Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore(Snyk): Upgrade @sentry/profiling-node from 8.28.0 to 8.29.0 (#780)
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123) <h3>Snyk has created this PR to upgrade @sentry/profiling-node from 8.28.0 to 8.29.0.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **1 version** ahead of your current version. - The recommended version was released on **22 days ago**. <details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>@sentry/profiling-node</b></summary> <ul> <li> <b>8.29.0</b> - <a href="https://github.com/getsentry/sentry-javascript/releases/tag/8.29.0">2024-09-09</a></br><h3>Important Changes</h3> <ul> <li><strong>Beta releases of official Solid and SolidStart Sentry SDKs</strong></li> </ul> <p>This release marks the beta releases of the <code>@ sentry/solid</code> and <code>@ sentry/solidstart</code> Sentry SDKs. For details on how to<br> use them, check out the<br> <a href="https://github.com/getsentry/sentry-javascript/tree/develop/packages/solid">Sentry Solid SDK README</a> and the<br> <a href="https://github.com/getsentry/sentry-javascript/tree/develop/packages/solidstart">Sentry SolidStart SDK README</a><br> respectively. Please reach out on <a href="https://github.com/getsentry/sentry-javascript/issues/new/choose">GitHub</a> if you have<br> any feedback or concerns.</p> <ul> <li><strong>feat(node): Option to only wrap instrumented modules (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2440168322" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13139" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13139/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13139">#13139</a>)</strong></li> </ul> <p>Adds the SDK option to only wrap ES modules with <code>import-in-the-middle</code> that specifically need to be instrumented.</p> <div class="highlight highlight-source-js notranslate position-relative overflow-auto" data-snippet-clipboard-copy-content="import * as Sentry from '@ sentry/node'; Sentry.init({ dsn: '__PUBLIC_DSN__', registerEsmLoaderHooks: { onlyIncludeInstrumentedModules: true }, });"><pre><span class="pl-k">import</span> <span class="pl-c1">*</span> <span class="pl-k">as</span> <span class="pl-v">Sentry</span> <span class="pl-k">from</span> <span class="pl-s">'@ sentry/node'</span><span class="pl-kos">;</span> <span class="pl-v">Sentry</span><span class="pl-kos">.</span><span class="pl-en">init</span><span class="pl-kos">(</span><span class="pl-kos">{</span> <span class="pl-c1">dsn</span>: <span class="pl-s">'__PUBLIC_DSN__'</span><span class="pl-kos">,</span> <span class="pl-c1">registerEsmLoaderHooks</span>: <span class="pl-kos">{</span> <span class="pl-c1">onlyIncludeInstrumentedModules</span>: <span class="pl-c1">true</span> <span class="pl-kos">}</span><span class="pl-kos">,</span> <span class="pl-kos">}</span><span class="pl-kos">)</span><span class="pl-kos">;</span></pre></div> <ul> <li><strong>feat(node): Update OpenTelemetry packages to instrumentation v0.53.0 (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2505013369" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13587" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13587/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13587">#13587</a>)</strong></li> </ul> <p>All internal OpenTelemetry instrumentation was updated to their latest version. This adds support for Mongoose v7 and v8<br> and fixes various bugs related to ESM mode.</p> <h3>Other Changes</h3> <ul> <li>feat(nextjs): Emit warning when using turbopack (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2502465207" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13566" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13566/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13566">#13566</a>)</li> <li>feat(nextjs): Future-proof Next.js config options overriding (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2504983381" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13586" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13586/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13586">#13586</a>)</li> <li>feat(node): Add <code>generic-pool</code> integration (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2487465522" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13465" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13465/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13465">#13465</a>)</li> <li>feat(nuxt): Upload sourcemaps generated by Nitro (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2466230992" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13382" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13382/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13382">#13382</a>)</li> <li>feat(solidstart): Add <code>browserTracingIntegration</code> by default (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2501751703" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13561" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13561/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13561">#13561</a>)</li> <li>feat(solidstart): Add <code>sentrySolidStartVite</code> plugin to simplify source maps upload (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2491508245" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13493" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13493/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13493">#13493</a>)</li> <li>feat(vue): Only start UI spans if parent is available (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2502667000" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13568" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13568/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13568">#13568</a>)</li> <li>fix(cloudflare): Guard <code>context.waitUntil</code> call in request handler (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2500295892" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13549" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13549/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13549">#13549</a>)</li> <li>fix(gatsby): Fix assets path for sourcemaps upload (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2507448723" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13592" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13592/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13592">#13592</a>)</li> <li>fix(nextjs): Use posix paths for sourcemap uploads (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2509567193" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13603" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13603/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13603">#13603</a>)</li> <li>fix(node-fetch): Use stringified origin url (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2504749955" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13581" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13581/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13581">#13581</a>)</li> <li>fix(node): Replace dashes in <code>generic-pool</code> span origins with underscores (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2504640339" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13579" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13579/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13579">#13579</a>)</li> <li>fix(replay): Fix types in WebVitalData (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2503576160" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13573" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13573/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13573">#13573</a>)</li> <li>fix(replay): Improve replay web vital types (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2508630234" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13602" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13602/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13602">#13602</a>)</li> <li>fix(utils): Keep logger on carrier (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2502810517" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13570" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13570/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13570">#13570</a>)</li> </ul> <p>Work in this release was contributed by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Zen-cronic/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/Zen-cronic">@ Zen-cronic</a>. Thank you for your contribution!</p> </li> <li> <b>8.28.0</b> - <a href="https://github.com/getsentry/sentry-javascript/releases/tag/8.28.0">2024-09-03</a></br><h3>Important Changes</h3> <ul> <li><strong>Beta release of official NestJS SDK</strong></li> </ul> <p>This release contains the beta version of <code>@ sentry/nestjs</code>! For details on how to use it, check out the<br> <a href="https://github.com/getsentry/sentry-javascript/blob/master/packages/nestjs/README.md">README</a>. Any feedback/bug reports<br> are greatly appreciated, please reach out on GitHub.</p> <ul> <li><strong>fix(browser): Remove faulty LCP, FCP and FP normalization logic (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2491960592" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13502" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13502/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13502">#13502</a>)</strong></li> </ul> <p>This release fixes a bug in the <code>@ sentry/browser</code> package and all SDKs depending on this package (e.g. <code>@ sentry/react</code><br> or <code>@ sentry/nextjs</code>) that caused the SDK to send incorrect web vital values for the LCP, FCP and FP vitals. The SDK<br> previously incorrectly processed the original values as they were reported from the browser. When updating your SDK to<br> this version, you might experience an increase in LCP, FCP and FP values, which potentially leads to a decrease in your<br> performance score in the Web Vitals Insights module in Sentry. This is because the previously reported values were<br> smaller than the actually measured values. We apologize for the inconvenience!</p> <h3>Other Changes</h3> <ul> <li>feat(nestjs): Add <code>SentryGlobalGraphQLFilter</code> (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2498873205" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13545" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13545/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13545">#13545</a>)</li> <li>feat(nestjs): Automatic instrumentation of nestjs interceptors after route execution (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2453558373" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13264" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13264/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13264">#13264</a>)</li> <li>feat(nextjs): Add <code>bundleSizeOptimizations</code> to build options (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2461140938" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13323" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13323/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13323">#13323</a>)</li> <li>feat(nextjs): Stabilize <code>captureRequestError</code> (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2500682873" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13550" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13550/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13550">#13550</a>)</li> <li>feat(nuxt): Wrap config in nuxt context (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2486658763" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13457" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13457/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13457">#13457</a>)</li> <li>feat(profiling): Expose profiler as top level primitive (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2492896219" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13512" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13512/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13512">#13512</a>)</li> <li>feat(replay): Add layout shift to CLS replay data (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2466359020" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13386" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13386/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13386">#13386</a>)</li> <li>feat(replay): Upgrade rrweb packages to 2.26.0 (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2489549947" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13483" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13483/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13483">#13483</a>)</li> <li>fix(cdn): Do not mangle _metadata (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2473467027" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13426" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13426/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13426">#13426</a>)</li> <li>fix(cdn): Fix SDK source for CDN bundles (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2489085687" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13475" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13475/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13475">#13475</a>)</li> <li>fix(nestjs): Check arguments before instrumenting with <code>@ Injectable</code> (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2498819596" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13544" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13544/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13544">#13544</a>)</li> <li>fix(nestjs): Ensure exception and host are correctly passed on when using @ WithSentry (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2501912092" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13564" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13564/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13564">#13564</a>)</li> <li>fix(node): Suppress tracing for transport request execution rather than transport creation (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2491355594" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13491" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13491/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13491">#13491</a>)</li> <li>fix(replay): Consider more things as DOM mutations for dead clicks (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2493890628" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13518" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13518/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13518">#13518</a>)</li> <li>fix(vue): Correctly obtain component name (<a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2490176912" data-permission-text="Title is private" data-url="getsentry/sentry-javascript#13484" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/13484/hovercard" href="https://github.com/getsentry/sentry-javascript/pull/13484">#13484</a>)</li> </ul> <p>Work in this release was contributed by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/leopoldkristjansson/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/leopoldkristjansson">@ leopoldkristjansson</a>, <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mhuggins/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mhuggins">@ mhuggins</a> and <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/filips123/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/filips123">@ filips123</a>. Thank you for your<br> contributions!</p> </li> </ul> from <a href="https://github.com/getsentry/sentry-javascript/releases">@sentry/profiling-node GitHub release notes</a> </details> </details> --- > [!IMPORTANT] > > - Check the changes in this PR to ensure they won't cause issues with your project. > - This PR was automatically created by Snyk using the credentials of a real user. --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs._ **For more information:** <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJlZGFkYTE0Ny1jZDVmLTQ5ZDQtYWE1Ni1iZjQ0MmFmMGY5NzEiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImVkYWRhMTQ3LWNkNWYtNDlkNC1hYTU2LWJmNDQyYWYwZjk3MSJ9fQ==" width="0" height="0"/> > - 🧐 [View latest project report](https://app.snyk.io/org/mtes-mct/project/8a1190df-0364-4a9a-93bd-a9f28b54daf6?utm_source=github&utm_medium=referral&page=upgrade-pr) > - 📜 [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates) > - 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/mtes-mct/project/8a1190df-0364-4a9a-93bd-a9f28b54daf6/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) > - 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/mtes-mct/project/8a1190df-0364-4a9a-93bd-a9f28b54daf6/settings/integration?pkg=@sentry/profiling-node&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) [//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"@sentry/profiling-node","from":"8.28.0","to":"8.29.0"}],"env":"prod","hasFixes":false,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[],"prId":"edada147-cd5f-49d4-aa56-bf442af0f971","prPublicId":"edada147-cd5f-49d4-aa56-bf442af0f971","packageManager":"npm","priorityScoreList":[],"projectPublicId":"8a1190df-0364-4a9a-93bd-a9f28b54daf6","projectUrl":"https://app.snyk.io/org/mtes-mct/project/8a1190df-0364-4a9a-93bd-a9f28b54daf6?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":[],"type":"auto","upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2024-09-09T08:38:47.485Z"},"vulns":[]}' Co-authored-by: snyk-bot <[email protected]>
- Loading branch information