Skip to content

Commit a487e50

Browse files
committed
Merge remote-tracking branch 'upstream/develop' into timfish/feat/new-anr
2 parents c4a718c + 63b255f commit a487e50

File tree

16 files changed

+425
-84
lines changed

16 files changed

+425
-84
lines changed

.cursor/rules/publishing_release.mdc

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ description: Use this rule if you are looking to publish a release for the Sentr
33
globs:
44
alwaysApply: false
55
---
6+
67
# Publishing a Release
78

89
Use these guidelines when publishing a new Sentry JavaScript SDK release.
Lines changed: 163 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,163 @@
1+
---
2+
description: Use this rule if you are looking to upgrade a dependency in the Sentry JavaScript SDKs
3+
globs:
4+
alwaysApply: false
5+
---
6+
# Yarn v1 Dependency Upgrades
7+
8+
## Upgrade Process
9+
10+
### Dependency Analysis
11+
12+
```bash
13+
# Check dependency tree
14+
yarn list --depth=0
15+
16+
# Find why package is installed
17+
yarn why [package-name]
18+
```
19+
20+
### Root Workspace vs. Package Dependencies
21+
22+
**CRITICAL**: Understand the difference between dependency types:
23+
24+
- **Root Workspace dependencies**: Shared dev tools, build tools, testing frameworks
25+
- **Package dependencies**: Package-specific runtime and dev dependencies
26+
- Always check if dependency should be in root workspace or package level
27+
28+
### Upgrade Dependencies
29+
30+
**MANDATORY**: Only ever upgrade a single package at a time.
31+
32+
**CRITICAL RULE**: If a dependency is not defined in `package.json` anywhere, the upgrade must be run in the root workspace as the `yarn.lock` file is contained there.
33+
34+
```bash
35+
# Upgrade specific package to latest compatible version
36+
npx yarn-update-dependency@latest [package-name]
37+
```
38+
39+
Avoid upgrading top-level dependencies (defined in `package.json`), especially if they are used for tests. If you are going to upgrade them, ask the user before proceeding.
40+
41+
**REQUIREMENT**: If a `package.json` file is updated, make sure it has a new line at the end.
42+
43+
#### CRITICAL: OpenTelemetry Dependency Constraint
44+
45+
**STOP UPGRADE IMMEDIATELY** if upgrading any dependency with `opentelemetry` in the name and the new version or any of its dependencies uses forbidden OpenTelemetry versions.
46+
47+
**FORBIDDEN VERSION PATTERNS:**
48+
- `2.x.x` versions (e.g., `2.0.0`, `2.1.0`)
49+
- `0.2xx.x` versions (e.g., `0.200.0`, `0.201.0`)
50+
51+
When upgrading OpenTelemetry dependencies:
52+
1. Check the dependency's `package.json` after upgrade
53+
2. Verify the package itself doesn't use forbidden version patterns
54+
3. Verify none of its dependencies use `@opentelemetry/*` packages with forbidden version patterns
55+
4. **Example**: `@opentelemetry/instrumentation-pg@0.52.0` is forbidden because it bumped to core `2.0.0` and instrumentation `0.200.0`
56+
5. If forbidden OpenTelemetry versions are detected, **ABORT the upgrade** and notify the user that this upgrade cannot proceed due to OpenTelemetry v2+ compatibility constraints
57+
58+
#### CRITICAL: E2E Test Dependencies
59+
60+
**DO NOT UPGRADE** the major version of dependencies in test applications where the test name explicitly mentions a dependency version.
61+
62+
**RULE**: For `dev-packages/e2e-tests/test-applications/*`, if the test directory name mentions a specific version (e.g., `nestjs-8`), do not upgrade that dependency beyond the mentioned major version.
63+
64+
**Example**: Do not upgrade the nestjs version of `dev-packages/e2e-tests/test-applications/nestjs-8` to nestjs 9 or above because the test name mentions nestjs 8.
65+
66+
## Safety Protocols
67+
68+
### Pre-Upgrade Checklist
69+
70+
**COMPLETE ALL STEPS** before proceeding with any upgrade:
71+
72+
1. **Backup**: Ensure clean git state or create backup branch
73+
2. **CI Status**: Verify all tests are passing
74+
3. **Lockfile works**: Confirm `yarn.lock` is in a good state (no merge conflicts)
75+
4. **OpenTelemetry Check**: For OpenTelemetry dependencies, verify no forbidden version patterns (`2.x.x` or `0.2xx.x`) will be introduced
76+
77+
### Post-Upgrade Verification
78+
79+
```bash
80+
# rebuild everything
81+
yarn install
82+
83+
# Build the project
84+
yarn build:dev
85+
86+
# Make sure dependencies are deduplicated
87+
yarn dedupe-deps:fix
88+
89+
# Fix any linting issues
90+
yarn fix
91+
92+
# Check circular dependencies
93+
yarn circularDepCheck
94+
```
95+
96+
## Version Management
97+
98+
### Pinning Strategies
99+
100+
- **Exact versions** (`1.2.3`): Use for critical dependencies
101+
- **Caret versions** (`^1.2.3`): Allow minor updates only
102+
- **Latest tag**: Avoid as much as possible other than in certain testing and development scenarios
103+
104+
## Troubleshooting
105+
106+
- **Yarn Version**: Run `yarn --version` - must be yarn v1 (not v2/v3/v4)
107+
- **Lockfile Issues**: Verify yarn.lock exists and is properly maintained. Fix merge conflicts by running `yarn install`
108+
109+
## Best Practices
110+
111+
### Security Audits
112+
113+
```bash
114+
# Check for security vulnerabilities
115+
yarn audit
116+
117+
# Fix automatically fixable vulnerabilities
118+
yarn audit fix
119+
120+
# Install security patches only
121+
yarn upgrade --security-only
122+
```
123+
124+
### Check for Outdated Dependencies
125+
126+
```bash
127+
# Check all outdated dependencies
128+
yarn outdated
129+
130+
# Check specific package
131+
yarn outdated [package-name]
132+
133+
# Check dependencies in specific workspace
134+
yarn workspace [workspace-name] outdated
135+
```
136+
137+
### Using yarn info for Dependency Inspection
138+
139+
Use `yarn info` to inspect package dependencies before and after upgrades:
140+
141+
```bash
142+
# Check current version and dependencies
143+
yarn info <package-name>
144+
145+
# Check specific version dependencies
146+
yarn info <package-name>@<version>
147+
148+
# Check dependencies field specifically
149+
yarn info <package-name>@<version> dependencies
150+
151+
# Check all available versions
152+
yarn info <package-name> versions
153+
```
154+
155+
The `yarn info` command provides detailed dependency information without requiring installation, making it particularly useful for:
156+
- Verifying OpenTelemetry packages don't introduce forbidden version patterns (`2.x.x` or `0.2xx.x`)
157+
- Checking what dependencies a package will bring in before upgrading
158+
- Understanding package version history and compatibility
159+
160+
### Documentation
161+
162+
- Update README or code comments if dependency change affects usage of the SDK or its integrations
163+
- Notify team of significant changes

.github/ISSUE_TEMPLATE/bug.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@ body:
3737
- '@sentry/node - koa'
3838
- '@sentry/node - hapi'
3939
- '@sentry/node - connect'
40+
- '@sentry/node-native'
4041
- '@sentry/angular'
4142
- '@sentry/astro'
4243
- '@sentry/aws-serverless'

dev-packages/browser-integration-tests/suites/tracing/metrics/web-vitals-cls-standalone-spans/test.ts

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,7 @@ sentryTest('captures a "GOOD" CLS vital with its source as a standalone span', a
6868
transaction: expect.stringContaining('index.html'),
6969
'user_agent.original': expect.stringContaining('Chrome'),
7070
'sentry.pageload.span_id': expect.stringMatching(/[a-f0-9]{16}/),
71+
'cls.source.1': expect.stringContaining('body > div#content > p'),
7172
},
7273
description: expect.stringContaining('body > div#content > p'),
7374
exclusive_time: 0,
@@ -136,6 +137,7 @@ sentryTest('captures a "MEH" CLS vital with its source as a standalone span', as
136137
transaction: expect.stringContaining('index.html'),
137138
'user_agent.original': expect.stringContaining('Chrome'),
138139
'sentry.pageload.span_id': expect.stringMatching(/[a-f0-9]{16}/),
140+
'cls.source.1': expect.stringContaining('body > div#content > p'),
139141
},
140142
description: expect.stringContaining('body > div#content > p'),
141143
exclusive_time: 0,
@@ -202,6 +204,7 @@ sentryTest('captures a "POOR" CLS vital with its source as a standalone span.',
202204
transaction: expect.stringContaining('index.html'),
203205
'user_agent.original': expect.stringContaining('Chrome'),
204206
'sentry.pageload.span_id': expect.stringMatching(/[a-f0-9]{16}/),
207+
'cls.source.1': expect.stringContaining('body > div#content > p'),
205208
},
206209
description: expect.stringContaining('body > div#content > p'),
207210
exclusive_time: 0,

dev-packages/e2e-tests/test-applications/create-remix-app-express/package.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,7 @@
4848
"eslint-plugin-react-hooks": "^4.6.0",
4949
"tsx": "4.7.2",
5050
"typescript": "^5.1.6",
51+
"vite": "^5.4.11",
5152
"vite-tsconfig-paths": "^4.2.1"
5253
},
5354
"volta": {

dev-packages/e2e-tests/test-applications/create-remix-app-v2/package.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,8 @@
3030
"@types/react-dom": "^18.2.34",
3131
"@types/prop-types": "15.7.7",
3232
"eslint": "^8.38.0",
33-
"typescript": "^5.1.6"
33+
"typescript": "^5.1.6",
34+
"vite": "^5.4.11"
3435
},
3536
"resolutions": {
3637
"@types/react": "18.2.22"

dev-packages/e2e-tests/test-applications/nextjs-15/tests/ai-test.test.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ test('should create AI spans with correct attributes', async ({ page }) => {
2121
// TODO: For now, this is sadly not fully working - the monkey patching of the ai package is not working
2222
// because of this, only spans that are manually opted-in at call time will be captured
2323
// this may be fixed by https://github.com/vercel/ai/pull/6716 in the future
24-
const aiPipelineSpans = spans.filter(span => span.op === 'ai.pipeline.generate_text');
24+
const aiPipelineSpans = spans.filter(span => span.op === 'gen_ai.invoke_agent');
2525
const aiGenerateSpans = spans.filter(span => span.op === 'gen_ai.generate_text');
2626
const toolCallSpans = spans.filter(span => span.op === 'gen_ai.execute_tool');
2727

dev-packages/node-integration-tests/suites/tracing/amqplib/test.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ describe('amqplib auto-instrumentation', () => {
3030
});
3131

3232
createEsmAndCjsTests(__dirname, 'scenario.mjs', 'instrument.mjs', (createTestRunner, test) => {
33-
test('should be able to send and receive messages', async () => {
33+
test('should be able to send and receive messages', { timeout: 60_000 }, async () => {
3434
await createTestRunner()
3535
.withDockerCompose({
3636
workingDirectory: [__dirname],

dev-packages/node-integration-tests/suites/tracing/vercelai/test.ts

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -26,11 +26,11 @@ describe('Vercel AI integration', () => {
2626
'gen_ai.usage.output_tokens': 20,
2727
'gen_ai.usage.total_tokens': 30,
2828
'operation.name': 'ai.generateText',
29-
'sentry.op': 'ai.pipeline.generate_text',
29+
'sentry.op': 'gen_ai.invoke_agent',
3030
'sentry.origin': 'auto.vercelai.otel',
3131
},
3232
description: 'generateText',
33-
op: 'ai.pipeline.generate_text',
33+
op: 'gen_ai.invoke_agent',
3434
origin: 'auto.vercelai.otel',
3535
status: 'ok',
3636
}),
@@ -83,11 +83,11 @@ describe('Vercel AI integration', () => {
8383
'gen_ai.usage.output_tokens': 20,
8484
'gen_ai.usage.total_tokens': 30,
8585
'operation.name': 'ai.generateText',
86-
'sentry.op': 'ai.pipeline.generate_text',
86+
'sentry.op': 'gen_ai.invoke_agent',
8787
'sentry.origin': 'auto.vercelai.otel',
8888
},
8989
description: 'generateText',
90-
op: 'ai.pipeline.generate_text',
90+
op: 'gen_ai.invoke_agent',
9191
origin: 'auto.vercelai.otel',
9292
status: 'ok',
9393
}),
@@ -140,11 +140,11 @@ describe('Vercel AI integration', () => {
140140
'gen_ai.usage.output_tokens': 25,
141141
'gen_ai.usage.total_tokens': 40,
142142
'operation.name': 'ai.generateText',
143-
'sentry.op': 'ai.pipeline.generate_text',
143+
'sentry.op': 'gen_ai.invoke_agent',
144144
'sentry.origin': 'auto.vercelai.otel',
145145
},
146146
description: 'generateText',
147-
op: 'ai.pipeline.generate_text',
147+
op: 'gen_ai.invoke_agent',
148148
origin: 'auto.vercelai.otel',
149149
status: 'ok',
150150
}),
@@ -220,11 +220,11 @@ describe('Vercel AI integration', () => {
220220
'gen_ai.usage.output_tokens': 20,
221221
'gen_ai.usage.total_tokens': 30,
222222
'operation.name': 'ai.generateText',
223-
'sentry.op': 'ai.pipeline.generate_text',
223+
'sentry.op': 'gen_ai.invoke_agent',
224224
'sentry.origin': 'auto.vercelai.otel',
225225
},
226226
description: 'generateText',
227-
op: 'ai.pipeline.generate_text',
227+
op: 'gen_ai.invoke_agent',
228228
origin: 'auto.vercelai.otel',
229229
status: 'ok',
230230
}),
@@ -280,11 +280,11 @@ describe('Vercel AI integration', () => {
280280
'gen_ai.usage.output_tokens': 20,
281281
'gen_ai.usage.total_tokens': 30,
282282
'operation.name': 'ai.generateText',
283-
'sentry.op': 'ai.pipeline.generate_text',
283+
'sentry.op': 'gen_ai.invoke_agent',
284284
'sentry.origin': 'auto.vercelai.otel',
285285
},
286286
description: 'generateText',
287-
op: 'ai.pipeline.generate_text',
287+
op: 'gen_ai.invoke_agent',
288288
origin: 'auto.vercelai.otel',
289289
status: 'ok',
290290
}),
@@ -341,11 +341,11 @@ describe('Vercel AI integration', () => {
341341
'gen_ai.usage.output_tokens': 25,
342342
'gen_ai.usage.total_tokens': 40,
343343
'operation.name': 'ai.generateText',
344-
'sentry.op': 'ai.pipeline.generate_text',
344+
'sentry.op': 'gen_ai.invoke_agent',
345345
'sentry.origin': 'auto.vercelai.otel',
346346
},
347347
description: 'generateText',
348-
op: 'ai.pipeline.generate_text',
348+
op: 'gen_ai.invoke_agent',
349349
origin: 'auto.vercelai.otel',
350350
status: 'ok',
351351
}),

packages/browser-utils/src/metrics/cls.ts

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -106,6 +106,14 @@ function sendStandaloneClsSpan(clsValue: number, entry: LayoutShift | undefined,
106106
'sentry.pageload.span_id': pageloadSpanId,
107107
};
108108

109+
// Add CLS sources as span attributes to help with debugging layout shifts
110+
// See: https://developer.mozilla.org/en-US/docs/Web/API/LayoutShift/sources
111+
if (entry?.sources) {
112+
entry.sources.forEach((source, index) => {
113+
attributes[`cls.source.${index + 1}`] = htmlTreeAsString(source.node);
114+
});
115+
}
116+
109117
const span = startStandaloneWebVitalSpan({
110118
name,
111119
transaction: routeName,

0 commit comments

Comments
 (0)