-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Snyk] Upgrade @sentry/react from 7.16.0 to 8.14.0 #781
base: main
Are you sure you want to change the base?
Conversation
Snyk has created this PR to upgrade @sentry/react from 7.16.0 to 8.14.0. See this package in npm: @sentry/react See this project in Snyk: https://app.snyk.io/org/q1blue-rxw/project/5b430cad-b455-40c7-a7ff-af5a8804e8ca?utm_source=github&utm_medium=referral&page=upgrade-pr
|
🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎ To accept the risk, merge this PR and you will not be notified again.
Next stepsWhat is an install script?Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts. Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead. Take a deeper look at the dependencyTake a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev. Remove the packageIf you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency. Mark a package as acceptable riskTo ignore an alert, reply with a comment starting with
|
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to upgrade @sentry/react from 7.16.0 to 8.14.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 188 versions ahead of your current version.
The recommended version was released on 22 days ago.
Release notes
Package name: @sentry/react
Important Changes
The
@ sentry/nestjs
SDK no longer captures 4xx errors automatically.Other Changes
JSX
(#12691)registerEsmLoaderHooks
option (#12684)afterAllSetup
instead of next tick (#12709)Work in this release was contributed by @ quisido. Thank you for your contribution!
Bundle size 📦
Important Changes
@ sentry/nestjs
)in alpha state. The SDK is a drop-in replacement for the Sentry Node SDK (
@ sentry/node
) supporting the same set offeatures. See the docs for how to use the SDK.
Other Changes
2.20.1
(#12641)Bundle size 📦
Important Changes
This release introduces breaking changes to the
@ sentry/solid
package (which is currently out in alpha).We've made it easier to get started with the solid router integration by removing the need to pass use* hooks
explicitly to
solidRouterBrowserTracingIntegration
. ImportsolidRouterBrowserTracingIntegration
from@ sentry/solid/solidrouter
and add it toSentry.init
import { solidRouterBrowserTracingIntegration, withSentryRouterRouting } from '@ sentry/solid/solidrouter';
import { Router } from '@ solidjs/router';
Sentry.init({
dsn: 'PUBLIC_DSN',
integrations: [solidRouterBrowserTracingIntegration()],
tracesSampleRate: 1.0, // Capture 100% of the transactions
});
const SentryRouter = withSentryRouterRouting(Router);
Sentry.init()
now returns a client directly, so you don't need to explicitly callgetClient()
anymore:deleteSourcemapsAfterUpload
option (#12457)This adds an easy way to delete sourcemaps immediately after uploading them:
maxSpanWaitDuration
(#12610)Adds configuration option for the max. duration in seconds that the SDK will wait for parent spans to be finished before
discarding a span. The SDK will automatically clean up spans that have no finished parent after this duration. This is
necessary to prevent memory leaks in case of parent spans that are never finished or otherwise dropped/missing. However,
if you have very long-running spans in your application, a shorter duration might cause spans to be discarded too early.
In this case, you can increase this duration to a value that fits your expected data.
Other Changes
window.Sentry
(#12580)isRemixV2
as optional in exposed types. (#12614)Work in this release was contributed by @ n4bb12. Thank you for your contribution!
Bundle size 📦
This pre-release includes an
rrweb
version bump thatincludes quite a few upstream changes. We will test this on Sentry before a release.
Bundle size 📦
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: