Skip to content

Commit 5ac1874

Browse files
committed
Merge branch 'refs/heads/develop' into lms/feat-browser-elementtiming
# Conflicts: # .size-limit.js
2 parents cf0b02e + a30fc6d commit 5ac1874

File tree

236 files changed

+9565
-893
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

236 files changed

+9565
-893
lines changed

.cursor/rules/publishing_release.mdc

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ description: Use this rule if you are looking to publish a release for the Sentr
33
globs:
44
alwaysApply: false
55
---
6+
67
# Publishing a Release
78

89
Use these guidelines when publishing a new Sentry JavaScript SDK release.
Lines changed: 163 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,163 @@
1+
---
2+
description: Use this rule if you are looking to upgrade a dependency in the Sentry JavaScript SDKs
3+
globs:
4+
alwaysApply: false
5+
---
6+
# Yarn v1 Dependency Upgrades
7+
8+
## Upgrade Process
9+
10+
### Dependency Analysis
11+
12+
```bash
13+
# Check dependency tree
14+
yarn list --depth=0
15+
16+
# Find why package is installed
17+
yarn why [package-name]
18+
```
19+
20+
### Root Workspace vs. Package Dependencies
21+
22+
**CRITICAL**: Understand the difference between dependency types:
23+
24+
- **Root Workspace dependencies**: Shared dev tools, build tools, testing frameworks
25+
- **Package dependencies**: Package-specific runtime and dev dependencies
26+
- Always check if dependency should be in root workspace or package level
27+
28+
### Upgrade Dependencies
29+
30+
**MANDATORY**: Only ever upgrade a single package at a time.
31+
32+
**CRITICAL RULE**: If a dependency is not defined in `package.json` anywhere, the upgrade must be run in the root workspace as the `yarn.lock` file is contained there.
33+
34+
```bash
35+
# Upgrade specific package to latest compatible version
36+
npx yarn-update-dependency@latest [package-name]
37+
```
38+
39+
Avoid upgrading top-level dependencies (defined in `package.json`), especially if they are used for tests. If you are going to upgrade them, ask the user before proceeding.
40+
41+
**REQUIREMENT**: If a `package.json` file is updated, make sure it has a new line at the end.
42+
43+
#### CRITICAL: OpenTelemetry Dependency Constraint
44+
45+
**STOP UPGRADE IMMEDIATELY** if upgrading any dependency with `opentelemetry` in the name and the new version or any of its dependencies uses forbidden OpenTelemetry versions.
46+
47+
**FORBIDDEN VERSION PATTERNS:**
48+
- `2.x.x` versions (e.g., `2.0.0`, `2.1.0`)
49+
- `0.2xx.x` versions (e.g., `0.200.0`, `0.201.0`)
50+
51+
When upgrading OpenTelemetry dependencies:
52+
1. Check the dependency's `package.json` after upgrade
53+
2. Verify the package itself doesn't use forbidden version patterns
54+
3. Verify none of its dependencies use `@opentelemetry/*` packages with forbidden version patterns
55+
4. **Example**: `@opentelemetry/instrumentation-pg@0.52.0` is forbidden because it bumped to core `2.0.0` and instrumentation `0.200.0`
56+
5. If forbidden OpenTelemetry versions are detected, **ABORT the upgrade** and notify the user that this upgrade cannot proceed due to OpenTelemetry v2+ compatibility constraints
57+
58+
#### CRITICAL: E2E Test Dependencies
59+
60+
**DO NOT UPGRADE** the major version of dependencies in test applications where the test name explicitly mentions a dependency version.
61+
62+
**RULE**: For `dev-packages/e2e-tests/test-applications/*`, if the test directory name mentions a specific version (e.g., `nestjs-8`), do not upgrade that dependency beyond the mentioned major version.
63+
64+
**Example**: Do not upgrade the nestjs version of `dev-packages/e2e-tests/test-applications/nestjs-8` to nestjs 9 or above because the test name mentions nestjs 8.
65+
66+
## Safety Protocols
67+
68+
### Pre-Upgrade Checklist
69+
70+
**COMPLETE ALL STEPS** before proceeding with any upgrade:
71+
72+
1. **Backup**: Ensure clean git state or create backup branch
73+
2. **CI Status**: Verify all tests are passing
74+
3. **Lockfile works**: Confirm `yarn.lock` is in a good state (no merge conflicts)
75+
4. **OpenTelemetry Check**: For OpenTelemetry dependencies, verify no forbidden version patterns (`2.x.x` or `0.2xx.x`) will be introduced
76+
77+
### Post-Upgrade Verification
78+
79+
```bash
80+
# rebuild everything
81+
yarn install
82+
83+
# Build the project
84+
yarn build:dev
85+
86+
# Make sure dependencies are deduplicated
87+
yarn dedupe-deps:fix
88+
89+
# Fix any linting issues
90+
yarn fix
91+
92+
# Check circular dependencies
93+
yarn circularDepCheck
94+
```
95+
96+
## Version Management
97+
98+
### Pinning Strategies
99+
100+
- **Exact versions** (`1.2.3`): Use for critical dependencies
101+
- **Caret versions** (`^1.2.3`): Allow minor updates only
102+
- **Latest tag**: Avoid as much as possible other than in certain testing and development scenarios
103+
104+
## Troubleshooting
105+
106+
- **Yarn Version**: Run `yarn --version` - must be yarn v1 (not v2/v3/v4)
107+
- **Lockfile Issues**: Verify yarn.lock exists and is properly maintained. Fix merge conflicts by running `yarn install`
108+
109+
## Best Practices
110+
111+
### Security Audits
112+
113+
```bash
114+
# Check for security vulnerabilities
115+
yarn audit
116+
117+
# Fix automatically fixable vulnerabilities
118+
yarn audit fix
119+
120+
# Install security patches only
121+
yarn upgrade --security-only
122+
```
123+
124+
### Check for Outdated Dependencies
125+
126+
```bash
127+
# Check all outdated dependencies
128+
yarn outdated
129+
130+
# Check specific package
131+
yarn outdated [package-name]
132+
133+
# Check dependencies in specific workspace
134+
yarn workspace [workspace-name] outdated
135+
```
136+
137+
### Using yarn info for Dependency Inspection
138+
139+
Use `yarn info` to inspect package dependencies before and after upgrades:
140+
141+
```bash
142+
# Check current version and dependencies
143+
yarn info <package-name>
144+
145+
# Check specific version dependencies
146+
yarn info <package-name>@<version>
147+
148+
# Check dependencies field specifically
149+
yarn info <package-name>@<version> dependencies
150+
151+
# Check all available versions
152+
yarn info <package-name> versions
153+
```
154+
155+
The `yarn info` command provides detailed dependency information without requiring installation, making it particularly useful for:
156+
- Verifying OpenTelemetry packages don't introduce forbidden version patterns (`2.x.x` or `0.2xx.x`)
157+
- Checking what dependencies a package will bring in before upgrading
158+
- Understanding package version history and compatibility
159+
160+
### Documentation
161+
162+
- Update README or code comments if dependency change affects usage of the SDK or its integrations
163+
- Notify team of significant changes

.github/ISSUE_TEMPLATE/bug.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@ body:
3737
- '@sentry/node - koa'
3838
- '@sentry/node - hapi'
3939
- '@sentry/node - connect'
40+
- '@sentry/node-native'
4041
- '@sentry/angular'
4142
- '@sentry/astro'
4243
- '@sentry/aws-serverless'

.github/workflows/build.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -709,7 +709,7 @@ jobs:
709709
strategy:
710710
fail-fast: false
711711
matrix:
712-
node: ['18.20.5', 20, 22, 24]
712+
node: [18, 20, 22, 24]
713713
typescript:
714714
- false
715715
include:

.size-limit.js

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -38,21 +38,21 @@ module.exports = [
3838
path: 'packages/browser/build/npm/esm/index.js',
3939
import: createImport('init', 'browserTracingIntegration'),
4040
gzip: true,
41-
limit: '40.5 KB',
41+
limit: '40.7 KB',
4242
},
4343
{
4444
name: '@sentry/browser (incl. Tracing, Replay)',
4545
path: 'packages/browser/build/npm/esm/index.js',
4646
import: createImport('init', 'browserTracingIntegration', 'replayIntegration'),
4747
gzip: true,
48-
limit: '78 KB',
48+
limit: '80 KB',
4949
},
5050
{
5151
name: '@sentry/browser (incl. Tracing, Replay) - with treeshaking flags',
5252
path: 'packages/browser/build/npm/esm/index.js',
5353
import: createImport('init', 'browserTracingIntegration', 'replayIntegration'),
5454
gzip: true,
55-
limit: '71 KB',
55+
limit: '75 KB',
5656
modifyWebpackConfig: function (config) {
5757
const webpack = require('webpack');
5858

@@ -156,7 +156,7 @@ module.exports = [
156156
name: 'CDN Bundle (incl. Tracing)',
157157
path: createCDNPath('bundle.tracing.min.js'),
158158
gzip: true,
159-
limit: '40 KB',
159+
limit: '41 KB',
160160
},
161161
{
162162
name: 'CDN Bundle (incl. Tracing, Replay)',

CHANGELOG.md

Lines changed: 114 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,120 @@
44

55
- "You miss 100 percent of the chances you don't take. — Wayne Gretzky" — Michael Scott
66

7+
## 9.34.0
8+
9+
### Important Changes
10+
11+
- **feat(nuxt): Add Cloudflare Nitro plugin ([#15597](https://github.com/getsentry/sentry-javascript/pull/15597))**
12+
13+
A Nitro plugin for `@sentry/nuxt` which initializes Sentry when deployed to Cloudflare (`cloudflare-pages` preset).
14+
15+
1. Remove the previous server config file: `sentry.server.config.ts`
16+
2. Add a plugin in `server/plugins` (e.g. `server/plugins/sentry-cloudflare-setup.ts`)
17+
3. Add this code in your plugin file
18+
19+
```javascript
20+
// server/plugins/sentry-cloudflare-setup.ts (filename does not matter)
21+
import { sentryCloudflareNitroPlugin } from '@sentry/nuxt/module/plugins';
22+
23+
export default defineNitroPlugin(
24+
sentryCloudflareNitroPlugin({
25+
dsn: 'https://dsn',
26+
tracesSampleRate: 1.0,
27+
}),
28+
);
29+
```
30+
31+
or with access to `nitroApp`:
32+
33+
```javascript
34+
// server/plugins/sentry-cloudflare-setup.ts (filename does not matter)
35+
import { sentryCloudflareNitroPlugin } from '@sentry/nuxt/module/plugins';
36+
37+
export default defineNitroPlugin(sentryCloudflareNitroPlugin((nitroApp: NitroApp) => {
38+
// You can access nitroApp here if needed
39+
return ({
40+
dsn: 'https://dsn',
41+
tracesSampleRate: 1.0,
42+
})
43+
}))
44+
```
45+
46+
### Other Changes
47+
48+
- feat(browser): Record standalone LCP spans ([#16591](https://github.com/getsentry/sentry-javascript/pull/16591))
49+
- fix(nuxt): Only add OTel alias in dev mode ([#16756](https://github.com/getsentry/sentry-javascript/pull/16756))
50+
51+
## 9.33.0
52+
53+
### Important Changes
54+
55+
- **feat: Add opt-in `vercelAiIntegration` to cloudflare & vercel-edge ([#16732](https://github.com/getsentry/sentry-javascript/pull/16732))**
56+
57+
The `vercelAiIntegration` is now available as opt-in for the Cloudflare and the Next.js SDK for Vercel Edge.
58+
To use it, add the integration in `Sentry.init`
59+
60+
```js
61+
Sentry.init({
62+
tracesSampleRate: 1.0,
63+
integrations: [Sentry.vercelAIIntegration()],
64+
});
65+
```
66+
67+
And enable telemetry for Vercel AI calls
68+
69+
```js
70+
const result = await generateText({
71+
model: openai('gpt-4o'),
72+
experimental_telemetry: {
73+
isEnabled: true,
74+
},
75+
});
76+
```
77+
78+
- **feat(node): Add postgresjs instrumentation ([#16665](https://github.com/getsentry/sentry-javascript/pull/16665))**
79+
80+
The Node.js SDK now includes instrumentation for [Postgres.js](https://www.npmjs.com/package/postgres).
81+
82+
- **feat(node): Use diagnostics channel for Fastify v5 error handling ([#16715](https://github.com/getsentry/sentry-javascript/pull/16715))**
83+
84+
If you're on Fastify v5, you no longer need to call `setupFastifyErrorHandler`. It is done automatically by the node SDK. Older versions still rely on calling `setupFastifyErrorHandler`.
85+
86+
### Other Changes
87+
88+
- feat(cloudflare): Allow interop with OpenTelemetry emitted spans ([#16714](https://github.com/getsentry/sentry-javascript/pull/16714))
89+
- feat(cloudflare): Flush after `waitUntil` ([#16681](https://github.com/getsentry/sentry-javascript/pull/16681))
90+
- fix(nextjs): Remove `ai` from default server external packages ([#16736](https://github.com/getsentry/sentry-javascript/pull/16736))
91+
92+
Work in this release was contributed by @0xbad0c0d3. Thank you for your contribution!
93+
94+
## 9.32.0
95+
96+
### Important Changes
97+
98+
- feat(browser): Add CLS sources to span attributes ([#16710](https://github.com/getsentry/sentry-javascript/pull/16710))
99+
100+
Enhances CLS (Cumulative Layout Shift) spans by adding attributes detailing the elements that caused layout shifts.
101+
102+
- feat(cloudflare): Add `instrumentWorkflowWithSentry` to instrument workflows ([#16672](https://github.com/getsentry/sentry-javascript/pull/16672))
103+
104+
We've added support for Cloudflare Workflows, enabling comprehensive tracing for your workflow runs. This integration uses the workflow's instanceId as the Sentry trace_id and for sampling, linking all steps together. You'll now be able to see full traces, including retries with exponential backoff.
105+
106+
- feat(pino-transport): Add functionality to send logs to sentry ([#16667](https://github.com/getsentry/sentry-javascript/pull/16667))
107+
108+
Adds the ability to send logs to Sentry via a pino transport.
109+
110+
### Other Changes
111+
112+
- feat(nextjs): Expose top level buildTime `errorHandler` option ([#16718](https://github.com/getsentry/sentry-javascript/pull/16718))
113+
- feat(node): update pipeline spans to use agent naming ([#16712](https://github.com/getsentry/sentry-javascript/pull/16712))
114+
- feat(deps): bump @prisma/instrumentation from 6.9.0 to 6.10.1 ([#16698](https://github.com/getsentry/sentry-javascript/pull/16698))
115+
- fix(sveltekit): Export logger from sveltekit worker ([#16716](https://github.com/getsentry/sentry-javascript/pull/16716))
116+
- fix(google-cloud-serverless): Make `CloudEventsContext` compatible with `CloudEvent` ([#16705](https://github.com/getsentry/sentry-javascript/pull/16705))
117+
- fix(nextjs): Stop injecting release value when create release options is set to `false` ([#16695](https://github.com/getsentry/sentry-javascript/pull/16695))
118+
- fix(node): account for Object. syntax with local variables matching ([#16702](https://github.com/getsentry/sentry-javascript/pull/16702))
119+
- fix(nuxt): Add alias for `@opentelemetry/resources` ([#16727](https://github.com/getsentry/sentry-javascript/pull/16727))
120+
7121
Work in this release was contributed by @flaeppe. Thank you for your contribution!
8122

9123
## 9.31.0

README.md

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -112,8 +112,6 @@ below:
112112
Provides the integration for Session Replay.
113113
- [`@sentry/core`](https://github.com/getsentry/sentry-javascript/tree/master/packages/core): The base for all
114114
JavaScript SDKs with interfaces, type definitions and base classes.
115-
- [`@sentry/pino-transport`](https://github.com/getsentry/sentry-javascript/tree/master/packages/pino-transport): Pino
116-
transport for automatically sending log messages to Sentry.
117115

118116
## Bug Bounty Program
119117

dev-packages/browser-integration-tests/package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "@sentry-internal/browser-integration-tests",
3-
"version": "9.31.0",
3+
"version": "9.34.0",
44
"main": "index.js",
55
"license": "MIT",
66
"engines": {
@@ -42,7 +42,7 @@
4242
"@babel/preset-typescript": "^7.16.7",
4343
"@playwright/test": "~1.50.0",
4444
"@sentry-internal/rrweb": "2.34.0",
45-
"@sentry/browser": "9.31.0",
45+
"@sentry/browser": "9.34.0",
4646
"@supabase/supabase-js": "2.49.3",
4747
"axios": "1.8.2",
4848
"babel-loader": "^8.2.2",

dev-packages/browser-integration-tests/suites/tracing/metrics/web-vitals-cls-standalone-spans/test.ts

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,7 @@ sentryTest('captures a "GOOD" CLS vital with its source as a standalone span', a
6868
transaction: expect.stringContaining('index.html'),
6969
'user_agent.original': expect.stringContaining('Chrome'),
7070
'sentry.pageload.span_id': expect.stringMatching(/[a-f0-9]{16}/),
71+
'cls.source.1': expect.stringContaining('body > div#content > p'),
7172
},
7273
description: expect.stringContaining('body > div#content > p'),
7374
exclusive_time: 0,
@@ -136,6 +137,7 @@ sentryTest('captures a "MEH" CLS vital with its source as a standalone span', as
136137
transaction: expect.stringContaining('index.html'),
137138
'user_agent.original': expect.stringContaining('Chrome'),
138139
'sentry.pageload.span_id': expect.stringMatching(/[a-f0-9]{16}/),
140+
'cls.source.1': expect.stringContaining('body > div#content > p'),
139141
},
140142
description: expect.stringContaining('body > div#content > p'),
141143
exclusive_time: 0,
@@ -202,6 +204,7 @@ sentryTest('captures a "POOR" CLS vital with its source as a standalone span.',
202204
transaction: expect.stringContaining('index.html'),
203205
'user_agent.original': expect.stringContaining('Chrome'),
204206
'sentry.pageload.span_id': expect.stringMatching(/[a-f0-9]{16}/),
207+
'cls.source.1': expect.stringContaining('body > div#content > p'),
205208
},
206209
description: expect.stringContaining('body > div#content > p'),
207210
exclusive_time: 0,

0 commit comments

Comments
 (0)