meta(changelog): Update changelog for 10.46.0#19973
Merged
nicohrubec merged 44 commits intomasterfrom Mar 25, 2026
Merged
Conversation
We are not passing the underlying `node` metadata for our `aws-serverless` and `google-cloud-serverless` packages. Closes #19879 (added automatically)
[Gitflow] Merge master into develop
) withastro/astro#15753 was fixed, so our server islands e2e test should work again in Astro 6. This PR bumps the Astro version to the most recent one and re-enables the test --------- Co-authored-by: Charly Gomez <charly.gomez@sentry.io>
Just saw that we missed to pass the underlying node sdk metadata. Closes #19876 (added automatically)
Fixes Dependabot alert #1223. Bumps socket.io-parser from 4.2.4 to 4.2.6 to address unbounded binary attachment memory exhaustion vulnerability. Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Bumps [stacktrace-parser](https://github.com/errwischt/stacktrace-parser) from 0.1.10 to 0.1.11. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/errwischt/stacktrace-parser/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…19888) Bumps [mongodb-memory-server-global](https://github.com/typegoose/mongodb-memory-server/tree/HEAD/packages/mongodb-memory-server-global) from 10.1.4 to 11.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/typegoose/mongodb-memory-server/releases">mongodb-memory-server-global's releases</a>.</em></p> <blockquote> <h2>v11.0.1</h2> <h2><a href="https://github.com/typegoose/mongodb-memory-server/compare/v11.0.0...v11.0.1">11.0.1</a> (2025-12-23)</h2> <h3>Fixes</h3> <ul> <li><strong>MongoBinaryDownload:</strong> use "http" module for "USE_HTTP" requests (<a href="https://github.com/typegoose/mongodb-memory-server/commit/9c967f3018f1d8ba91102cd7efb74397e642b1c7">9c967f3</a>), closes <a href="https://redirect.github.com/typegoose/mongodb-memory-server/issues/962">#962</a></li> </ul> <h2>v11.0.0</h2> <h2><a href="https://github.com/typegoose/mongodb-memory-server/compare/v10.4.1...v11.0.0">11.0.0</a> (2025-12-15)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li> <p><strong>resolveConfig:</strong> Default mongodb binary version is now 8.2.x</p> </li> <li> <p><strong>tsconfig:</strong> potentially breaking change upgrading "target" to "es2023" in tsconfig</p> </li> <li> <p><strong>MongoBinaryDownloadUrl:</strong> Removed support for mongodb version below 4.2.0</p> </li> <li> <p>Remove "-global-4.0" package as it is now unsupported by the mongodb driver</p> </li> <li> <p>Lowest supported NodeJS version is now 20.19.0</p> </li> <li> <p><strong>tsconfig:</strong> update "target" to "es2023" (<a href="https://github.com/typegoose/mongodb-memory-server/commit/391da3dc4f03cbca2c4fbbef5949d395b799c050">391da3d</a>)</p> </li> </ul> <h3>Features</h3> <ul> <li><strong>MongoBinaryDownloadUrl:</strong> drop support for mongod versions below 4.2.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/c4e6cf1792d79317e04360ea086eb8ecef8ebe0d">c4e6cf1</a>), closes <a href="https://redirect.github.com/typegoose/mongodb-memory-server/issues/894">#894</a></li> <li>remove "mongodb-memory-server-global-4.0" (<a href="https://github.com/typegoose/mongodb-memory-server/commit/9cf7211e132ac7d7c95cf34e6eb6496033d31dca">9cf7211</a>)</li> <li><strong>resolveConfig:</strong> enable "RESUME_DOWNLOAD" by default (<a href="https://github.com/typegoose/mongodb-memory-server/commit/5197f694d71cbae2361e8d1dd888fa1ddfbefde7">5197f69</a>)</li> <li><strong>resolveConfig:</strong> update default binary version to 8.2.1 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/fefb155d3fe06a0f0a58b33a9ae5b7dbfa87212f">fefb155</a>)</li> <li>set lowest supported nodejs version to 20.19.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/5c3189697fc0f76015407f4cf9a675dbc01c9214">5c31896</a>)</li> </ul> <h3>Fixes</h3> <ul> <li><strong>resolveConfig:</strong> correct the mapping for "RESUME_DOWNLOAD" (<a href="https://github.com/typegoose/mongodb-memory-server/commit/6ae3ebfaa9ae23cb1b103bc1c91bd457e5d0c277">6ae3ebf</a>)</li> </ul> <h3>Style</h3> <ul> <li>migrate to eslint flat config (<a href="https://github.com/typegoose/mongodb-memory-server/commit/5a0e75c6970c51f5ec6241c036299bdccaddb07d">5a0e75c</a>)</li> <li><strong>MongoBinaryDownload::attemptDownload:</strong> remove duplicated argument (<a href="https://github.com/typegoose/mongodb-memory-server/commit/3162cc6bbdb72a4484602f8cc3a21584e829fc0f">3162cc6</a>)</li> <li><strong>MongoBinaryDownload:</strong> document more options (<a href="https://github.com/typegoose/mongodb-memory-server/commit/ae9784c35031af8e069726522177336e18c71d3f">ae9784c</a>)</li> </ul> <h3>Dependencies</h3> <ul> <li><strong>mongodb:</strong> upgrade to 7.0.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/8430483de3a4a239a969308fcb7799d39bc1887d">8430483</a>)</li> </ul> <h3>Dev-Dependencies</h3> <ul> <li><strong><code>@types/jest</code>:</strong> upgrade to 30.0.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/0bd9079c1d2a800f683dbdd3a1eb9400973a30d2">0bd9079</a>)</li> <li><strong><code>@types/node</code>:</strong> upgrade to version 24.10.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/a42df5357b48068b81b4291099ad4b4166964a61">a42df53</a>)</li> <li><strong>@typescript-eslint/*:</strong> upgrade to 7.18.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/b6c462cce8c3d39a20cc34843eed192cc91796eb">b6c462c</a>)</li> <li><strong>@typescript-eslint/*:</strong> upgrade to 8.31.1 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/945c0ed9e1d30d950dcb96e7d8e0e8555d248ba4">945c0ed</a>)</li> <li><strong>commitlint:</strong> upgrade to 20.1.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/097237cb4ef1c46568b472e11f96a2fda7049e1c">097237c</a>)</li> <li><strong>commitlint:</strong> upgrade to 20.2.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/c10f8003340b0c633a0aca814f12fa6106c19e80">c10f800</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/typegoose/mongodb-memory-server/blob/master/CHANGELOG.md">mongodb-memory-server-global's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/typegoose/mongodb-memory-server/compare/v11.0.0...v11.0.1">11.0.1</a> (2025-12-23)</h2> <h3>Fixes</h3> <ul> <li><strong>MongoBinaryDownload:</strong> use "http" module for "USE_HTTP" requests (<a href="https://github.com/typegoose/mongodb-memory-server/commit/9c967f3018f1d8ba91102cd7efb74397e642b1c7">9c967f3</a>), closes <a href="https://redirect.github.com/typegoose/mongodb-memory-server/issues/962">#962</a></li> </ul> <h2><a href="https://github.com/typegoose/mongodb-memory-server/compare/v10.4.1...v11.0.0">11.0.0</a> (2025-12-15)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li> <p><strong>resolveConfig:</strong> Default mongodb binary version is now 8.2.x</p> </li> <li> <p><strong>tsconfig:</strong> potentially breaking change upgrading "target" to "es2023" in tsconfig</p> </li> <li> <p><strong>MongoBinaryDownloadUrl:</strong> Removed support for mongodb version below 4.2.0</p> </li> <li> <p>Remove "-global-4.0" package as it is now unsupported by the mongodb driver</p> </li> <li> <p>Lowest supported NodeJS version is now 20.19.0</p> </li> <li> <p><strong>tsconfig:</strong> update "target" to "es2023" (<a href="https://github.com/typegoose/mongodb-memory-server/commit/391da3dc4f03cbca2c4fbbef5949d395b799c050">391da3d</a>)</p> </li> </ul> <h3>Features</h3> <ul> <li><strong>MongoBinaryDownloadUrl:</strong> drop support for mongod versions below 4.2.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/c4e6cf1792d79317e04360ea086eb8ecef8ebe0d">c4e6cf1</a>), closes <a href="https://redirect.github.com/typegoose/mongodb-memory-server/issues/894">#894</a></li> <li>remove "mongodb-memory-server-global-4.0" (<a href="https://github.com/typegoose/mongodb-memory-server/commit/9cf7211e132ac7d7c95cf34e6eb6496033d31dca">9cf7211</a>)</li> <li><strong>resolveConfig:</strong> enable "RESUME_DOWNLOAD" by default (<a href="https://github.com/typegoose/mongodb-memory-server/commit/5197f694d71cbae2361e8d1dd888fa1ddfbefde7">5197f69</a>)</li> <li><strong>resolveConfig:</strong> update default binary version to 8.2.1 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/fefb155d3fe06a0f0a58b33a9ae5b7dbfa87212f">fefb155</a>)</li> <li>set lowest supported nodejs version to 20.19.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/5c3189697fc0f76015407f4cf9a675dbc01c9214">5c31896</a>)</li> </ul> <h3>Fixes</h3> <ul> <li><strong>resolveConfig:</strong> correct the mapping for "RESUME_DOWNLOAD" (<a href="https://github.com/typegoose/mongodb-memory-server/commit/6ae3ebfaa9ae23cb1b103bc1c91bd457e5d0c277">6ae3ebf</a>)</li> </ul> <h3>Style</h3> <ul> <li>migrate to eslint flat config (<a href="https://github.com/typegoose/mongodb-memory-server/commit/5a0e75c6970c51f5ec6241c036299bdccaddb07d">5a0e75c</a>)</li> <li><strong>MongoBinaryDownload::attemptDownload:</strong> remove duplicated argument (<a href="https://github.com/typegoose/mongodb-memory-server/commit/3162cc6bbdb72a4484602f8cc3a21584e829fc0f">3162cc6</a>)</li> <li><strong>MongoBinaryDownload:</strong> document more options (<a href="https://github.com/typegoose/mongodb-memory-server/commit/ae9784c35031af8e069726522177336e18c71d3f">ae9784c</a>)</li> </ul> <h3>Dependencies</h3> <ul> <li><strong>mongodb:</strong> upgrade to 7.0.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/8430483de3a4a239a969308fcb7799d39bc1887d">8430483</a>)</li> </ul> <h3>Dev-Dependencies</h3> <ul> <li><strong><code>@types/jest</code>:</strong> upgrade to 30.0.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/0bd9079c1d2a800f683dbdd3a1eb9400973a30d2">0bd9079</a>)</li> <li><strong><code>@types/node</code>:</strong> upgrade to version 24.10.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/a42df5357b48068b81b4291099ad4b4166964a61">a42df53</a>)</li> <li><strong>@typescript-eslint/*:</strong> upgrade to 7.18.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/b6c462cce8c3d39a20cc34843eed192cc91796eb">b6c462c</a>)</li> <li><strong>@typescript-eslint/*:</strong> upgrade to 8.31.1 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/945c0ed9e1d30d950dcb96e7d8e0e8555d248ba4">945c0ed</a>)</li> <li><strong>commitlint:</strong> upgrade to 20.1.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/097237cb4ef1c46568b472e11f96a2fda7049e1c">097237c</a>)</li> <li><strong>commitlint:</strong> upgrade to 20.2.0 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/c10f8003340b0c633a0aca814f12fa6106c19e80">c10f800</a>)</li> <li><strong>cross-env:</strong> drop seemingly unused dependency (<a href="https://github.com/typegoose/mongodb-memory-server/commit/c1d0cdb796afb073019d9f67877f7be7e04d4b6a">c1d0cdb</a>)</li> <li><strong>eslint-config-prettier:</strong> upgrade to 10.1.2 (<a href="https://github.com/typegoose/mongodb-memory-server/commit/0114ef2dd49b1f31e21766781d670177fea58649">0114ef2</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/typegoose/mongodb-memory-server/commit/a9870e86672ff8217d7c3e4e57533b5082fac2a5"><code>a9870e8</code></a> release: v11.0.1</li> <li><a href="https://github.com/typegoose/mongodb-memory-server/commit/668a83c077926243322510d9e6851ddb57f82840"><code>668a83c</code></a> release: v11.0.0</li> <li><a href="https://github.com/typegoose/mongodb-memory-server/commit/8b7af19a50f83ff829db459528a6ec213c4ec74e"><code>8b7af19</code></a> release: v11.0.0-beta.4</li> <li><a href="https://github.com/typegoose/mongodb-memory-server/commit/000e8410eefbe9de2d6140548245248a7bb9b7d9"><code>000e841</code></a> release: v11.0.0-beta.3</li> <li><a href="https://github.com/typegoose/mongodb-memory-server/commit/6df558c64119a96437441399acb18b06d2ed163b"><code>6df558c</code></a> release: v11.0.0-beta.2</li> <li><a href="https://github.com/typegoose/mongodb-memory-server/commit/0c126bd144ad595c2915a3332758c51401f3a6dc"><code>0c126bd</code></a> release: v11.0.0-beta.1</li> <li><a href="https://github.com/typegoose/mongodb-memory-server/commit/5a0e75c6970c51f5ec6241c036299bdccaddb07d"><code>5a0e75c</code></a> style: migrate to eslint flat config</li> <li><a href="https://github.com/typegoose/mongodb-memory-server/commit/5c3189697fc0f76015407f4cf9a675dbc01c9214"><code>5c31896</code></a> feat: set lowest supported nodejs version to 20.19.0</li> <li><a href="https://github.com/typegoose/mongodb-memory-server/commit/fbe7bc7601bdddc409f35bc97a52d2610dfbc6c3"><code>fbe7bc7</code></a> release: v10.4.0</li> <li><a href="https://github.com/typegoose/mongodb-memory-server/commit/39a0a449a9eb2328b413034c3f276ee6af27876c"><code>39a0a44</code></a> release: v10.3.0</li> <li>Additional commits viewable in <a href="https://github.com/typegoose/mongodb-memory-server/commits/v11.0.1/packages/mongodb-memory-server-global">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by [GitHub Actions](<a href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a> Actions), a new releaser for mongodb-memory-server-global since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lukas Stracke <lukas.stracke@sentry.io>
…ncy (#19824) It seems like we added `file-type` as a dependency in #16751 with the reason that yarn was complaining about a missing peer dependency. However, `file-type` is not a peer dependency but a dependency of `@nestjs/common`. So it should be installed anyway. Given CI passes, I'd rather remove it for now.
Copy properties from the original promise onto the chained tracker, so that we can return something that can inspect the error, does not obscure `unhandledrejection`, *and* supports jQuery's extended PromiseLike objects. We only do this if the original PromiseLike object or its chained counterpart are not `instanceof Promise`. So far, we have not encountered such decoration on "normal" Promise objects, so this is a fast way to ensure that we're only providing this affordance where it's needed. This does introduce a limitation that if someone decorates a standard Promise object, and its decorations do not extend to chained results of `then()`, then we will lose them. If and when that happens, we can consider extending this check to something more thorough, even if it's slightly less performant. A guard is added to prevent cases where a chained/copied promise is passed through this function again, so that we know we still have to do the operation even though it's a "normal" Promise.
- Turn off `no-base-to-string`, as we rely on casting things to strings in many places after verifying that they are simple not-falsey. It could be worthwhile to impose better type safety on all these things at some point, but that is unlikely to be worth doing in the near term. - Remove several unused variables. We could consider disabling this rule in tests specifically, since that is where it's most common to leave scaffolding and debugging values behind. - Cast as types in a few cases to make our intention clear, where the values were actually being used safely, but not explicitly. - Disable `require-array-sort-compare` in one case where we benefit with a smaller code footprint by using the implicit numeric comparison on `Array.sort()`.
This changes getEarliestTimestamp() to walk the list a single time, instead of performing a full sort, as a sorted list is not needed, just the smallest value.
#19891) This PR fixes a bug in our Cloudflare Workflows instrumentation where we didn't forward the [recently introduced](https://developers.cloudflare.com/changelog/post/2026-03-06-step-context-available/) `ctx` argument to users' `Workflow.do` callbacks. We now pass all `...args` from the workflow through our instrumentation to the user callback. closes #19883
Replaces `recast` and `@babel/parser` with `acorn` and `@sveltejs/acorn-typescript` for AST parsing in the sveltekit auto-instrumentation plugin. - [x] If you've added code that should be tested, please add tests. - [x] Ensure your code lints and the test suite passes (`yarn lint`) & (`yarn test`). - [ ] Link an issue if there is one related to your pull request. Ref #19447 ## What this does The `autoInstrument` Vite plugin parses SvelteKit `+page.ts` / `+layout.server.ts` files to detect `export const load` or `export function load` declarations. It only **reads** the AST — never transforms or prints it — so recast's source-preserving round-trip feature is entirely unused. This replaces the full recast + @babel/parser pipeline with acorn (Node.js's own parser) and `@sveltejs/acorn-typescript` (the actively maintained TypeScript plugin used by SvelteKit itself). ### Changes - **Delete** `recastTypescriptParser.ts` — the 91-line Babel parser config with 20+ plugin declarations is no longer needed - **Replace** `recast.parse()` with `acorn.Parser.extend(tsPlugin()).parse()` in `autoInstrument.ts` - **Fix** AST node type: `StringLiteral` (Babel-specific) → `Literal` (ESTree standard) for string literal export detection - **Fix** AST structure: `ast.program` (recast's File wrapper) → direct `ast` (acorn returns Program) - **Improve** error handling: `try/catch` around parse (acorn throws SyntaxError) replaces dubious null check - **Improve** type safety: remove unsafe double-cast `(specifier.exported as unknown as t.StringLiteral)` in favor of proper discriminant narrowing ### Dependency reduction **Removed:** `recast`, `ast-types`, `esprima`, `source-map`, `tslib`, `tiny-invariant`, `@babel/parser`, `@babel/types`, `@babel/helper-string-parser`, `@babel/helper-validator-identifier` **Added:** `acorn` (already in dep tree via Vite/Rollup), `@sveltejs/acorn-typescript` (already in dep tree via `@sveltejs/kit`) Net effect: ~8 fewer transitive dependencies, zero new packages for end users. ### Why @sveltejs/acorn-typescript? The original `acorn-typescript` package by TyrealHu hasn't been updated since January 2024 and has known unpatched bugs. The Svelte team's fork (`@sveltejs/acorn-typescript`) is actively maintained and is already a transitive dependency of every SvelteKit project. All 69 existing tests pass without modification. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: JPeer264 <jan.peer@sentry.io> Co-authored-by: Lukas Stracke <lukas.stracke@sentry.io>
This PR adds the external contributor to the CHANGELOG.md file, so that they are credited for their contribution. See #19533 Co-authored-by: Lms24 <8420481+Lms24@users.noreply.github.com>
The workflow that auto-labels issues based on SDK package name had a typo mapping @sentry/gatsby to "Gatbsy" instead of "Gatsby". Closes #19906 (added automatically) Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
## Problem The @sentry/effect SDK was added to the release registry without the required `mainDocsUrl` field in the craft configuration. This causes a KeyError in the Sentry backend when trying to access SDK documentation URLs. **Sentry Issue**: [SENTRY-5M6R](https://sentry.sentry.io/issues/7341944871/) - **Error**: `KeyError: 'main_docs_url'` - **Impact**: 238,811 occurrences affecting 3,994 users - **First seen**: March 17, 2026 at 16:50 UTC (shortly after Effect SDK was released at 16:44 UTC) ## Solution This PR adds the missing `mainDocsUrl` field to the Effect SDK configuration in `.craft.yml`, following the same pattern as other JavaScript SDKs. ## Changes - Added `mainDocsUrl: 'https://docs.sentry.io/platforms/javascript/guides/effect/'` to the Effect SDK registry configuration ## Testing - [ ] Verified the URL format matches other JavaScript SDK documentation URLs - [ ] Confirmed the field name matches the registry specification ## Impact - Future releases of @sentry/effect will include the proper documentation URL in the release registry - This prevents the KeyError from occurring in the Sentry backend Fixes SENTRY-5M6R
…est apps (#19917) Fixes Dependabot alerts #1227 and #1228. Patches CVE-2026-27980 (unbounded next/image disk cache growth). Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Bumps [@react-router/node](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node) from 7.13.0 to 7.13.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/remix-run/react-router/releases"><code>@react-router/node</code>'s releases</a>.</em></p> <blockquote> <h2>v7.13.1</h2> <p>See the changelog for release notes: <a href="https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131">https://github.com/remix-run/react-router/blob/main/CHANGELOG.md#v7131</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/remix-run/react-router/blob/main/packages/react-router-node/CHANGELOG.md"><code>@react-router/node</code>'s changelog</a>.</em></p> <blockquote> <h2>7.13.1</h2> <h3>Patch Changes</h3> <ul> <li>Updated dependencies: <ul> <li><code>react-router@7.13.1</code></li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/remix-run/react-router/commit/aa3f07883c04a4c1da7bfc4d6beb1f1f8c2dfa4c"><code>aa3f078</code></a> chore: Update version for release (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14829">#14829</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/3207a5cc3278b7212aeb95331107ec052d5a3008"><code>3207a5c</code></a> chore: Update version for release (pre) (<a href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-node/issues/14814">#14814</a>)</li> <li><a href="https://github.com/remix-run/react-router/commit/e4c3946d7de74eed9e69240a0365333b14f1e3fe"><code>e4c3946</code></a> Update a few missing typedoc links to the new URL format</li> <li><a href="https://github.com/remix-run/react-router/commit/8cb826426cf89ef6d89f84339ea4b90e60d2a34d"><code>8cb8264</code></a> chore: format</li> <li>See full diff in <a href="https://github.com/remix-run/react-router/commits/@react-router/node@7.13.1/packages/react-router-node">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [qunit-dom](https://github.com/mainmatter/qunit-dom) from 3.2.1 to 3.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mainmatter/qunit-dom/releases">qunit-dom's releases</a>.</em></p> <blockquote> <h2>v3.5.0-qunit-dom</h2> <h2>Release (2025-08-19)</h2> <p>qunit-dom 3.5.0 (minor)</p> <h4>:rocket: Enhancement</h4> <ul> <li><code>qunit-dom</code> <ul> <li><a href="https://redirect.github.com/mainmatter/qunit-dom/pull/2185">#2185</a> chore(qunit-dom): expose private install types (<a href="https://github.com/BobrImperator"><code>@BobrImperator</code></a>)</li> </ul> </li> </ul> <h4>:house: Internal</h4> <ul> <li><a href="https://redirect.github.com/mainmatter/qunit-dom/pull/2157">#2157</a> Install Gravity CI (<a href="https://github.com/marcoow"><code>@marcoow</code></a>)</li> </ul> <h4>Committers: 2</h4> <ul> <li>Bartlomiej Dudzik (<a href="https://github.com/BobrImperator"><code>@BobrImperator</code></a>)</li> <li>Marco Otte-Witte (<a href="https://github.com/marcoow"><code>@marcoow</code></a>)</li> </ul> <h2>v3.4.0-qunit-dom</h2> <h2>Release (2024-12-01)</h2> <p>qunit-dom 3.4.0 (minor)</p> <h4>:rocket: Enhancement</h4> <ul> <li><code>qunit-dom</code> <ul> <li><a href="https://redirect.github.com/mainmatter/qunit-dom/pull/2153">#2153</a> feature: add includesValue/doesNotIncludeValue (<a href="https://github.com/CvX"><code>@CvX</code></a>)</li> </ul> </li> </ul> <h4>Committers: 1</h4> <ul> <li>Jarek Radosz (<a href="https://github.com/CvX"><code>@CvX</code></a>)</li> </ul> <h2>v3.3.0-qunit-dom</h2> <h2>Release (2024-11-10)</h2> <p>qunit-dom 3.3.0 (minor)</p> <h4>:rocket: Enhancement</h4> <ul> <li><code>qunit-dom</code> <ul> <li><a href="https://redirect.github.com/mainmatter/qunit-dom/pull/2147">#2147</a> feature: add HTML matching methods (<a href="https://github.com/CvX"><code>@CvX</code></a>)</li> </ul> </li> </ul> <h4>Committers: 1</h4> <ul> <li>Jarek Radosz (<a href="https://github.com/CvX"><code>@CvX</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mainmatter/qunit-dom/blob/master/CHANGELOG.md">qunit-dom's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>Release (2025-08-19)</h2> <p>qunit-dom 3.5.0 (minor)</p> <h4>:rocket: Enhancement</h4> <ul> <li><code>qunit-dom</code> <ul> <li><a href="https://redirect.github.com/mainmatter/qunit-dom/pull/2185">#2185</a> chore(qunit-dom): expose private install types (<a href="https://github.com/BobrImperator"><code>@BobrImperator</code></a>)</li> </ul> </li> </ul> <h4>:house: Internal</h4> <ul> <li><a href="https://redirect.github.com/mainmatter/qunit-dom/pull/2157">#2157</a> Install Gravity CI (<a href="https://github.com/marcoow"><code>@marcoow</code></a>)</li> </ul> <h4>Committers: 2</h4> <ul> <li>Bartlomiej Dudzik (<a href="https://github.com/BobrImperator"><code>@BobrImperator</code></a>)</li> <li>Marco Otte-Witte (<a href="https://github.com/marcoow"><code>@marcoow</code></a>)</li> </ul> <h2>Release (2024-12-01)</h2> <p>qunit-dom 3.4.0 (minor)</p> <h4>:rocket: Enhancement</h4> <ul> <li><code>qunit-dom</code> <ul> <li><a href="https://redirect.github.com/mainmatter/qunit-dom/pull/2153">#2153</a> feature: add includesValue/doesNotIncludeValue (<a href="https://github.com/CvX"><code>@CvX</code></a>)</li> </ul> </li> </ul> <h4>Committers: 1</h4> <ul> <li>Jarek Radosz (<a href="https://github.com/CvX"><code>@CvX</code></a>)</li> </ul> <h2>Release (2024-11-10)</h2> <p>qunit-dom 3.3.0 (minor)</p> <h4>:rocket: Enhancement</h4> <ul> <li><code>qunit-dom</code> <ul> <li><a href="https://redirect.github.com/mainmatter/qunit-dom/pull/2147">#2147</a> feature: add HTML matching methods (<a href="https://github.com/CvX"><code>@CvX</code></a>)</li> </ul> </li> </ul> <h4>Committers: 1</h4> <ul> <li>Jarek Radosz (<a href="https://github.com/CvX"><code>@CvX</code></a>)</li> </ul> <h2>Release (2024-09-23)</h2> <p>qunit-dom 3.2.1 (patch)</p> <h4>:memo: Documentation</h4> <ul> <li><code>qunit-dom</code> <ul> <li><a href="https://redirect.github.com/mainmatter/qunit-dom/pull/2132">#2132</a> Regenerate docs (<a href="https://github.com/CvX"><code>@CvX</code></a>)</li> </ul> </li> </ul> <h4>:house: Internal</h4> <ul> <li><code>qunit-dom</code> <ul> <li><a href="https://redirect.github.com/mainmatter/qunit-dom/pull/2135">#2135</a> chore(release): migrate to release-plan (<a href="https://github.com/BobrImperator"><code>@BobrImperator</code></a>)</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/mainmatter/qunit-dom/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Replaces the `glob` dependency in `@sentry/remix` with a simple recursive `fs.readdirSync` walk for finding `.map` files to delete after source map upload. - [x] If you've added code that should be tested, please add tests. - [x] Ensure your code lints and the test suite passes (`yarn lint`) & (`yarn test`). - [ ] Link an issue if there is one related to your pull request. If no issue is linked, one will be auto-generated and linked. Ref #19447 ## What this does Replaces `glob.sync('**/*.map', { cwd: buildPath })` in `deleteSourcemaps.js` with a manual recursive directory walk using native `fs.readdirSync`. This removes the `glob` package and its transitive dependency tree (minimatch, brace-expansion, balanced-match, minipass, jackspeak, path-scurry, foreground-child) from `@sentry/remix`. Also cleans up orphaned `glob`/`jackspeak`/`path-scurry` resolution overrides in the integration test `package.json`. ## Why manual recursion instead of `fs.readdirSync({recursive: true})` `fs.readdirSync(dir, { recursive: true, withFileTypes: true })` silently drops entries on Node 18.17-18.18 due to a known Node.js bug. Since `@sentry/remix` supports Node >= 18, a manual recursive walk avoids this edge case entirely. ## Behavioral notes - The walk returns relative paths from `buildPath`, matching `glob.sync`'s `{ cwd }` output shape - Non-existent directories return `[]` gracefully (matching glob behavior) - The walk includes dotfiles (glob excludes by default with `dot: false`), but this has zero practical impact since Remix build output never produces `.map` dotfiles Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
This PR adds the external contributor to the CHANGELOG.md file, so that they are credited for their contribution. See #19531 Co-authored-by: Lms24 <8420481+Lms24@users.noreply.github.com>
When using `wrangler dev` there is an isolation scope spawned as in
production, but there is only **one** for the worker and the durable
object (DO) (while in production these two get 1 each). With local
development this could be a problem with the flush. The RPC is done
inside the worker, which means at the time the DO is getting called the
initial worker async local storage (ALS) is overwritten by the DO. That
leads to a wrong client when the worker flushes after all calls are
done. Here a little mermaid graph to showcase this a little better:
```mermaid
sequenceDiagram
participant W as Worker
participant ALS as AsyncLocalStorage
participant DO as Durable Object
participant S as Sentry Proxy
W->>ALS: Initialize ALS context (Worker client)
W->>DO: stub.fetch(request)
DO->>ALS: Initialize ALS context (DO client)
Note over ALS: ALS now holds DO client<br/>(single-threaded wrangler dev<br/>overwrites Worker context)
DO->>S: flush() ✅ (DO client correct)
DO-->>W: Response
W->>ALS: getIsolationScope().getClient()
Note over W,ALS: ❌ Returns DO client instead<br/>of Worker client
W->>S: flush() ❌ (wrong client)
Note over W: Worker events not flushed<br/>or flushed to wrong client
```
As we already have the `client` available inside the flush function (as
we pass it through), we can directly call it if it is available.
Closes #19901 (added automatically)
…9918) Partially fixes Dependabot alert #1224. Updates the @azure/core-xml transitive dependency chain to fast-xml-parser 5.5.8 (patched for CVE-2026-33349). AWS SDK and Langchain chains require upstream updates. --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Code intelligence plugins enable Claude Code’s built-in LSP tool, giving Claude the ability to jump to definitions, find references, and see type errors immediately after edits. ## Instructions 1. Install TS language server: `npm i -g typescript-language-server typescript` 2. Update Claude catalog: `claude plugin marketplace update claude-plugins-official` 3. Install Claude plugin: `claude plugin install typescript-lsp` 4. Verify: `claude plugin list` ### References - Claude Code Intelligence Docs: https://code.claude.com/docs/en/discover-plugins#code-intelligence - Blog article: https://karanbansal.in/blog/claude-code-lsp/ - Reddit thread: https://www.reddit.com/r/ClaudeCode/comments/1rh5pcm/enable_lsp_in_claude_code_code_navigation_goes/ - Claude Code PR (with undocumented env `ENABLE_LSP_TOOL`: anthropics/claude-code#15619 Closes #19931 (added automatically)
Bumps [effect](https://github.com/Effect-TS/effect/tree/HEAD/packages/effect) from 3.19.19 to 3.20.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Effect-TS/effect/releases">effect's releases</a>.</em></p> <blockquote> <h2>effect@3.20.0</h2> <h3>Minor Changes</h3> <ul> <li><a href="https://redirect.github.com/Effect-TS/effect/pull/6124">#6124</a> <a href="https://github.com/Effect-TS/effect/commit/8798a843218e6c0c0d3a8eee83360880e370b4da"><code>8798a84</code></a> Thanks <a href="https://github.com/mikearnaldi"><code>@mikearnaldi</code></a>! - Fix scheduler task draining to isolate <code>AsyncLocalStorage</code> across fibers.</li> </ul> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/6107">#6107</a> <a href="https://github.com/Effect-TS/effect/commit/fc82e81448bd9136a37580139ce46a2c61b11b54"><code>fc82e81</code></a> Thanks <a href="https://github.com/gcanti"><code>@gcanti</code></a>! - Backport <code>Types.VoidIfEmpty</code> to 3.x</p> </li> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/6088">#6088</a> <a href="https://github.com/Effect-TS/effect/commit/82996bce8debffcb44feb98bb862cf2662bd56b7"><code>82996bc</code></a> Thanks <a href="https://github.com/taylorOntologize"><code>@taylorOntologize</code></a>! - Schema: fix <code>Schema.omit</code> producing wrong result on Struct with <code>optionalWith({ default })</code> and index signatures</p> <p><code>getIndexSignatures</code> now handles <code>Transformation</code> AST nodes by delegating to <code>ast.to</code>, matching the existing behavior of <code>getPropertyKeys</code> and <code>getPropertyKeyIndexedAccess</code>. Previously, <code>Schema.omit</code> on a struct combining <code>Schema.optionalWith</code> (with <code>{ default }</code>, <code>{ as: "Option" }</code>, etc.) and <code>Schema.Record</code> would silently take the wrong code path, returning a Transformation with property signatures instead of a TypeLiteral with index signatures.</p> </li> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/6086">#6086</a> <a href="https://github.com/Effect-TS/effect/commit/4d97a61a15b9dd6a0eece65b8f0c035e16d42ada"><code>4d97a61</code></a> Thanks <a href="https://github.com/taylorOntologize"><code>@taylorOntologize</code></a>! - Schema: fix <code>getPropertySignatures</code> crash on Struct with <code>optionalWith({ default })</code> and other Transformation-producing variants</p> <p><code>SchemaAST.getPropertyKeyIndexedAccess</code> now handles <code>Transformation</code> AST nodes by delegating to <code>ast.to</code>, matching the existing behavior of <code>getPropertyKeys</code>. Previously, calling <code>getPropertySignatures</code> on a <code>Schema.Struct</code> containing <code>Schema.optionalWith</code> with <code>{ default }</code>, <code>{ as: "Option" }</code>, <code>{ nullable: true }</code>, or similar options would throw <code>"Unsupported schema (Transformation)"</code>.</p> </li> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/6097">#6097</a> <a href="https://github.com/Effect-TS/effect/commit/f6b0960bf3184109920dfed16ee7dfd7d67bc0f2"><code>f6b0960</code></a> Thanks <a href="https://github.com/gcanti"><code>@gcanti</code></a>! - Fix TupleWithRest post-rest validation to check each tail index sequentially.</p> </li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Effect-TS/effect/blob/main/packages/effect/CHANGELOG.md">effect's changelog</a>.</em></p> <blockquote> <h2>3.20.0</h2> <h3>Minor Changes</h3> <ul> <li><a href="https://redirect.github.com/Effect-TS/effect/pull/6124">#6124</a> <a href="https://github.com/Effect-TS/effect/commit/8798a843218e6c0c0d3a8eee83360880e370b4da"><code>8798a84</code></a> Thanks <a href="https://github.com/mikearnaldi"><code>@mikearnaldi</code></a>! - Fix scheduler task draining to isolate <code>AsyncLocalStorage</code> across fibers.</li> </ul> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/6107">#6107</a> <a href="https://github.com/Effect-TS/effect/commit/fc82e81448bd9136a37580139ce46a2c61b11b54"><code>fc82e81</code></a> Thanks <a href="https://github.com/gcanti"><code>@gcanti</code></a>! - Backport <code>Types.VoidIfEmpty</code> to 3.x</p> </li> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/6088">#6088</a> <a href="https://github.com/Effect-TS/effect/commit/82996bce8debffcb44feb98bb862cf2662bd56b7"><code>82996bc</code></a> Thanks <a href="https://github.com/taylorOntologize"><code>@taylorOntologize</code></a>! - Schema: fix <code>Schema.omit</code> producing wrong result on Struct with <code>optionalWith({ default })</code> and index signatures</p> <p><code>getIndexSignatures</code> now handles <code>Transformation</code> AST nodes by delegating to <code>ast.to</code>, matching the existing behavior of <code>getPropertyKeys</code> and <code>getPropertyKeyIndexedAccess</code>. Previously, <code>Schema.omit</code> on a struct combining <code>Schema.optionalWith</code> (with <code>{ default }</code>, <code>{ as: "Option" }</code>, etc.) and <code>Schema.Record</code> would silently take the wrong code path, returning a Transformation with property signatures instead of a TypeLiteral with index signatures.</p> </li> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/6086">#6086</a> <a href="https://github.com/Effect-TS/effect/commit/4d97a61a15b9dd6a0eece65b8f0c035e16d42ada"><code>4d97a61</code></a> Thanks <a href="https://github.com/taylorOntologize"><code>@taylorOntologize</code></a>! - Schema: fix <code>getPropertySignatures</code> crash on Struct with <code>optionalWith({ default })</code> and other Transformation-producing variants</p> <p><code>SchemaAST.getPropertyKeyIndexedAccess</code> now handles <code>Transformation</code> AST nodes by delegating to <code>ast.to</code>, matching the existing behavior of <code>getPropertyKeys</code>. Previously, calling <code>getPropertySignatures</code> on a <code>Schema.Struct</code> containing <code>Schema.optionalWith</code> with <code>{ default }</code>, <code>{ as: "Option" }</code>, <code>{ nullable: true }</code>, or similar options would throw <code>"Unsupported schema (Transformation)"</code>.</p> </li> <li> <p><a href="https://redirect.github.com/Effect-TS/effect/pull/6097">#6097</a> <a href="https://github.com/Effect-TS/effect/commit/f6b0960bf3184109920dfed16ee7dfd7d67bc0f2"><code>f6b0960</code></a> Thanks <a href="https://github.com/gcanti"><code>@gcanti</code></a>! - Fix TupleWithRest post-rest validation to check each tail index sequentially.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Effect-TS/effect/commit/aa473938a53d07837e84935329f4891a7d591c3b"><code>aa47393</code></a> Version Packages (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6089">#6089</a>)</li> <li><a href="https://github.com/Effect-TS/effect/commit/8798a843218e6c0c0d3a8eee83360880e370b4da"><code>8798a84</code></a> fix(effect): isolate scheduler runners per fiber (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6124">#6124</a>)</li> <li><a href="https://github.com/Effect-TS/effect/commit/fc82e81448bd9136a37580139ce46a2c61b11b54"><code>fc82e81</code></a> Backport <code>Types.VoidIfEmpty</code> to 3.x (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6107">#6107</a>)</li> <li><a href="https://github.com/Effect-TS/effect/commit/f6b0960bf3184109920dfed16ee7dfd7d67bc0f2"><code>f6b0960</code></a> Backport: Fix TupleWithRest post-rest index drift validation bug (<a href="https://github.com/Effect-TS/effect/tree/HEAD/packages/effect/issues/6097">#6097</a>)</li> <li><a href="https://github.com/Effect-TS/effect/commit/82996bce8debffcb44feb98bb862cf2662bd56b7"><code>82996bc</code></a> fix(Schema): handle Transformation in getIndexSignatures for correct omit beh...</li> <li><a href="https://github.com/Effect-TS/effect/commit/4d97a61a15b9dd6a0eece65b8f0c035e16d42ada"><code>4d97a61</code></a> Schema: fix getPropertySignatures crash on Struct with optionalWith({ default...</li> <li>See full diff in <a href="https://github.com/Effect-TS/effect/commits/effect@3.20.0/packages/effect">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/getsentry/sentry-javascript/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…19915) `h3App` is called `h3` in Nitro v3. Additionally, the type imports have changed. This PR is just moving some code around (not changing any logic). Those are the made changes: - Installing `nitro` as a `devDependency` -> the new import in Nitro v3 (instead of `nitropack`) - Created extra plugin that just does the handler patching (to not have to duplicate everthing - Extracted the patching function as an utility function which accepts a generic type (as type imports differ in Nitro versions) Currently, the `handler.server.ts` file (for Nuxt v5) is unused as we don't have a reliable way yet to tell whether Nitro v2 or v3 is running. In theory we could do something like this below but this only checks for Nuxt and not Nitro. ```ts // Checking for compatibilityVersion 5 in Nuxt, does not mean that Nitro v3 is installed for sure. if (nuxt.options.future.compatibilityVersion < 5) { addServerPlugin(moduleDirResolver.resolve('./runtime/plugins/handler.server')); } else { addServerPlugin(moduleDirResolver.resolve('./runtime/plugins/handler-legacy.server')); } ``` Closes #19913
#19921) Follow up to: #19863 Vercel sets raw error messages as span status. Currently we send them as is, but these values should be normalized to a known `SpanStatusType`. I confirmed the behavior with https://github.com/getsentry/testing-ai-sdk-integrations. Closes #19922 (added automatically)
…t v5 (#19920) Following the same pattern established for the H3 event handler, the database and storage instrumentation logic has been extracted from the plugin entry points into shared utility functions (`instrumentDatabase.ts`, `instrumentStorage.ts`). Closes #19916 --------- Co-authored-by: Nicolas Hrubec <nicolas.hrubec@outlook.com>
Fixes Dependabot alerts #1236 (SSE Event Injection) and #1237 (Path Traversal via Double Decoding) by updating the yarn.lock resolution for h3 from 1.15.5 to 1.15.10. Easier fix than #19910 as Nuxt 3.21.x introduced breaking type changes (removed nitro from NuxtOptions and nitro:config from NuxtHooks). Co-authored-by: Claude Sonnet 4 <noreply@anthropic.com>
Add truncation for content array messages i.e. messages that have a
`content` key, where `content` is an array of objects e.g. `{"type":
"text", "text": "some string"}`. Previously these were returned as is
bypassing the truncation logic. This PR makes sure these messages get
truncated as well.
We already handled parts array messages, which have essentially the same
format but use a `parts` key. So I basically just generalized the
`truncatePartsMessage` to also handle the content array format.
Note: After switching to the Span V2 protocol we will get rid of
truncation in the SDK altogether, but for now we should make sure to
properly truncate all formats.
Closes #19919 (added automatically)
) The Anthropic SDK lets you call `.withResponse()` and `.asResponse()` on the result of `client.messages.create()` (see https://platform.claude.com/docs/en/api/sdks/typescript#accessing-raw-response-data-e-g-headers). Our instrumentation was breaking this because the SDK returns a custom `APIPromise` (a Promise subclass with extra methods) and our wrapping stripped those methods away. We had the exact same problem with OpenAI (#19073) and fixed it using a Proxy that routes `.then/.catch/.finally` to the instrumented promise (preserving spans) while forwarding SDK-specific methods like `.withResponse()` to the original. This PR refactors that solution into a shared utility and applies it to the Anthropic integration for both non-streaming and streaming paths. Closes #19912
…19938) This adds tests for multi worker in integration tests by adding a `wrangler-sub-worker.jsonc` into it. Everything else is then according the official [Service Binding docs](https://developers.cloudflare.com/workers/runtime-apis/bindings/service-bindings/). So in the `worker-service-bindings` folder there is now a test which connects "Worker A" with "Worker B". This is enabled by having "Worker B" running as `wrangler-sub-worker.jsonc` and "Worker A" is referencing to "Worker B" inside the normal "wrangler.jsonc". Inside "Worker A" you can then use `env.ANOTHER_WORKER` to have an RPC between two workers. This will be important for the tests for #16898
### Key Decisions: - Built on `@sentry/bun` since Elysia is Bun-first. - We uses Elysia's first-party OTel plugin for lifecycle instrumentation instead of rolling our own. - We had to filter out `bunServerIntegration` to avoid competing root spans, as Elysia creates its own. - Error handling: Captures `5xx` and <= `299`, skips `3xx/4xx`. Aligned with Fastify. Overridable via `shouldHandleError`. - Client hooks registered once via module-level guard, safe to call withElysia() multiple times. - Elysia produces empty child spans for arrow function handlers. We collect their IDs in `spanEnd` (still empty at that point) and strip them in `beforeSendEvent`. Unless the user provides a named function, we will strip them, check the trace below as an example of a named function `logRequest` vs the stripped event handlers in other life cycle hooks. <img width="2784" height="650" alt="CleanShot 2026-03-05 at 15 19 34@2x" src="https://github.com/user-attachments/assets/38382794-1cdc-465f-8c8b-bbe80e4b8635" /> <img width="2094" height="908" alt="CleanShot 2026-03-05 at 15 02 12@2x" src="https://github.com/user-attachments/assets/8e449c67-d08a-4945-8da7-d6ca249d1056" /> TODOs: - [x] Plugin API to address registration order. - [x] Figure out a way to drop the root span or parameterize it. - [x] Transform into an SDK Closes #18956 --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…19955) Conditionally uses plugins for storage and database based on the Nitro version. Also adds a Nuxt 5 E2E test app, which skips the middleware tests (and some others) for now to be implemented in another PR. Or regarding Pinia, we need to wait until they support that. The E2E test app is mostly the same as the Nuxt 4 app (just migrated to Nitro v3) - explicit nitro imports instead of `#import` - `defineHandler` instead of `defineEventHandler` - `event.res?.headers.get()` instead of `getHeader()` Closes #19275
Contributor
Semver Impact of This PR🟢 Patch (bug fixes) 📋 Changelog PreviewThis is how your changes will appear in the changelog. Internal Changes 🔧
🤖 This preview updates automatically when you update the PR. |
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 3 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
dev-packages/e2e-tests/test-applications/elysia-node/tests/propagation.test.ts
Show resolved
Hide resolved
...browser-integration-tests/suites/public-api/startSpan/thenable-with-extra-methods/subject.js
Show resolved
Hide resolved
Mimics `@elysia/opentelemetry` own implementation and swaps out OTEL APIs with our own, main reason is I didn't want to lock OTEL deps to specific versions that may break in the wild. This is an exploration, but if all is green then I will consider merging this first into Elysia SDK before release. closes #18956 --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
nicohrubec
force-pushed
the
prepare-release/10.46.0
branch
3 times, most recently
from
094c294 to
7e0e394
Compare
Lms24
approved these changes
Mar 25, 2026
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
nicohrubec
force-pushed
the
prepare-release/10.46.0
branch
from
7e0e394 to
6f48cc4
Compare
Contributor
size-limit report 📦
|
Contributor
node-overhead report 🧳Note: This is a synthetic benchmark with a minimal express app and does not necessarily reflect the real-world performance impact in an application.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.