhehaWbTtgluJh4/E95DqMwTmha3KZN1aAWA8cFIhHzMZUvLevkw5Rqk+tSQ== - dependencies: - safe-buffer "5.2.1" - content-disposition@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-1.0.0.tgz#844426cb398f934caefcbb172200126bc7ceace2" @@ -13656,6 +13649,13 @@ content-disposition@^1.0.0: dependencies: safe-buffer "5.2.1" +content-disposition@~0.5.4: + version "0.5.4" + resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-0.5.4.tgz#8b82b4efac82512a02bb0b1dcec9d2c5e8eb5bfe" + integrity sha512-FveZTNuGw04cxlAiWbzi6zTAL/lhehaWbTtgluJh4/E95DqMwTmha3KZN1aAWA8cFIhHzMZUvLevkw5Rqk+tSQ== + dependencies: + safe-buffer "5.2.1" + content-type@^1.0.5, content-type@~1.0.4, content-type@~1.0.5: version "1.0.5" resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.5.tgz#8b773162656d1d1086784c8f23a54ce6d73d7918" @@ -13761,20 +13761,15 @@ cookie-es@^2.0.0: resolved "https://registry.yarnpkg.com/cookie-es/-/cookie-es-2.0.0.tgz#ca6163d7ef8686ea6bbdd551f1de575569c1ed69" integrity sha512-RAj4E421UYRgqokKUmotqAwuplYw15qtdXfY+hGzgCJ/MBjCVZcSoHK/kH9kocfjRjcDME7IiDWR/1WX1TM2Pg== -cookie-signature@1.0.6: - version "1.0.6" - resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c" - integrity sha1-4wOogrNCzD7oylE6eZmXNNqzriw= - cookie-signature@^1.1.0, cookie-signature@^1.2.1: version "1.2.2" resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.2.2.tgz#57c7fc3cc293acab9fec54d73e15690ebe4a1793" integrity sha512-D76uU73ulSXrD1UXF4KE2TMxVVwhsnCgfAyTg9k8P6KGZjlXKrOLe4dJQKI3Bxi5wjesZoFXJWElNWBjPZMbhg== -cookie@0.7.1: - version "0.7.1" - resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.7.1.tgz#2f73c42142d5d5cf71310a74fc4ae61670e5dbc9" - integrity sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w== +cookie-signature@~1.0.6: + version "1.0.7" + resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.7.tgz#ab5dd7ab757c54e60f37ef6550f481c426d10454" + integrity sha512-NXdYc3dLr47pBkpUCHtKSwIOQXLVn8dZEuywboCOJY/osA0wFSLlSawr3KN8qXJEyX66FcONTH8EIlVuK0yyFA== cookie@^0.5.0: version "0.5.0" @@ -13786,7 +13781,7 @@ cookie@^0.6.0: resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.6.0.tgz#2798b04b071b0ecbff0dbb62a505a8efa4e19051" integrity sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw== -cookie@^0.7.1, cookie@^0.7.2, cookie@~0.7.2: +cookie@^0.7.1, cookie@^0.7.2, cookie@~0.7.1, cookie@~0.7.2: version "0.7.2" resolved "https://registry.yarnpkg.com/cookie/-/cookie-0.7.2.tgz#556369c472a2ba910f2979891b526b3436237ed7" integrity sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w== @@ -14557,7 +14552,7 @@ destr@^2.0.3, destr@^2.0.5: resolved "https://registry.yarnpkg.com/destr/-/destr-2.0.5.tgz#7d112ff1b925fb8d2079fac5bdb4a90973b51fdb" integrity sha512-ugFTXCtDZunbzasqBxrK93Ik/DRYsO6S/fedkWEMKqt04xZ4csmnmwGDBAb07QWNaGMAmnTIemsYZCksjATwsA== -destroy@1.2.0: +destroy@1.2.0, destroy@~1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.2.0.tgz#4803735509ad8be552934c67df614f94e66fa015" integrity sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg== @@ -16958,39 +16953,39 @@ express@5.1.0: type-is "^2.0.1" vary "^1.1.2" -express@^4.10.7, express@^4.17.1, express@^4.17.3, express@^4.18.1, express@^4.21.1: - version "4.21.1" - resolved "https://registry.yarnpkg.com/express/-/express-4.21.1.tgz#9dae5dda832f16b4eec941a4e44aa89ec481b281" - integrity sha512-YSFlK1Ee0/GC8QaO91tHcDxJiE/X4FbpAyQWkxAvG6AXCuR65YzK8ua6D9hvi/TzUfZMpc+BwuM1IPw8fmQBiQ== +express@^4.10.7, express@^4.17.1, express@^4.17.3, express@^4.18.1, express@^4.21.2: + version "4.22.1" + resolved "https://registry.yarnpkg.com/express/-/express-4.22.1.tgz#1de23a09745a4fffdb39247b344bb5eaff382069" + integrity sha512-F2X8g9P1X7uCPZMA3MVf9wcTqlyNp7IhH5qPCI0izhaOIYXaW9L535tGA3qmjRzpH+bZczqq7hVKxTR4NWnu+g== dependencies: accepts "~1.3.8" array-flatten "1.1.1" - body-parser "1.20.3" - content-disposition "0.5.4" + body-parser "~1.20.3" + content-disposition "~0.5.4" content-type "~1.0.4" - cookie "0.7.1" - cookie-signature "1.0.6" + cookie "~0.7.1" + cookie-signature "~1.0.6" debug "2.6.9" depd "2.0.0" encodeurl "~2.0.0" escape-html "~1.0.3" etag "~1.8.1" - finalhandler "1.3.1" - fresh "0.5.2" - http-errors "2.0.0" + finalhandler "~1.3.1" + fresh "~0.5.2" + http-errors "~2.0.0" merge-descriptors "1.0.3" methods "~1.1.2" - on-finished "2.4.1" + on-finished "~2.4.1" parseurl "~1.3.3" - path-to-regexp "0.1.10" + path-to-regexp "~0.1.12" proxy-addr "~2.0.7" - qs "6.13.0" + qs "~6.14.0" range-parser "~1.2.1" safe-buffer "5.2.1" - send "0.19.0" - serve-static "1.16.2" + send "~0.19.0" + serve-static "~1.16.2" setprototypeof "1.2.0" - statuses "2.0.1" + statuses "~2.0.1" type-is "~1.6.18" utils-merge "1.0.1" vary "~1.1.2" @@ -17331,19 +17326,6 @@ finalhandler@1.1.2: statuses "~1.5.0" unpipe "~1.0.0" -finalhandler@1.3.1: - version "1.3.1" - resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-1.3.1.tgz#0c575f1d1d324ddd1da35ad7ece3df7d19088019" - integrity sha512-6BN9trH7bp3qvnrRyzsBz+g3lZxTNZTbVO2EV1CS0WIcDbawYVdYvGflME/9QP0h0pYlCDBCTjYa9nZzMDpyxQ== - dependencies: - debug "2.6.9" - encodeurl "~2.0.0" - escape-html "~1.0.3" - on-finished "2.4.1" - parseurl "~1.3.3" - statuses "2.0.1" - unpipe "~1.0.0" - finalhandler@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-2.1.0.tgz#72306373aa89d05a8242ed569ed86a1bff7c561f" @@ -17356,6 +17338,19 @@ finalhandler@^2.1.0: parseurl "^1.3.3" statuses "^2.0.1" +finalhandler@~1.3.1: + version "1.3.2" + resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-1.3.2.tgz#1ebc2228fc7673aac4a472c310cc05b77d852b88" + integrity sha512-aA4RyPcd3badbdABGDuTXCMTtOneUCAYH/gxoYRTZlIJdF0YPWuGqiAsIrhNnnqdXGswYk6dGujem4w80UJFhg== + dependencies: + debug "2.6.9" + encodeurl "~2.0.0" + escape-html "~1.0.3" + on-finished "~2.4.1" + parseurl "~1.3.3" + statuses "~2.0.2" + unpipe "~1.0.0" + find-babel-config@^1.1.0, find-babel-config@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/find-babel-config/-/find-babel-config-1.2.0.tgz#a9b7b317eb5b9860cda9d54740a8c8337a2283a2" @@ -17589,16 +17584,16 @@ fragment-cache@^0.2.1: dependencies: map-cache "^0.2.2" -fresh@0.5.2: - version "0.5.2" - resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.5.2.tgz#3d8cadd90d976569fa835ab1f8e4b23a105605a7" - integrity sha1-PYyt2Q2XZWn6g1qx+OSyOhBWBac= - fresh@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/fresh/-/fresh-2.0.0.tgz#8dd7df6a1b3a1b3a5cf186c05a5dd267622635a4" integrity sha512-Rx/WycZ60HOaqLKAi6cHRKKI7zxWbJ31MhntmtwMoaTeF7XFH9hhBp8vITaMidfljRQ6eYWCKkaTK+ykVJHP2A== +fresh@~0.5.2: + version "0.5.2" + resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.5.2.tgz#3d8cadd90d976569fa835ab1f8e4b23a105605a7" + integrity sha1-PYyt2Q2XZWn6g1qx+OSyOhBWBac= + front-matter@^4.0.2: version "4.0.2" resolved "https://registry.yarnpkg.com/front-matter/-/front-matter-4.0.2.tgz#b14e54dc745cfd7293484f3210d15ea4edd7f4d5" @@ -18998,7 +18993,7 @@ http-deceiver@^1.2.7: resolved "https://registry.yarnpkg.com/http-deceiver/-/http-deceiver-1.2.7.tgz#fa7168944ab9a519d337cb0bec7284dc3e723d87" integrity sha1-+nFolEq5pRnTN8sL7HKE3D5yPYc= -http-errors@2.0.0, http-errors@^2.0.0: +http-errors@2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-2.0.0.tgz#b7774a1486ef73cf7667ac9ae0858c012c57b9d3" integrity sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ== @@ -19009,6 +19004,17 @@ http-errors@2.0.0, http-errors@^2.0.0: statuses "2.0.1" toidentifier "1.0.1" +http-errors@^2.0.0, http-errors@~2.0.0, http-errors@~2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-2.0.1.tgz#36d2f65bc909c8790018dd36fb4d93da6caae06b" + integrity sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ== + dependencies: + depd "~2.0.0" + inherits "~2.0.4" + setprototypeof "~1.2.0" + statuses "~2.0.2" + toidentifier "~1.0.1" + http-errors@~1.6.2: version "1.6.3" resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.6.3.tgz#8b55680bb4be283a0b5bf4ea2e38580be1d9320d" @@ -19147,13 +19153,6 @@ hyperid@^3.0.0: uuid "^8.3.2" uuid-parse "^1.1.0" -iconv-lite@0.4.24, iconv-lite@^0.4.24, iconv-lite@^0.4.4: - version "0.4.24" - resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b" - integrity sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA== - dependencies: - safer-buffer ">= 2.1.2 < 3" - iconv-lite@0.6.3, iconv-lite@^0.6.2, iconv-lite@^0.6.3: version "0.6.3" resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz#a52f80bf38da1952eb5c681790719871a1a72501" @@ -19161,6 +19160,13 @@ iconv-lite@0.6.3, iconv-lite@^0.6.2, iconv-lite@^0.6.3: dependencies: safer-buffer ">= 2.1.2 < 3.0.0" +iconv-lite@^0.4.24, iconv-lite@^0.4.4, iconv-lite@~0.4.24: + version "0.4.24" + resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b" + integrity sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA== + dependencies: + safer-buffer ">= 2.1.2 < 3" + iconv-lite@^0.7.0: version "0.7.0" resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.7.0.tgz#c50cd80e6746ca8115eb98743afa81aa0e147a3e" @@ -19304,7 +19310,7 @@ inflight@^1.0.4: once "^1.3.0" wrappy "1" -inherits@2, inherits@2.0.4, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.1, inherits@~2.0.3: +inherits@2, inherits@2.0.4, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.1, inherits@~2.0.3, inherits@~2.0.4: version "2.0.4" resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c" integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ== @@ -24036,7 +24042,7 @@ on-exit-leak-free@^2.1.0: resolved "https://registry.yarnpkg.com/on-exit-leak-free/-/on-exit-leak-free-2.1.2.tgz#fed195c9ebddb7d9e4c3842f93f281ac8dadd3b8" integrity sha512-0eJJY6hXLGf1udHwfNftBqH+g73EU4B504nZeKpz1sYRKafAghwxEJunB2O7rDZkL4PGfsMVnTXZ2EjibbqcsA== -on-finished@2.4.1, on-finished@^2.4.1: +on-finished@^2.4.1, on-finished@~2.4.1: version "2.4.1" resolved "https://registry.yarnpkg.com/on-finished/-/on-finished-2.4.1.tgz#58c8c44116e54845ad57f14ab10b03533184ac3f" integrity sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg== @@ -24740,10 +24746,10 @@ path-scurry@^2.0.0: lru-cache "^11.0.0" minipass "^7.1.2" -path-to-regexp@0.1.10: - version "0.1.10" - resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.10.tgz#67e9108c5c0551b9e5326064387de4763c4d5f8b" - integrity sha512-7lf7qcQidTku0Gu3YDPc8DJ1q7OOucfa/BSsIwjuh56VU7katFvuM8hULfkwB3Fns/rsVF7PwPKVw1sl5KQS9w== +path-to-regexp@0.1.12, path-to-regexp@~0.1.12: + version "0.1.12" + resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.12.tgz#d5e1a12e478a976d432ef3c58d534b9923164bb7" + integrity sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ== path-to-regexp@3.3.0: version "3.3.0" @@ -26093,17 +26099,10 @@ pure-rand@^6.1.0: resolved "https://registry.yarnpkg.com/pure-rand/-/pure-rand-6.1.0.tgz#d173cf23258231976ccbdb05247c9787957604f2" integrity sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA== -qs@6.13.0: - version "6.13.0" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.13.0.tgz#6ca3bd58439f7e245655798997787b0d88a51906" - integrity sha512-+38qI9SOr8tfZ4QmJNplMUxqjbe7LKvvZgWdExBOmd+egZTtjLB67Gu0HRX3u/XOq7UU2Nx6nsjvS16Z9uwfpg== - dependencies: - side-channel "^1.0.6" - -qs@^6.14.0, qs@^6.4.0: - version "6.14.0" - resolved "https://registry.yarnpkg.com/qs/-/qs-6.14.0.tgz#c63fa40680d2c5c941412a0e899c89af60c0a930" - integrity sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w== +qs@^6.14.0, qs@^6.4.0, qs@~6.14.0: + version "6.14.1" + resolved "https://registry.yarnpkg.com/qs/-/qs-6.14.1.tgz#a41d85b9d3902f31d27861790506294881871159" + integrity sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ== dependencies: side-channel "^1.1.0" @@ -26192,16 +26191,6 @@ range-parser@^1.2.1, range-parser@~1.2.1: resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.1.tgz#3cf37023d199e1c24d1a55b84800c2f3e6468031" integrity sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg== -raw-body@2.5.2: - version "2.5.2" - resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.5.2.tgz#99febd83b90e08975087e8f1f9419a149366b68a" - integrity sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA== - dependencies: - bytes "3.1.2" - http-errors "2.0.0" - iconv-lite "0.4.24" - unpipe "1.0.0" - raw-body@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-3.0.0.tgz#25b3476f07a51600619dae3fe82ddc28a36e5e0f" @@ -26220,6 +26209,16 @@ raw-body@~1.1.0: bytes "1" string_decoder "0.10" +raw-body@~2.5.3: + version "2.5.3" + resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-2.5.3.tgz#11c6650ee770a7de1b494f197927de0c923822e2" + integrity sha512-s4VSOf6yN0rvbRZGxs8Om5CWj6seneMwK3oDb4lWDH0UPhWcxwOWw5+qk24bxq87szX1ydrwylIOp2uG1ojUpA== + dependencies: + bytes "~3.1.2" + http-errors "~2.0.1" + iconv-lite "~0.4.24" + unpipe "~1.0.0" + rc9@^2.1.2: version "2.1.2" resolved "https://registry.yarnpkg.com/rc9/-/rc9-2.1.2.tgz#6282ff638a50caa0a91a31d76af4a0b9cbd1080d" @@ -27661,25 +27660,6 @@ semver@^7.0.0, semver@^7.1.1, semver@^7.3.2, semver@^7.3.4, semver@^7.3.5, semve resolved "https://registry.yarnpkg.com/semver/-/semver-7.7.3.tgz#4b5f4143d007633a8dc671cd0a6ef9147b8bb946" integrity sha512-SdsKMrI9TdgjdweUSR9MweHA4EJ8YxHn8DFaDisvhVlUOe4BF1tLD7GAj0lIqWVl+dPb/rExr0Btby5loQm20Q== -send@0.19.0: - version "0.19.0" - resolved "https://registry.yarnpkg.com/send/-/send-0.19.0.tgz#bbc5a388c8ea6c048967049dbeac0e4a3f09d7f8" - integrity sha512-dW41u5VfLXu8SJh5bwRmyYUbAoSB3c9uQh6L8h/KtsFREPWpbX1lrljJo186Jc4nmci/sGUZ9a0a0J2zgfq2hw== - dependencies: - debug "2.6.9" - depd "2.0.0" - destroy "1.2.0" - encodeurl "~1.0.2" - escape-html "~1.0.3" - etag "~1.8.1" - fresh "0.5.2" - http-errors "2.0.0" - mime "1.6.0" - ms "2.1.3" - on-finished "2.4.1" - range-parser "~1.2.1" - statuses "2.0.1" - send@^1.1.0, send@^1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/send/-/send-1.2.0.tgz#32a7554fb777b831dfa828370f773a3808d37212" @@ -27697,6 +27677,25 @@ send@^1.1.0, send@^1.2.0: range-parser "^1.2.1" statuses "^2.0.1" +send@~0.19.0, send@~0.19.1: + version "0.19.2" + resolved "https://registry.yarnpkg.com/send/-/send-0.19.2.tgz#59bc0da1b4ea7ad42736fd642b1c4294e114ff29" + integrity sha512-VMbMxbDeehAxpOtWJXlcUS5E8iXh6QmN+BkRX1GARS3wRaXEEgzCcB10gTQazO42tpNIya8xIyNx8fll1OFPrg== + dependencies: + debug "2.6.9" + depd "2.0.0" + destroy "1.2.0" + encodeurl "~2.0.0" + escape-html "~1.0.3" + etag "~1.8.1" + fresh "~0.5.2" + http-errors "~2.0.1" + mime "1.6.0" + ms "2.1.3" + on-finished "~2.4.1" + range-parser "~1.2.1" + statuses "~2.0.2" + seq-queue@^0.0.5: version "0.0.5" resolved "https://registry.yarnpkg.com/seq-queue/-/seq-queue-0.0.5.tgz#d56812e1c017a6e4e7c3e3a37a1da6d78dd3c93e" @@ -27739,15 +27738,15 @@ serve-placeholder@^2.0.1, serve-placeholder@^2.0.2: dependencies: defu "^6.1.4" -serve-static@1.16.2, serve-static@^1.15.0: - version "1.16.2" - resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.16.2.tgz#b6a5343da47f6bdd2673848bf45754941e803296" - integrity sha512-VqpjJZKadQB/PEbEwvFdO43Ax5dFBZ2UECszz8bQ7pi7wt//PWe1P6MN7eCnjsatYtBT6EuiClbjSWP2WrIoTw== +serve-static@^1.15.0, serve-static@~1.16.2: + version "1.16.3" + resolved "https://registry.yarnpkg.com/serve-static/-/serve-static-1.16.3.tgz#a97b74d955778583f3862a4f0b841eb4d5d78cf9" + integrity sha512-x0RTqQel6g5SY7Lg6ZreMmsOzncHFU7nhnRWkKgWuMTu5NN0DR5oruckMqRvacAN9d5w6ARnRBXl9xhDCgfMeA== dependencies: encodeurl "~2.0.0" escape-html "~1.0.3" parseurl "~1.3.3" - send "0.19.0" + send "~0.19.1" serve-static@^2.2.0, serve-static@^2.2.1: version "2.2.1" @@ -27820,7 +27819,7 @@ setprototypeof@1.1.0: resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.1.0.tgz#d0bd85536887b6fe7c0d818cb962d9d91c54e656" integrity sha512-BvE/TwpZX4FXExxOxZyRGQQv651MSwmWKZGqvmPcRIjDqWub67kTKuIMx43cZZrS/cBBzwBcNDWoFxt2XEFIpQ== -setprototypeof@1.2.0: +setprototypeof@1.2.0, setprototypeof@~1.2.0: version "1.2.0" resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.2.0.tgz#66c9a24a73f9fc28cbe66b09fed3d33dcaf1b424" integrity sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw== @@ -27982,7 +27981,7 @@ side-channel-weakmap@^1.0.2: object-inspect "^1.13.3" side-channel-map "^1.0.1" -side-channel@^1.0.4, side-channel@^1.0.6, side-channel@^1.1.0: +side-channel@^1.0.4, side-channel@^1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.1.0.tgz#c3fcff9c4da932784873335ec9765fa94ff66bc9" integrity sha512-ZX99e6tRweoUXqR+VBrslhda51Nh5MTQwou5tnUDgbtyM0dBgmhEDtWGP/xbKn6hqfPRHujUNwz5fy/wbbhnpw== @@ -28658,7 +28657,7 @@ statuses@2.0.1: resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.5.0.tgz#161c7dac177659fd9811f43771fa99381478628c" integrity sha1-Fhx9rBd2Wf2YEfQ3cfqZOBR4Yow= -statuses@^2.0.1: +statuses@^2.0.1, statuses@~2.0.1, statuses@~2.0.2: version "2.0.2" resolved "https://registry.yarnpkg.com/statuses/-/statuses-2.0.2.tgz#8f75eecef765b5e1cfcdc080da59409ed424e382" integrity sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw== @@ -29696,7 +29695,7 @@ to-regex@^3.0.1, to-regex@^3.0.2: regex-not "^1.0.2" safe-regex "^1.1.0" -toidentifier@1.0.1: +toidentifier@1.0.1, toidentifier@~1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/toidentifier/-/toidentifier-1.0.1.tgz#3be34321a88a820ed1bd80dfaa33e479fbb8dd35" integrity sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA== From b7f8cfe699f8a99da4958b18380c7f46df2b4d1f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20Peer=20St=C3=B6cklmair?= Date: Thu, 5 Feb 2026 10:36:22 +0100 Subject: [PATCH 31/80] fix(core): Avoid blocking the process for weightBasedFlushing (#19174) closes #19171 closes [JS-1641](https://linear.app/getsentry/issue/JS-1641/metrics-flush-timer-should-use-unref-to-not-block-process-exit) This was is something that got missed by Copilot on #19062 --- packages/core/src/client.ts | 14 +++++---- packages/core/test/lib/client.test.ts | 42 +++++++++++++++++++++++++++ 2 files changed, 51 insertions(+), 5 deletions(-) diff --git a/packages/core/src/client.ts b/packages/core/src/client.ts index 1ed447ab802d..588c8a62e97e 100644 --- a/packages/core/src/client.ts +++ b/packages/core/src/client.ts @@ -49,6 +49,7 @@ import { safeMathRandom } from './utils/randomSafeContext'; import { reparentChildSpans, shouldIgnoreSpan } from './utils/should-ignore-span'; import { showSpanDropWarning } from './utils/spanUtils'; import { rejectedSyncPromise } from './utils/syncpromise'; +import { safeUnref } from './utils/timer'; import { convertSpanJsonToTransactionEvent, convertTransactionEventToSpanJson } from './utils/transactionEvent'; const ALREADY_SEEN_ERROR = "Not capturing exception because it's already been captured."; @@ -137,11 +138,14 @@ function setupWeightBasedFlushing< // This prevents flushing being delayed by items that arrive close to the timeout limit // and thus resetting the flushing timeout and delaying items being flushed. isTimerActive = true; - flushTimeout = setTimeout(() => { - flushFn(client); - // Note: isTimerActive is reset by the flushHook handler above, not here, - // to avoid race conditions when new items arrive during the flush. - }, DEFAULT_FLUSH_INTERVAL); + // Use safeUnref so the timer doesn't prevent the process from exiting + flushTimeout = safeUnref( + setTimeout(() => { + flushFn(client); + // Note: isTimerActive is reset by the flushHook handler above, not here, + // to avoid race conditions when new items arrive during the flush. + }, DEFAULT_FLUSH_INTERVAL), + ); } }); diff --git a/packages/core/test/lib/client.test.ts b/packages/core/test/lib/client.test.ts index 21aab0ea609b..014ffe8ebbe1 100644 --- a/packages/core/test/lib/client.test.ts +++ b/packages/core/test/lib/client.test.ts @@ -23,6 +23,7 @@ import type { SpanJSON } from '../../src/types-hoist/span'; import * as debugLoggerModule from '../../src/utils/debug-logger'; import * as miscModule from '../../src/utils/misc'; import * as timeModule from '../../src/utils/time'; +import * as timerModule from '../../src/utils/timer'; import { getDefaultTestClientOptions, TestClient } from '../mocks/client'; import { AdHocIntegration, AsyncTestIntegration, TestIntegration } from '../mocks/integration'; import { makeFakeTransport } from '../mocks/transport'; @@ -3076,6 +3077,27 @@ describe('Client', () => { expect(sendEnvelopeSpy).not.toHaveBeenCalled(); }); + + it('uses safeUnref on flush timer to not block process exit', () => { + const safeUnrefSpy = vi.spyOn(timerModule, 'safeUnref'); + + const options = getDefaultTestClientOptions({ + dsn: PUBLIC_DSN, + enableLogs: true, + }); + const client = new TestClient(options); + const scope = new Scope(); + scope.setClient(client); + + // Capture a log which will start the flush timer + _INTERNAL_captureLog({ message: 'test log', level: 'info' }, scope); + + // Verify safeUnref was called on the timer + expect(safeUnrefSpy).toHaveBeenCalledTimes(1); + expect(safeUnrefSpy).toHaveBeenCalledWith(expect.anything()); + + safeUnrefSpy.mockRestore(); + }); }); describe('metric weight-based flushing', () => { @@ -3142,6 +3164,26 @@ describe('Client', () => { expect(sendEnvelopeSpy).toHaveBeenCalledTimes(1); }); + + it('uses safeUnref on flush timer to not block process exit', () => { + const safeUnrefSpy = vi.spyOn(timerModule, 'safeUnref'); + + const options = getDefaultTestClientOptions({ + dsn: PUBLIC_DSN, + }); + const client = new TestClient(options); + const scope = new Scope(); + scope.setClient(client); + + // Capture a metric which will start the flush timer + _INTERNAL_captureMetric({ name: 'test_metric', value: 42, type: 'counter', attributes: {} }, { scope }); + + // Verify safeUnref was called on the timer + expect(safeUnrefSpy).toHaveBeenCalledTimes(1); + expect(safeUnrefSpy).toHaveBeenCalledWith(expect.anything()); + + safeUnrefSpy.mockRestore(); + }); }); describe('promise buffer usage', () => { From b458a8119ea2ae54d7fcc0003e386cb2895698f8 Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Thu, 5 Feb 2026 12:53:03 +0100 Subject: [PATCH 32/80] chore(llm): Add skill for fixing security vulnerabilities (#19178) Adds `/fix-security-vulnerability` skill that analyzes Dependabot alerts and proposes fixes. - Fetches alert details via gh api - Uses yarn why to trace dependency origin - Identifies version-specific test packages that shouldn't be bumped (e.g., nextjs-13) - For transitive deps, recommends bumping the parent package rather than using resolutions - Presents analysis and waits for approval before making changes - Runs dedupe-deps:fix and dedupe-deps:check after updates - Never auto-commits --- .../fix-security-vulnerability/SKILL.md | 232 ++++++++++++++++++ 1 file changed, 232 insertions(+) create mode 100644 .claude/skills/fix-security-vulnerability/SKILL.md diff --git a/.claude/skills/fix-security-vulnerability/SKILL.md b/.claude/skills/fix-security-vulnerability/SKILL.md new file mode 100644 index 000000000000..9d1f7c4df799 --- /dev/null +++ b/.claude/skills/fix-security-vulnerability/SKILL.md @@ -0,0 +1,232 @@ +--- +name: fix-security-vulnerability +description: Analyze and propose fixes for Dependabot security alerts +argument-hint: +--- + +# Fix Security Vulnerability Skill + +Analyze Dependabot security alerts and propose fixes. **Does NOT auto-commit** - always presents analysis first and waits for user approval. + +## Input + +- Dependabot URL: `https://github.com/getsentry/sentry-javascript/security/dependabot/1046` +- Or just the alert number: `1046` + +## Workflow + +### Step 1: Fetch Vulnerability Details + +```bash +gh api repos/getsentry/sentry-javascript/dependabot/alerts/ +``` + +Extract: package name, vulnerable/patched versions, CVE ID, severity, description. + +### Step 2: Analyze Dependency Tree + +```bash +yarn why +``` + +Determine if it's a direct or transitive dependency, and whether it's production or dev. + +### Step 3: Determine Fix Strategy + +#### Check for version-specific test packages + +Many packages in `dev-packages/e2e-tests/test-applications/` intentionally pin specific versions: + +- `nextjs-13` - Tests Next.js 13.x, should NOT bump to 14 +- `remix-2` - Tests Remix 2.x specifically + +**Do NOT bump these.** Recommend dismissing the alert with an explanation. + +#### For other dependencies + +| Type | Action | +| --------------------- | ----------------------------------- | +| Patch bump available | Preferred - lowest risk | +| Minor bump needed | Usually safe | +| Major bump needed | Analyze breaking changes first | +| Transitive dependency | Bump the parent package (see below) | + +### Step 3a: Transitive Dependencies + +If the vulnerable package is pulled in by another package: + +**1. Identify and check the parent:** + +```bash +yarn why +npm view @latest dependencies. +``` + +**2. Fix approach:** + +| Scenario | Action | +| --------------------------------- | ------------------------------- | +| Parent has newer version with fix | **Bump the parent** | +| Parent hasn't released fix | Wait, or open an issue upstream | +| We control the parent | Fix in parent package first | + +**AVOID RESOLUTIONS.** Using `resolutions` to force a transitive dependency version is risky - it can break the parent package silently. Only consider resolutions if: + +- No upstream fix exists AND it's a production-critical vulnerability +- The forced version is a patch/minor bump (not major) +- You've manually verified compatibility + +In most cases, it's better to wait for an upstream fix or accept the risk for dev-only dependencies than to use resolutions. + +### Step 4: Present Analysis + +Present findings and **wait for user approval** before making changes: + +``` +## Security Vulnerability Analysis + +**Package:** | **Severity:** | **CVE:** +**Vulnerable:** | **Patched:** + +### Dependency Chain + + +### Recommendation + + +### Proposed Fix +1. Update : "": "" +2. yarn install && yarn dedupe-deps:fix +3. Verify with: yarn why + +Proceed? +``` + +### Step 5: Apply Fix (After Approval) + +```bash +# 1. Edit package.json +# 2. Update lockfile +yarn install +# 3. Deduplicate +yarn dedupe-deps:fix +# 4. Verify +yarn dedupe-deps:check +yarn why +# 5. Show changes +git diff +``` + +**Do NOT commit** - let the user review first. + +### Step 5 (Alternative): Dismiss Alert + +For alerts that should not be fixed (e.g., version-specific test packages), offer to dismiss instead. + +**Always get user approval first.** Present the dismissal option: + +``` +This alert should be dismissed rather than fixed because: +- + +Dismiss with reason: +Comment: "" + +Proceed with dismissal? +``` + +**After user approval**, dismiss via GitHub API: + +```bash +gh api --method PATCH repos/getsentry/sentry-javascript/dependabot/alerts/ \ + -f state=dismissed \ + -f dismissed_reason= \ + -f dismissed_comment="" +``` + +**Dismissal reasons:** + +| Reason | When to use | +| ---------------- | -------------------------------------------- | +| `tolerable_risk` | Dev-only dependency, risk accepted | +| `no_bandwidth` | Will fix later, not urgent | +| `inaccurate` | False positive, not actually vulnerable | +| `not_used` | Vulnerable code path is not used in our code | + +## Commands Reference + +| Command | Purpose | +| ------------------------------------------------------------------------------------------------- | ---------------------------- | +| `yarn why ` | Show dependency tree | +| `yarn dedupe-deps:fix` | Fix duplicates in yarn.lock | +| `yarn dedupe-deps:check` | Verify no duplicate issues | +| `gh api repos/getsentry/sentry-javascript/dependabot/alerts/` | Fetch alert | +| `gh api --method PATCH .../dependabot/alerts/ -f state=dismissed -f dismissed_reason=` | Dismiss alert | +| `npm view @latest dependencies.` | Check transitive dep version | + +## Examples + +### Dev dependency - safe to bump + +``` +Package: mongoose +Location: dev-packages/node-integration-tests/package.json +Type: Dev dependency (tests OTel instrumentation) + +Recommendation: Safe to bump 5.x → 6.x +- Not version-specific, just tests instrumentation works +- OTel instrumentation supports mongoose 5.x-8.x +``` + +### Version-specific test - dismiss instead + +``` +Package: next +Location: dev-packages/e2e-tests/test-applications/nextjs-13/package.json + +Recommendation: DISMISS (do not bump) +This app specifically tests Next.js 13 compatibility. +Vulnerability only affects CI, not shipped code. + +Proposed dismissal: + Reason: tolerable_risk + Comment: "Version-specific E2E test for Next.js 13 - intentionally pinned" + +Proceed with dismissal? +``` + +### Transitive dependency - bump parent + +``` +Package: vulnerable-lib@1.9.0 (needs >=2.0.1) +Chain: @sentry/node → @otel/instrumentation-foo@0.45.0 → vulnerable-lib + +Check: npm view @otel/instrumentation-foo@latest dependencies.vulnerable-lib +Result: "^2.0.1" ✓ + +Recommendation: Bump @otel/instrumentation-foo 0.45.0 → 0.47.0 +This pulls in the patched vulnerable-lib automatically. +``` + +### Transitive dependency - no fix available + +``` +Package: deep-lib@2.9.0 (needs >=3.0.0) +Chain: @sentry/node → parent-pkg → middleware → deep-lib + +No upstream fix available yet. Options: +1. Wait for upstream fix (preferred) +2. Accept risk if dev-only +3. Consider alternative package if production-critical + +AVOID using resolutions unless absolutely necessary. +``` + +## Important Notes + +- **Never auto-commit** - Always wait for user review +- **Version-specific tests should not be bumped** - They exist to test specific versions +- **Dev vs Prod matters** - Dev-only vulnerabilities are lower priority +- **Bump parents, not transitive deps** - If A depends on vulnerable B, bump A +- **Avoid resolutions** - They bypass the parent's dependency constraints and can cause subtle breakage +- **Always verify** - Run `yarn why ` after fixing to confirm the patched version is installed From e45312ccda47c98417df0453845a54da8d4a209b Mon Sep 17 00:00:00 2001 From: Rola Abuhasna Date: Thu, 5 Feb 2026 15:32:32 +0200 Subject: [PATCH 33/80] chore: Add cursor rules for AI integrations contributions (#19167) This PR adds `.cursor/rules/adding-a-new-ai-integration.mdc`, a complete reference guide for implementing AI provider integrations (OpenAI, Anthropic, Vercel AI, LangChain, etc.) in the Sentry JavaScript SDK. Closes #19168 (added automatically) --- .cursor/rules/adding-a-new-ai-integration.mdc | 351 ++++++++++++++++++ .cursor/rules/sdk_development.mdc | 8 + 2 files changed, 359 insertions(+) create mode 100644 .cursor/rules/adding-a-new-ai-integration.mdc diff --git a/.cursor/rules/adding-a-new-ai-integration.mdc b/.cursor/rules/adding-a-new-ai-integration.mdc new file mode 100644 index 000000000000..bfef95f6a1a1 --- /dev/null +++ b/.cursor/rules/adding-a-new-ai-integration.mdc @@ -0,0 +1,351 @@ +--- +description: Guidelines for contributing a new Sentry JavaScript SDK AI integration. +alwaysApply: true +--- + +# Adding a New AI Integration + +Use these guidelines when contributing a new Sentry JavaScript SDK AI integration. + +## Quick Decision Tree + +**CRITICAL** + +``` +Does the AI SDK have native OpenTelemetry support? +├─ YES → Does it emit OTel spans automatically? +│ ├─ YES (like Vercel AI) → Pattern 1: OTEL Span Processors +│ └─ NO → Pattern 2: OTEL Instrumentation (wrap client) +└─ NO → Does the SDK provide hooks/callbacks? + ├─ YES (like LangChain) → Pattern 3: Callback/Hook Based + └─ NO → Pattern 4: Client Wrapping + +Multi-runtime considerations: +- Node.js: Use OpenTelemetry instrumentation +- Edge (Cloudflare/Vercel): No OTel, processors only or manual wrapping +``` + +--- + +## Span Hierarchy + +**Two span types:** + +- `gen_ai.invoke_agent` - Parent/pipeline spans (chains, agents, orchestration) +- `gen_ai.chat`, `gen_ai.generate_text`, etc. - Child spans (actual LLM calls) + +**Hierarchy example:** + +``` +gen_ai.invoke_agent (ai.generateText) + └── gen_ai.generate_text (ai.generateText.doGenerate) +``` + +**References:** + +- Vercel AI: `packages/core/src/tracing/vercel-ai/constants.ts` +- LangChain: `onChainStart` callback in `packages/core/src/tracing/langchain/index.ts` + +--- + +## Streaming vs Non-Streaming + +**Non-streaming:** Use `startSpan()`, set attributes immediately from response + +**Streaming:** Use `startSpanManual()` and prefer event listeners/hooks when available (like Anthropic's `stream.on()`). If not available, use async generator pattern: + +```typescript +interface StreamingState { + responseTexts: string[]; // Accumulate fragments + promptTokens: number | undefined; + completionTokens: number | undefined; + // ... +} + +async function* instrumentStream(stream, span, recordOutputs) { + const state: StreamingState = { responseTexts: [], ... }; + try { + for await (const event of stream) { + processEvent(event, state, recordOutputs); // Accumulate data + yield event; // Pass through + } + } finally { + setTokenUsageAttributes(span, state.promptTokens, state.completionTokens); + span.setAttributes({ [GEN_AI_RESPONSE_STREAMING_ATTRIBUTE]: true }); + span.end(); // MUST call manually + } +} +``` + +**Key rules:** + +- Accumulate with arrays/strings, don't overwrite +- Set `GEN_AI_RESPONSE_STREAMING_ATTRIBUTE: true` +- Call `span.end()` in finally block + +**Detection:** Check request parameters for `stream: true` to determine if response will be streamed. + +**References:** + +- OpenAI async generator: `instrumentStream` in `packages/core/src/tracing/openai/streaming.ts` +- Anthropic event listeners: `instrumentMessageStream` in `packages/core/src/tracing/anthropic-ai/streaming.ts` +- Detection logic: Check `params.stream === true` in `packages/core/src/tracing/openai/index.ts` + +--- + +## Token Accumulation + +**Child spans (LLM calls):** Set tokens directly from API response + +```typescript +setTokenUsageAttributes(span, inputTokens, outputTokens, totalTokens); +``` + +**Parent spans (invoke_agent):** Accumulate from children using event processor + +```typescript +// First pass: accumulate from children +for (const span of event.spans) { + if (span.parent_span_id && isGenAiOperationSpan(span)) { + accumulateTokensForParent(span, tokenAccumulator); + } +} + +// Second pass: apply to invoke_agent parents +for (const span of event.spans) { + if (span.op === 'gen_ai.invoke_agent') { + applyAccumulatedTokens(span, tokenAccumulator); + } +} +``` + +**Reference:** `vercelAiEventProcessor` and `accumulateTokensForParent` in `packages/core/src/tracing/vercel-ai/` + +--- + +## Shared Utilities + +Location: `packages/core/src/tracing/ai/` + +### `gen-ai-attributes.ts` + +OpenTelemetry Semantic Convention attribute names. **Always use these constants!** + +- `GEN_AI_SYSTEM_ATTRIBUTE` - 'openai', 'anthropic', etc. +- `GEN_AI_REQUEST_MODEL_ATTRIBUTE` - Model from request +- `GEN_AI_RESPONSE_MODEL_ATTRIBUTE` - Model from response +- `GEN_AI_INPUT_MESSAGES_ATTRIBUTE` - Input (requires recordInputs) +- `GEN_AI_RESPONSE_TEXT_ATTRIBUTE` - Output (requires recordOutputs) +- `GEN_AI_USAGE_INPUT_TOKENS_ATTRIBUTE` - Token counts +- `GEN_AI_OPERATION_NAME_ATTRIBUTE` - 'chat', 'embeddings', etc. + +### `utils.ts` + +- `setTokenUsageAttributes()` - Set token usage on span +- `getTruncatedJsonString()` - Truncate for attributes +- `truncateGenAiMessages()` - Truncate message arrays +- `buildMethodPath()` - Build method path from traversal + +--- + +## Pattern 1: OTEL Span Processors + +**Use when:** SDK emits OTel spans automatically (Vercel AI) + +### Key Steps + +1. **Core:** Create `add{Provider}Processors()` in `packages/core/src/tracing/{provider}/index.ts` + - Registers `spanStart` listener + event processor + - Post-processes spans to match semantic conventions + +2. **Node.js:** Add performance optimization in `packages/node/src/integrations/tracing/{provider}/index.ts` + - Use `callWhenPatched()` to defer processor registration + - Only register when package is actually imported (see `vercelAIIntegration` function) + +3. **Edge:** Direct registration in `packages/cloudflare/src/integrations/tracing/{provider}.ts` + - No OTel patching available + - Just call `add{Provider}Processors()` immediately + +**Reference:** `packages/node/src/integrations/tracing/vercelai/` + +--- + +## Pattern 2: OTEL Instrumentation (Client Wrapping) + +**Use when:** SDK has NO native OTel support (OpenAI, Anthropic, Google GenAI) + +### Key Steps + +1. **Core:** Create `instrument{Provider}Client()` in `packages/core/src/tracing/{provider}/index.ts` + - Use Proxy to wrap client methods recursively + - Create spans manually with `startSpan()` or `startSpanManual()` + +2. **Node.js Instrumentation:** Patch module exports in `instrumentation.ts` + - Wrap client constructor + - Check `_INTERNAL_shouldSkipAiProviderWrapping()` (for LangChain) + - See `instrumentOpenAi` in `packages/node/src/integrations/tracing/openai/instrumentation.ts` + +3. **Node.js Integration:** Export instrumentation function + - Use `generateInstrumentOnce()` helper + - See `openAIIntegration` in `packages/node/src/integrations/tracing/openai/index.ts` + +**Reference:** `packages/node/src/integrations/tracing/openai/` + +--- + +## Pattern 3: Callback/Hook Based + +**Use when:** SDK provides lifecycle hooks (LangChain, LangGraph) + +### Key Steps + +1. **Core:** Create `create{Provider}CallbackHandler()` in `packages/core/src/tracing/{provider}/index.ts` + - Implement SDK's callback interface + - Create spans in callback methods + +2. **Node.js Instrumentation:** Auto-inject callbacks + - Patch runnable methods to add handler automatically + - **Important:** Disable underlying AI provider wrapping (see `instrumentLangchain` in `packages/node/src/integrations/tracing/langchain/instrumentation.ts`) + +**Reference:** `packages/node/src/integrations/tracing/langchain/` + +--- + +## Auto-Instrumentation (Out-of-the-Box Support) + +**RULE:** AI SDKs should be auto-enabled in Node.js runtime if possible. + +✅ **Auto-enable if:** + +- SDK works in Node.js runtime +- OTel only patches when package imported (zero cost if unused) + +❌ **Don't auto-enable if:** + +- SDK is niche/experimental +- Integration has significant limitations + +### Steps to Auto-Enable + +**1. Add to auto performance integrations** + +Location: `packages/node/src/integrations/tracing/index.ts` + +```typescript +export function getAutoPerformanceIntegrations(): Integration[] { + return [ + // AI providers - IMPORTANT: LangChain MUST come first! + langChainIntegration(), // Disables underlying providers + langGraphIntegration(), + vercelAIIntegration(), + openAIIntegration(), + anthropicAIIntegration(), + googleGenAIIntegration(), + {provider}Integration(), // <-- Add here + ]; +} +``` + +**2. Add to preload instrumentation** + +```typescript +export function getOpenTelemetryInstrumentationToPreload() { + return [ + instrumentOpenAi, + instrumentAnthropicAi, + instrument{Provider}, // <-- Add here + ]; +} +``` + +**3. Export from package index** + +```typescript +// packages/node/src/index.ts +export { {provider}Integration } from './integrations/tracing/{provider}'; +export type { {Provider}Options } from './integrations/tracing/{provider}'; + +// If browser-compatible: packages/browser/src/index.ts +export { {provider}Integration } from './integrations/tracing/{provider}'; +``` + +**4. Add E2E test** in `packages/node-integration-tests/suites/{provider}/` + +- Verify spans created automatically (no manual setup) +- Test `recordInputs` and `recordOutputs` options +- Test integration can be disabled + +--- + +## Directory Structure + +``` +packages/ +├── core/src/tracing/ +│ ├── ai/ # Shared utilities +│ │ ├── gen-ai-attributes.ts +│ │ ├── utils.ts +│ │ └── messageTruncation.ts +│ └── {provider}/ # Provider-specific +│ ├── index.ts # Main logic +│ ├── types.ts +│ ├── constants.ts +│ └── streaming.ts +│ +├── node/src/integrations/tracing/{provider}/ +│ ├── index.ts # Integration definition +│ └── instrumentation.ts # OTel instrumentation +│ +├── cloudflare/src/integrations/tracing/ +│ └── {provider}.ts # Single file +│ +└── vercel-edge/src/integrations/tracing/ + └── {provider}.ts # Single file +``` + +--- + +## Key Best Practices + +1. **Respect `sendDefaultPii`** for recordInputs/recordOutputs +2. **Use semantic attributes** from `gen-ai-attributes.ts` (never hardcode) +3. **Set Sentry origin**: `SEMANTIC_ATTRIBUTE_SENTRY_ORIGIN = 'auto.ai.openai'` (use provider name: `openai`, `anthropic`, `vercelai`, etc. - only alphanumerics, `_`, and `.` allowed) +4. **Truncate large data**: Use helper functions from `utils.ts` +5. **Correct span operations**: `gen_ai.invoke_agent` for parent, `gen_ai.chat` for children +6. **Streaming**: Use `startSpanManual()`, accumulate state, call `span.end()` +7. **Token accumulation**: Direct on child spans, accumulate on parent from children +8. **Performance**: Use `callWhenPatched()` for Pattern 1 +9. **LangChain**: Check `_INTERNAL_shouldSkipAiProviderWrapping()` in Pattern 2 + +--- + +## Reference Implementations + +- **Pattern 1 (Span Processors):** `packages/node/src/integrations/tracing/vercelai/` +- **Pattern 2 (Client Wrapping):** `packages/node/src/integrations/tracing/openai/` +- **Pattern 3 (Callback/Hooks):** `packages/node/src/integrations/tracing/langchain/` + +--- + +## Auto-Instrumentation Checklist + +- [ ] Added to `getAutoPerformanceIntegrations()` in correct order +- [ ] Added to `getOpenTelemetryInstrumentationToPreload()` +- [ ] Exported from `packages/node/src/index.ts` +- [ ] **If browser-compatible:** Exported from `packages/browser/src/index.ts` +- [ ] Added E2E test in `packages/node-integration-tests/suites/{provider}/` +- [ ] E2E test verifies auto-instrumentation +- [ ] JSDoc says "enabled by default" or "not enabled by default" +- [ ] Documented how to disable (if auto-enabled) +- [ ] Documented limitations clearly +- [ ] Verified OTel only patches when package imported + +--- + +## Questions? + +1. Look at reference implementations above +2. Check shared utilities in `packages/core/src/tracing/ai/` +3. Review OpenTelemetry Semantic Conventions: https://opentelemetry.io/docs/specs/semconv/gen-ai/ + +**When in doubt, follow the pattern of the most similar existing integration!** diff --git a/.cursor/rules/sdk_development.mdc b/.cursor/rules/sdk_development.mdc index c997b65f5482..b12d13929c68 100644 --- a/.cursor/rules/sdk_development.mdc +++ b/.cursor/rules/sdk_development.mdc @@ -78,6 +78,14 @@ This is a Lerna monorepo with 40+ packages in the `@sentry/*` namespace. - Client/server entry points where applicable (nextjs, nuxt, sveltekit) - Integration tests use Playwright (Remix, browser-integration-tests) +### AI Integrations + +- `packages/core/src/tracing/{provider}/` - Core instrumentation logic (OpenAI, Anthropic, Vercel AI, LangChain, etc.) +- `packages/node/src/integrations/tracing/{provider}/` - Node.js-specific integration + OTel instrumentation +- `packages/cloudflare/src/integrations/tracing/{provider}.ts` - Edge runtime support +- Patterns: OTEL Span Processors, Client Wrapping, Callback/Hook Based +- See `.cursor/rules/adding-a-new-ai-integration.mdc` for implementation guide + ### User Experience Packages - `packages/replay-internal/` - Session replay functionality From a04e10bd21885ad2b32920e018f7c87b3d0d9b76 Mon Sep 17 00:00:00 2001 From: Sigrid <32902192+s1gr1d@users.noreply.github.com> Date: Thu, 5 Feb 2026 15:07:18 +0100 Subject: [PATCH 34/80] feat(hono): Add base for Sentry Hono middleware (Cloudflare) (#18787) Exporting a hono middleware for applications on Cloudflare with `@sentry/hono/cloudflare`. This is the base setup for continuing work on this SDK. It adds the export and some integration tests. Internal tracking issue: https://linear.app/getsentry/issue/FE-655/hono-add-cloudflare-support-1 --- .../cloudflare-integration-tests/expect.ts | 19 +-- .../cloudflare-integration-tests/package.json | 1 + .../{hono/basic => hono-integration}/index.ts | 2 +- .../{hono/basic => hono-integration}/test.ts | 8 +- .../basic => hono-integration}/wrangler.jsonc | 0 .../suites/hono-sdk/index.ts | 38 ++++++ .../suites/hono-sdk/test.ts | 99 ++++++++++++++ .../suites/hono-sdk/wrangler.jsonc | 7 + .../e2e-tests/verdaccio-config/config.yaml | 6 + package.json | 1 + packages/hono/.eslintrc.js | 9 ++ packages/hono/LICENSE | 21 +++ packages/hono/README.md | 58 ++++++++ packages/hono/package.json | 100 ++++++++++++++ packages/hono/rollup.npm.config.mjs | 21 +++ packages/hono/src/cloudflare/middleware.ts | 25 ++++ packages/hono/src/index.cloudflare.ts | 1 + packages/hono/src/index.ts | 1 + packages/hono/src/index.types.ts | 1 + .../hono/src/shared/middlewareHandlers.ts | 43 ++++++ packages/hono/src/utils/hono-context.ts | 15 ++ .../hono/test/cloudflare/middleware.test.ts | 128 ++++++++++++++++++ packages/hono/tsconfig.json | 10 ++ packages/hono/tsconfig.test.json | 9 ++ packages/hono/tsconfig.types.json | 10 ++ packages/hono/vite.config.ts | 6 + yarn.lock | 69 ++++++++++ 27 files changed, 695 insertions(+), 13 deletions(-) rename dev-packages/cloudflare-integration-tests/suites/{hono/basic => hono-integration}/index.ts (89%) rename dev-packages/cloudflare-integration-tests/suites/{hono/basic => hono-integration}/test.ts (87%) rename dev-packages/cloudflare-integration-tests/suites/{hono/basic => hono-integration}/wrangler.jsonc (100%) create mode 100644 dev-packages/cloudflare-integration-tests/suites/hono-sdk/index.ts create mode 100644 dev-packages/cloudflare-integration-tests/suites/hono-sdk/test.ts create mode 100644 dev-packages/cloudflare-integration-tests/suites/hono-sdk/wrangler.jsonc create mode 100644 packages/hono/.eslintrc.js create mode 100644 packages/hono/LICENSE create mode 100644 packages/hono/README.md create mode 100644 packages/hono/package.json create mode 100644 packages/hono/rollup.npm.config.mjs create mode 100644 packages/hono/src/cloudflare/middleware.ts create mode 100644 packages/hono/src/index.cloudflare.ts create mode 100644 packages/hono/src/index.ts create mode 100644 packages/hono/src/index.types.ts create mode 100644 packages/hono/src/shared/middlewareHandlers.ts create mode 100644 packages/hono/src/utils/hono-context.ts create mode 100644 packages/hono/test/cloudflare/middleware.test.ts create mode 100644 packages/hono/tsconfig.json create mode 100644 packages/hono/tsconfig.test.json create mode 100644 packages/hono/tsconfig.types.json create mode 100644 packages/hono/vite.config.ts diff --git a/dev-packages/cloudflare-integration-tests/expect.ts b/dev-packages/cloudflare-integration-tests/expect.ts index 11631832852b..b33926ffce11 100644 --- a/dev-packages/cloudflare-integration-tests/expect.ts +++ b/dev-packages/cloudflare-integration-tests/expect.ts @@ -19,13 +19,13 @@ function dropUndefinedKeys>(obj: T): T { return obj; } -function getSdk(): SdkInfo { +function getSdk(sdk: 'cloudflare' | 'hono'): SdkInfo { return { integrations: expect.any(Array), - name: 'sentry.javascript.cloudflare', + name: `sentry.javascript.${sdk}`, packages: [ { - name: 'npm:@sentry/cloudflare', + name: `npm:@sentry/${sdk}`, version: SDK_VERSION, }, ], @@ -46,24 +46,27 @@ function defaultContexts(eventContexts: Contexts = {}): Contexts { }); } -export function expectedEvent(event: Event): Event { +export function expectedEvent(event: Event, { sdk }: { sdk: 'cloudflare' | 'hono' }): Event { return dropUndefinedKeys({ event_id: UUID_MATCHER, timestamp: expect.any(Number), environment: 'production', platform: 'javascript', - sdk: getSdk(), + sdk: getSdk(sdk), ...event, contexts: defaultContexts(event.contexts), }); } -export function eventEnvelope(event: Event, includeSampleRand = false): Envelope { +export function eventEnvelope( + event: Event, + { includeSampleRand = false, sdk = 'cloudflare' }: { includeSampleRand?: boolean; sdk?: 'cloudflare' | 'hono' } = {}, +): Envelope { return [ { event_id: UUID_MATCHER, sent_at: ISO_DATE_MATCHER, - sdk: { name: 'sentry.javascript.cloudflare', version: SDK_VERSION }, + sdk: { name: `sentry.javascript.${sdk}`, version: SDK_VERSION }, trace: { environment: event.environment || 'production', public_key: 'public', @@ -74,6 +77,6 @@ export function eventEnvelope(event: Event, includeSampleRand = false): Envelope transaction: expect.any(String), }, }, - [[{ type: 'event' }, expectedEvent(event)]], + [[{ type: 'event' }, expectedEvent(event, { sdk })]], ]; } diff --git a/dev-packages/cloudflare-integration-tests/package.json b/dev-packages/cloudflare-integration-tests/package.json index fbeaa52b65d4..ee5d883ae4c1 100644 --- a/dev-packages/cloudflare-integration-tests/package.json +++ b/dev-packages/cloudflare-integration-tests/package.json @@ -15,6 +15,7 @@ "dependencies": { "@langchain/langgraph": "^1.0.1", "@sentry/cloudflare": "10.38.0", + "@sentry/hono": "10.38.0", "hono": "^4.11.7" }, "devDependencies": { diff --git a/dev-packages/cloudflare-integration-tests/suites/hono/basic/index.ts b/dev-packages/cloudflare-integration-tests/suites/hono-integration/index.ts similarity index 89% rename from dev-packages/cloudflare-integration-tests/suites/hono/basic/index.ts rename to dev-packages/cloudflare-integration-tests/suites/hono-integration/index.ts index 6daae5f3f141..ee7d18338306 100644 --- a/dev-packages/cloudflare-integration-tests/suites/hono/basic/index.ts +++ b/dev-packages/cloudflare-integration-tests/suites/hono-integration/index.ts @@ -16,7 +16,7 @@ app.get('/json', c => { }); app.get('/error', () => { - throw new Error('Test error from Hono app'); + throw new Error('Test error from Hono app (Sentry Cloudflare SDK)'); }); app.get('/hello/:name', c => { diff --git a/dev-packages/cloudflare-integration-tests/suites/hono/basic/test.ts b/dev-packages/cloudflare-integration-tests/suites/hono-integration/test.ts similarity index 87% rename from dev-packages/cloudflare-integration-tests/suites/hono/basic/test.ts rename to dev-packages/cloudflare-integration-tests/suites/hono-integration/test.ts index 727d61cca130..0cf4f1dec328 100644 --- a/dev-packages/cloudflare-integration-tests/suites/hono/basic/test.ts +++ b/dev-packages/cloudflare-integration-tests/suites/hono-integration/test.ts @@ -1,6 +1,6 @@ import { expect, it } from 'vitest'; -import { eventEnvelope } from '../../../expect'; -import { createRunner } from '../../../runner'; +import { eventEnvelope } from '../../expect'; +import { createRunner } from '../../runner'; it('Hono app captures errors', async ({ signal }) => { const runner = createRunner(__dirname) @@ -14,7 +14,7 @@ it('Hono app captures errors', async ({ signal }) => { values: [ { type: 'Error', - value: 'Test error from Hono app', + value: 'Test error from Hono app (Sentry Cloudflare SDK)', stacktrace: { frames: expect.any(Array), }, @@ -28,7 +28,7 @@ it('Hono app captures errors', async ({ signal }) => { url: expect.any(String), }, }, - true, + { includeSampleRand: true }, ), ) // Second envelope: transaction event diff --git a/dev-packages/cloudflare-integration-tests/suites/hono/basic/wrangler.jsonc b/dev-packages/cloudflare-integration-tests/suites/hono-integration/wrangler.jsonc similarity index 100% rename from dev-packages/cloudflare-integration-tests/suites/hono/basic/wrangler.jsonc rename to dev-packages/cloudflare-integration-tests/suites/hono-integration/wrangler.jsonc diff --git a/dev-packages/cloudflare-integration-tests/suites/hono-sdk/index.ts b/dev-packages/cloudflare-integration-tests/suites/hono-sdk/index.ts new file mode 100644 index 000000000000..63464d4e2237 --- /dev/null +++ b/dev-packages/cloudflare-integration-tests/suites/hono-sdk/index.ts @@ -0,0 +1,38 @@ +import { sentry } from '@sentry/hono/cloudflare'; +import { Hono } from 'hono'; + +interface Env { + SENTRY_DSN: string; +} + +const app = new Hono<{ Bindings: Env }>(); + +app.use( + '*', + sentry(app, { + dsn: process.env.SENTRY_DSN, + tracesSampleRate: 1.0, + debug: true, + // fixme - check out what removing this integration changes + // integrations: integrations => integrations.filter(integration => integration.name !== 'Hono'), + }), +); + +app.get('/', c => { + return c.text('Hello from Hono on Cloudflare!'); +}); + +app.get('/json', c => { + return c.json({ message: 'Hello from Hono', framework: 'hono', platform: 'cloudflare' }); +}); + +app.get('/error', () => { + throw new Error('Test error from Hono app'); +}); + +app.get('/hello/:name', c => { + const name = c.req.param('name'); + return c.text(`Hello, ${name}!`); +}); + +export default app; diff --git a/dev-packages/cloudflare-integration-tests/suites/hono-sdk/test.ts b/dev-packages/cloudflare-integration-tests/suites/hono-sdk/test.ts new file mode 100644 index 000000000000..9c1f3cda8d66 --- /dev/null +++ b/dev-packages/cloudflare-integration-tests/suites/hono-sdk/test.ts @@ -0,0 +1,99 @@ +import { expect, it } from 'vitest'; +import { eventEnvelope, SHORT_UUID_MATCHER, UUID_MATCHER } from '../../expect'; +import { createRunner } from '../../runner'; + +it('Hono app captures errors (Hono SDK)', async ({ signal }) => { + const runner = createRunner(__dirname) + .expect( + eventEnvelope( + { + level: 'error', + transaction: 'GET /error', + exception: { + values: [ + { + type: 'Error', + value: 'Test error from Hono app', + stacktrace: { + frames: expect.any(Array), + }, + mechanism: { type: 'auto.faas.hono.error_handler', handled: false }, + }, + ], + }, + request: { + headers: expect.any(Object), + method: 'GET', + url: expect.any(String), + }, + }, + { includeSampleRand: true, sdk: 'hono' }, + ), + ) + .expect(envelope => { + const [, envelopeItems] = envelope; + const [itemHeader, itemPayload] = envelopeItems[0]; + + expect(itemHeader.type).toBe('transaction'); + + expect(itemPayload).toMatchObject({ + type: 'transaction', + platform: 'javascript', + transaction: 'GET /error', + contexts: { + trace: { + span_id: expect.any(String), + trace_id: expect.any(String), + op: 'http.server', + status: 'internal_error', + origin: 'auto.http.cloudflare', + }, + }, + request: expect.objectContaining({ + method: 'GET', + url: expect.stringContaining('/error'), + }), + }); + }) + + .unordered() + .start(signal); + + await runner.makeRequest('get', '/error', { expectError: true }); + await runner.completed(); +}); + +it('Hono app captures parametrized names', async ({ signal }) => { + const runner = createRunner(__dirname) + .expect(envelope => { + const [, envelopeItems] = envelope; + const [itemHeader, itemPayload] = envelopeItems[0]; + + expect(itemHeader.type).toBe('transaction'); + + expect(itemPayload).toMatchObject({ + type: 'transaction', + platform: 'javascript', + transaction: 'GET /hello/:name', + contexts: { + trace: { + span_id: SHORT_UUID_MATCHER, + trace_id: UUID_MATCHER, + op: 'http.server', + status: 'ok', + origin: 'auto.http.cloudflare', + }, + }, + request: expect.objectContaining({ + method: 'GET', + url: expect.stringContaining('/hello/:name'), + }), + }); + }) + + .unordered() + .start(signal); + + await runner.makeRequest('get', '/hello/:name', { expectError: false }); + await runner.completed(); +}); diff --git a/dev-packages/cloudflare-integration-tests/suites/hono-sdk/wrangler.jsonc b/dev-packages/cloudflare-integration-tests/suites/hono-sdk/wrangler.jsonc new file mode 100644 index 000000000000..0e4895ca598f --- /dev/null +++ b/dev-packages/cloudflare-integration-tests/suites/hono-sdk/wrangler.jsonc @@ -0,0 +1,7 @@ +{ + "name": "hono-sdk-worker", + "compatibility_date": "2025-06-17", + "main": "index.ts", + "compatibility_flags": ["nodejs_compat"] +} + diff --git a/dev-packages/e2e-tests/verdaccio-config/config.yaml b/dev-packages/e2e-tests/verdaccio-config/config.yaml index 0773603b033e..6e57ee2ea812 100644 --- a/dev-packages/e2e-tests/verdaccio-config/config.yaml +++ b/dev-packages/e2e-tests/verdaccio-config/config.yaml @@ -86,6 +86,12 @@ packages: unpublish: $all # proxy: npmjs # Don't proxy for E2E tests! + '@sentry/hono': + access: $all + publish: $all + unpublish: $all + # proxy: npmjs # Don't proxy for E2E tests! + '@sentry/nestjs': access: $all publish: $all diff --git a/package.json b/package.json index 1264edd4db09..369704d843ab 100644 --- a/package.json +++ b/package.json @@ -64,6 +64,7 @@ "packages/feedback", "packages/gatsby", "packages/google-cloud-serverless", + "packages/hono", "packages/integration-shims", "packages/nestjs", "packages/nextjs", diff --git a/packages/hono/.eslintrc.js b/packages/hono/.eslintrc.js new file mode 100644 index 000000000000..6da218bd8641 --- /dev/null +++ b/packages/hono/.eslintrc.js @@ -0,0 +1,9 @@ +module.exports = { + env: { + node: true, + }, + extends: ['../../.eslintrc.js'], + rules: { + '@sentry-internal/sdk/no-class-field-initializers': 'off', + }, +}; diff --git a/packages/hono/LICENSE b/packages/hono/LICENSE new file mode 100644 index 000000000000..0ecae617386e --- /dev/null +++ b/packages/hono/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2026 Functional Software, Inc. dba Sentry + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +of the Software, and to permit persons to whom the Software is furnished to do +so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/packages/hono/README.md b/packages/hono/README.md new file mode 100644 index 000000000000..204123308319 --- /dev/null +++ b/packages/hono/README.md @@ -0,0 +1,58 @@ +

+ + Sentry + +

+ +# Official Sentry SDK for Hono (ALPHA) + +[![npm version](https://img.shields.io/npm/v/@sentry/hono.svg)](https://www.npmjs.com/package/@sentry/hono) +[![npm dm](https://img.shields.io/npm/dm/@sentry/hono.svg)](https://www.npmjs.com/package/@sentry/hono) +[![npm dt](https://img.shields.io/npm/dt/@sentry/hono.svg)](https://www.npmjs.com/package/@sentry/hono) + +## Links + +- [Official SDK Docs](https://docs.sentry.io/quickstart/) + +## Install + +To get started, first install the `@sentry/hono` package: + +```bash +npm install @sentry/hono +``` + +## Setup (Cloudflare Workers) + +### Enable Node.js compatibility + +Either set the `nodejs_compat` compatibility flags in your `wrangler.jsonc`/`wrangler.toml` config. This is because the SDK needs access to the `AsyncLocalStorage` API to work correctly. + +```jsonc {tabTitle:JSON} {filename:wrangler.jsonc} +{ + "compatibility_flags": ["nodejs_compat"], +} +``` + +```toml {tabTitle:Toml} {filename:wrangler.toml} +compatibility_flags = ["nodejs_compat"] +``` + +### Initialize Sentry in your Hono app + +Initialize the Sentry Hono middleware as early as possible in your app: + +```typescript +import { sentry } from '@sentry/hono/cloudflare'; + +const app = new Hono(); + +app.use( + '*', + sentry(app, { + dsn: 'your-sentry-dsn', + }), +); + +export default app; +``` diff --git a/packages/hono/package.json b/packages/hono/package.json new file mode 100644 index 000000000000..f6b42cb585c1 --- /dev/null +++ b/packages/hono/package.json @@ -0,0 +1,100 @@ +{ + "name": "@sentry/hono", + "version": "10.38.0", + "description": "Official Sentry SDK for Hono (ALPHA)", + "repository": "git://github.com/getsentry/sentry-javascript.git", + "homepage": "https://github.com/getsentry/sentry-javascript/tree/master/packages/hono", + "author": "Sentry", + "license": "MIT", + "engines": { + "node": ">=18" + }, + "files": [ + "/build" + ], + "main": "build/cjs/index.js", + "module": "build/esm/index.js", + "types": "build/types/index.d.ts", + "exports": { + "./package.json": "./package.json", + ".": { + "import": { + "types": "./build/types/index.d.ts", + "default": "./build/esm/index.js" + }, + "require": { + "types": "./build/types/index.d.ts", + "default": "./build/cjs/index.js" + } + }, + "./cloudflare": { + "import": { + "types": "./build/types/index.cloudflare.d.ts", + "default": "./build/esm/index.cloudflare.js" + }, + "require": { + "types": "./build/types/index.cloudflare.d.ts", + "default": "./build/cjs/index.cloudflare.js" + } + } + }, + "typesVersions": { + "<5.0": { + "build/types/index.d.ts": [ + "build/types-ts3.8/index.d.ts" + ], + "build/types/index.cloudflare.d.ts": [ + "build/types-ts3.8/index.cloudflare.d.ts" + ] + } + }, + "publishConfig": { + "access": "public" + }, + "dependencies": { + "@opentelemetry/api": "^1.9.0", + "@sentry/cloudflare": "10.38.0", + "@sentry/core": "10.38.0", + "@sentry/node": "10.38.0" + }, + "peerDependencies": { + "@cloudflare/workers-types": "^4.x", + "hono": "^4.x" + }, + "peerDependenciesMeta": { + "@cloudflare/workers-types": { + "optional": true + } + }, + "devDependencies": { + "@cloudflare/workers-types": "4.20250922.0", + "@types/node": "^18.19.1", + "wrangler": "4.62.0" + }, + "scripts": { + "build": "run-p build:transpile build:types", + "build:dev": "yarn build", + "build:transpile": "rollup -c rollup.npm.config.mjs", + "build:types": "run-s build:types:core build:types:downlevel", + "build:types:core": "tsc -p tsconfig.types.json", + "build:types:downlevel": "yarn downlevel-dts build/types build/types-ts3.8 --to ts3.8", + "build:watch": "run-p build:transpile:watch build:types:watch", + "build:dev:watch": "yarn build:watch", + "build:transpile:watch": "rollup -c rollup.npm.config.mjs --watch", + "build:types:watch": "tsc -p tsconfig.types.json --watch", + "build:tarball": "npm pack", + "circularDepCheck": "madge --circular src/index.ts", + "clean": "rimraf build coverage sentry-hono-*.tgz", + "fix": "eslint . --format stylish --fix", + "lint": "eslint . --format stylish", + "lint:es-compatibility": "es-check es2022 ./build/cjs/*.js && es-check es2022 ./build/esm/*.js --module", + "test": "yarn test:unit", + "test:unit": "vitest run", + "test:watch": "vitest --watch", + "yalc:publish": "yalc publish --push --sig" + }, + "volta": { + "extends": "../../package.json" + }, + "sideEffects": false +} diff --git a/packages/hono/rollup.npm.config.mjs b/packages/hono/rollup.npm.config.mjs new file mode 100644 index 000000000000..6f491584a9d0 --- /dev/null +++ b/packages/hono/rollup.npm.config.mjs @@ -0,0 +1,21 @@ +import { makeBaseNPMConfig, makeNPMConfigVariants } from '@sentry-internal/rollup-utils'; + +const baseConfig = makeBaseNPMConfig({ + entrypoints: ['src/index.ts', 'src/index.cloudflare.ts'], + packageSpecificConfig: { + output: { + preserveModulesRoot: 'src', + }, + }, +}); + +const defaultExternal = baseConfig.external; +baseConfig.external = id => { + if (defaultExternal.includes(id)) { + return true; + } + // Mark all hono subpaths as external + return !!(id === 'hono' || id.startsWith('hono/')); +}; + +export default [...makeNPMConfigVariants(baseConfig)]; diff --git a/packages/hono/src/cloudflare/middleware.ts b/packages/hono/src/cloudflare/middleware.ts new file mode 100644 index 000000000000..43f229a9a5f1 --- /dev/null +++ b/packages/hono/src/cloudflare/middleware.ts @@ -0,0 +1,25 @@ +import { withSentry } from '@sentry/cloudflare'; +import { applySdkMetadata, type BaseTransportOptions, debug, type Options } from '@sentry/core'; +import type { Context, Hono, MiddlewareHandler } from 'hono'; +import { requestHandler, responseHandler } from '../shared/middlewareHandlers'; + +export interface HonoOptions extends Options { + context?: Context; +} + +export const sentry = (app: Hono, options: HonoOptions | undefined = {}): MiddlewareHandler => { + const isDebug = options.debug; + + isDebug && debug.log('Initialized Sentry Hono middleware (Cloudflare)'); + + applySdkMetadata(options, 'hono'); + withSentry(() => options, app); + + return async (context, next) => { + requestHandler(context); + + await next(); // Handler runs in between Request above ⤴ and Response below ⤵ + + responseHandler(context); + }; +}; diff --git a/packages/hono/src/index.cloudflare.ts b/packages/hono/src/index.cloudflare.ts new file mode 100644 index 000000000000..cba517e1d295 --- /dev/null +++ b/packages/hono/src/index.cloudflare.ts @@ -0,0 +1 @@ +export { sentry } from './cloudflare/middleware'; diff --git a/packages/hono/src/index.ts b/packages/hono/src/index.ts new file mode 100644 index 000000000000..cb0ff5c3b541 --- /dev/null +++ b/packages/hono/src/index.ts @@ -0,0 +1 @@ +export {}; diff --git a/packages/hono/src/index.types.ts b/packages/hono/src/index.types.ts new file mode 100644 index 000000000000..cb0ff5c3b541 --- /dev/null +++ b/packages/hono/src/index.types.ts @@ -0,0 +1 @@ +export {}; diff --git a/packages/hono/src/shared/middlewareHandlers.ts b/packages/hono/src/shared/middlewareHandlers.ts new file mode 100644 index 000000000000..6edc58eb9939 --- /dev/null +++ b/packages/hono/src/shared/middlewareHandlers.ts @@ -0,0 +1,43 @@ +import { getIsolationScope } from '@sentry/cloudflare'; +import { + getActiveSpan, + getClient, + getDefaultIsolationScope, + getRootSpan, + updateSpanName, + winterCGRequestToRequestData, +} from '@sentry/core'; +import type { Context } from 'hono'; +import { routePath } from 'hono/route'; +import { hasFetchEvent } from '../utils/hono-context'; + +/** + * Request handler for Hono framework + */ +export function requestHandler(context: Context): void { + const defaultScope = getDefaultIsolationScope(); + const currentIsolationScope = getIsolationScope(); + + const isolationScope = defaultScope === currentIsolationScope ? defaultScope : currentIsolationScope; + + isolationScope.setSDKProcessingMetadata({ + normalizedRequest: winterCGRequestToRequestData(hasFetchEvent(context) ? context.event.request : context.req.raw), + }); +} + +/** + * Response handler for Hono framework + */ +export function responseHandler(context: Context): void { + const activeSpan = getActiveSpan(); + if (activeSpan) { + activeSpan.updateName(`${context.req.method} ${routePath(context)}`); + updateSpanName(getRootSpan(activeSpan), `${context.req.method} ${routePath(context)}`); + } + + getIsolationScope().setTransactionName(`${context.req.method} ${routePath(context)}`); + + if (context.error) { + getClient()?.captureException(context.error); + } +} diff --git a/packages/hono/src/utils/hono-context.ts b/packages/hono/src/utils/hono-context.ts new file mode 100644 index 000000000000..96df44ee655a --- /dev/null +++ b/packages/hono/src/utils/hono-context.ts @@ -0,0 +1,15 @@ +import type { Context } from 'hono'; + +/** + * Checks whether the given Hono context has a fetch event. + */ +export function hasFetchEvent(c: Context): boolean { + let hasFetchEvent = true; + try { + // eslint-disable-next-line @typescript-eslint/no-unused-expressions + c.event; + } catch { + hasFetchEvent = false; + } + return hasFetchEvent; +} diff --git a/packages/hono/test/cloudflare/middleware.test.ts b/packages/hono/test/cloudflare/middleware.test.ts new file mode 100644 index 000000000000..dff1d154dd16 --- /dev/null +++ b/packages/hono/test/cloudflare/middleware.test.ts @@ -0,0 +1,128 @@ +import * as SentryCloudflare from '@sentry/cloudflare'; +import * as SentryCore from '@sentry/core'; +import { SDK_VERSION } from '@sentry/core'; +import { Hono } from 'hono'; +import { beforeEach, describe, expect, it, type Mock, vi } from 'vitest'; +import { sentry } from '../../src/cloudflare/middleware'; + +vi.mock('@sentry/cloudflare', { spy: true }); +vi.mock('@sentry/core', async () => { + const actual = await vi.importActual('@sentry/core'); + return { + ...actual, + // eslint-disable-next-line @typescript-eslint/ban-ts-comment + // @ts-ignore + applySdkMetadata: vi.fn(actual.applySdkMetadata), + }; +}); + +const withSentryMock = SentryCloudflare.withSentry as Mock; +const applySdkMetadataMock = SentryCore.applySdkMetadata as Mock; + +describe('Hono Cloudflare Middleware', () => { + beforeEach(() => { + vi.clearAllMocks(); + }); + + describe('sentry middleware', () => { + it('calls applySdkMetadata with "hono"', () => { + const app = new Hono(); + const options = { + dsn: 'https://public@dsn.ingest.sentry.io/1337', + }; + + sentry(app, options); + + expect(applySdkMetadataMock).toHaveBeenCalledTimes(1); + expect(applySdkMetadataMock).toHaveBeenCalledWith(options, 'hono'); + }); + + it('calls withSentry with modified options', () => { + const app = new Hono(); + const options = { + dsn: 'https://public@dsn.ingest.sentry.io/1337', + }; + + sentry(app, options); + + expect(withSentryMock).toHaveBeenCalledTimes(1); + expect(withSentryMock).toHaveBeenCalledWith(expect.any(Function), app); + + // Get the options callback and call it + const optionsCallback = withSentryMock.mock.calls[0]?.[0]; + expect(optionsCallback).toBeInstanceOf(Function); + + const result = optionsCallback(); + + // After applySdkMetadata is called, options should have _metadata.sdk + expect(result.dsn).toBe('https://public@dsn.ingest.sentry.io/1337'); + expect(result._metadata?.sdk?.name).toBe('sentry.javascript.hono'); + expect(result._metadata?.sdk?.version).toBe(SDK_VERSION); + expect(result._metadata?.sdk?.packages).toEqual([ + { + name: 'npm:@sentry/hono', + version: SDK_VERSION, + }, + ]); + }); + + it('calls applySdkMetadata before withSentry', () => { + const app = new Hono(); + const options = { + dsn: 'https://public@dsn.ingest.sentry.io/1337', + }; + + sentry(app, options); + + // Verify applySdkMetadata was called before withSentry + const applySdkMetadataCallOrder = applySdkMetadataMock.mock.invocationCallOrder[0]; + const withSentryCallOrder = withSentryMock.mock.invocationCallOrder[0]; + + expect(applySdkMetadataCallOrder).toBeLessThan(withSentryCallOrder as number); + }); + + it('preserves all user options', () => { + const app = new Hono(); + const options = { + dsn: 'https://public@dsn.ingest.sentry.io/1337', + environment: 'production', + sampleRate: 0.5, + tracesSampleRate: 1.0, + debug: true, + }; + + sentry(app, options); + + const optionsCallback = withSentryMock.mock.calls[0]?.[0]; + const result = optionsCallback(); + + expect(result).toMatchObject({ + dsn: 'https://public@dsn.ingest.sentry.io/1337', + environment: 'production', + sampleRate: 0.5, + tracesSampleRate: 1.0, + debug: true, + }); + }); + + it('returns a middleware handler function', () => { + const app = new Hono(); + const options = { + dsn: 'https://public@dsn.ingest.sentry.io/1337', + }; + + const middleware = sentry(app, options); + + expect(middleware).toBeDefined(); + expect(typeof middleware).toBe('function'); + expect(middleware).toHaveLength(2); // Hono middleware takes (context, next) + }); + + it('returns an async middleware handler', async () => { + const app = new Hono(); + const middleware = sentry(app, {}); + + expect(middleware.constructor.name).toBe('AsyncFunction'); + }); + }); +}); diff --git a/packages/hono/tsconfig.json b/packages/hono/tsconfig.json new file mode 100644 index 000000000000..ff89f0feaa23 --- /dev/null +++ b/packages/hono/tsconfig.json @@ -0,0 +1,10 @@ +{ + "extends": "../../tsconfig.json", + + "include": ["src/**/*"], + + "compilerOptions": { + "module": "esnext", + "types": ["node", "@cloudflare/workers-types"] + } +} diff --git a/packages/hono/tsconfig.test.json b/packages/hono/tsconfig.test.json new file mode 100644 index 000000000000..00cada2d8bcf --- /dev/null +++ b/packages/hono/tsconfig.test.json @@ -0,0 +1,9 @@ +{ + "extends": "./tsconfig.json", + + "include": ["test/**/*", "vite.config.ts"], + + "compilerOptions": { + // other package-specific, test-specific options + } +} diff --git a/packages/hono/tsconfig.types.json b/packages/hono/tsconfig.types.json new file mode 100644 index 000000000000..65455f66bd75 --- /dev/null +++ b/packages/hono/tsconfig.types.json @@ -0,0 +1,10 @@ +{ + "extends": "./tsconfig.json", + + "compilerOptions": { + "declaration": true, + "declarationMap": true, + "emitDeclarationOnly": true, + "outDir": "build/types" + } +} diff --git a/packages/hono/vite.config.ts b/packages/hono/vite.config.ts new file mode 100644 index 000000000000..b2150cd225a4 --- /dev/null +++ b/packages/hono/vite.config.ts @@ -0,0 +1,6 @@ +import { defineConfig } from 'vitest/config'; +import baseConfig from '../../vite/vite.config'; + +export default defineConfig({ + ...baseConfig, +}); diff --git a/yarn.lock b/yarn.lock index ce0bdf5005ef..c72f9c9c7b76 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2747,31 +2747,61 @@ resolved "https://registry.yarnpkg.com/@cloudflare/unenv-preset/-/unenv-preset-2.11.0.tgz#cac63e7c9597176767e1830d75abfdbfdcbd42b8" integrity sha512-z3hxFajL765VniNPGV0JRStZolNz63gU3B3AktwoGdDlnQvz5nP+Ah4RL04PONlZQjwmDdGHowEStJ94+RsaJg== +"@cloudflare/unenv-preset@2.12.0": + version "2.12.0" + resolved "https://registry.yarnpkg.com/@cloudflare/unenv-preset/-/unenv-preset-2.12.0.tgz#3448ce6a88a8f917a3d49c916b0bc48393f50a32" + integrity sha512-NK4vN+2Z/GbfGS4BamtbbVk1rcu5RmqaYGiyHJQrA09AoxdZPHDF3W/EhgI0YSK8p3vRo/VNCtbSJFPON7FWMQ== + "@cloudflare/workerd-darwin-64@1.20260124.0": version "1.20260124.0" resolved "https://registry.yarnpkg.com/@cloudflare/workerd-darwin-64/-/workerd-darwin-64-1.20260124.0.tgz#958e475f8a5fce1d9453d47b98c09526f1a45438" integrity sha512-VuqscLhiiVIf7t/dcfkjtT0LKJH+a06KUFwFTHgdTcqyLbFZ44u1SLpOONu5fyva4A9MdaKh9a+Z/tBC1d76nw== +"@cloudflare/workerd-darwin-64@1.20260131.0": + version "1.20260131.0" + resolved "https://registry.yarnpkg.com/@cloudflare/workerd-darwin-64/-/workerd-darwin-64-1.20260131.0.tgz#1c295393b261ed27c85be1d99e3ce63d7f2e88e8" + integrity sha512-+1X4qErc715NUhJZNhtlpuCxajhD5YNre7Cz50WPMmj+BMUrh9h7fntKEadtrUo5SM2YONY7CDzK7wdWbJJBVA== + "@cloudflare/workerd-darwin-arm64@1.20260124.0": version "1.20260124.0" resolved "https://registry.yarnpkg.com/@cloudflare/workerd-darwin-arm64/-/workerd-darwin-arm64-1.20260124.0.tgz#8dad514564bcadc2fb5ac449bc24837d3d1533f5" integrity sha512-PfnjoFooPgRKFUIZcEP9irnn5Y7OgXinjM+IMlKTdEyLWjMblLsbsqAgydf75+ii0715xAeUlWQjZrWdyOZjMw== +"@cloudflare/workerd-darwin-arm64@1.20260131.0": + version "1.20260131.0" + resolved "https://registry.yarnpkg.com/@cloudflare/workerd-darwin-arm64/-/workerd-darwin-arm64-1.20260131.0.tgz#fcead80d4052f4bf243970e9eaf47b85ddcafa28" + integrity sha512-M84mXR8WEMEBuX4/dL2IQ4wHV/ALwYjx9if5ePZR8rdbD7if/fkEEoMBq0bGS/1gMLRqqCZLstabxHV+g92NNg== + "@cloudflare/workerd-linux-64@1.20260124.0": version "1.20260124.0" resolved "https://registry.yarnpkg.com/@cloudflare/workerd-linux-64/-/workerd-linux-64-1.20260124.0.tgz#91845c0f67c73abc2959c3ab90b474cd88e6d6ec" integrity sha512-KSkZl4kwcWeFXI7qsaLlMnKwjgdZwI0OEARjyZpiHCxJCqAqla9XxQKNDscL2Z3qUflIo30i+uteGbFrhzuVGQ== +"@cloudflare/workerd-linux-64@1.20260131.0": + version "1.20260131.0" + resolved "https://registry.yarnpkg.com/@cloudflare/workerd-linux-64/-/workerd-linux-64-1.20260131.0.tgz#81a590e0c306f746c37494d7211e78d9bf7fc333" + integrity sha512-SWzr48bCL9y5wjkj23tXS6t/6us99EAH9T5TAscMV0hfJFZQt97RY/gaHKyRRjFv6jfJZvk7d4g+OmGeYBnwcg== + "@cloudflare/workerd-linux-arm64@1.20260124.0": version "1.20260124.0" resolved "https://registry.yarnpkg.com/@cloudflare/workerd-linux-arm64/-/workerd-linux-arm64-1.20260124.0.tgz#42baebe126d430ae1dfeb23002a456239f24305b" integrity sha512-61xjSUNk745EVV4vXZP0KGyLCatcmamfBB+dcdQ8kDr6PrNU4IJ1kuQFSJdjybyDhJRm4TpGVywq+9hREuF7xA== +"@cloudflare/workerd-linux-arm64@1.20260131.0": + version "1.20260131.0" + resolved "https://registry.yarnpkg.com/@cloudflare/workerd-linux-arm64/-/workerd-linux-arm64-1.20260131.0.tgz#3146ab166a14863f725fd42539f248d92970a935" + integrity sha512-mL0kLPGIBJRPeHS3+erJ2t5dJT3ODhsKvR9aA4BcsY7M30/QhlgJIF6wsgwNisTJ23q8PbobZNHBUKIe8l/E9A== + "@cloudflare/workerd-windows-64@1.20260124.0": version "1.20260124.0" resolved "https://registry.yarnpkg.com/@cloudflare/workerd-windows-64/-/workerd-windows-64-1.20260124.0.tgz#2721810ca8bcbd2b9dbaf4fb13a971b8ea9e4c21" integrity sha512-j9O11pwQQV6Vi3peNrJoyIas3SrZHlPj0Ah+z1hDW9o1v35euVBQJw/PuzjPOXxTFUlGQoMJdfzPsO9xP86g7A== +"@cloudflare/workerd-windows-64@1.20260131.0": + version "1.20260131.0" + resolved "https://registry.yarnpkg.com/@cloudflare/workerd-windows-64/-/workerd-windows-64-1.20260131.0.tgz#05d877eb8a0eab80d2e8a3d06ff7d23f6365e0f3" + integrity sha512-hoQqTFBpP1zntP2OQSpt5dEWbd9vSBliK+G7LmDXjKitPkmkRFo2PB4P9aBRE1edPAIO/fpdoJv928k2HaAn4A== + "@cloudflare/workers-types@4.20250922.0", "@cloudflare/workers-types@^4.20250922.0": version "4.20250922.0" resolved "https://registry.yarnpkg.com/@cloudflare/workers-types/-/workers-types-4.20250922.0.tgz#a159fbf3bb785fa85b473ecfaa8c501525827885" @@ -22416,6 +22446,18 @@ miniflare@4.20260124.0: ws "8.18.0" youch "4.1.0-beta.10" +miniflare@4.20260131.0: + version "4.20260131.0" + resolved "https://registry.yarnpkg.com/miniflare/-/miniflare-4.20260131.0.tgz#2615af3dae74e8346ca7ec9cae6c106a94cf5a2a" + integrity sha512-CtObRzlAzOUpCFH+MgImykxmDNKthrgIYtC+oLC3UGpve6bGLomKUW4u4EorTvzlQFHe66/9m/+AYbBbpzG0mQ== + dependencies: + "@cspotcode/source-map-support" "0.8.1" + sharp "^0.34.5" + undici "7.18.2" + workerd "1.20260131.0" + ws "8.18.0" + youch "4.1.0-beta.10" + minimalistic-assert@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz#2e194de044626d4a10e7f7fbc00ce73e83e4d5c7" @@ -31789,6 +31831,17 @@ workerd@1.20260124.0: "@cloudflare/workerd-linux-arm64" "1.20260124.0" "@cloudflare/workerd-windows-64" "1.20260124.0" +workerd@1.20260131.0: + version "1.20260131.0" + resolved "https://registry.yarnpkg.com/workerd/-/workerd-1.20260131.0.tgz#29ba03e29fc8ff3e41f58ec0c2f0ba84a9cc40e6" + integrity sha512-4zZxOdWeActbRfydQQlj7vZ2ay01AjjNC4K3stjmWC3xZHeXeN3EAROwsWE83SZHhtw4rn18srrhtXoQvQMw3Q== + optionalDependencies: + "@cloudflare/workerd-darwin-64" "1.20260131.0" + "@cloudflare/workerd-darwin-arm64" "1.20260131.0" + "@cloudflare/workerd-linux-64" "1.20260131.0" + "@cloudflare/workerd-linux-arm64" "1.20260131.0" + "@cloudflare/workerd-windows-64" "1.20260131.0" + workerpool@^3.1.1: version "3.1.2" resolved "https://registry.yarnpkg.com/workerpool/-/workerpool-3.1.2.tgz#b34e79243647decb174b7481ab5b351dc565c426" @@ -31819,6 +31872,22 @@ wrangler@4.61.0: optionalDependencies: fsevents "~2.3.2" +wrangler@4.62.0: + version "4.62.0" + resolved "https://registry.yarnpkg.com/wrangler/-/wrangler-4.62.0.tgz#cb4e6c7caf16c094e4956611854278e8f641c05b" + integrity sha512-DogP9jifqw85g33BqwF6m21YBW5J7+Ep9IJLgr6oqHU0RkA79JMN5baeWXdmnIWZl+VZh6bmtNtR+5/Djd32tg== + dependencies: + "@cloudflare/kv-asset-handler" "0.4.2" + "@cloudflare/unenv-preset" "2.12.0" + blake3-wasm "2.1.5" + esbuild "0.27.0" + miniflare "4.20260131.0" + path-to-regexp "6.3.0" + unenv "2.0.0-rc.24" + workerd "1.20260131.0" + optionalDependencies: + fsevents "~2.3.2" + "wrap-ansi-cjs@npm:wrap-ansi@^7.0.0": version "7.0.0" resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" From 602f42d7670d8cb0dd6ff13c311a7d88d618e614 Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Thu, 5 Feb 2026 15:15:30 +0100 Subject: [PATCH 35/80] chore(deps): Bump mongoose in integration tests (#19175) - The OTel instrumentation supports mongoose >=5.9.7 <9, so 6.x is fully supported - Our test usage is basic (connect, Schema, model, save, findOne) with no breaking API changes between 5.x and 6.x - Mongoose 5.x is EOL and won't receive security patches https://github.com/getsentry/sentry-javascript/security/dependabot/1046 ref https://github.com/getsentry/sentry-javascript/pull/19170 Closes #19176 (added automatically) --- .../node-integration-tests/package.json | 2 +- yarn.lock | 1149 +++++++++++++++-- 2 files changed, 1054 insertions(+), 97 deletions(-) diff --git a/dev-packages/node-integration-tests/package.json b/dev-packages/node-integration-tests/package.json index e86b77c64d81..c112cfc3665c 100644 --- a/dev-packages/node-integration-tests/package.json +++ b/dev-packages/node-integration-tests/package.json @@ -63,7 +63,7 @@ "lru-memoizer": "2.3.0", "mongodb": "^3.7.3", "mongodb-memory-server-global": "^10.1.4", - "mongoose": "^5.13.22", + "mongoose": "^6.13.6", "mysql": "^2.18.1", "mysql2": "^3.11.3", "nock": "^13.5.5", diff --git a/yarn.lock b/yarn.lock index c72f9c9c7b76..39b675f2cf85 100644 --- a/yarn.lock +++ b/yarn.lock @@ -592,6 +592,19 @@ "@aws-sdk/util-utf8-browser" "^3.0.0" tslib "^1.11.1" +"@aws-crypto/sha256-browser@5.2.0": + version "5.2.0" + resolved "https://registry.yarnpkg.com/@aws-crypto/sha256-browser/-/sha256-browser-5.2.0.tgz#153895ef1dba6f9fce38af550e0ef58988eb649e" + integrity sha512-AXfN/lGotSQwu6HNcEsIASo7kWXZ5HYWvfOmSNKDsEqC4OashTp8alTmaz+F7TC2L083SFv5RdB+qU3Vs1kZqw== + dependencies: + "@aws-crypto/sha256-js" "^5.2.0" + "@aws-crypto/supports-web-crypto" "^5.2.0" + "@aws-crypto/util" "^5.2.0" + "@aws-sdk/types" "^3.222.0" + "@aws-sdk/util-locate-window" "^3.0.0" + "@smithy/util-utf8" "^2.0.0" + tslib "^2.6.2" + "@aws-crypto/sha256-js@3.0.0", "@aws-crypto/sha256-js@^3.0.0": version "3.0.0" resolved "https://registry.yarnpkg.com/@aws-crypto/sha256-js/-/sha256-js-3.0.0.tgz#f06b84d550d25521e60d2a0e2a90139341e007c2" @@ -601,6 +614,15 @@ "@aws-sdk/types" "^3.222.0" tslib "^1.11.1" +"@aws-crypto/sha256-js@5.2.0", "@aws-crypto/sha256-js@^5.2.0": + version "5.2.0" + resolved "https://registry.yarnpkg.com/@aws-crypto/sha256-js/-/sha256-js-5.2.0.tgz#c4fdb773fdbed9a664fc1a95724e206cf3860042" + integrity sha512-FFQQyu7edu4ufvIZ+OadFpHHOt+eSTBaYaki44c+akjg7qZg9oOQeLlk77F6tSYqjDAFClrHJk9tMf0HdVyOvA== + dependencies: + "@aws-crypto/util" "^5.2.0" + "@aws-sdk/types" "^3.222.0" + tslib "^2.6.2" + "@aws-crypto/supports-web-crypto@^3.0.0": version "3.0.0" resolved "https://registry.yarnpkg.com/@aws-crypto/supports-web-crypto/-/supports-web-crypto-3.0.0.tgz#5d1bf825afa8072af2717c3e455f35cda0103ec2" @@ -608,6 +630,13 @@ dependencies: tslib "^1.11.1" +"@aws-crypto/supports-web-crypto@^5.2.0": + version "5.2.0" + resolved "https://registry.yarnpkg.com/@aws-crypto/supports-web-crypto/-/supports-web-crypto-5.2.0.tgz#a1e399af29269be08e695109aa15da0a07b5b5fb" + integrity sha512-iAvUotm021kM33eCdNfwIN//F77/IADDSs58i+MDaOqFrVjZo9bAal0NK7HurRuWLLpF1iLX7gbWrjHjeo+YFg== + dependencies: + tslib "^2.6.2" + "@aws-crypto/util@^3.0.0": version "3.0.0" resolved "https://registry.yarnpkg.com/@aws-crypto/util/-/util-3.0.0.tgz#1c7ca90c29293f0883468ad48117937f0fe5bfb0" @@ -617,6 +646,105 @@ "@aws-sdk/util-utf8-browser" "^3.0.0" tslib "^1.11.1" +"@aws-crypto/util@^5.2.0": + version "5.2.0" + resolved "https://registry.yarnpkg.com/@aws-crypto/util/-/util-5.2.0.tgz#71284c9cffe7927ddadac793c14f14886d3876da" + integrity sha512-4RkU9EsI6ZpBve5fseQlGNUWKMa1RLPQ1dnjnQoe07ldfIzcsGb5hC5W0Dm7u423KWzawlrpbjXBrXCEv9zazQ== + dependencies: + "@aws-sdk/types" "^3.222.0" + "@smithy/util-utf8" "^2.0.0" + tslib "^2.6.2" + +"@aws-sdk/client-cognito-identity@3.980.0": + version "3.980.0" + resolved "https://registry.yarnpkg.com/@aws-sdk/client-cognito-identity/-/client-cognito-identity-3.980.0.tgz#e74f1a87864b729405e5504badcf0a52b90bc10b" + integrity sha512-nLgMW2drTzv+dTo3ORCcotQPcrUaTQ+xoaDTdSaUXdZO7zbbVyk7ysE5GDTnJdZWcUjHOSB8xfNQhOTTNVPhFw== + dependencies: + "@aws-crypto/sha256-browser" "5.2.0" + "@aws-crypto/sha256-js" "5.2.0" + "@aws-sdk/core" "^3.973.5" + "@aws-sdk/credential-provider-node" "^3.972.4" + "@aws-sdk/middleware-host-header" "^3.972.3" + "@aws-sdk/middleware-logger" "^3.972.3" + "@aws-sdk/middleware-recursion-detection" "^3.972.3" + "@aws-sdk/middleware-user-agent" "^3.972.5" + "@aws-sdk/region-config-resolver" "^3.972.3" + "@aws-sdk/types" "^3.973.1" + "@aws-sdk/util-endpoints" "3.980.0" + "@aws-sdk/util-user-agent-browser" "^3.972.3" + "@aws-sdk/util-user-agent-node" "^3.972.3" + "@smithy/config-resolver" "^4.4.6" + "@smithy/core" "^3.22.0" + "@smithy/fetch-http-handler" "^5.3.9" + "@smithy/hash-node" "^4.2.8" + "@smithy/invalid-dependency" "^4.2.8" + "@smithy/middleware-content-length" "^4.2.8" + "@smithy/middleware-endpoint" "^4.4.12" + "@smithy/middleware-retry" "^4.4.29" + "@smithy/middleware-serde" "^4.2.9" + "@smithy/middleware-stack" "^4.2.8" + "@smithy/node-config-provider" "^4.3.8" + "@smithy/node-http-handler" "^4.4.8" + "@smithy/protocol-http" "^5.3.8" + "@smithy/smithy-client" "^4.11.1" + "@smithy/types" "^4.12.0" + "@smithy/url-parser" "^4.2.8" + "@smithy/util-base64" "^4.3.0" + "@smithy/util-body-length-browser" "^4.2.0" + "@smithy/util-body-length-node" "^4.2.1" + "@smithy/util-defaults-mode-browser" "^4.3.28" + "@smithy/util-defaults-mode-node" "^4.2.31" + "@smithy/util-endpoints" "^3.2.8" + "@smithy/util-middleware" "^4.2.8" + "@smithy/util-retry" "^4.2.8" + "@smithy/util-utf8" "^4.2.0" + tslib "^2.6.2" + +"@aws-sdk/client-cognito-identity@3.983.0": + version "3.983.0" + resolved "https://registry.yarnpkg.com/@aws-sdk/client-cognito-identity/-/client-cognito-identity-3.983.0.tgz#4373d94a03f211872fca625d293b6e10b95998a1" + integrity sha512-ZbDx0koMsnj6wDH1BGKcbsO5DB34XfJB8/u/WNIyqQp04LXqXTcLCV1TgflRIyJ6RwYxsssic2mQ8HfZPGRqEg== + dependencies: + "@aws-crypto/sha256-browser" "5.2.0" + "@aws-crypto/sha256-js" "5.2.0" + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/credential-provider-node" "^3.972.5" + "@aws-sdk/middleware-host-header" "^3.972.3" + "@aws-sdk/middleware-logger" "^3.972.3" + "@aws-sdk/middleware-recursion-detection" "^3.972.3" + "@aws-sdk/middleware-user-agent" "^3.972.6" + "@aws-sdk/region-config-resolver" "^3.972.3" + "@aws-sdk/types" "^3.973.1" + "@aws-sdk/util-endpoints" "3.983.0" + "@aws-sdk/util-user-agent-browser" "^3.972.3" + "@aws-sdk/util-user-agent-node" "^3.972.4" + "@smithy/config-resolver" "^4.4.6" + "@smithy/core" "^3.22.0" + "@smithy/fetch-http-handler" "^5.3.9" + "@smithy/hash-node" "^4.2.8" + "@smithy/invalid-dependency" "^4.2.8" + "@smithy/middleware-content-length" "^4.2.8" + "@smithy/middleware-endpoint" "^4.4.12" + "@smithy/middleware-retry" "^4.4.29" + "@smithy/middleware-serde" "^4.2.9" + "@smithy/middleware-stack" "^4.2.8" + "@smithy/node-config-provider" "^4.3.8" + "@smithy/node-http-handler" "^4.4.8" + "@smithy/protocol-http" "^5.3.8" + "@smithy/smithy-client" "^4.11.1" + "@smithy/types" "^4.12.0" + "@smithy/url-parser" "^4.2.8" + "@smithy/util-base64" "^4.3.0" + "@smithy/util-body-length-browser" "^4.2.0" + "@smithy/util-body-length-node" "^4.2.1" + "@smithy/util-defaults-mode-browser" "^4.3.28" + "@smithy/util-defaults-mode-node" "^4.2.31" + "@smithy/util-endpoints" "^3.2.8" + "@smithy/util-middleware" "^4.2.8" + "@smithy/util-retry" "^4.2.8" + "@smithy/util-utf8" "^4.2.0" + tslib "^2.6.2" + "@aws-sdk/client-s3@^3.552.0": version "3.552.0" resolved "https://registry.yarnpkg.com/@aws-sdk/client-s3/-/client-s3-3.552.0.tgz#4dcd8ae34f3ba1b161db0dd75f4f62c7f06fec81" @@ -769,6 +897,50 @@ "@smithy/util-utf8" "^2.3.0" tslib "^2.6.2" +"@aws-sdk/client-sso@3.982.0": + version "3.982.0" + resolved "https://registry.yarnpkg.com/@aws-sdk/client-sso/-/client-sso-3.982.0.tgz#36ea3868045c6d0ade03bf7a0119ac3a1abf79a8" + integrity sha512-qJrIiivmvujdGqJ0ldSUvhN3k3N7GtPesoOI1BSt0fNXovVnMz4C/JmnkhZihU7hJhDvxJaBROLYTU+lpild4w== + dependencies: + "@aws-crypto/sha256-browser" "5.2.0" + "@aws-crypto/sha256-js" "5.2.0" + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/middleware-host-header" "^3.972.3" + "@aws-sdk/middleware-logger" "^3.972.3" + "@aws-sdk/middleware-recursion-detection" "^3.972.3" + "@aws-sdk/middleware-user-agent" "^3.972.6" + "@aws-sdk/region-config-resolver" "^3.972.3" + "@aws-sdk/types" "^3.973.1" + "@aws-sdk/util-endpoints" "3.982.0" + "@aws-sdk/util-user-agent-browser" "^3.972.3" + "@aws-sdk/util-user-agent-node" "^3.972.4" + "@smithy/config-resolver" "^4.4.6" + "@smithy/core" "^3.22.0" + "@smithy/fetch-http-handler" "^5.3.9" + "@smithy/hash-node" "^4.2.8" + "@smithy/invalid-dependency" "^4.2.8" + "@smithy/middleware-content-length" "^4.2.8" + "@smithy/middleware-endpoint" "^4.4.12" + "@smithy/middleware-retry" "^4.4.29" + "@smithy/middleware-serde" "^4.2.9" + "@smithy/middleware-stack" "^4.2.8" + "@smithy/node-config-provider" "^4.3.8" + "@smithy/node-http-handler" "^4.4.8" + "@smithy/protocol-http" "^5.3.8" + "@smithy/smithy-client" "^4.11.1" + "@smithy/types" "^4.12.0" + "@smithy/url-parser" "^4.2.8" + "@smithy/util-base64" "^4.3.0" + "@smithy/util-body-length-browser" "^4.2.0" + "@smithy/util-body-length-node" "^4.2.1" + "@smithy/util-defaults-mode-browser" "^4.3.28" + "@smithy/util-defaults-mode-node" "^4.2.31" + "@smithy/util-endpoints" "^3.2.8" + "@smithy/util-middleware" "^4.2.8" + "@smithy/util-retry" "^4.2.8" + "@smithy/util-utf8" "^4.2.0" + tslib "^2.6.2" + "@aws-sdk/client-sts@3.552.0": version "3.552.0" resolved "https://registry.yarnpkg.com/@aws-sdk/client-sts/-/client-sts-3.552.0.tgz#ae6879022644348596e822e80accb468676a2005" @@ -826,6 +998,36 @@ fast-xml-parser "4.2.5" tslib "^2.6.2" +"@aws-sdk/core@^3.973.5", "@aws-sdk/core@^3.973.6": + version "3.973.6" + resolved "https://registry.yarnpkg.com/@aws-sdk/core/-/core-3.973.6.tgz#dd7ff2af60034da3e1af7926d2ce7efe0341ea64" + integrity sha512-pz4ZOw3BLG0NdF25HoB9ymSYyPbMiIjwQJ2aROXRhAzt+b+EOxStfFv8s5iZyP6Kiw7aYhyWxj5G3NhmkoOTKw== + dependencies: + "@aws-sdk/types" "^3.973.1" + "@aws-sdk/xml-builder" "^3.972.4" + "@smithy/core" "^3.22.0" + "@smithy/node-config-provider" "^4.3.8" + "@smithy/property-provider" "^4.2.8" + "@smithy/protocol-http" "^5.3.8" + "@smithy/signature-v4" "^5.3.8" + "@smithy/smithy-client" "^4.11.1" + "@smithy/types" "^4.12.0" + "@smithy/util-base64" "^4.3.0" + "@smithy/util-middleware" "^4.2.8" + "@smithy/util-utf8" "^4.2.0" + tslib "^2.6.2" + +"@aws-sdk/credential-provider-cognito-identity@^3.972.3": + version "3.972.3" + resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-cognito-identity/-/credential-provider-cognito-identity-3.972.3.tgz#699ccf8450be66848e972568e59e37b95bd62c2b" + integrity sha512-dW/DqTk90XW7hIngqntAVtJJyrkS51wcLhGz39lOMe0TlSmZl+5R/UGnAZqNbXmWuJHLzxe+MLgagxH41aTsAQ== + dependencies: + "@aws-sdk/client-cognito-identity" "3.980.0" + "@aws-sdk/types" "^3.973.1" + "@smithy/property-provider" "^4.2.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@aws-sdk/credential-provider-env@3.535.0": version "3.535.0" resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-env/-/credential-provider-env-3.535.0.tgz#26248e263a8107953d5496cb3760d4e7c877abcf" @@ -836,6 +1038,17 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@aws-sdk/credential-provider-env@^3.972.4": + version "3.972.4" + resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-env/-/credential-provider-env-3.972.4.tgz#33b5ad1169ce5b7ac313ce2c27b939277795b9d0" + integrity sha512-/8dnc7+XNMmViEom2xsNdArQxQPSgy4Z/lm6qaFPTrMFesT1bV3PsBhb19n09nmxHdrtQskYmViddUIjUQElXg== + dependencies: + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/types" "^3.973.1" + "@smithy/property-provider" "^4.2.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@aws-sdk/credential-provider-http@3.552.0": version "3.552.0" resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-http/-/credential-provider-http-3.552.0.tgz#ecc88d02cba95621887e6b85b2583e756ad29eb6" @@ -851,6 +1064,22 @@ "@smithy/util-stream" "^2.2.0" tslib "^2.6.2" +"@aws-sdk/credential-provider-http@^3.972.6": + version "3.972.6" + resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-http/-/credential-provider-http-3.972.6.tgz#3a6720826cff7620690fc4fdf522a81e299a2ebf" + integrity sha512-5ERWqRljiZv44AIdvIRQ3k+EAV0Sq2WeJHvXuK7gL7bovSxOf8Al7MLH7Eh3rdovH4KHFnlIty7J71mzvQBl5Q== + dependencies: + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/types" "^3.973.1" + "@smithy/fetch-http-handler" "^5.3.9" + "@smithy/node-http-handler" "^4.4.8" + "@smithy/property-provider" "^4.2.8" + "@smithy/protocol-http" "^5.3.8" + "@smithy/smithy-client" "^4.11.1" + "@smithy/types" "^4.12.0" + "@smithy/util-stream" "^4.5.10" + tslib "^2.6.2" + "@aws-sdk/credential-provider-ini@3.552.0": version "3.552.0" resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.552.0.tgz#436f328ea0213efe3231354248ab0d82dade4345" @@ -868,6 +1097,40 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@aws-sdk/credential-provider-ini@^3.972.4": + version "3.972.4" + resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.972.4.tgz#77df2d72984b51f51307914a543514414f780e19" + integrity sha512-eRUg+3HaUKuXWn/lEMirdiA5HOKmEl8hEHVuszIDt2MMBUKgVX5XNGmb3XmbgU17h6DZ+RtjbxQpjhz3SbTjZg== + dependencies: + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/credential-provider-env" "^3.972.4" + "@aws-sdk/credential-provider-http" "^3.972.6" + "@aws-sdk/credential-provider-login" "^3.972.4" + "@aws-sdk/credential-provider-process" "^3.972.4" + "@aws-sdk/credential-provider-sso" "^3.972.4" + "@aws-sdk/credential-provider-web-identity" "^3.972.4" + "@aws-sdk/nested-clients" "3.982.0" + "@aws-sdk/types" "^3.973.1" + "@smithy/credential-provider-imds" "^4.2.8" + "@smithy/property-provider" "^4.2.8" + "@smithy/shared-ini-file-loader" "^4.4.3" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + +"@aws-sdk/credential-provider-login@^3.972.4": + version "3.972.4" + resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-login/-/credential-provider-login-3.972.4.tgz#dc656fbcb3206e5bebbdc44a571503a5ba4e0e6d" + integrity sha512-nLGjXuvWWDlQAp505xIONI7Gam0vw2p7Qu3P6on/W2q7rjJXtYjtpHbcsaOjJ/pAju3eTvEQuSuRedcRHVQIAQ== + dependencies: + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/nested-clients" "3.982.0" + "@aws-sdk/types" "^3.973.1" + "@smithy/property-provider" "^4.2.8" + "@smithy/protocol-http" "^5.3.8" + "@smithy/shared-ini-file-loader" "^4.4.3" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@aws-sdk/credential-provider-node@3.552.0": version "3.552.0" resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-node/-/credential-provider-node-3.552.0.tgz#7b25882a5694f50b288b284b1885ea3e138970fa" @@ -886,6 +1149,24 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@aws-sdk/credential-provider-node@^3.972.4", "@aws-sdk/credential-provider-node@^3.972.5": + version "3.972.5" + resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-node/-/credential-provider-node-3.972.5.tgz#2f16620eee963c445a727d4a7b5e000df41fa7b6" + integrity sha512-VWXKgSISQCI2GKN3zakTNHSiZ0+mux7v6YHmmbLQp/o3fvYUQJmKGcLZZzg2GFA+tGGBStplra9VFNf/WwxpYg== + dependencies: + "@aws-sdk/credential-provider-env" "^3.972.4" + "@aws-sdk/credential-provider-http" "^3.972.6" + "@aws-sdk/credential-provider-ini" "^3.972.4" + "@aws-sdk/credential-provider-process" "^3.972.4" + "@aws-sdk/credential-provider-sso" "^3.972.4" + "@aws-sdk/credential-provider-web-identity" "^3.972.4" + "@aws-sdk/types" "^3.973.1" + "@smithy/credential-provider-imds" "^4.2.8" + "@smithy/property-provider" "^4.2.8" + "@smithy/shared-ini-file-loader" "^4.4.3" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@aws-sdk/credential-provider-process@3.535.0": version "3.535.0" resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-process/-/credential-provider-process-3.535.0.tgz#ea1e8a38a32e36bbdc3f75eb03352e6eafa0c659" @@ -897,6 +1178,18 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@aws-sdk/credential-provider-process@^3.972.4": + version "3.972.4" + resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-process/-/credential-provider-process-3.972.4.tgz#4918ba11b88e0bc96e488f199e6d5605f2449c49" + integrity sha512-TCZpWUnBQN1YPk6grvd5x419OfXjHvhj5Oj44GYb84dOVChpg/+2VoEj+YVA4F4E/6huQPNnX7UYbTtxJqgihw== + dependencies: + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/types" "^3.973.1" + "@smithy/property-provider" "^4.2.8" + "@smithy/shared-ini-file-loader" "^4.4.3" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@aws-sdk/credential-provider-sso@3.552.0": version "3.552.0" resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.552.0.tgz#dd076e6944494812b23e293ead759e859a91d70e" @@ -910,6 +1203,20 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@aws-sdk/credential-provider-sso@^3.972.4": + version "3.972.4" + resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.972.4.tgz#0a945243e26e76c7460e20ae6725e07aa03d75fb" + integrity sha512-wzsGwv9mKlwJ3vHLyembBvGE/5nPUIwRR2I51B1cBV4Cb4ql9nIIfpmHzm050XYTY5fqTOKJQnhLj7zj89VG8g== + dependencies: + "@aws-sdk/client-sso" "3.982.0" + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/token-providers" "3.982.0" + "@aws-sdk/types" "^3.973.1" + "@smithy/property-provider" "^4.2.8" + "@smithy/shared-ini-file-loader" "^4.4.3" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@aws-sdk/credential-provider-web-identity@3.552.0": version "3.552.0" resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.552.0.tgz#213a8e5832a95d494b6a55ed9b1eefcc774b0cff" @@ -921,6 +1228,45 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@aws-sdk/credential-provider-web-identity@^3.972.4": + version "3.972.4" + resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.972.4.tgz#8dd394a0d1e1663fe0dec5ae9f2688cc5d3de410" + integrity sha512-hIzw2XzrG8jzsUSEatehmpkd5rWzASg5IHUfA+m01k/RtvfAML7ZJVVohuKdhAYx+wV2AThLiQJVzqn7F0khrw== + dependencies: + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/nested-clients" "3.982.0" + "@aws-sdk/types" "^3.973.1" + "@smithy/property-provider" "^4.2.8" + "@smithy/shared-ini-file-loader" "^4.4.3" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + +"@aws-sdk/credential-providers@^3.186.0": + version "3.983.0" + resolved "https://registry.yarnpkg.com/@aws-sdk/credential-providers/-/credential-providers-3.983.0.tgz#0c0ba3831530cedd62f36722dbfd4cbd1c54e186" + integrity sha512-G2nmPoHdEhLJMae0Y4CpkR5OlsQKUXAi7LNLUOZfNMFCstPQfI6uEHqTmKT9EyrbQkD3Y+rAbRTxTt3FMm+B4A== + dependencies: + "@aws-sdk/client-cognito-identity" "3.983.0" + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/credential-provider-cognito-identity" "^3.972.3" + "@aws-sdk/credential-provider-env" "^3.972.4" + "@aws-sdk/credential-provider-http" "^3.972.6" + "@aws-sdk/credential-provider-ini" "^3.972.4" + "@aws-sdk/credential-provider-login" "^3.972.4" + "@aws-sdk/credential-provider-node" "^3.972.5" + "@aws-sdk/credential-provider-process" "^3.972.4" + "@aws-sdk/credential-provider-sso" "^3.972.4" + "@aws-sdk/credential-provider-web-identity" "^3.972.4" + "@aws-sdk/nested-clients" "3.983.0" + "@aws-sdk/types" "^3.973.1" + "@smithy/config-resolver" "^4.4.6" + "@smithy/core" "^3.22.0" + "@smithy/credential-provider-imds" "^4.2.8" + "@smithy/node-config-provider" "^4.3.8" + "@smithy/property-provider" "^4.2.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@aws-sdk/middleware-bucket-endpoint@3.535.0": version "3.535.0" resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-bucket-endpoint/-/middleware-bucket-endpoint-3.535.0.tgz#8e19f3f9a89d618b3d75782343cb77c80ef6c7c4" @@ -968,6 +1314,16 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@aws-sdk/middleware-host-header@^3.972.3": + version "3.972.3" + resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-host-header/-/middleware-host-header-3.972.3.tgz#47c161dec62d89c66c89f4d17ff4434021e04af5" + integrity sha512-aknPTb2M+G3s+0qLCx4Li/qGZH8IIYjugHMv15JTYMe6mgZO8VBpYgeGYsNMGCqCZOcWzuf900jFBG5bopfzmA== + dependencies: + "@aws-sdk/types" "^3.973.1" + "@smithy/protocol-http" "^5.3.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@aws-sdk/middleware-location-constraint@3.535.0": version "3.535.0" resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-location-constraint/-/middleware-location-constraint-3.535.0.tgz#718c776c118ef78a33117fa353803d079ebcc8fa" @@ -986,6 +1342,15 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@aws-sdk/middleware-logger@^3.972.3": + version "3.972.3" + resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-logger/-/middleware-logger-3.972.3.tgz#ef1afd4a0b70fe72cf5f7c817f82da9f35c7e836" + integrity sha512-Ftg09xNNRqaz9QNzlfdQWfpqMCJbsQdnZVJP55jfhbKi1+FTWxGuvfPoBhDHIovqWKjqbuiew3HuhxbJ0+OjgA== + dependencies: + "@aws-sdk/types" "^3.973.1" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@aws-sdk/middleware-recursion-detection@3.535.0": version "3.535.0" resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.535.0.tgz#6aa1e1bd1e84730d58a73021b745e20d4341a92d" @@ -996,6 +1361,17 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@aws-sdk/middleware-recursion-detection@^3.972.3": + version "3.972.3" + resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-recursion-detection/-/middleware-recursion-detection-3.972.3.tgz#5b95dcecff76a0d2963bd954bdef87700d1b1c8c" + integrity sha512-PY57QhzNuXHnwbJgbWYTrqIDHYSeOlhfYERTAuc16LKZpTZRJUjzBFokp9hF7u1fuGeE3D70ERXzdbMBOqQz7Q== + dependencies: + "@aws-sdk/types" "^3.973.1" + "@aws/lambda-invoke-store" "^0.2.2" + "@smithy/protocol-http" "^5.3.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@aws-sdk/middleware-sdk-s3@3.552.0": version "3.552.0" resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-sdk-s3/-/middleware-sdk-s3-3.552.0.tgz#501200ec833add342578fd7d1ee2ecf4d8b9788d" @@ -1044,6 +1420,107 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@aws-sdk/middleware-user-agent@^3.972.5", "@aws-sdk/middleware-user-agent@^3.972.6": + version "3.972.6" + resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.972.6.tgz#8abf3fae980f80834460d3345937e5843a59082d" + integrity sha512-TehLN8W/kivl0U9HcS+keryElEWORROpghDXZBLfnb40DXM7hx/i+7OOjkogXQOF3QtUraJVRkHQ07bPhrWKlw== + dependencies: + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/types" "^3.973.1" + "@aws-sdk/util-endpoints" "3.982.0" + "@smithy/core" "^3.22.0" + "@smithy/protocol-http" "^5.3.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + +"@aws-sdk/nested-clients@3.982.0": + version "3.982.0" + resolved "https://registry.yarnpkg.com/@aws-sdk/nested-clients/-/nested-clients-3.982.0.tgz#b7d50bb7c273ed688fab0e52d5430dc6b0167d6d" + integrity sha512-VVkaH27digrJfdVrT64rjkllvOp4oRiZuuJvrylLXAKl18ujToJR7AqpDldL/LS63RVne3QWIpkygIymxFtliQ== + dependencies: + "@aws-crypto/sha256-browser" "5.2.0" + "@aws-crypto/sha256-js" "5.2.0" + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/middleware-host-header" "^3.972.3" + "@aws-sdk/middleware-logger" "^3.972.3" + "@aws-sdk/middleware-recursion-detection" "^3.972.3" + "@aws-sdk/middleware-user-agent" "^3.972.6" + "@aws-sdk/region-config-resolver" "^3.972.3" + "@aws-sdk/types" "^3.973.1" + "@aws-sdk/util-endpoints" "3.982.0" + "@aws-sdk/util-user-agent-browser" "^3.972.3" + "@aws-sdk/util-user-agent-node" "^3.972.4" + "@smithy/config-resolver" "^4.4.6" + "@smithy/core" "^3.22.0" + "@smithy/fetch-http-handler" "^5.3.9" + "@smithy/hash-node" "^4.2.8" + "@smithy/invalid-dependency" "^4.2.8" + "@smithy/middleware-content-length" "^4.2.8" + "@smithy/middleware-endpoint" "^4.4.12" + "@smithy/middleware-retry" "^4.4.29" + "@smithy/middleware-serde" "^4.2.9" + "@smithy/middleware-stack" "^4.2.8" + "@smithy/node-config-provider" "^4.3.8" + "@smithy/node-http-handler" "^4.4.8" + "@smithy/protocol-http" "^5.3.8" + "@smithy/smithy-client" "^4.11.1" + "@smithy/types" "^4.12.0" + "@smithy/url-parser" "^4.2.8" + "@smithy/util-base64" "^4.3.0" + "@smithy/util-body-length-browser" "^4.2.0" + "@smithy/util-body-length-node" "^4.2.1" + "@smithy/util-defaults-mode-browser" "^4.3.28" + "@smithy/util-defaults-mode-node" "^4.2.31" + "@smithy/util-endpoints" "^3.2.8" + "@smithy/util-middleware" "^4.2.8" + "@smithy/util-retry" "^4.2.8" + "@smithy/util-utf8" "^4.2.0" + tslib "^2.6.2" + +"@aws-sdk/nested-clients@3.983.0": + version "3.983.0" + resolved "https://registry.yarnpkg.com/@aws-sdk/nested-clients/-/nested-clients-3.983.0.tgz#b7d4bce1b6a8c957a0a1b7b49e8ab91e6c8973dc" + integrity sha512-4bUzDkJlSPwfegO23ZSBrheuTI8UyAgNzptm1K6fZAIOIc1vnFl12TonecbssAfmM0/UdyTn5QDomwEfIdmJkQ== + dependencies: + "@aws-crypto/sha256-browser" "5.2.0" + "@aws-crypto/sha256-js" "5.2.0" + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/middleware-host-header" "^3.972.3" + "@aws-sdk/middleware-logger" "^3.972.3" + "@aws-sdk/middleware-recursion-detection" "^3.972.3" + "@aws-sdk/middleware-user-agent" "^3.972.6" + "@aws-sdk/region-config-resolver" "^3.972.3" + "@aws-sdk/types" "^3.973.1" + "@aws-sdk/util-endpoints" "3.983.0" + "@aws-sdk/util-user-agent-browser" "^3.972.3" + "@aws-sdk/util-user-agent-node" "^3.972.4" + "@smithy/config-resolver" "^4.4.6" + "@smithy/core" "^3.22.0" + "@smithy/fetch-http-handler" "^5.3.9" + "@smithy/hash-node" "^4.2.8" + "@smithy/invalid-dependency" "^4.2.8" + "@smithy/middleware-content-length" "^4.2.8" + "@smithy/middleware-endpoint" "^4.4.12" + "@smithy/middleware-retry" "^4.4.29" + "@smithy/middleware-serde" "^4.2.9" + "@smithy/middleware-stack" "^4.2.8" + "@smithy/node-config-provider" "^4.3.8" + "@smithy/node-http-handler" "^4.4.8" + "@smithy/protocol-http" "^5.3.8" + "@smithy/smithy-client" "^4.11.1" + "@smithy/types" "^4.12.0" + "@smithy/url-parser" "^4.2.8" + "@smithy/util-base64" "^4.3.0" + "@smithy/util-body-length-browser" "^4.2.0" + "@smithy/util-body-length-node" "^4.2.1" + "@smithy/util-defaults-mode-browser" "^4.3.28" + "@smithy/util-defaults-mode-node" "^4.2.31" + "@smithy/util-endpoints" "^3.2.8" + "@smithy/util-middleware" "^4.2.8" + "@smithy/util-retry" "^4.2.8" + "@smithy/util-utf8" "^4.2.0" + tslib "^2.6.2" + "@aws-sdk/region-config-resolver@3.535.0": version "3.535.0" resolved "https://registry.yarnpkg.com/@aws-sdk/region-config-resolver/-/region-config-resolver-3.535.0.tgz#20a30fb5fbbe27ab70f2ed16327bae7e367b5cec" @@ -1056,6 +1533,17 @@ "@smithy/util-middleware" "^2.2.0" tslib "^2.6.2" +"@aws-sdk/region-config-resolver@^3.972.3": + version "3.972.3" + resolved "https://registry.yarnpkg.com/@aws-sdk/region-config-resolver/-/region-config-resolver-3.972.3.tgz#25af64235ca6f4b6b21f85d4b3c0b432efc4ae04" + integrity sha512-v4J8qYAWfOMcZ4MJUyatntOicTzEMaU7j3OpkRCGGFSL2NgXQ5VbxauIyORA+pxdKZ0qQG2tCQjQjZDlXEC3Ow== + dependencies: + "@aws-sdk/types" "^3.973.1" + "@smithy/config-resolver" "^4.4.6" + "@smithy/node-config-provider" "^4.3.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@aws-sdk/signature-v4-multi-region@3.552.0": version "3.552.0" resolved "https://registry.yarnpkg.com/@aws-sdk/signature-v4-multi-region/-/signature-v4-multi-region-3.552.0.tgz#ab8fb3aaf7b3dfbef1589e2f0cb7f60117d7a93b" @@ -1080,7 +1568,20 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" -"@aws-sdk/types@3.535.0", "@aws-sdk/types@^3.222.0": +"@aws-sdk/token-providers@3.982.0": + version "3.982.0" + resolved "https://registry.yarnpkg.com/@aws-sdk/token-providers/-/token-providers-3.982.0.tgz#c7a65d4f286c69ef10918fe7758bbe8dc7a064e9" + integrity sha512-v3M0KYp2TVHYHNBT7jHD9lLTWAdS9CaWJ2jboRKt0WAB65bA7iUEpR+k4VqKYtpQN4+8kKSc4w+K6kUNZkHKQw== + dependencies: + "@aws-sdk/core" "^3.973.6" + "@aws-sdk/nested-clients" "3.982.0" + "@aws-sdk/types" "^3.973.1" + "@smithy/property-provider" "^4.2.8" + "@smithy/shared-ini-file-loader" "^4.4.3" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + +"@aws-sdk/types@3.535.0": version "3.535.0" resolved "https://registry.yarnpkg.com/@aws-sdk/types/-/types-3.535.0.tgz#5e6479f31299dd9df170e63f4d10fe739008cf04" integrity sha512-aY4MYfduNj+sRR37U7XxYR8wemfbKP6lx00ze2M2uubn7mZotuVrWYAafbMSXrdEMSToE5JDhr28vArSOoLcSg== @@ -1088,6 +1589,14 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@aws-sdk/types@^3.222.0", "@aws-sdk/types@^3.973.1": + version "3.973.1" + resolved "https://registry.yarnpkg.com/@aws-sdk/types/-/types-3.973.1.tgz#1b2992ec6c8380c3e74c9bd2c74703e9a807d6e0" + integrity sha512-DwHBiMNOB468JiX6+i34c+THsKHErYUdNQ3HexeXZvVn4zouLjgaS4FejiGSi2HyBuzuyHg7SuOPmjSvoU9NRg== + dependencies: + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@aws-sdk/util-arn-parser@3.535.0": version "3.535.0" resolved "https://registry.yarnpkg.com/@aws-sdk/util-arn-parser/-/util-arn-parser-3.535.0.tgz#046aafff4438caa3740cebec600989b1e840b934" @@ -1105,6 +1614,39 @@ "@smithy/util-endpoints" "^1.2.0" tslib "^2.6.2" +"@aws-sdk/util-endpoints@3.980.0": + version "3.980.0" + resolved "https://registry.yarnpkg.com/@aws-sdk/util-endpoints/-/util-endpoints-3.980.0.tgz#0d2665ad75f92f3f208541f6fa88451d2a2e96ce" + integrity sha512-AjKBNEc+rjOZQE1HwcD9aCELqg1GmUj1rtICKuY8cgwB73xJ4U/kNyqKKpN2k9emGqlfDY2D8itIp/vDc6OKpw== + dependencies: + "@aws-sdk/types" "^3.973.1" + "@smithy/types" "^4.12.0" + "@smithy/url-parser" "^4.2.8" + "@smithy/util-endpoints" "^3.2.8" + tslib "^2.6.2" + +"@aws-sdk/util-endpoints@3.982.0": + version "3.982.0" + resolved "https://registry.yarnpkg.com/@aws-sdk/util-endpoints/-/util-endpoints-3.982.0.tgz#65674c566a8aa2d35b27dcd4132873e75f58dc76" + integrity sha512-M27u8FJP7O0Of9hMWX5dipp//8iglmV9jr7R8SR8RveU+Z50/8TqH68Tu6wUWBGMfXjzbVwn1INIAO5lZrlxXQ== + dependencies: + "@aws-sdk/types" "^3.973.1" + "@smithy/types" "^4.12.0" + "@smithy/url-parser" "^4.2.8" + "@smithy/util-endpoints" "^3.2.8" + tslib "^2.6.2" + +"@aws-sdk/util-endpoints@3.983.0": + version "3.983.0" + resolved "https://registry.yarnpkg.com/@aws-sdk/util-endpoints/-/util-endpoints-3.983.0.tgz#880ef563245721710cc4bd5d9c61522d617fc835" + integrity sha512-t/VbL2X3gvDEjC4gdySOeFFOZGQEBKwa23pRHeB7hBLBZ119BB/2OEFtTFWKyp3bnMQgxpeVeGS7/hxk6wpKJw== + dependencies: + "@aws-sdk/types" "^3.973.1" + "@smithy/types" "^4.12.0" + "@smithy/url-parser" "^4.2.8" + "@smithy/util-endpoints" "^3.2.8" + tslib "^2.6.2" + "@aws-sdk/util-locate-window@^3.0.0": version "3.535.0" resolved "https://registry.yarnpkg.com/@aws-sdk/util-locate-window/-/util-locate-window-3.535.0.tgz#0200a336fddd47dd6567ce15d01f62be50a315d7" @@ -1122,6 +1664,16 @@ bowser "^2.11.0" tslib "^2.6.2" +"@aws-sdk/util-user-agent-browser@^3.972.3": + version "3.972.3" + resolved "https://registry.yarnpkg.com/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.972.3.tgz#1363b388cb3af86c5322ef752c0cf8d7d25efa8a" + integrity sha512-JurOwkRUcXD/5MTDBcqdyQ9eVedtAsZgw5rBwktsPTN7QtPiS2Ld1jkJepNgYoCufz1Wcut9iup7GJDoIHp8Fw== + dependencies: + "@aws-sdk/types" "^3.973.1" + "@smithy/types" "^4.12.0" + bowser "^2.11.0" + tslib "^2.6.2" + "@aws-sdk/util-user-agent-node@3.535.0": version "3.535.0" resolved "https://registry.yarnpkg.com/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.535.0.tgz#f5c26fb6f3f561d3cf35f96f303b1775afad0a5b" @@ -1132,6 +1684,17 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@aws-sdk/util-user-agent-node@^3.972.3", "@aws-sdk/util-user-agent-node@^3.972.4": + version "3.972.4" + resolved "https://registry.yarnpkg.com/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.972.4.tgz#35cf669fa3e77973422da5a1df50b79b41d460b3" + integrity sha512-3WFCBLiM8QiHDfosQq3Py+lIMgWlFWwFQliUHUqwEiRqLnKyhgbU3AKa7AWJF7lW2Oc/2kFNY4MlAYVnVc0i8A== + dependencies: + "@aws-sdk/middleware-user-agent" "^3.972.6" + "@aws-sdk/types" "^3.973.1" + "@smithy/node-config-provider" "^4.3.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@aws-sdk/util-utf8-browser@^3.0.0": version "3.259.0" resolved "https://registry.yarnpkg.com/@aws-sdk/util-utf8-browser/-/util-utf8-browser-3.259.0.tgz#3275a6f5eb334f96ca76635b961d3c50259fd9ff" @@ -1147,6 +1710,20 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@aws-sdk/xml-builder@^3.972.4": + version "3.972.4" + resolved "https://registry.yarnpkg.com/@aws-sdk/xml-builder/-/xml-builder-3.972.4.tgz#8115c8cf90c71cf484a52c82eac5344cd3a5e921" + integrity sha512-0zJ05ANfYqI6+rGqj8samZBFod0dPPousBjLEqg8WdxSgbMAkRgLyn81lP215Do0rFJ/17LIXwr7q0yK24mP6Q== + dependencies: + "@smithy/types" "^4.12.0" + fast-xml-parser "5.3.4" + tslib "^2.6.2" + +"@aws/lambda-invoke-store@^0.2.2": + version "0.2.3" + resolved "https://registry.yarnpkg.com/@aws/lambda-invoke-store/-/lambda-invoke-store-0.2.3.tgz#f1137f56209ccc69c15f826242cbf37f828617dd" + integrity sha512-oLvsaPMTBejkkmHhjf09xTgk71mOqyr/409NKhRIL08If7AhVfUsJhVsx386uJaqNd42v9kWamQ9lFbkoC2dYw== + "@azure/abort-controller@^1.0.0": version "1.1.0" resolved "https://registry.yarnpkg.com/@azure/abort-controller/-/abort-controller-1.1.0.tgz#788ee78457a55af8a1ad342acb182383d2119249" @@ -5159,10 +5736,10 @@ resolved "https://registry.yarnpkg.com/@mjackson/node-fetch-server/-/node-fetch-server-0.2.0.tgz#577c0c25d8aae9f69a97738b7b0d03d1471cdc49" integrity sha512-EMlH1e30yzmTpGLQjlFmaDAjyOeZhng1/XCd7DExR8PNAnG/G1tyruZxEoUe11ClnwGhGrtsdnyyUx1frSzjng== -"@mongodb-js/saslprep@^1.1.9": - version "1.2.0" - resolved "https://registry.yarnpkg.com/@mongodb-js/saslprep/-/saslprep-1.2.0.tgz#4373d7a87660ea44a0a7a461ff6d8bc832733a4b" - integrity sha512-+ywrb0AqkfaYuhHs6LxKWgqbh3I72EpEgESCw37o+9qPx9WTCkgDm2B+eMrwehGtHBWHFU4GXvnSCNiFhhausg== +"@mongodb-js/saslprep@^1.1.0", "@mongodb-js/saslprep@^1.1.9": + version "1.4.5" + resolved "https://registry.yarnpkg.com/@mongodb-js/saslprep/-/saslprep-1.4.5.tgz#0f53a6c5a350fbe4bfa12cc80b69e8d358f1bbc0" + integrity sha512-k64Lbyb7ycCSXHSLzxVdb2xsKGPMvYZfCICXvDsI8Z65CeWQzTEKS4YmGbnqw+U9RBvLPTsB6UCmwkgsDTGWIw== dependencies: sparse-bitfield "^3.0.3" @@ -7492,6 +8069,14 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/abort-controller@^4.2.8": + version "4.2.8" + resolved "https://registry.yarnpkg.com/@smithy/abort-controller/-/abort-controller-4.2.8.tgz#3bfd7a51acce88eaec9a65c3382542be9f3a053a" + integrity sha512-peuVfkYHAmS5ybKxWcfraK7WBBP0J+rkfUcbHJJKQ4ir3UAUNQI+Y4Vt/PqSzGqgloJ5O1dk7+WzNL8wcCSXbw== + dependencies: + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/chunked-blob-reader-native@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/chunked-blob-reader-native/-/chunked-blob-reader-native-2.2.0.tgz#aff8bddf9fdc1052f885e1b15aa81e4d274e541e" @@ -7518,6 +8103,18 @@ "@smithy/util-middleware" "^2.2.0" tslib "^2.6.2" +"@smithy/config-resolver@^4.4.6": + version "4.4.6" + resolved "https://registry.yarnpkg.com/@smithy/config-resolver/-/config-resolver-4.4.6.tgz#bd7f65b3da93f37f1c97a399ade0124635c02297" + integrity sha512-qJpzYC64kaj3S0fueiu3kXm8xPrR3PcXDPEgnaNMRn0EjNSZFoFjvbUp0YUDsRhN1CB90EnHJtbxWKevnH99UQ== + dependencies: + "@smithy/node-config-provider" "^4.3.8" + "@smithy/types" "^4.12.0" + "@smithy/util-config-provider" "^4.2.0" + "@smithy/util-endpoints" "^3.2.8" + "@smithy/util-middleware" "^4.2.8" + tslib "^2.6.2" + "@smithy/core@^1.4.2": version "1.4.2" resolved "https://registry.yarnpkg.com/@smithy/core/-/core-1.4.2.tgz#1c3ed886d403041ce5bd2d816448420c57baa19c" @@ -7532,6 +8129,22 @@ "@smithy/util-middleware" "^2.2.0" tslib "^2.6.2" +"@smithy/core@^3.22.0", "@smithy/core@^3.22.1": + version "3.22.1" + resolved "https://registry.yarnpkg.com/@smithy/core/-/core-3.22.1.tgz#c34180d541c9dc5d29412809a6aa497ea47d74f8" + integrity sha512-x3ie6Crr58MWrm4viHqqy2Du2rHYZjwu8BekasrQx4ca+Y24dzVAwq3yErdqIbc2G3I0kLQA13PQ+/rde+u65g== + dependencies: + "@smithy/middleware-serde" "^4.2.9" + "@smithy/protocol-http" "^5.3.8" + "@smithy/types" "^4.12.0" + "@smithy/util-base64" "^4.3.0" + "@smithy/util-body-length-browser" "^4.2.0" + "@smithy/util-middleware" "^4.2.8" + "@smithy/util-stream" "^4.5.11" + "@smithy/util-utf8" "^4.2.0" + "@smithy/uuid" "^1.1.0" + tslib "^2.6.2" + "@smithy/credential-provider-imds@^2.3.0": version "2.3.0" resolved "https://registry.yarnpkg.com/@smithy/credential-provider-imds/-/credential-provider-imds-2.3.0.tgz#326ce401b82e53f3c7ee4862a066136959a06166" @@ -7543,6 +8156,17 @@ "@smithy/url-parser" "^2.2.0" tslib "^2.6.2" +"@smithy/credential-provider-imds@^4.2.8": + version "4.2.8" + resolved "https://registry.yarnpkg.com/@smithy/credential-provider-imds/-/credential-provider-imds-4.2.8.tgz#b2f4bf759ab1c35c0dd00fa3470263c749ebf60f" + integrity sha512-FNT0xHS1c/CPN8upqbMFP83+ul5YgdisfCfkZ86Jh2NSmnqw/AJ6x5pEogVCTVvSm7j9MopRU89bmDelxuDMYw== + dependencies: + "@smithy/node-config-provider" "^4.3.8" + "@smithy/property-provider" "^4.2.8" + "@smithy/types" "^4.12.0" + "@smithy/url-parser" "^4.2.8" + tslib "^2.6.2" + "@smithy/eventstream-codec@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/eventstream-codec/-/eventstream-codec-2.2.0.tgz#63d74fa817188995eb55e792a38060b0ede98dc4" @@ -7599,6 +8223,17 @@ "@smithy/util-base64" "^2.3.0" tslib "^2.6.2" +"@smithy/fetch-http-handler@^5.3.9": + version "5.3.9" + resolved "https://registry.yarnpkg.com/@smithy/fetch-http-handler/-/fetch-http-handler-5.3.9.tgz#edfc9e90e0c7538c81e22e748d62c0066cc91d58" + integrity sha512-I4UhmcTYXBrct03rwzQX1Y/iqQlzVQaPxWjCjula++5EmWq9YGBrx6bbGqluGc1f0XEfhSkiY4jhLgbsJUMKRA== + dependencies: + "@smithy/protocol-http" "^5.3.8" + "@smithy/querystring-builder" "^4.2.8" + "@smithy/types" "^4.12.0" + "@smithy/util-base64" "^4.3.0" + tslib "^2.6.2" + "@smithy/hash-blob-browser@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/hash-blob-browser/-/hash-blob-browser-2.2.0.tgz#d26db0e88b8fc4b59ee487bd026363ea9b48cf3a" @@ -7619,6 +8254,16 @@ "@smithy/util-utf8" "^2.3.0" tslib "^2.6.2" +"@smithy/hash-node@^4.2.8": + version "4.2.8" + resolved "https://registry.yarnpkg.com/@smithy/hash-node/-/hash-node-4.2.8.tgz#c21eb055041716cd492dda3a109852a94b6d47bb" + integrity sha512-7ZIlPbmaDGxVoxErDZnuFG18WekhbA/g2/i97wGj+wUBeS6pcUeAym8u4BXh/75RXWhgIJhyC11hBzig6MljwA== + dependencies: + "@smithy/types" "^4.12.0" + "@smithy/util-buffer-from" "^4.2.0" + "@smithy/util-utf8" "^4.2.0" + tslib "^2.6.2" + "@smithy/hash-stream-node@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/hash-stream-node/-/hash-stream-node-2.2.0.tgz#7b341fdc89851af6b98d8c01e47185caf0a4b2d9" @@ -7636,6 +8281,14 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/invalid-dependency@^4.2.8": + version "4.2.8" + resolved "https://registry.yarnpkg.com/@smithy/invalid-dependency/-/invalid-dependency-4.2.8.tgz#c578bc6d5540c877aaed5034b986b5f6bd896451" + integrity sha512-N9iozRybwAQ2dn9Fot9kI6/w9vos2oTXLhtK7ovGqwZjlOcxu6XhPlpLpC+INsxktqHinn5gS2DXDjDF2kG5sQ== + dependencies: + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/is-array-buffer@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/is-array-buffer/-/is-array-buffer-2.2.0.tgz#f84f0d9f9a36601a9ca9381688bd1b726fd39111" @@ -7643,6 +8296,13 @@ dependencies: tslib "^2.6.2" +"@smithy/is-array-buffer@^4.2.0": + version "4.2.0" + resolved "https://registry.yarnpkg.com/@smithy/is-array-buffer/-/is-array-buffer-4.2.0.tgz#b0f874c43887d3ad44f472a0f3f961bcce0550c2" + integrity sha512-DZZZBvC7sjcYh4MazJSGiWMI2L7E0oCiRHREDzIxi/M2LY79/21iXt6aPLHge82wi5LsuRF5A06Ds3+0mlh6CQ== + dependencies: + tslib "^2.6.2" + "@smithy/md5-js@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/md5-js/-/md5-js-2.2.0.tgz#033c4c89fe0cbb3f7e99cca3b7b63a2824c98c6d" @@ -7661,6 +8321,15 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/middleware-content-length@^4.2.8": + version "4.2.8" + resolved "https://registry.yarnpkg.com/@smithy/middleware-content-length/-/middleware-content-length-4.2.8.tgz#82c1df578fa70fe5800cf305b8788b9d2836a3e4" + integrity sha512-RO0jeoaYAB1qBRhfVyq0pMgBoUK34YEJxVxyjOWYZiOKOq2yMZ4MnVXMZCUDenpozHue207+9P5ilTV1zeda0A== + dependencies: + "@smithy/protocol-http" "^5.3.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/middleware-endpoint@^2.5.1": version "2.5.1" resolved "https://registry.yarnpkg.com/@smithy/middleware-endpoint/-/middleware-endpoint-2.5.1.tgz#1333c58304aff4d843e8ef4b85c8cb88975dd5ad" @@ -7674,6 +8343,20 @@ "@smithy/util-middleware" "^2.2.0" tslib "^2.6.2" +"@smithy/middleware-endpoint@^4.4.12", "@smithy/middleware-endpoint@^4.4.13": + version "4.4.13" + resolved "https://registry.yarnpkg.com/@smithy/middleware-endpoint/-/middleware-endpoint-4.4.13.tgz#8a5dda67cbf8e63155a908a724e7ae09b763baad" + integrity sha512-x6vn0PjYmGdNuKh/juUJJewZh7MoQ46jYaJ2mvekF4EesMuFfrl4LaW/k97Zjf8PTCPQmPgMvwewg7eNoH9n5w== + dependencies: + "@smithy/core" "^3.22.1" + "@smithy/middleware-serde" "^4.2.9" + "@smithy/node-config-provider" "^4.3.8" + "@smithy/shared-ini-file-loader" "^4.4.3" + "@smithy/types" "^4.12.0" + "@smithy/url-parser" "^4.2.8" + "@smithy/util-middleware" "^4.2.8" + tslib "^2.6.2" + "@smithy/middleware-retry@^2.3.1": version "2.3.1" resolved "https://registry.yarnpkg.com/@smithy/middleware-retry/-/middleware-retry-2.3.1.tgz#d6fdce94f2f826642c01b4448e97a509c4556ede" @@ -7689,6 +8372,21 @@ tslib "^2.6.2" uuid "^9.0.1" +"@smithy/middleware-retry@^4.4.29": + version "4.4.30" + resolved "https://registry.yarnpkg.com/@smithy/middleware-retry/-/middleware-retry-4.4.30.tgz#a0548803044069b53a332606d4b4f803f07f8963" + integrity sha512-CBGyFvN0f8hlnqKH/jckRDz78Snrp345+PVk8Ux7pnkUCW97Iinse59lY78hBt04h1GZ6hjBN94BRwZy1xC8Bg== + dependencies: + "@smithy/node-config-provider" "^4.3.8" + "@smithy/protocol-http" "^5.3.8" + "@smithy/service-error-classification" "^4.2.8" + "@smithy/smithy-client" "^4.11.2" + "@smithy/types" "^4.12.0" + "@smithy/util-middleware" "^4.2.8" + "@smithy/util-retry" "^4.2.8" + "@smithy/uuid" "^1.1.0" + tslib "^2.6.2" + "@smithy/middleware-serde@^2.3.0": version "2.3.0" resolved "https://registry.yarnpkg.com/@smithy/middleware-serde/-/middleware-serde-2.3.0.tgz#a7615ba646a88b6f695f2d55de13d8158181dd13" @@ -7697,6 +8395,15 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/middleware-serde@^4.2.9": + version "4.2.9" + resolved "https://registry.yarnpkg.com/@smithy/middleware-serde/-/middleware-serde-4.2.9.tgz#fd9d9b02b265aef67c9a30f55c2a5038fc9ca791" + integrity sha512-eMNiej0u/snzDvlqRGSN3Vl0ESn3838+nKyVfF2FKNXFbi4SERYT6PR392D39iczngbqqGG0Jl1DlCnp7tBbXQ== + dependencies: + "@smithy/protocol-http" "^5.3.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/middleware-stack@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/middleware-stack/-/middleware-stack-2.2.0.tgz#3fb49eae6313f16f6f30fdaf28e11a7321f34d9f" @@ -7705,6 +8412,14 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/middleware-stack@^4.2.8": + version "4.2.8" + resolved "https://registry.yarnpkg.com/@smithy/middleware-stack/-/middleware-stack-4.2.8.tgz#4fa9cfaaa05f664c9bb15d45608f3cb4f6da2b76" + integrity sha512-w6LCfOviTYQjBctOKSwy6A8FIkQy7ICvglrZFl6Bw4FmcQ1Z420fUtIhxaUZZshRe0VCq4kvDiPiXrPZAe8oRA== + dependencies: + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/node-config-provider@^2.3.0": version "2.3.0" resolved "https://registry.yarnpkg.com/@smithy/node-config-provider/-/node-config-provider-2.3.0.tgz#9fac0c94a14c5b5b8b8fa37f20c310a844ab9922" @@ -7715,6 +8430,16 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/node-config-provider@^4.3.8": + version "4.3.8" + resolved "https://registry.yarnpkg.com/@smithy/node-config-provider/-/node-config-provider-4.3.8.tgz#85a0683448262b2eb822f64c14278d4887526377" + integrity sha512-aFP1ai4lrbVlWjfpAfRSL8KFcnJQYfTl5QxLJXY32vghJrDuFyPZ6LtUL+JEGYiFRG1PfPLHLoxj107ulncLIg== + dependencies: + "@smithy/property-provider" "^4.2.8" + "@smithy/shared-ini-file-loader" "^4.4.3" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/node-http-handler@^2.5.0": version "2.5.0" resolved "https://registry.yarnpkg.com/@smithy/node-http-handler/-/node-http-handler-2.5.0.tgz#7b5e0565dd23d340380489bd5fe4316d2bed32de" @@ -7726,6 +8451,17 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/node-http-handler@^4.4.8", "@smithy/node-http-handler@^4.4.9": + version "4.4.9" + resolved "https://registry.yarnpkg.com/@smithy/node-http-handler/-/node-http-handler-4.4.9.tgz#c167e5b8aed33c5edaf25b903ed9866858499c93" + integrity sha512-KX5Wml5mF+luxm1szW4QDz32e3NObgJ4Fyw+irhph4I/2geXwUy4jkIMUs5ZPGflRBeR6BUkC2wqIab4Llgm3w== + dependencies: + "@smithy/abort-controller" "^4.2.8" + "@smithy/protocol-http" "^5.3.8" + "@smithy/querystring-builder" "^4.2.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/property-provider@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/property-provider/-/property-provider-2.2.0.tgz#37e3525a3fa3e11749f86a4f89f0fd7765a6edb0" @@ -7734,6 +8470,14 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/property-provider@^4.2.8": + version "4.2.8" + resolved "https://registry.yarnpkg.com/@smithy/property-provider/-/property-provider-4.2.8.tgz#6e37b30923d2d31370c50ce303a4339020031472" + integrity sha512-EtCTbyIveCKeOXDSWSdze3k612yCPq1YbXsbqX3UHhkOSW8zKsM9NOJG5gTIya0vbY2DIaieG8pKo1rITHYL0w== + dependencies: + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/protocol-http@^3.3.0": version "3.3.0" resolved "https://registry.yarnpkg.com/@smithy/protocol-http/-/protocol-http-3.3.0.tgz#a37df7b4bb4960cdda560ce49acfd64c455e4090" @@ -7742,6 +8486,14 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/protocol-http@^5.3.8": + version "5.3.8" + resolved "https://registry.yarnpkg.com/@smithy/protocol-http/-/protocol-http-5.3.8.tgz#0938f69a3c3673694c2f489a640fce468ce75006" + integrity sha512-QNINVDhxpZ5QnP3aviNHQFlRogQZDfYlCkQT+7tJnErPQbDhysondEjhikuANxgMsZrkGeiAxXy4jguEGsDrWQ== + dependencies: + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/querystring-builder@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/querystring-builder/-/querystring-builder-2.2.0.tgz#22937e19fcd0aaa1a3e614ef8cb6f8e86756a4ef" @@ -7751,6 +8503,15 @@ "@smithy/util-uri-escape" "^2.2.0" tslib "^2.6.2" +"@smithy/querystring-builder@^4.2.8": + version "4.2.8" + resolved "https://registry.yarnpkg.com/@smithy/querystring-builder/-/querystring-builder-4.2.8.tgz#2fa72d29eb1844a6a9933038bbbb14d6fe385e93" + integrity sha512-Xr83r31+DrE8CP3MqPgMJl+pQlLLmOfiEUnoyAlGzzJIrEsbKsPy1hqH0qySaQm4oWrCBlUqRt+idEgunKB+iw== + dependencies: + "@smithy/types" "^4.12.0" + "@smithy/util-uri-escape" "^4.2.0" + tslib "^2.6.2" + "@smithy/querystring-parser@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/querystring-parser/-/querystring-parser-2.2.0.tgz#24a5633f4b3806ff2888d4c2f4169e105fdffd79" @@ -7759,6 +8520,14 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/querystring-parser@^4.2.8": + version "4.2.8" + resolved "https://registry.yarnpkg.com/@smithy/querystring-parser/-/querystring-parser-4.2.8.tgz#aa3f2456180ce70242e89018d0b1ebd4782a6347" + integrity sha512-vUurovluVy50CUlazOiXkPq40KGvGWSdmusa3130MwrR1UNnNgKAlj58wlOe61XSHRpUfIIh6cE0zZ8mzKaDPA== + dependencies: + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/service-error-classification@^2.1.5": version "2.1.5" resolved "https://registry.yarnpkg.com/@smithy/service-error-classification/-/service-error-classification-2.1.5.tgz#0568a977cc0db36299d8703a5d8609c1f600c005" @@ -7766,6 +8535,13 @@ dependencies: "@smithy/types" "^2.12.0" +"@smithy/service-error-classification@^4.2.8": + version "4.2.8" + resolved "https://registry.yarnpkg.com/@smithy/service-error-classification/-/service-error-classification-4.2.8.tgz#6d89dbad4f4978d7b75a44af8c18c22455a16cdc" + integrity sha512-mZ5xddodpJhEt3RkCjbmUQuXUOaPNTkbMGR0bcS8FE0bJDLMZlhmpgrvPNCYglVw5rsYTpSnv19womw9WWXKQQ== + dependencies: + "@smithy/types" "^4.12.0" + "@smithy/shared-ini-file-loader@^2.4.0": version "2.4.0" resolved "https://registry.yarnpkg.com/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-2.4.0.tgz#1636d6eb9bff41e36ac9c60364a37fd2ffcb9947" @@ -7774,6 +8550,14 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/shared-ini-file-loader@^4.4.3": + version "4.4.3" + resolved "https://registry.yarnpkg.com/@smithy/shared-ini-file-loader/-/shared-ini-file-loader-4.4.3.tgz#6054215ecb3a6532b13aa49a9fbda640b63be50e" + integrity sha512-DfQjxXQnzC5UbCUPeC3Ie8u+rIWZTvuDPAGU/BxzrOGhRvgUanaP68kDZA+jaT3ZI+djOf+4dERGlm9mWfFDrg== + dependencies: + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/signature-v4@^2.2.1": version "2.2.1" resolved "https://registry.yarnpkg.com/@smithy/signature-v4/-/signature-v4-2.2.1.tgz#9b32571e9785c8f69aa4115517bf2a784f690c4d" @@ -7787,6 +8571,20 @@ "@smithy/util-utf8" "^2.3.0" tslib "^2.6.2" +"@smithy/signature-v4@^5.3.8": + version "5.3.8" + resolved "https://registry.yarnpkg.com/@smithy/signature-v4/-/signature-v4-5.3.8.tgz#796619b10b7cc9467d0625b0ebd263ae04fdfb76" + integrity sha512-6A4vdGj7qKNRF16UIcO8HhHjKW27thsxYci+5r/uVRkdcBEkOEiY8OMPuydLX4QHSrJqGHPJzPRwwVTqbLZJhg== + dependencies: + "@smithy/is-array-buffer" "^4.2.0" + "@smithy/protocol-http" "^5.3.8" + "@smithy/types" "^4.12.0" + "@smithy/util-hex-encoding" "^4.2.0" + "@smithy/util-middleware" "^4.2.8" + "@smithy/util-uri-escape" "^4.2.0" + "@smithy/util-utf8" "^4.2.0" + tslib "^2.6.2" + "@smithy/smithy-client@^2.5.1": version "2.5.1" resolved "https://registry.yarnpkg.com/@smithy/smithy-client/-/smithy-client-2.5.1.tgz#0fd2efff09dc65500d260e590f7541f8a387eae3" @@ -7799,6 +8597,19 @@ "@smithy/util-stream" "^2.2.0" tslib "^2.6.2" +"@smithy/smithy-client@^4.11.1", "@smithy/smithy-client@^4.11.2": + version "4.11.2" + resolved "https://registry.yarnpkg.com/@smithy/smithy-client/-/smithy-client-4.11.2.tgz#1f6a4d75625dbaa16bafbe9b10cf6a41c98fe3da" + integrity sha512-SCkGmFak/xC1n7hKRsUr6wOnBTJ3L22Qd4e8H1fQIuKTAjntwgU8lrdMe7uHdiT2mJAOWA/60qaW9tiMu69n1A== + dependencies: + "@smithy/core" "^3.22.1" + "@smithy/middleware-endpoint" "^4.4.13" + "@smithy/middleware-stack" "^4.2.8" + "@smithy/protocol-http" "^5.3.8" + "@smithy/types" "^4.12.0" + "@smithy/util-stream" "^4.5.11" + tslib "^2.6.2" + "@smithy/types@^2.12.0": version "2.12.0" resolved "https://registry.yarnpkg.com/@smithy/types/-/types-2.12.0.tgz#c44845f8ba07e5e8c88eda5aed7e6a0c462da041" @@ -7806,6 +8617,13 @@ dependencies: tslib "^2.6.2" +"@smithy/types@^4.12.0": + version "4.12.0" + resolved "https://registry.yarnpkg.com/@smithy/types/-/types-4.12.0.tgz#55d2479080922bda516092dbf31916991d9c6fee" + integrity sha512-9YcuJVTOBDjg9LWo23Qp0lTQ3D7fQsQtwle0jVfpbUHy9qBwCEgKuVH4FqFB3VYu0nwdHKiEMA+oXz7oV8X1kw== + dependencies: + tslib "^2.6.2" + "@smithy/url-parser@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/url-parser/-/url-parser-2.2.0.tgz#6fcda6116391a4f61fef5580eb540e128359b3c0" @@ -7815,6 +8633,15 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/url-parser@^4.2.8": + version "4.2.8" + resolved "https://registry.yarnpkg.com/@smithy/url-parser/-/url-parser-4.2.8.tgz#b44267cd704abe114abcd00580acdd9e4acc1177" + integrity sha512-NQho9U68TGMEU639YkXnVMV3GEFFULmmaWdlu1E9qzyIePOHsoSnagTGSDv1Zi8DCNN6btxOSdgmy5E/hsZwhA== + dependencies: + "@smithy/querystring-parser" "^4.2.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/util-base64@^2.3.0": version "2.3.0" resolved "https://registry.yarnpkg.com/@smithy/util-base64/-/util-base64-2.3.0.tgz#312dbb4d73fb94249c7261aee52de4195c2dd8e2" @@ -7824,6 +8651,15 @@ "@smithy/util-utf8" "^2.3.0" tslib "^2.6.2" +"@smithy/util-base64@^4.3.0": + version "4.3.0" + resolved "https://registry.yarnpkg.com/@smithy/util-base64/-/util-base64-4.3.0.tgz#5e287b528793aa7363877c1a02cd880d2e76241d" + integrity sha512-GkXZ59JfyxsIwNTWFnjmFEI8kZpRNIBfxKjv09+nkAWPt/4aGaEWMM04m4sxgNVWkbt2MdSvE3KF/PfX4nFedQ== + dependencies: + "@smithy/util-buffer-from" "^4.2.0" + "@smithy/util-utf8" "^4.2.0" + tslib "^2.6.2" + "@smithy/util-body-length-browser@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/util-body-length-browser/-/util-body-length-browser-2.2.0.tgz#25620645c6b62b42594ef4a93b66e6ab70e27d2c" @@ -7831,6 +8667,13 @@ dependencies: tslib "^2.6.2" +"@smithy/util-body-length-browser@^4.2.0": + version "4.2.0" + resolved "https://registry.yarnpkg.com/@smithy/util-body-length-browser/-/util-body-length-browser-4.2.0.tgz#04e9fc51ee7a3e7f648a4b4bcdf96c350cfa4d61" + integrity sha512-Fkoh/I76szMKJnBXWPdFkQJl2r9SjPt3cMzLdOB6eJ4Pnpas8hVoWPYemX/peO0yrrvldgCUVJqOAjUrOLjbxg== + dependencies: + tslib "^2.6.2" + "@smithy/util-body-length-node@^2.3.0": version "2.3.0" resolved "https://registry.yarnpkg.com/@smithy/util-body-length-node/-/util-body-length-node-2.3.0.tgz#d065a9b5e305ff899536777bbfe075cdc980136f" @@ -7838,6 +8681,13 @@ dependencies: tslib "^2.6.2" +"@smithy/util-body-length-node@^4.2.1": + version "4.2.1" + resolved "https://registry.yarnpkg.com/@smithy/util-body-length-node/-/util-body-length-node-4.2.1.tgz#79c8a5d18e010cce6c42d5cbaf6c1958523e6fec" + integrity sha512-h53dz/pISVrVrfxV1iqXlx5pRg3V2YWFcSQyPyXZRrZoZj4R4DeWRDo1a7dd3CPTcFi3kE+98tuNyD2axyZReA== + dependencies: + tslib "^2.6.2" + "@smithy/util-buffer-from@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/util-buffer-from/-/util-buffer-from-2.2.0.tgz#6fc88585165ec73f8681d426d96de5d402021e4b" @@ -7846,6 +8696,14 @@ "@smithy/is-array-buffer" "^2.2.0" tslib "^2.6.2" +"@smithy/util-buffer-from@^4.2.0": + version "4.2.0" + resolved "https://registry.yarnpkg.com/@smithy/util-buffer-from/-/util-buffer-from-4.2.0.tgz#7abd12c4991b546e7cee24d1e8b4bfaa35c68a9d" + integrity sha512-kAY9hTKulTNevM2nlRtxAG2FQ3B2OR6QIrPY3zE5LqJy1oxzmgBGsHLWTcNhWXKchgA0WHW+mZkQrng/pgcCew== + dependencies: + "@smithy/is-array-buffer" "^4.2.0" + tslib "^2.6.2" + "@smithy/util-config-provider@^2.3.0": version "2.3.0" resolved "https://registry.yarnpkg.com/@smithy/util-config-provider/-/util-config-provider-2.3.0.tgz#bc79f99562d12a1f8423100ca662a6fb07cde943" @@ -7853,6 +8711,13 @@ dependencies: tslib "^2.6.2" +"@smithy/util-config-provider@^4.2.0": + version "4.2.0" + resolved "https://registry.yarnpkg.com/@smithy/util-config-provider/-/util-config-provider-4.2.0.tgz#2e4722937f8feda4dcb09672c59925a4e6286cfc" + integrity sha512-YEjpl6XJ36FTKmD+kRJJWYvrHeUvm5ykaUS5xK+6oXffQPHeEM4/nXlZPe+Wu0lsgRUcNZiliYNh/y7q9c2y6Q== + dependencies: + tslib "^2.6.2" + "@smithy/util-defaults-mode-browser@^2.2.1": version "2.2.1" resolved "https://registry.yarnpkg.com/@smithy/util-defaults-mode-browser/-/util-defaults-mode-browser-2.2.1.tgz#9db31416daf575d2963c502e0528cfe8055f0c4e" @@ -7864,6 +8729,16 @@ bowser "^2.11.0" tslib "^2.6.2" +"@smithy/util-defaults-mode-browser@^4.3.28": + version "4.3.29" + resolved "https://registry.yarnpkg.com/@smithy/util-defaults-mode-browser/-/util-defaults-mode-browser-4.3.29.tgz#fd4f9563ffd1fb49d092e5b86bacc7796170763e" + integrity sha512-nIGy3DNRmOjaYaaKcQDzmWsro9uxlaqUOhZDHQed9MW/GmkBZPtnU70Pu1+GT9IBmUXwRdDuiyaeiy9Xtpn3+Q== + dependencies: + "@smithy/property-provider" "^4.2.8" + "@smithy/smithy-client" "^4.11.2" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/util-defaults-mode-node@^2.3.1": version "2.3.1" resolved "https://registry.yarnpkg.com/@smithy/util-defaults-mode-node/-/util-defaults-mode-node-2.3.1.tgz#4613210a3d107aadb3f85bd80cb71c796dd8bf0a" @@ -7877,6 +8752,19 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/util-defaults-mode-node@^4.2.31": + version "4.2.32" + resolved "https://registry.yarnpkg.com/@smithy/util-defaults-mode-node/-/util-defaults-mode-node-4.2.32.tgz#bc3e9ee1711a9ac3b1c29ea0bef0e785c1da30da" + integrity sha512-7dtFff6pu5fsjqrVve0YMhrnzJtccCWDacNKOkiZjJ++fmjGExmmSu341x+WU6Oc1IccL7lDuaUj7SfrHpWc5Q== + dependencies: + "@smithy/config-resolver" "^4.4.6" + "@smithy/credential-provider-imds" "^4.2.8" + "@smithy/node-config-provider" "^4.3.8" + "@smithy/property-provider" "^4.2.8" + "@smithy/smithy-client" "^4.11.2" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/util-endpoints@^1.2.0": version "1.2.0" resolved "https://registry.yarnpkg.com/@smithy/util-endpoints/-/util-endpoints-1.2.0.tgz#b8b805f47e8044c158372f69b88337703117665d" @@ -7886,6 +8774,15 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/util-endpoints@^3.2.8": + version "3.2.8" + resolved "https://registry.yarnpkg.com/@smithy/util-endpoints/-/util-endpoints-3.2.8.tgz#5650bda2adac989ff2e562606088c5de3dcb1b36" + integrity sha512-8JaVTn3pBDkhZgHQ8R0epwWt+BqPSLCjdjXXusK1onwJlRuN69fbvSK66aIKKO7SwVFM6x2J2ox5X8pOaWcUEw== + dependencies: + "@smithy/node-config-provider" "^4.3.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/util-hex-encoding@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/util-hex-encoding/-/util-hex-encoding-2.2.0.tgz#87edb7c88c2f422cfca4bb21f1394ae9602c5085" @@ -7893,6 +8790,13 @@ dependencies: tslib "^2.6.2" +"@smithy/util-hex-encoding@^4.2.0": + version "4.2.0" + resolved "https://registry.yarnpkg.com/@smithy/util-hex-encoding/-/util-hex-encoding-4.2.0.tgz#1c22ea3d1e2c3a81ff81c0a4f9c056a175068a7b" + integrity sha512-CCQBwJIvXMLKxVbO88IukazJD9a4kQ9ZN7/UMGBjBcJYvatpWk+9g870El4cB8/EJxfe+k+y0GmR9CAzkF+Nbw== + dependencies: + tslib "^2.6.2" + "@smithy/util-middleware@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/util-middleware/-/util-middleware-2.2.0.tgz#80cfad40f6cca9ffe42a5899b5cb6abd53a50006" @@ -7901,6 +8805,14 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/util-middleware@^4.2.8": + version "4.2.8" + resolved "https://registry.yarnpkg.com/@smithy/util-middleware/-/util-middleware-4.2.8.tgz#1da33f29a74c7ebd9e584813cb7e12881600a80a" + integrity sha512-PMqfeJxLcNPMDgvPbbLl/2Vpin+luxqTGPpW3NAQVLbRrFRzTa4rNAASYeIGjRV9Ytuhzny39SpyU04EQreF+A== + dependencies: + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/util-retry@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/util-retry/-/util-retry-2.2.0.tgz#e8e019537ab47ba6b2e87e723ec51ee223422d85" @@ -7910,6 +8822,15 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/util-retry@^4.2.8": + version "4.2.8" + resolved "https://registry.yarnpkg.com/@smithy/util-retry/-/util-retry-4.2.8.tgz#23f3f47baf0681233fd0c37b259e60e268c73b11" + integrity sha512-CfJqwvoRY0kTGe5AkQokpURNCT1u/MkRzMTASWMPPo2hNSnKtF1D45dQl3DE2LKLr4m+PW9mCeBMJr5mCAVThg== + dependencies: + "@smithy/service-error-classification" "^4.2.8" + "@smithy/types" "^4.12.0" + tslib "^2.6.2" + "@smithy/util-stream@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/util-stream/-/util-stream-2.2.0.tgz#b1279e417992a0f74afa78d7501658f174ed7370" @@ -7924,6 +8845,20 @@ "@smithy/util-utf8" "^2.3.0" tslib "^2.6.2" +"@smithy/util-stream@^4.5.10", "@smithy/util-stream@^4.5.11": + version "4.5.11" + resolved "https://registry.yarnpkg.com/@smithy/util-stream/-/util-stream-4.5.11.tgz#69bf0816c2a396b389a48a64455dacdb57893984" + integrity sha512-lKmZ0S/3Qj2OF5H1+VzvDLb6kRxGzZHq6f3rAsoSu5cTLGsn3v3VQBA8czkNNXlLjoFEtVu3OQT2jEeOtOE2CA== + dependencies: + "@smithy/fetch-http-handler" "^5.3.9" + "@smithy/node-http-handler" "^4.4.9" + "@smithy/types" "^4.12.0" + "@smithy/util-base64" "^4.3.0" + "@smithy/util-buffer-from" "^4.2.0" + "@smithy/util-hex-encoding" "^4.2.0" + "@smithy/util-utf8" "^4.2.0" + tslib "^2.6.2" + "@smithy/util-uri-escape@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/util-uri-escape/-/util-uri-escape-2.2.0.tgz#56f5764051a33b67bc93fdd2a869f971b0635406" @@ -7931,7 +8866,14 @@ dependencies: tslib "^2.6.2" -"@smithy/util-utf8@^2.3.0": +"@smithy/util-uri-escape@^4.2.0": + version "4.2.0" + resolved "https://registry.yarnpkg.com/@smithy/util-uri-escape/-/util-uri-escape-4.2.0.tgz#096a4cec537d108ac24a68a9c60bee73fc7e3a9e" + integrity sha512-igZpCKV9+E/Mzrpq6YacdTQ0qTiLm85gD6N/IrmyDvQFA4UnU3d5g3m8tMT/6zG/vVkWSU+VxeUyGonL62DuxA== + dependencies: + tslib "^2.6.2" + +"@smithy/util-utf8@^2.0.0", "@smithy/util-utf8@^2.3.0": version "2.3.0" resolved "https://registry.yarnpkg.com/@smithy/util-utf8/-/util-utf8-2.3.0.tgz#dd96d7640363259924a214313c3cf16e7dd329c5" integrity sha512-R8Rdn8Hy72KKcebgLiv8jQcQkXoLMOGGv5uI1/k0l+snqkOzQ1R0ChUBCxWMlBsFMekWjq0wRudIweFs7sKT5A== @@ -7939,6 +8881,14 @@ "@smithy/util-buffer-from" "^2.2.0" tslib "^2.6.2" +"@smithy/util-utf8@^4.2.0": + version "4.2.0" + resolved "https://registry.yarnpkg.com/@smithy/util-utf8/-/util-utf8-4.2.0.tgz#8b19d1514f621c44a3a68151f3d43e51087fed9d" + integrity sha512-zBPfuzoI8xyBtR2P6WQj63Rz8i3AmfAaJLuNG8dWsfvPe8lO4aCPYLn879mEgHndZH1zQ2oXmG8O1GGzzaoZiw== + dependencies: + "@smithy/util-buffer-from" "^4.2.0" + tslib "^2.6.2" + "@smithy/util-waiter@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@smithy/util-waiter/-/util-waiter-2.2.0.tgz#d11baf50637bfaadb9641d6ca1619da413dd2612" @@ -7948,6 +8898,13 @@ "@smithy/types" "^2.12.0" tslib "^2.6.2" +"@smithy/uuid@^1.1.0": + version "1.1.0" + resolved "https://registry.yarnpkg.com/@smithy/uuid/-/uuid-1.1.0.tgz#9fd09d3f91375eab94f478858123387df1cda987" + integrity sha512-4aUIteuyxtBUhVdiQqcDhKFitwfd9hqoSDYY2KRXiWtgoWJ9Bmise+KfEPDiVHWeJepvF8xJO9/9+WDIciMFFw== + dependencies: + tslib "^2.6.2" + "@socket.io/component-emitter@~3.1.0": version "3.1.0" resolved "https://registry.yarnpkg.com/@socket.io/component-emitter/-/component-emitter-3.1.0.tgz#96116f2a912e0c02817345b3c10751069920d553" @@ -8660,13 +9617,6 @@ dependencies: bson "*" -"@types/bson@1.x || 4.0.x": - version "4.0.5" - resolved "https://registry.yarnpkg.com/@types/bson/-/bson-4.0.5.tgz#9e0e1d1a6f8866483f96868a9b33bc804926b1fc" - integrity sha512-vVLwMUqhYJSQ/WKcE60eFqcyuWse5fGH+NMAXHuKrUAPoryq3ATxk5o4bgYNtg5aOM4APVg7Hnb3ASqUYG0PKg== - dependencies: - "@types/node" "*" - "@types/chai-as-promised@^7.1.2": version "7.1.3" resolved "https://registry.yarnpkg.com/@types/chai-as-promised/-/chai-as-promised-7.1.3.tgz#779166b90fda611963a3adbfd00b339d03b747bd" @@ -9174,7 +10124,7 @@ resolved "https://registry.yarnpkg.com/@types/minimist/-/minimist-1.2.1.tgz#283f669ff76d7b8260df8ab7a4262cc83d988256" integrity sha512-fZQQafSREFyuZcdWFAExYjBiCL7AUCdgsk80iO0q4yihYYdcIiH28CcuPTGFgLOCC8RlW49GSQxdHwZP+I7CNg== -"@types/mongodb@^3.5.27", "@types/mongodb@^3.6.20": +"@types/mongodb@^3.6.20": version "3.6.20" resolved "https://registry.yarnpkg.com/@types/mongodb/-/mongodb-3.6.20.tgz#b7c5c580644f6364002b649af1c06c3c0454e1d2" integrity sha512-WcdpPJCakFzcWWD9juKoZbRtQxKIMYF/JIAM4JrNHrMcnJL6/a2NWjXxW7fo9hxboxxkg+icff8d7+WIEvKgYQ== @@ -9500,6 +10450,14 @@ dependencies: "@types/webidl-conversions" "*" +"@types/whatwg-url@^8.2.1": + version "8.2.2" + resolved "https://registry.yarnpkg.com/@types/whatwg-url/-/whatwg-url-8.2.2.tgz#749d5b3873e845897ada99be4448041d4cc39e63" + integrity sha512-FtQu10RWgn3D9U4aazdwIE2yzphmTJREDqNdODHrbrZmmMqI0vMheC/6NE/J1Yveaj8H+ela+YwWTjq5PGmuhA== + dependencies: + "@types/node" "*" + "@types/webidl-conversions" "*" + "@types/ws@*", "@types/ws@^8.5.1", "@types/ws@^8.5.10": version "8.18.1" resolved "https://registry.yarnpkg.com/@types/ws/-/ws-8.18.1.tgz#48464e4bf2ddfd17db13d845467f6070ffea4aa9" @@ -11985,11 +12943,6 @@ blank-object@^1.0.1: resolved "https://registry.yarnpkg.com/blank-object/-/blank-object-1.0.2.tgz#f990793fbe9a8c8dd013fb3219420bec81d5f4b9" integrity sha1-+ZB5P76ajI3QE/syGUIL7IHV9Lk= -bluebird@3.5.1: - version "3.5.1" - resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.5.1.tgz#d9551f9de98f1fcda1e683d17ee91a0602ee2eb9" - integrity sha512-MKiLiV+I1AA596t9w1sQJ8jkiSr5+ZKi0WKrYGUn6d1Fx+Ij4tIj+m2WMQSGczs5jZVxV339chE8iwk6F64wjA== - bluebird@^3.4.6, bluebird@^3.7.2: version "3.7.2" resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.7.2.tgz#9f229c15be272454ffa973ace0dbee79a1b0c36f" @@ -12608,6 +13561,13 @@ bson@^1.1.4: resolved "https://registry.yarnpkg.com/bson/-/bson-1.1.6.tgz#fb819be9a60cd677e0853aee4ca712a785d6618a" integrity sha512-EvVNVeGo4tHxwi8L6bPj3y3itEvStdwvvlojVxxbyYfoaxJ6keLgrTuKdyfEAszFK+H3olzBuafE0yoh0D1gdg== +bson@^4.7.2: + version "4.7.2" + resolved "https://registry.yarnpkg.com/bson/-/bson-4.7.2.tgz#320f4ad0eaf5312dd9b45dc369cc48945e2a5f2e" + integrity sha512-Ry9wCtIZ5kGqkJoi6aD8KjxFZEx78guTQDnpXWiNthsxzrxAK/i8E6pCHAIZTbaEFWcOCvbecMukfK7XUvyLpQ== + dependencies: + buffer "^5.6.0" + buffer-crc32@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/buffer-crc32/-/buffer-crc32-1.0.0.tgz#a10993b9055081d55304bd9feb4a072de179f405" @@ -12633,7 +13593,7 @@ buffer-more-ints@~1.0.0: resolved "https://registry.yarnpkg.com/buffer-more-ints/-/buffer-more-ints-1.0.0.tgz#ef4f8e2dddbad429ed3828a9c55d44f05c611422" integrity sha512-EMetuGFz5SLsT0QTnXzINh4Ksr+oo4i+UGTXEshiGCQWnsgSs7ZhJ8fzlwQ+OzEMs0MpDAMr1hxnblp5a4vcHg== -buffer@^5.2.1, buffer@^5.5.0: +buffer@^5.2.1, buffer@^5.5.0, buffer@^5.6.0: version "5.7.1" resolved "https://registry.yarnpkg.com/buffer/-/buffer-5.7.1.tgz#ba62e7c13133053582197160851a8f648e99eed0" integrity sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ== @@ -14301,14 +15261,7 @@ debug@2, debug@2.6.9, debug@^2.1.0, debug@^2.1.1, debug@^2.1.3, debug@^2.2.0, de dependencies: ms "2.0.0" -debug@3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/debug/-/debug-3.1.0.tgz#5bb5a0672628b64149566ba16819e61518c67261" - integrity sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g== - dependencies: - ms "2.0.0" - -debug@4, debug@^4, debug@^4.0.0, debug@^4.1.0, debug@^4.1.1, debug@^4.3.1, debug@^4.3.2, debug@^4.3.3, debug@^4.3.4, debug@^4.3.5, debug@^4.3.6, debug@^4.3.7, debug@^4.4.0, debug@^4.4.1: +debug@4, debug@4.x, debug@^4, debug@^4.0.0, debug@^4.1.0, debug@^4.1.1, debug@^4.3.1, debug@^4.3.2, debug@^4.3.3, debug@^4.3.4, debug@^4.3.5, debug@^4.3.6, debug@^4.3.7, debug@^4.4.0, debug@^4.4.1: version "4.4.3" resolved "https://registry.yarnpkg.com/debug/-/debug-4.4.3.tgz#c6ae432d9bd9662582fce08709b038c58e9e3d6a" integrity sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA== @@ -17196,6 +18149,13 @@ fast-xml-parser@4.2.5: dependencies: strnum "^1.0.5" +fast-xml-parser@5.3.4, fast-xml-parser@^5.0.7: + version "5.3.4" + resolved "https://registry.yarnpkg.com/fast-xml-parser/-/fast-xml-parser-5.3.4.tgz#06f39aafffdbc97bef0321e626c7ddd06a043ecf" + integrity sha512-EFd6afGmXlCx8H8WTZHhAoDaWaGyuIBoZJ2mknrNxug+aZKjkp0a0dlars9Izl+jF+7Gu1/5f/2h68cQpe0IiA== + dependencies: + strnum "^2.1.0" + fast-xml-parser@^4.4.1: version "4.5.0" resolved "https://registry.yarnpkg.com/fast-xml-parser/-/fast-xml-parser-4.5.0.tgz#2882b7d01a6825dfdf909638f2de0256351def37" @@ -17203,13 +18163,6 @@ fast-xml-parser@^4.4.1: dependencies: strnum "^1.0.5" -fast-xml-parser@^5.0.7: - version "5.3.3" - resolved "https://registry.yarnpkg.com/fast-xml-parser/-/fast-xml-parser-5.3.3.tgz#84b678e44eb81207c8585795152b4b1c94738b4d" - integrity sha512-2O3dkPAAC6JavuMm8+4+pgTk+5hoAs+CjZ+sWcQLkX9+/tHRuTkQh/Oaifr8qDmZ8iEHb771Ea6G8CdwkrgvYA== - dependencies: - strnum "^2.1.0" - fastq@^1.6.0: version "1.19.1" resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.19.1.tgz#d50eaba803c8846a883c16492821ebcd2cda55f5" @@ -20638,10 +21591,10 @@ kafkajs@2.2.4: resolved "https://registry.yarnpkg.com/kafkajs/-/kafkajs-2.2.4.tgz#59e6e16459d87fdf8b64be73970ed5aa42370a5b" integrity sha512-j/YeapB1vfPT2iOIUn/vxdyKEuhuY2PxMBvf5JWux6iSaukAccrMtXEY/Lb7OvavDhOWME589bpLrEdnVHjfjA== -kareem@2.3.2: - version "2.3.2" - resolved "https://registry.yarnpkg.com/kareem/-/kareem-2.3.2.tgz#78c4508894985b8d38a0dc15e1a8e11078f2ca93" - integrity sha512-STHz9P7X2L4Kwn72fA4rGyqyXdmrMSdxqHx9IXon/FXluXieaFA6KJ2upcHAHxQPQ0LeM/OjLrhFxifHewOALQ== +kareem@2.5.1: + version "2.5.1" + resolved "https://registry.yarnpkg.com/kareem/-/kareem-2.5.1.tgz#7b8203e11819a8e77a34b3517d3ead206764d15d" + integrity sha512-7jFxRVm+jD+rkq3kY0iZDJfsO2/t4BBPeEb2qKn2lR/9KhuksYk5hxzfRYWMPV8P/x2d0kHD306YyWLzjjH+uA== karma-source-map-support@1.4.0: version "1.4.0" @@ -22757,6 +23710,14 @@ moment@~2.30.1: resolved "https://registry.yarnpkg.com/moment/-/moment-2.30.1.tgz#f8c91c07b7a786e30c59926df530b4eac96974ae" integrity sha512-uEmtNhbDOrWPFS+hdjFCBfy9f2YoyzRpwcl+DqpC6taX21FzsTLQVbMV/W7PzNSX6x/bhC1zA3c2UQ5NzH6how== +mongodb-connection-string-url@^2.6.0: + version "2.6.0" + resolved "https://registry.yarnpkg.com/mongodb-connection-string-url/-/mongodb-connection-string-url-2.6.0.tgz#57901bf352372abdde812c81be47b75c6b2ec5cf" + integrity sha512-WvTZlI9ab0QYtTYnuMLgobULWhokRjtC7db9LtcVfJ+Hsnyr5eo6ZtNAt3Ly24XZScGMelOcGtm7lSn0332tPQ== + dependencies: + "@types/whatwg-url" "^8.2.1" + whatwg-url "^11.0.0" + mongodb-connection-string-url@^3.0.0: version "3.0.2" resolved "https://registry.yarnpkg.com/mongodb-connection-string-url/-/mongodb-connection-string-url-3.0.2.tgz#e223089dfa0a5fa9bf505f8aedcbc67b077b33e7" @@ -22791,7 +23752,19 @@ mongodb-memory-server-global@^10.1.4: mongodb-memory-server-core "10.1.4" tslib "^2.7.0" -mongodb@3.7.4, mongodb@^3.7.3: +mongodb@4.17.2: + version "4.17.2" + resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-4.17.2.tgz#237c0534e36a3449bd74c6bf6d32f87a1ca7200c" + integrity sha512-mLV7SEiov2LHleRJPMPrK2PMyhXFZt2UQLC4VD4pnth3jMjYKHhtqfwwkkvS/NXuo/Fp3vbhaNcXrIDaLRb9Tg== + dependencies: + bson "^4.7.2" + mongodb-connection-string-url "^2.6.0" + socks "^2.7.1" + optionalDependencies: + "@aws-sdk/credential-providers" "^3.186.0" + "@mongodb-js/saslprep" "^1.1.0" + +mongodb@^3.7.3: version "3.7.4" resolved "https://registry.yarnpkg.com/mongodb/-/mongodb-3.7.4.tgz#119530d826361c3e12ac409b769796d6977037a4" integrity sha512-K5q8aBqEXMwWdVNh94UQTwZ6BejVbFhh1uB6c5FKtPE9eUMZPUO3sRZdgIEcHSrAWmxzpG/FeODDKL388sqRmw== @@ -22813,30 +23786,18 @@ mongodb@^6.9.0: bson "^6.10.3" mongodb-connection-string-url "^3.0.0" -mongoose-legacy-pluralize@1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/mongoose-legacy-pluralize/-/mongoose-legacy-pluralize-1.0.2.tgz#3ba9f91fa507b5186d399fb40854bff18fb563e4" - integrity sha512-Yo/7qQU4/EyIS8YDFSeenIvXxZN+ld7YdV9LqFVQJzTLye8unujAWPZ4NWKfFA+RNjh+wvTWKY9Z3E5XM6ZZiQ== - -mongoose@^5.13.22: - version "5.13.22" - resolved "https://registry.yarnpkg.com/mongoose/-/mongoose-5.13.22.tgz#f9a6493ba5f45b7a3d5f9fce58ca9c71aedb8157" - integrity sha512-p51k/c4X/MfqeQ3I1ranlDiggLzNumZrTDD9CeezHwZxt2/btf+YZD7MCe07RAY2NgFYVMayq6jMamw02Jmf9w== +mongoose@^6.13.6: + version "6.13.9" + resolved "https://registry.yarnpkg.com/mongoose/-/mongoose-6.13.9.tgz#880294370404dda9c51eeaac00352f83e6a4a5b7" + integrity sha512-x8XpK0SEDJtAtMoOF2U9aGrGXN6kbu01TqhznGLnA4B1oPXNb4Lye0MgmfxF9J2Dva7wf49VOgClk2fuKQYGHw== dependencies: - "@types/bson" "1.x || 4.0.x" - "@types/mongodb" "^3.5.27" - bson "^1.1.4" - kareem "2.3.2" - mongodb "3.7.4" - mongoose-legacy-pluralize "1.0.2" - mpath "0.8.4" - mquery "3.2.5" - ms "2.1.2" - optional-require "1.0.x" - regexp-clone "1.0.0" - safe-buffer "5.2.1" - sift "13.5.2" - sliced "1.0.1" + bson "^4.7.2" + kareem "2.5.1" + mongodb "4.17.2" + mpath "0.9.0" + mquery "4.0.3" + ms "2.1.3" + sift "16.0.1" morgan@^1.10.0: version "1.10.0" @@ -22854,21 +23815,17 @@ mout@^1.0.0: resolved "https://registry.yarnpkg.com/mout/-/mout-1.2.4.tgz#9ffd261c4d6509e7ebcbf6b641a89b36ecdf8155" integrity sha512-mZb9uOruMWgn/fw28DG4/yE3Kehfk1zKCLhuDU2O3vlKdnBBr4XaOCqVTflJ5aODavGUPqFHZgrFX3NJVuxGhQ== -mpath@0.8.4: - version "0.8.4" - resolved "https://registry.yarnpkg.com/mpath/-/mpath-0.8.4.tgz#6b566d9581621d9e931dd3b142ed3618e7599313" - integrity sha512-DTxNZomBcTWlrMW76jy1wvV37X/cNNxPW1y2Jzd4DZkAaC5ZGsm8bfGfNOthcDuRJujXLqiuS6o3Tpy0JEoh7g== +mpath@0.9.0: + version "0.9.0" + resolved "https://registry.yarnpkg.com/mpath/-/mpath-0.9.0.tgz#0c122fe107846e31fc58c75b09c35514b3871904" + integrity sha512-ikJRQTk8hw5DEoFVxHG1Gn9T/xcjtdnOKIU1JTmGjZZlg9LST2mBLmcX3/ICIbgJydT2GOc15RnNy5mHmzfSew== -mquery@3.2.5: - version "3.2.5" - resolved "https://registry.yarnpkg.com/mquery/-/mquery-3.2.5.tgz#8f2305632e4bb197f68f60c0cffa21aaf4060c51" - integrity sha512-VjOKHHgU84wij7IUoZzFRU07IAxd5kWJaDmyUzQlbjHjyoeK5TNeeo8ZsFDtTYnSgpW6n/nMNIHvE3u8Lbrf4A== +mquery@4.0.3: + version "4.0.3" + resolved "https://registry.yarnpkg.com/mquery/-/mquery-4.0.3.tgz#4d15f938e6247d773a942c912d9748bd1965f89d" + integrity sha512-J5heI+P08I6VJ2Ky3+33IpCdAvlYGTSUjwTPxkAr8i8EoduPMBX2OY/wa3IKZIQl7MU4SbFk8ndgSKyB/cl1zA== dependencies: - bluebird "3.5.1" - debug "3.1.0" - regexp-clone "^1.0.0" - safe-buffer "5.1.2" - sliced "1.0.1" + debug "4.x" mri@1.1.4: version "1.1.4" @@ -24190,11 +25147,6 @@ opener@^1.5.2: resolved "https://registry.yarnpkg.com/opener/-/opener-1.5.2.tgz#5d37e1f35077b9dcac4301372271afdeb2a13598" integrity sha512-ur5UIdyw5Y7yEj9wLzhqXiy6GZ3Mwx0yGI+5sMn2r0N0v3cKJvUmFH5yPP+WXh9e0xfyzyJX95D8l088DNFj7A== -optional-require@1.0.x: - version "1.0.3" - resolved "https://registry.yarnpkg.com/optional-require/-/optional-require-1.0.3.tgz#275b8e9df1dc6a17ad155369c2422a440f89cb07" - integrity sha512-RV2Zp2MY2aeYK5G+B/Sps8lW5NHAzE5QClbFP15j+PWmP+T9PxlJXBOOLoSAdgwFvS4t0aMR4vpedMkbHfh0nA== - optional-require@^1.1.8: version "1.1.8" resolved "https://registry.yarnpkg.com/optional-require/-/optional-require-1.1.8.tgz#16364d76261b75d964c482b2406cb824d8ec44b7" @@ -26763,11 +27715,6 @@ regexp-ast-analysis@^0.6.0: "@eslint-community/regexpp" "^4.5.0" refa "^0.11.0" -regexp-clone@1.0.0, regexp-clone@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/regexp-clone/-/regexp-clone-1.0.0.tgz#222db967623277056260b992626354a04ce9bf63" - integrity sha512-TuAasHQNamyyJ2hb97IuBEif4qBHGjPHBS64sZwytpLEqtBQ1gPJTnOaQ6qmpET16cK14kkjbazl6+p0RRv0yw== - regexp-tree@^0.1.27: version "0.1.27" resolved "https://registry.yarnpkg.com/regexp-tree/-/regexp-tree-0.1.27.tgz#2198f0ef54518ffa743fe74d983b56ffd631b6cd" @@ -28034,10 +28981,10 @@ side-channel@^1.0.4, side-channel@^1.1.0: side-channel-map "^1.0.1" side-channel-weakmap "^1.0.2" -sift@13.5.2: - version "13.5.2" - resolved "https://registry.yarnpkg.com/sift/-/sift-13.5.2.tgz#24a715e13c617b086166cd04917d204a591c9da6" - integrity sha512-+gxdEOMA2J+AI+fVsCqeNn7Tgx3M9ZN9jdi95939l1IJ8cZsqS8sqpJyOkic2SJk+1+98Uwryt/gL6XDaV+UZA== +sift@16.0.1: + version "16.0.1" + resolved "https://registry.yarnpkg.com/sift/-/sift-16.0.1.tgz#e9c2ccc72191585008cf3e36fc447b2d2633a053" + integrity sha512-Wv6BjQ5zbhW7VFefWusVP33T/EM0vYikCaQ2qR8yULbsilAT8/wQaXvuQ3ptGLpoKx+lihJE3y2UTgKDyyNHZQ== siginfo@^2.0.0: version "2.0.0" @@ -28188,11 +29135,6 @@ slash@^5.1.0: resolved "https://registry.yarnpkg.com/slash/-/slash-5.1.0.tgz#be3adddcdf09ac38eebe8dcdc7b1a57a75b095ce" integrity sha512-ZA6oR3T/pEyuqwMgAKT0/hAv8oAXckzbkmR0UkUosQ+Mc4RxGoJkRmwHgHufaenlyAgE1Mxgpdcrf75y6XcnDg== -sliced@1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/sliced/-/sliced-1.0.1.tgz#0b3a662b5d04c3177b1926bea82b03f837a2ef41" - integrity sha512-VZBmZP8WU3sMOZm1bdgTadsQbcscK0UM8oKxKVBs4XAhUo2Xxzm/OFMGBkPusxw9xL3Uy8LrzEqGqJhclsr0yA== - slow-redact@^0.3.0: version "0.3.0" resolved "https://registry.yarnpkg.com/slow-redact/-/slow-redact-0.3.0.tgz#97b4d7bd04136404e529c1ab29f3cb50e903c746" @@ -28302,7 +29244,7 @@ socks-proxy-agent@^8.0.3: debug "^4.3.4" socks "^2.8.3" -socks@^2.6.2, socks@^2.8.3: +socks@^2.6.2, socks@^2.7.1, socks@^2.8.3: version "2.8.7" resolved "https://registry.yarnpkg.com/socks/-/socks-2.8.7.tgz#e2fb1d9a603add75050a2067db8c381a0b5669ea" integrity sha512-HLpt+uLy/pxB+bum/9DzAgiKS8CX1EvbWxI4zlmgGCExImLdiad2iCwXT5Z4c9c3Eq8rP2318mPW2c+QbtjK8A== @@ -29772,6 +30714,13 @@ tough-cookie@^4.1.2: universalify "^0.2.0" url-parse "^1.5.3" +tr46@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/tr46/-/tr46-3.0.0.tgz#555c4e297a950617e8eeddef633c87d4d9d6cbf9" + integrity sha512-l7FvfAHlcmulp8kr+flpQZmVwtu7nfRV7NZujtN0OqES8EL4O4e0qqzL0DC5gAvx/ZC/9lk6rhcUwYvkBnBnYA== + dependencies: + punycode "^2.1.1" + tr46@^4.1.1: version "4.1.1" resolved "https://registry.yarnpkg.com/tr46/-/tr46-4.1.1.tgz#281a758dcc82aeb4fe38c7dfe4d11a395aac8469" @@ -31602,6 +32551,14 @@ whatwg-mimetype@^3.0.0: resolved "https://registry.yarnpkg.com/whatwg-mimetype/-/whatwg-mimetype-3.0.0.tgz#5fa1a7623867ff1af6ca3dc72ad6b8a4208beba7" integrity sha512-nt+N2dzIutVRxARx1nghPKGv1xHikU7HKdfafKkLNLindmPU/ch3U31NOCGGA/dmPcmb1VlofO0vnKAcsm0o/Q== +whatwg-url@^11.0.0: + version "11.0.0" + resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-11.0.0.tgz#0a849eebb5faf2119b901bb76fd795c2848d4018" + integrity sha512-RKT8HExMpoYx4igMiVMY83lN6UeITKJlBQ+vR/8ZJ8OCdSiN3RwCq+9gH0+Xzj0+5IrM6i4j/6LuvzbZIQgEcQ== + dependencies: + tr46 "^3.0.0" + webidl-conversions "^7.0.0" + whatwg-url@^12.0.0, whatwg-url@^12.0.1: version "12.0.1" resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-12.0.1.tgz#fd7bcc71192e7c3a2a97b9a8d6b094853ed8773c" From 7256d9e407c16fb1132b3c374d667326ac310fd1 Mon Sep 17 00:00:00 2001 From: Rafael Franco Date: Thu, 5 Feb 2026 11:39:31 -0300 Subject: [PATCH 36/80] feat(deps): Bump `glob` in `@sentry/react-router` (#19162) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps `glob` from `11.1.0` to `13.0.1` in `@sentry/react-router` to resolve a security vulnerability in the transitive dependency `@isaacs/brace-expansion`. Dependency chain: `@sentry/react-router` → `glob` → `minimatch` → `@isaacs/brace-expansion` Details The previous version of `glob` (11.1.0) pulled in a vulnerable version of `@isaacs/brace-expansion`. The vulnerability has been patched upstream: `@isaacs/brace-expansion` was patched `minimatch` released a new version with the fix `glob` 13.0.1 includes the updated dependencies This is a dependency-only change with no code modifications. [CVE](https://github.com/advisories/GHSA-7h2j-956f-4vf2) --- packages/react-router/package.json | 2 +- yarn.lock | 43 +++++++++--------------------- 2 files changed, 13 insertions(+), 32 deletions(-) diff --git a/packages/react-router/package.json b/packages/react-router/package.json index 7ab6dd30b03b..8a6e449e0e37 100644 --- a/packages/react-router/package.json +++ b/packages/react-router/package.json @@ -55,7 +55,7 @@ "@sentry/node": "10.38.0", "@sentry/react": "10.38.0", "@sentry/vite-plugin": "^4.8.0", - "glob": "11.1.0" + "glob": "^13.0.1" }, "devDependencies": { "@react-router/dev": "^7.13.0", diff --git a/yarn.lock b/yarn.lock index 39b675f2cf85..6360fd966e98 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5385,7 +5385,7 @@ resolved "https://registry.yarnpkg.com/@isaacs/balanced-match/-/balanced-match-4.0.1.tgz#3081dadbc3460661b751e7591d7faea5df39dd29" integrity sha512-yzMTt9lEb8Gv7zRioUilSglI0c0smZ9k5D65677DLWLtWJaXIS3CqcGyUFByYKlnUj6TkjLVs54fBl6+TiGQDQ== -"@isaacs/brace-expansion@^5.0.0": +"@isaacs/brace-expansion@^5.0.1": version "5.0.1" resolved "https://registry.yarnpkg.com/@isaacs/brace-expansion/-/brace-expansion-5.0.1.tgz#0ef5a92d91f2fff2a37646ce54da9e5f599f6eff" integrity sha512-WMz71T1JS624nWj2n2fnYAuPovhv7EUhk69R6i9dsVyzxt5eM3bjwvgk9L+APE1TRscGysAVMANkB0jh0LQZrQ== @@ -18526,7 +18526,7 @@ for-in@^1.0.2: resolved "https://registry.yarnpkg.com/for-in/-/for-in-1.0.2.tgz#81068d295a8142ec0ac726c6e2200c30fb6d5e80" integrity sha1-gQaNKVqBQuwKxybG4iAMMPttXoA= -foreground-child@^3.1.0, foreground-child@^3.3.1: +foreground-child@^3.1.0: version "3.3.1" resolved "https://registry.yarnpkg.com/foreground-child/-/foreground-child-3.3.1.tgz#32e8e9ed1b68a3497befb9ac2b6adf92a638576f" integrity sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw== @@ -19096,18 +19096,6 @@ glob-to-regexp@^0.4.1: resolved "https://registry.yarnpkg.com/glob-to-regexp/-/glob-to-regexp-0.4.1.tgz#c75297087c851b9a578bd217dd59a92f59fe546e" integrity sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw== -glob@11.1.0: - version "11.1.0" - resolved "https://registry.yarnpkg.com/glob/-/glob-11.1.0.tgz#4f826576e4eb99c7dad383793d2f9f08f67e50a6" - integrity sha512-vuNwKSaKiqm7g0THUBu2x7ckSs3XJLXE+2ssL7/MfTGPLLcrJQ/4Uq1CjPTtO5cCIiRxqvN6Twy1qOwhL0Xjcw== - dependencies: - foreground-child "^3.3.1" - jackspeak "^4.1.1" - minimatch "^10.1.1" - minipass "^7.1.2" - package-json-from-dist "^1.0.0" - path-scurry "^2.0.0" - glob@8.0.3: version "8.0.3" resolved "https://registry.yarnpkg.com/glob/-/glob-8.0.3.tgz#415c6eb2deed9e502c68fa44a272e6da6eeca42e" @@ -19131,12 +19119,12 @@ glob@^10.0.0, glob@^10.2.2, glob@^10.3.10, glob@^10.3.4, glob@^10.3.7, glob@^10. package-json-from-dist "^1.0.0" path-scurry "^1.11.1" -glob@^13.0.0: - version "13.0.0" - resolved "https://registry.yarnpkg.com/glob/-/glob-13.0.0.tgz#9d9233a4a274fc28ef7adce5508b7ef6237a1be3" - integrity sha512-tvZgpqk6fz4BaNZ66ZsRaZnbHvP/jG3uKJvAZOwEVUL4RTA5nJeeLYfyN9/VA8NX/V3IBG+hkeuGpKjvELkVhA== +glob@^13.0.0, glob@^13.0.1: + version "13.0.1" + resolved "https://registry.yarnpkg.com/glob/-/glob-13.0.1.tgz#c59a2500c9a5f1ab9cdd370217ced63c2aa81e60" + integrity sha512-B7U/vJpE3DkJ5WXTgTpTRN63uV42DseiXXKMwG14LQBXmsdeIoHAPbU/MEo6II0k5ED74uc2ZGTC6MwHFQhF6w== dependencies: - minimatch "^10.1.1" + minimatch "^10.1.2" minipass "^7.1.2" path-scurry "^2.0.0" @@ -21190,13 +21178,6 @@ jackspeak@^3.1.2: optionalDependencies: "@pkgjs/parseargs" "^0.11.0" -jackspeak@^4.1.1: - version "4.1.1" - resolved "https://registry.yarnpkg.com/jackspeak/-/jackspeak-4.1.1.tgz#96876030f450502047fc7e8c7fcf8ce8124e43ae" - integrity sha512-zptv57P3GpL+O0I7VdMJNBZCu+BPHVQUk55Ft8/QCJjTVxrnJHuVuX/0Bl2A6/+2oyR/ZMEuFKwmzqqZ/U5nPQ== - dependencies: - "@isaacs/cliui" "^8.0.2" - jake@^10.8.5: version "10.8.5" resolved "https://registry.yarnpkg.com/jake/-/jake-10.8.5.tgz#f2183d2c59382cb274226034543b9c03b8164c46" @@ -23444,12 +23425,12 @@ minimatch@9.0.3: dependencies: brace-expansion "^2.0.1" -minimatch@^10.1.1: - version "10.1.1" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-10.1.1.tgz#e6e61b9b0c1dcab116b5a7d1458e8b6ae9e73a55" - integrity sha512-enIvLvRAFZYXJzkCYG5RKmPfrFArdLv+R+lbQ53BmIMLIry74bjKzX6iHAm8WYamJkhSSEabrWN5D97XnKObjQ== +minimatch@^10.1.2: + version "10.1.2" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-10.1.2.tgz#6c3f289f9de66d628fa3feb1842804396a43d81c" + integrity sha512-fu656aJ0n2kcXwsnwnv9g24tkU5uSmOlTjd6WyyaKm2Z+h1qmY6bAjrcaIxF/BslFqbZ8UBtbJi7KgQOZD2PTw== dependencies: - "@isaacs/brace-expansion" "^5.0.0" + "@isaacs/brace-expansion" "^5.0.1" minimatch@^7.4.1: version "7.4.6" From a8acff452b3575c55cd8868aaaca53f1e52c081c Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Thu, 5 Feb 2026 17:12:16 +0100 Subject: [PATCH 37/80] fix(deps): Bump node-forge to 1.3.2 (#19183) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bump transitive dependency node-forge from 1.3.1 to 1.3.2 to address CVE-2025-12816 node-forge is a transitive dependency pulled in by: - @vinxi/listhen (via @sentry/solidstart) - listhen (via vinxi → nitropack) - selfsigned (via @angular-devkit/build-angular → webpack-dev-server) - google-p12-pem (via @google-cloud/common → google-auth-library) All parent packages specify ^1.3.1 or ^1, so updating the lockfile to 1.3.2 is a safe patch bump with no breaking changes. --- yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/yarn.lock b/yarn.lock index 6360fd966e98..5fa07089222f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -24273,9 +24273,9 @@ node-fetch@^2.3.0, node-fetch@^2.6.1, node-fetch@^2.6.7, node-fetch@^2.6.9: whatwg-url "^5.0.0" node-forge@^1, node-forge@^1.3.1: - version "1.3.1" - resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-1.3.1.tgz#be8da2af243b2417d5f646a770663a92b7e9ded3" - integrity sha512-dPEtOeMvF9VMcYV/1Wb8CPoVAXtp6MKMlcbAt4ddqmGqUJ6fQZFXkNZNkNlfevtNkGtaSoXf/vNNNSvgrdXwtA== + version "1.3.2" + resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-1.3.2.tgz#d0d2659a26eef778bf84d73e7f55c08144ee7750" + integrity sha512-6xKiQ+cph9KImrRh0VsjH2d8/GXA4FIMlgU4B757iI1ApvcyA9VlouP0yZJha01V+huImO+kKMU7ih+2+E14fw== node-gyp-build@^4.2.2: version "4.6.0" From b37fa88f307ea97e8149966b1bad725685119683 Mon Sep 17 00:00:00 2001 From: Abdelrahman Awad Date: Thu, 5 Feb 2026 15:41:58 -0500 Subject: [PATCH 38/80] chore: bump prettier to 3.8 (#19198) This PR bumps prettier version from `3.6.2` to `3.8.1` ### Notable changes: - [They fixed a performance regression](https://github.com/prettier/prettier/blob/main/CHANGELOG.md#371). - [Fixed prettier vscode crash that we experienced sometimes](https://github.com/prettier/prettier/blob/main/CHANGELOG.md#373). - A few styling changes with typescript `extends` keyword. Main motivation is it makes us [ready for oxfmt](https://arc.net/l/quote/mqipduak) with little to no changes in our workflow. --- package.json | 2 +- packages/browser/src/integrations/spotlight.ts | 8 ++++---- packages/core/src/types-hoist/feedback/index.ts | 5 +---- packages/core/src/types-hoist/options.ts | 6 ++++-- packages/core/src/utils/flushIfServerless.ts | 2 +- packages/feedback/src/core/types.ts | 6 ++++-- .../reactrouter-compat-utils/instrumentation.test.tsx | 5 ++--- packages/replay-internal/src/types/replay.ts | 3 ++- yarn.lock | 8 ++++---- 9 files changed, 23 insertions(+), 22 deletions(-) diff --git a/package.json b/package.json index 369704d843ab..8c3907e28190 100644 --- a/package.json +++ b/package.json @@ -129,7 +129,7 @@ "madge": "8.0.0", "nodemon": "^3.1.10", "npm-run-all2": "^6.2.0", - "prettier": "^3.6.2", + "prettier": "^3.8.1", "prettier-plugin-astro": "^0.14.1", "rimraf": "^5.0.10", "rollup": "^4.35.0", diff --git a/packages/browser/src/integrations/spotlight.ts b/packages/browser/src/integrations/spotlight.ts index 481648f31138..bea72e029a97 100644 --- a/packages/browser/src/integrations/spotlight.ts +++ b/packages/browser/src/integrations/spotlight.ts @@ -80,9 +80,9 @@ export const spotlightBrowserIntegration = defineIntegration(_spotlightIntegrati export function isSpotlightInteraction(event: Event): boolean { return Boolean( event.type === 'transaction' && - event.spans && - event.contexts?.trace && - event.contexts.trace.op === 'ui.action.click' && - event.spans.some(({ description }) => description?.includes('#sentry-spotlight')), + event.spans && + event.contexts?.trace && + event.contexts.trace.op === 'ui.action.click' && + event.spans.some(({ description }) => description?.includes('#sentry-spotlight')), ); } diff --git a/packages/core/src/types-hoist/feedback/index.ts b/packages/core/src/types-hoist/feedback/index.ts index 38383fd3f918..239a44d82543 100644 --- a/packages/core/src/types-hoist/feedback/index.ts +++ b/packages/core/src/types-hoist/feedback/index.ts @@ -15,10 +15,7 @@ export type { FeedbackEvent, UserFeedback, SendFeedback, SendFeedbackParams }; * The integration's internal `options` member where every value should be set */ export interface FeedbackInternalOptions - extends FeedbackGeneralConfiguration, - FeedbackThemeConfiguration, - FeedbackTextConfiguration, - FeedbackCallbacks {} + extends FeedbackGeneralConfiguration, FeedbackThemeConfiguration, FeedbackTextConfiguration, FeedbackCallbacks {} type Hooks = unknown; type HTMLElement = unknown; diff --git a/packages/core/src/types-hoist/options.ts b/packages/core/src/types-hoist/options.ts index 9f8baca5b428..92292f8e6e3d 100644 --- a/packages/core/src/types-hoist/options.ts +++ b/packages/core/src/types-hoist/options.ts @@ -616,8 +616,10 @@ export interface ClientOptions - extends Omit>, 'integrations' | 'transport' | 'stackParser'> { +export interface CoreOptions extends Omit< + Partial>, + 'integrations' | 'transport' | 'stackParser' +> { /** * If this is set to false, default integrations will not be added, otherwise this will internally be set to the * recommended default integrations. diff --git a/packages/core/src/utils/flushIfServerless.ts b/packages/core/src/utils/flushIfServerless.ts index 6258f2222915..5ffd86612243 100644 --- a/packages/core/src/utils/flushIfServerless.ts +++ b/packages/core/src/utils/flushIfServerless.ts @@ -36,7 +36,7 @@ async function flushWithTimeout(timeout: number): Promise { */ export async function flushIfServerless( params: // eslint-disable-next-line @typescript-eslint/no-explicit-any - | { timeout?: number; cloudflareWaitUntil?: (task: Promise) => void } + | { timeout?: number; cloudflareWaitUntil?: (task: Promise) => void } | { timeout?: number; cloudflareCtx?: MinimalCloudflareContext } = {}, ): Promise { const { timeout = 2000 } = params; diff --git a/packages/feedback/src/core/types.ts b/packages/feedback/src/core/types.ts index 7f6b0d72e6af..54ecbce94167 100644 --- a/packages/feedback/src/core/types.ts +++ b/packages/feedback/src/core/types.ts @@ -5,8 +5,10 @@ import type { FeedbackInternalOptions } from '@sentry/core'; * * This is the config that gets passed into the integration constructor */ -export interface OptionalFeedbackConfiguration - extends Omit, 'themeLight' | 'themeDark'> { +export interface OptionalFeedbackConfiguration extends Omit< + Partial, + 'themeLight' | 'themeDark' +> { themeLight?: Partial; themeDark?: Partial; } diff --git a/packages/react/test/reactrouter-compat-utils/instrumentation.test.tsx b/packages/react/test/reactrouter-compat-utils/instrumentation.test.tsx index 557a11a92eaf..89f838adff51 100644 --- a/packages/react/test/reactrouter-compat-utils/instrumentation.test.tsx +++ b/packages/react/test/reactrouter-compat-utils/instrumentation.test.tsx @@ -1114,9 +1114,8 @@ describe('tryUpdateSpanNameBeforeEnd - source upgrade logic', () => { const { handleNavigation } = await import('../../src/reactrouter-compat-utils/instrumentation'); const { startBrowserTracingNavigationSpan } = await import('@sentry/browser'); const { spanToJSON } = await import('@sentry/core'); - const { transactionNameHasWildcard, resolveRouteNameAndSource } = await import( - '../../src/reactrouter-compat-utils/utils' - ); + const { transactionNameHasWildcard, resolveRouteNameAndSource } = + await import('../../src/reactrouter-compat-utils/utils'); const location: Location = { pathname: '/users/123', diff --git a/packages/replay-internal/src/types/replay.ts b/packages/replay-internal/src/types/replay.ts index 88da65e961a4..6f8d836611bb 100644 --- a/packages/replay-internal/src/types/replay.ts +++ b/packages/replay-internal/src/types/replay.ts @@ -321,7 +321,8 @@ export interface ReplayIntegrationPrivacyOptions { } export interface ReplayConfiguration - extends ReplayIntegrationPrivacyOptions, + extends + ReplayIntegrationPrivacyOptions, OptionalReplayPluginOptions, Pick {} diff --git a/yarn.lock b/yarn.lock index 5fa07089222f..079463ba28a3 100644 --- a/yarn.lock +++ b/yarn.lock @@ -26784,10 +26784,10 @@ prettier@^2.5.1: resolved "https://registry.yarnpkg.com/prettier/-/prettier-2.8.8.tgz#e8c5d7e98a4305ffe3de2e1fc4aca1a71c28b1da" integrity sha512-tdN8qQGvNjw4CHbY+XXk0JgCXn9QiF21a55rBe5LJAU+kDyC4WQn4+awm2Xfk2lQMk5fKup9XgzTZtGkjBdP9Q== -prettier@^3.0.0, prettier@^3.6.2: - version "3.6.2" - resolved "https://registry.yarnpkg.com/prettier/-/prettier-3.6.2.tgz#ccda02a1003ebbb2bfda6f83a074978f608b9393" - integrity sha512-I7AIg5boAr5R0FFtJ6rCfD+LFsWHp81dolrFD8S79U9tb8Az2nGrJncnMSnys+bpQJfRUzqs9hnA81OAA3hCuQ== +prettier@^3.0.0, prettier@^3.6.2, prettier@^3.8.1: + version "3.8.1" + resolved "https://registry.yarnpkg.com/prettier/-/prettier-3.8.1.tgz#edf48977cf991558f4fcbd8a3ba6015ba2a3a173" + integrity sha512-UOnG6LftzbdaHZcKoPFtOcCKztrQ57WkHDeRD9t/PTQtmT0NHSeWWepj6pS0z/N7+08BHFDQVUrfmfMRcZwbMg== pretty-bytes@^5.3.0, pretty-bytes@^5.4.1: version "5.6.0" From 47e5709d2dd8c14b7a66176afa4e6c88b32d50bc Mon Sep 17 00:00:00 2001 From: Andrei <168741329+andreiborza@users.noreply.github.com> Date: Fri, 6 Feb 2026 11:31:58 +0100 Subject: [PATCH 39/80] fix(nextjs): Expose an event id when `captureUnderscoreErrorException` captures an exception (#19185) `captureException` returns an event id that can be used for further logging and exposing it to users. `captureUnderscoreErrorException` uses `captureException` under the hood but swallows the underlying event id if the error ends up being captured. We also have `Sentry.lastEventId()` which could be used in the case the event was actually captured, however, in the case that `captureUnderscoreErrorException` does not call `captureException`, `Sentry.lastEventId()` might still return a previously attained id, misleading users. This PR surfaces the underlying event id, if an event was captured and resolves in undefined otherwise. Closes: #19166 --- .../pages-router-instrumentation/_error.ts | 15 ++- .../captureUnderscoreErrorException.test.ts | 117 ++++++++++++++++++ 2 files changed, 127 insertions(+), 5 deletions(-) create mode 100644 packages/nextjs/test/common/pages-router-instrumentation/captureUnderscoreErrorException.test.ts diff --git a/packages/nextjs/src/common/pages-router-instrumentation/_error.ts b/packages/nextjs/src/common/pages-router-instrumentation/_error.ts index 8c372f89e39c..5f201dfa216b 100644 --- a/packages/nextjs/src/common/pages-router-instrumentation/_error.ts +++ b/packages/nextjs/src/common/pages-router-instrumentation/_error.ts @@ -13,15 +13,18 @@ type ContextOrProps = { /** * Capture the exception passed by nextjs to the `_error` page, adding context data as appropriate. * + * This will not capture the exception if the status code is < 500 or if the pathname is not provided and will thus not return an event ID. + * * @param contextOrProps The data passed to either `getInitialProps` or `render` by nextjs + * @returns The Sentry event ID, or `undefined` if no event was captured */ -export async function captureUnderscoreErrorException(contextOrProps: ContextOrProps): Promise { +export async function captureUnderscoreErrorException(contextOrProps: ContextOrProps): Promise { const { req, res, err } = contextOrProps; // 404s (and other 400-y friends) can trigger `_error`, but we don't want to send them to Sentry const statusCode = res?.statusCode || contextOrProps.statusCode; if (statusCode && statusCode < 500) { - return Promise.resolve(); + return; } // In previous versions of the suggested `_error.js` page in which this function is meant to be used, there was a @@ -32,10 +35,10 @@ export async function captureUnderscoreErrorException(contextOrProps: ContextOrP // twice, we just bail if we sense we're in that now-extraneous second call. (We can tell which function we're in // because Nextjs passes `pathname` to `getInitialProps` but not to `render`.) if (!contextOrProps.pathname) { - return Promise.resolve(); + return; } - withScope(scope => { + const eventId = withScope(scope => { if (req) { const normalizedRequest = httpRequestToRequestData(req); scope.setSDKProcessingMetadata({ normalizedRequest }); @@ -43,7 +46,7 @@ export async function captureUnderscoreErrorException(contextOrProps: ContextOrP // If third-party libraries (or users themselves) throw something falsy, we want to capture it as a message (which // is what passing a string to `captureException` will wind up doing) - captureException(err || `_error.js called with falsy error (${err})`, { + return captureException(err || `_error.js called with falsy error (${err})`, { mechanism: { type: 'auto.function.nextjs.underscore_error', handled: false, @@ -55,4 +58,6 @@ export async function captureUnderscoreErrorException(contextOrProps: ContextOrP }); waitUntil(flushSafelyWithTimeout()); + + return eventId; } diff --git a/packages/nextjs/test/common/pages-router-instrumentation/captureUnderscoreErrorException.test.ts b/packages/nextjs/test/common/pages-router-instrumentation/captureUnderscoreErrorException.test.ts new file mode 100644 index 000000000000..755ef8354b7c --- /dev/null +++ b/packages/nextjs/test/common/pages-router-instrumentation/captureUnderscoreErrorException.test.ts @@ -0,0 +1,117 @@ +import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'; +import { captureUnderscoreErrorException } from '../../../src/common/pages-router-instrumentation/_error'; + +const mockCaptureException = vi.fn(() => 'test-event-id'); +const mockWithScope = vi.fn((callback: (scope: any) => any) => { + const mockScope = { + setSDKProcessingMetadata: vi.fn(), + }; + return callback(mockScope); +}); + +vi.mock('@sentry/core', async () => { + const actual = await vi.importActual('@sentry/core'); + return { + ...actual, + captureException: (...args: unknown[]) => mockCaptureException(...args), + withScope: (callback: (scope: any) => any) => mockWithScope(callback), + httpRequestToRequestData: vi.fn(() => ({ url: 'http://test.com' })), + }; +}); + +vi.mock('../../../src/common/utils/responseEnd', () => ({ + flushSafelyWithTimeout: vi.fn(() => Promise.resolve()), + waitUntil: vi.fn(), +})); + +describe('captureUnderscoreErrorException', () => { + beforeEach(() => { + vi.clearAllMocks(); + }); + + afterEach(() => { + vi.clearAllMocks(); + }); + + it('should return the event ID when capturing an exception', async () => { + const error = new Error('Test error'); + const result = await captureUnderscoreErrorException({ + err: error, + pathname: '/test', + res: { statusCode: 500 } as any, + }); + + expect(result).toBe('test-event-id'); + expect(mockCaptureException).toHaveBeenCalledWith(error, { + mechanism: { + type: 'auto.function.nextjs.underscore_error', + handled: false, + data: { + function: '_error.getInitialProps', + }, + }, + }); + }); + + it('should return undefined for 4xx status codes', async () => { + const result = await captureUnderscoreErrorException({ + err: new Error('Not found'), + pathname: '/test', + res: { statusCode: 404 } as any, + }); + + expect(result).toBeUndefined(); + expect(mockCaptureException).not.toHaveBeenCalled(); + }); + + it('should return undefined when pathname is not provided (render call)', async () => { + const result = await captureUnderscoreErrorException({ + err: new Error('Test error'), + res: { statusCode: 500 } as any, + }); + + expect(result).toBeUndefined(); + expect(mockCaptureException).not.toHaveBeenCalled(); + }); + + it('should capture falsy errors as messages', async () => { + const result = await captureUnderscoreErrorException({ + err: undefined, + pathname: '/test', + res: { statusCode: 500 } as any, + }); + + expect(result).toBe('test-event-id'); + expect(mockCaptureException).toHaveBeenCalledWith('_error.js called with falsy error (undefined)', { + mechanism: { + type: 'auto.function.nextjs.underscore_error', + handled: false, + data: { + function: '_error.getInitialProps', + }, + }, + }); + }); + + it('should use statusCode from contextOrProps when res is not available', async () => { + const result = await captureUnderscoreErrorException({ + err: new Error('Test error'), + pathname: '/test', + statusCode: 500, + }); + + expect(result).toBe('test-event-id'); + expect(mockCaptureException).toHaveBeenCalled(); + }); + + it('should return undefined when statusCode from contextOrProps is 4xx', async () => { + const result = await captureUnderscoreErrorException({ + err: new Error('Bad request'), + pathname: '/test', + statusCode: 400, + }); + + expect(result).toBeUndefined(); + expect(mockCaptureException).not.toHaveBeenCalled(); + }); +}); From 11dc2e60b4689b39bfafa3af645a66e6a3cb2169 Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Fri, 6 Feb 2026 14:23:55 +0100 Subject: [PATCH 40/80] fix(deps): Bump `@nestjs/platform-express` to `11.1.13` (#19206) - Bump @nestjs/platform-express from 11.1.6 to 11.1.13 in yarn.lock to resolve transitive body-parser vulnerability - Fixes https://github.com/expressjs/body-parser/security/advisories/GHSA-wqch-xfxh-vrr4 (medium severity DoS via URL-encoded bodies) Closes #19207 (added automatically) --- yarn.lock | 163 ++++++++++++++++++++++++------------------------------ 1 file changed, 73 insertions(+), 90 deletions(-) diff --git a/yarn.lock b/yarn.lock index 079463ba28a3..21e9b129382c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5797,14 +5797,14 @@ tslib "2.8.1" "@nestjs/platform-express@^11": - version "11.1.6" - resolved "https://registry.yarnpkg.com/@nestjs/platform-express/-/platform-express-11.1.6.tgz#9b1dcf82a3b3fdd5761c918ad664aff83e4eacc7" - integrity sha512-HErwPmKnk+loTq8qzu1up+k7FC6Kqa8x6lJ4cDw77KnTxLzsCaPt+jBvOq6UfICmfqcqCCf3dKXg+aObQp+kIQ== + version "11.1.13" + resolved "https://registry.yarnpkg.com/@nestjs/platform-express/-/platform-express-11.1.13.tgz#272e350cb3938ec0f383aa083c7f1d5d44fae2dc" + integrity sha512-LYmi43BrAs1n74kLCUfXcHag7s1CmGETcFbf9IVyA/KWXAuAH95G3wEaZZiyabOLFNwq4ifnRGnIwUwW7cz3+w== dependencies: - cors "2.8.5" - express "5.1.0" + cors "2.8.6" + express "5.2.1" multer "2.0.2" - path-to-regexp "8.2.0" + path-to-regexp "8.3.0" tslib "2.8.1" "@next/env@14.2.35": @@ -12966,20 +12966,20 @@ body-parser@^1.19.0, body-parser@^1.20.3, body-parser@~1.20.3: type-is "~1.6.18" unpipe "~1.0.0" -body-parser@^2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-2.2.0.tgz#f7a9656de305249a715b549b7b8fd1ab9dfddcfa" - integrity sha512-02qvAaxv8tp7fBa/mw1ga98OGm+eCbqzJOKoRt70sLmfEEi+jyBYVTDGfCL/k06/4EMk/z01gCe7HoCH/f2LTg== +body-parser@^2.2.1: + version "2.2.2" + resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-2.2.2.tgz#1a32cdb966beaf68de50a9dfbe5b58f83cb8890c" + integrity sha512-oP5VkATKlNwcgvxi0vM0p/D3n2C3EReYVX+DNYs5TjZFn/oQt2j+4sVJtSMr18pdRr8wjTcBl6LoV+FUwzPmNA== dependencies: bytes "^3.1.2" content-type "^1.0.5" - debug "^4.4.0" + debug "^4.4.3" http-errors "^2.0.0" - iconv-lite "^0.6.3" + iconv-lite "^0.7.0" on-finished "^2.4.1" - qs "^6.14.0" - raw-body "^3.0.0" - type-is "^2.0.0" + qs "^6.14.1" + raw-body "^3.0.1" + type-is "^2.0.1" body@^5.1.0: version "5.1.0" @@ -13668,7 +13668,7 @@ bytes@3.0.0: resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.0.0.tgz#d32815404d689699f85a4ea4fa8755dd13a96048" integrity sha1-0ygVQE1olpn4Wk6k+odV3ROpYEg= -bytes@3.1.2, bytes@^3.1.2, bytes@~3.1.2: +bytes@^3.1.2, bytes@~3.1.2: version "3.1.2" resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.1.2.tgz#8b0beeb98605adf1b128fa4386403c009e0221a5" integrity sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg== @@ -14633,11 +14633,9 @@ consolidate@^0.16.0: bluebird "^3.7.2" content-disposition@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-1.0.0.tgz#844426cb398f934caefcbb172200126bc7ceace2" - integrity sha512-Au9nRL8VNUut/XSzbQA38+M78dzP4D+eqg3gfJHMIHHYa3bg067xj1KxMUWj+VULbiZMowKngFFbKczUrNJ1mg== - dependencies: - safe-buffer "5.2.1" + version "1.0.1" + resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-1.0.1.tgz#a8b7bbeb2904befdfb6787e5c0c086959f605f9b" + integrity sha512-oIXISMynqSqm241k6kcQ5UwttDILMK4BiurCfGEREw6+X9jkkpEe5T9FZaApyLGGOnFuyMWZpdolTXMtvEJ08Q== content-disposition@~0.5.4: version "0.5.4" @@ -14846,10 +14844,10 @@ core-util-is@~1.0.0: resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" integrity sha1-tf1UIgqivFq1eqtxQMlAdUUDwac= -cors@2.8.5, cors@^2.8.5, cors@~2.8.5: - version "2.8.5" - resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.5.tgz#eac11da51592dd86b9f06f6e7ac293b3df875d29" - integrity sha512-KIHbLJqu73RGr/hnbrO9uBeixNGuvSQjul/jdFvS/KFSIH1hWVd1ng7zOHx+YrEfInLG7q4n6GHQ9cDtxv/P6g== +cors@2.8.6, cors@^2.8.5, cors@~2.8.5: + version "2.8.6" + resolved "https://registry.yarnpkg.com/cors/-/cors-2.8.6.tgz#ff5dd69bd95e547503820d29aba4f8faf8dfec96" + integrity sha512-tJtZBBHA6vjIAaF6EnIaq6laBBP9aq/Y3ouVJjEfoHbRBcHBAHYcMh/w8LDrk2PvIMMq8gmopa5D4V8RmbrxGw== dependencies: object-assign "^4" vary "^1" @@ -15261,7 +15259,7 @@ debug@2, debug@2.6.9, debug@^2.1.0, debug@^2.1.1, debug@^2.1.3, debug@^2.2.0, de dependencies: ms "2.0.0" -debug@4, debug@4.x, debug@^4, debug@^4.0.0, debug@^4.1.0, debug@^4.1.1, debug@^4.3.1, debug@^4.3.2, debug@^4.3.3, debug@^4.3.4, debug@^4.3.5, debug@^4.3.6, debug@^4.3.7, debug@^4.4.0, debug@^4.4.1: +debug@4, debug@4.x, debug@^4, debug@^4.0.0, debug@^4.1.0, debug@^4.1.1, debug@^4.3.1, debug@^4.3.2, debug@^4.3.3, debug@^4.3.4, debug@^4.3.5, debug@^4.3.6, debug@^4.3.7, debug@^4.4.0, debug@^4.4.1, debug@^4.4.3: version "4.4.3" resolved "https://registry.yarnpkg.com/debug/-/debug-4.4.3.tgz#c6ae432d9bd9662582fce08709b038c58e9e3d6a" integrity sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA== @@ -15940,7 +15938,7 @@ editions@^2.2.0: ee-first@1.1.1: version "1.1.1" resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" - integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0= + integrity sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow== effect@3.16.12: version "3.16.12" @@ -17903,18 +17901,19 @@ exponential-backoff@^3.1.1: resolved "https://registry.yarnpkg.com/exponential-backoff/-/exponential-backoff-3.1.3.tgz#51cf92c1c0493c766053f9d3abee4434c244d2f6" integrity sha512-ZgEeZXj30q+I0EN+CbSSpIyPaJ5HVQD18Z1m+u1FXbAeT94mr1zw50q4q6jiiC447Nl/YTcIYSAftiGqetwXCA== -express@5.1.0: - version "5.1.0" - resolved "https://registry.yarnpkg.com/express/-/express-5.1.0.tgz#d31beaf715a0016f0d53f47d3b4d7acf28c75cc9" - integrity sha512-DT9ck5YIRU+8GYzzU5kT3eHGA5iL+1Zd0EutOmTE9Dtk+Tvuzd23VBU+ec7HPNSTxXYO55gPV/hq4pSBJDjFpA== +express@5.2.1: + version "5.2.1" + resolved "https://registry.yarnpkg.com/express/-/express-5.2.1.tgz#8f21d15b6d327f92b4794ecf8cb08a72f956ac04" + integrity sha512-hIS4idWWai69NezIdRt2xFVofaF4j+6INOpJlVOLDO8zXGpUVEVzIYk12UUi2JzjEzWL3IOAxcTubgz9Po0yXw== dependencies: accepts "^2.0.0" - body-parser "^2.2.0" + body-parser "^2.2.1" content-disposition "^1.0.0" content-type "^1.0.5" cookie "^0.7.1" cookie-signature "^1.2.1" debug "^4.4.0" + depd "^2.0.0" encodeurl "^2.0.0" escape-html "^1.0.3" etag "^1.8.1" @@ -18310,9 +18309,9 @@ finalhandler@1.1.2: unpipe "~1.0.0" finalhandler@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-2.1.0.tgz#72306373aa89d05a8242ed569ed86a1bff7c561f" - integrity sha512-/t88Ty3d5JWQbWYgaOGCCYfXRwV1+be02WqYYlL6h0lEiUAMPM8o8qKGO01YIkOHzka2up08wvgYD0mDiI+q3Q== + version "2.1.1" + resolved "https://registry.yarnpkg.com/finalhandler/-/finalhandler-2.1.1.tgz#a2c517a6559852bcdb06d1f8bd7f51b68fad8099" + integrity sha512-S8KoZgRZN+a5rNwqTxlZZePjT/4cnm0ROV70LedRHZ0p8u9fRID0hJUZQpkKLzro8LfmC8sx23bY6tVNxv8pQA== dependencies: debug "^4.4.0" encodeurl "^2.0.0" @@ -19964,18 +19963,7 @@ http-deceiver@^1.2.7: resolved "https://registry.yarnpkg.com/http-deceiver/-/http-deceiver-1.2.7.tgz#fa7168944ab9a519d337cb0bec7284dc3e723d87" integrity sha1-+nFolEq5pRnTN8sL7HKE3D5yPYc= -http-errors@2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-2.0.0.tgz#b7774a1486ef73cf7667ac9ae0858c012c57b9d3" - integrity sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ== - dependencies: - depd "2.0.0" - inherits "2.0.4" - setprototypeof "1.2.0" - statuses "2.0.1" - toidentifier "1.0.1" - -http-errors@^2.0.0, http-errors@~2.0.0, http-errors@~2.0.1: +http-errors@^2.0.0, http-errors@^2.0.1, http-errors@~2.0.0, http-errors@~2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-2.0.1.tgz#36d2f65bc909c8790018dd36fb4d93da6caae06b" integrity sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ== @@ -20138,10 +20126,10 @@ iconv-lite@^0.4.24, iconv-lite@^0.4.4, iconv-lite@~0.4.24: dependencies: safer-buffer ">= 2.1.2 < 3" -iconv-lite@^0.7.0: - version "0.7.0" - resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.7.0.tgz#c50cd80e6746ca8115eb98743afa81aa0e147a3e" - integrity sha512-cf6L2Ds3h57VVmkZe+Pn+5APsT7FpqJtEhhieDCvrE2MK5Qk9MyffgQyuxQTm6BChfeZNtcOLHp9IcWRVcIcBQ== +iconv-lite@^0.7.0, iconv-lite@~0.7.0: + version "0.7.2" + resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.7.2.tgz#d0bdeac3f12b4835b7359c2ad89c422a4d1cc72e" + integrity sha512-im9DjEDQ55s9fL4EYzOAv0yMqmMBSZp6G0VvFyTMPKWxiSBHUj9NW/qqLmXUwXrrM7AvqSlTCfvqRb0cM8yYqw== dependencies: safer-buffer ">= 2.1.2 < 3.0.0" @@ -20281,7 +20269,7 @@ inflight@^1.0.4: once "^1.3.0" wrappy "1" -inherits@2, inherits@2.0.4, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.1, inherits@~2.0.3, inherits@~2.0.4: +inherits@2, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.1, inherits@~2.0.3, inherits@~2.0.4: version "2.0.4" resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c" integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ== @@ -22863,7 +22851,7 @@ mdurl@^1.0.1: media-typer@0.3.0: version "0.3.0" resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748" - integrity sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g= + integrity sha512-dq+qelQ9akHpcOl/gUVRTxVIOkAJ1wR3QAvb4RsVjS8oVoFjDGTc679wJYmUmknUF5HwMLOgb5O+a3KxfWapPQ== media-typer@^1.1.0: version "1.1.0" @@ -23309,10 +23297,10 @@ mime-types@^2.1.12, mime-types@^2.1.18, mime-types@^2.1.26, mime-types@^2.1.27, dependencies: mime-db "1.52.0" -mime-types@^3.0.0, mime-types@^3.0.1: - version "3.0.1" - resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-3.0.1.tgz#b1d94d6997a9b32fd69ebaed0db73de8acb519ce" - integrity sha512-xRc4oEhT6eaBpU1XF7AjpOFD+xQmXNB5OVKwp4tqCuBpHLS/ZbBDrc07mYTDqVMg6PfxUjjNp85O6Cd2Z/5HWA== +mime-types@^3.0.0, mime-types@^3.0.2: + version "3.0.2" + resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-3.0.2.tgz#39002d4182575d5af036ffa118100f2524b2e2ab" + integrity sha512-Lbgzdk0h4juoQ9fCKXW4by0UJqj+nOOrI9MJ1sSj4nI8aI2eo1qmvQEie4VD1glsS250n15LsWsYtCugiStS5A== dependencies: mime-db "^1.54.0" @@ -25741,6 +25729,11 @@ path-to-regexp@8.2.0: resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-8.2.0.tgz#73990cc29e57a3ff2a0d914095156df5db79e8b4" integrity sha512-TdrF7fW9Rphjq4RjrW0Kp2AW0Ahwu9sRGTkS6bvDi0SCwZlEZYmcfDbEsTz8RVk0EHIS/Vd1bv3JhG+1xZuAyQ== +path-to-regexp@8.3.0, path-to-regexp@^8.0.0, path-to-regexp@^8.1.0: + version "8.3.0" + resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-8.3.0.tgz#aa818a6981f99321003a08987d3cec9c3474cd1f" + integrity sha512-7jdwVIRtsP8MYpdXSwOS0YdD0Du+qOoF/AEPIt88PcCFrZCzx41oxku1jD88hZBwbNUIEfpqvuhjFaMAqMTWnA== + path-to-regexp@^1.5.3, path-to-regexp@^1.7.0: version "1.9.0" resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-1.9.0.tgz#5dc0753acbf8521ca2e0f137b4578b917b10cf24" @@ -25748,11 +25741,6 @@ path-to-regexp@^1.5.3, path-to-regexp@^1.7.0: dependencies: isarray "0.0.1" -path-to-regexp@^8.0.0, path-to-regexp@^8.1.0: - version "8.3.0" - resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-8.3.0.tgz#aa818a6981f99321003a08987d3cec9c3474cd1f" - integrity sha512-7jdwVIRtsP8MYpdXSwOS0YdD0Du+qOoF/AEPIt88PcCFrZCzx41oxku1jD88hZBwbNUIEfpqvuhjFaMAqMTWnA== - path-type@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/path-type/-/path-type-3.0.0.tgz#cef31dc8e0a1a3bb0d105c0cd97cf3bf47f4e36f" @@ -27074,7 +27062,7 @@ pure-rand@^6.1.0: resolved "https://registry.yarnpkg.com/pure-rand/-/pure-rand-6.1.0.tgz#d173cf23258231976ccbdb05247c9787957604f2" integrity sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA== -qs@^6.14.0, qs@^6.4.0, qs@~6.14.0: +qs@^6.14.0, qs@^6.14.1, qs@^6.4.0, qs@~6.14.0: version "6.14.1" resolved "https://registry.yarnpkg.com/qs/-/qs-6.14.1.tgz#a41d85b9d3902f31d27861790506294881871159" integrity sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ== @@ -27166,15 +27154,15 @@ range-parser@^1.2.1, range-parser@~1.2.1: resolved "https://registry.yarnpkg.com/range-parser/-/range-parser-1.2.1.tgz#3cf37023d199e1c24d1a55b84800c2f3e6468031" integrity sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg== -raw-body@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-3.0.0.tgz#25b3476f07a51600619dae3fe82ddc28a36e5e0f" - integrity sha512-RmkhL8CAyCRPXCE28MMH0z2PNWQBNk2Q09ZdxM9IOOXwxwZbN+qbWaatPkdkWIKL2ZVDImrN/pK5HTRz2PcS4g== +raw-body@^3.0.1: + version "3.0.2" + resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-3.0.2.tgz#3e3ada5ae5568f9095d84376fd3a49b8fb000a51" + integrity sha512-K5zQjDllxWkf7Z5xJdV0/B0WTNqx6vxG70zJE4N0kBs4LovmEYWJzQGxC9bS9RAKu3bgM40lrd5zoLJ12MQ5BA== dependencies: - bytes "3.1.2" - http-errors "2.0.0" - iconv-lite "0.6.3" - unpipe "1.0.0" + bytes "~3.1.2" + http-errors "~2.0.1" + iconv-lite "~0.7.0" + unpipe "~1.0.0" raw-body@~1.1.0: version "1.1.7" @@ -28631,21 +28619,21 @@ semver@^7.0.0, semver@^7.1.1, semver@^7.3.2, semver@^7.3.4, semver@^7.3.5, semve integrity sha512-SdsKMrI9TdgjdweUSR9MweHA4EJ8YxHn8DFaDisvhVlUOe4BF1tLD7GAj0lIqWVl+dPb/rExr0Btby5loQm20Q== send@^1.1.0, send@^1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/send/-/send-1.2.0.tgz#32a7554fb777b831dfa828370f773a3808d37212" - integrity sha512-uaW0WwXKpL9blXE2o0bRhoL2EGXIrZxQ2ZQ4mgcfoBxdFmQold+qWsD2jLrfZ0trjKL6vOw0j//eAwcALFjKSw== + version "1.2.1" + resolved "https://registry.yarnpkg.com/send/-/send-1.2.1.tgz#9eab743b874f3550f40a26867bf286ad60d3f3ed" + integrity sha512-1gnZf7DFcoIcajTjTwjwuDjzuz4PPcY2StKPlsGAQ1+YH20IRVrBaXSWmdjowTJ6u8Rc01PoYOGHXfP1mYcZNQ== dependencies: - debug "^4.3.5" + debug "^4.4.3" encodeurl "^2.0.0" escape-html "^1.0.3" etag "^1.8.1" fresh "^2.0.0" - http-errors "^2.0.0" - mime-types "^3.0.1" + http-errors "^2.0.1" + mime-types "^3.0.2" ms "^2.1.3" on-finished "^2.4.1" range-parser "^1.2.1" - statuses "^2.0.1" + statuses "^2.0.2" send@~0.19.0, send@~0.19.1: version "0.19.2" @@ -29612,17 +29600,12 @@ static-extend@^0.1.1: define-property "^0.2.5" object-copy "^0.1.0" -statuses@2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/statuses/-/statuses-2.0.1.tgz#55cb000ccf1d48728bd23c685a063998cf1a1b63" - integrity sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ== - "statuses@>= 1.4.0 < 2", statuses@~1.5.0: version "1.5.0" resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.5.0.tgz#161c7dac177659fd9811f43771fa99381478628c" integrity sha1-Fhx9rBd2Wf2YEfQ3cfqZOBR4Yow= -statuses@^2.0.1, statuses@~2.0.1, statuses@~2.0.2: +statuses@^2.0.1, statuses@^2.0.2, statuses@~2.0.1, statuses@~2.0.2: version "2.0.2" resolved "https://registry.yarnpkg.com/statuses/-/statuses-2.0.2.tgz#8f75eecef765b5e1cfcdc080da59409ed424e382" integrity sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw== @@ -30660,7 +30643,7 @@ to-regex@^3.0.1, to-regex@^3.0.2: regex-not "^1.0.2" safe-regex "^1.1.0" -toidentifier@1.0.1, toidentifier@~1.0.1: +toidentifier@~1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/toidentifier/-/toidentifier-1.0.1.tgz#3be34321a88a820ed1bd80dfaa33e479fbb8dd35" integrity sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA== @@ -30981,7 +30964,7 @@ type-is@^1.6.18, type-is@~1.6.18: media-typer "0.3.0" mime-types "~2.1.24" -type-is@^2.0.0, type-is@^2.0.1: +type-is@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/type-is/-/type-is-2.0.1.tgz#64f6cf03f92fce4015c2b224793f6bdd4b068c97" integrity sha512-OZs6gsjF4vMp32qrCbiVSkrFmXtG/AZhY3t0iAMrMBiAZyV9oALtXO8hsrHbMXF9x6L3grlFuwW2oAz7cav+Gw== @@ -31055,7 +31038,7 @@ typedarray-to-buffer@^3.1.5: typedarray@^0.0.6: version "0.0.6" resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777" - integrity sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c= + integrity sha512-/aCDEGatGvZ2BIk+HmLf4ifCJFwvKFNb9/JeZPMulfgFracn9QFcAf5GO8B/mweUjSoblS5In0cWhqpfs/5PQA== typescript-memoize@^1.0.0-alpha.3, typescript-memoize@^1.0.1: version "1.0.1" @@ -31510,7 +31493,7 @@ universalify@^2.0.0: resolved "https://registry.yarnpkg.com/universalify/-/universalify-2.0.0.tgz#75a4984efedc4b08975c5aeb73f530d02df25717" integrity sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ== -unpipe@1.0.0, unpipe@~1.0.0: +unpipe@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec" integrity sha1-sr9O6FFKrmFltIF4KdIbLvSZBOw= @@ -31709,7 +31692,7 @@ username-sync@^1.0.2: util-deprecate@^1.0.1, util-deprecate@^1.0.2, util-deprecate@~1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" - integrity sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8= + integrity sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw== util.promisify@^1.0.0: version "1.1.1" @@ -32874,7 +32857,7 @@ wrap-ansi@^9.0.0: wrappy@1: version "1.0.2" resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" - integrity sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8= + integrity sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ== write-file-atomic@5.0.1, write-file-atomic@^5.0.0: version "5.0.1" From 1ee64f1b2dcea9e3f44af8134e03feeee876d23b Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Fri, 6 Feb 2026 14:24:03 +0100 Subject: [PATCH 41/80] fix(deps): Bump mdast-util-to-hast to 13.2.1 (#19205) - Bumps transitive dependency `mdast-util-to-hast` from `13.0.2` to `13.2.1` to fix CVE-2025-66400 (unsanitized class attribute in markdown code blocks) Ref: https://github.com/getsentry/sentry-javascript/security/dependabot/848 --- yarn.lock | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/yarn.lock b/yarn.lock index 21e9b129382c..823037425664 100644 --- a/yarn.lock +++ b/yarn.lock @@ -22799,9 +22799,9 @@ mdast-util-to-hast@12.3.0, mdast-util-to-hast@^12.1.0: unist-util-visit "^4.0.0" mdast-util-to-hast@^13.0.0: - version "13.0.2" - resolved "https://registry.yarnpkg.com/mdast-util-to-hast/-/mdast-util-to-hast-13.0.2.tgz#74c0a9f014bb2340cae6118f6fccd75467792be7" - integrity sha512-U5I+500EOOw9e3ZrclN3Is3fRpw8c19SMyNZlZ2IS+7vLsNzb2Om11VpIVOR+/0137GhZsFEF6YiKD5+0Hr2Og== + version "13.2.1" + resolved "https://registry.yarnpkg.com/mdast-util-to-hast/-/mdast-util-to-hast-13.2.1.tgz#d7ff84ca499a57e2c060ae67548ad950e689a053" + integrity sha512-cctsq2wp5vTsLIcaymblUriiTcZd0CwWtCbLvrOzYCDZoWyMNV8sZ7krj09FSnsiJi3WVsHLM4k6Dq/yaPyCXA== dependencies: "@types/hast" "^3.0.0" "@types/mdast" "^4.0.0" @@ -22811,6 +22811,7 @@ mdast-util-to-hast@^13.0.0: trim-lines "^3.0.0" unist-util-position "^5.0.0" unist-util-visit "^5.0.0" + vfile "^6.0.0" mdast-util-to-markdown@^1.0.0, mdast-util-to-markdown@^1.3.0: version "1.5.0" @@ -31432,6 +31433,13 @@ unist-util-stringify-position@^3.0.0: dependencies: "@types/unist" "^2.0.0" +unist-util-stringify-position@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/unist-util-stringify-position/-/unist-util-stringify-position-4.0.0.tgz#449c6e21a880e0855bf5aabadeb3a740314abac2" + integrity sha512-0ASV06AAoKCDkS2+xw5RXJywruurpbC4JZSm7nr7MOt1ojAzvyyaO+UxZf18j8FCF6kmzCZKcAgN/yu2gm2XgQ== + dependencies: + "@types/unist" "^3.0.0" + unist-util-visit-children@^2.0.0: version "2.0.2" resolved "https://registry.yarnpkg.com/unist-util-visit-children/-/unist-util-visit-children-2.0.2.tgz#0f00a5caff567074568da2d89c54b5ee4a8c5440" @@ -31851,6 +31859,14 @@ vfile-message@^3.0.0: "@types/unist" "^2.0.0" unist-util-stringify-position "^3.0.0" +vfile-message@^4.0.0: + version "4.0.3" + resolved "https://registry.yarnpkg.com/vfile-message/-/vfile-message-4.0.3.tgz#87b44dddd7b70f0641c2e3ed0864ba73e2ea8df4" + integrity sha512-QTHzsGd1EhbZs4AsQ20JX1rC3cOlt/IWJruk893DfLRr57lcnOeMaWG4K0JrRta4mIJZKth2Au3mM3u03/JWKw== + dependencies: + "@types/unist" "^3.0.0" + unist-util-stringify-position "^4.0.0" + vfile@^5.0.0, vfile@^5.3.7: version "5.3.7" resolved "https://registry.yarnpkg.com/vfile/-/vfile-5.3.7.tgz#de0677e6683e3380fafc46544cfe603118826ab7" @@ -31861,6 +31877,14 @@ vfile@^5.0.0, vfile@^5.3.7: unist-util-stringify-position "^3.0.0" vfile-message "^3.0.0" +vfile@^6.0.0: + version "6.0.3" + resolved "https://registry.yarnpkg.com/vfile/-/vfile-6.0.3.tgz#3652ab1c496531852bf55a6bac57af981ebc38ab" + integrity sha512-KzIbH/9tXat2u30jf+smMwFCsno4wHVdNmzFyL+T/L3UGqqk6JKfVqOFOZEpZSHADH1k40ab6NUIXZq422ov3Q== + dependencies: + "@types/unist" "^3.0.0" + vfile-message "^4.0.0" + vinxi@^0.5.11: version "0.5.11" resolved "https://registry.yarnpkg.com/vinxi/-/vinxi-0.5.11.tgz#be879f9521c85d621964028289e7d38f599d384a" From 471a6839f1c696308e4bc3865d92441637c57393 Mon Sep 17 00:00:00 2001 From: Charly Gomez Date: Fri, 6 Feb 2026 15:13:36 +0100 Subject: [PATCH 42/80] fix(svelte): Bump svelte dev dependency to `3.59.2` (#19208) - Bumps `svelte` devDependency in `@sentry/svelte` from `3.49.0` to `3.59.2` to resolve GHSA-gw32-9rmw-qwww (XSS via SSR `