
Latest version: v23.7.1

Safety actively analyzes 714860 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 25 of 223


Important Changes

- **doc(sveltekit): Promote the SDK to beta state (7976)**
- feat(sveltekit): Convert `sentryHandle` to a factory function (7975)

With this release, the Sveltekit SDK ([sentry/sveltekit](./packages/sveltekit/ is promoted to Beta.
This means that we do not expect any more breaking changes.

The final breaking change is that `sentryHandle` is now a function.
So in order to update to 7.50.0, you have to update your `hooks.server.js` file:

// hooks.server.js

// Old:
export const handle = sentryHandle;
// New:
export const handle = sentryHandle();

- **feat(replay): Allow to configure URLs to capture network bodies/headers (7953)**

You can now capture request/response bodies & headers of network requests in Replay.
You have to define an allowlist of URLs you want to capture additional information for:

new Replay({
networkDetailAllowUrls: [''],

By default, we will capture request/response bodies, as well as the request/response headers `content-type`, `content-length` and `accept`.
You can configure this with some additional configuration:

new Replay({
networkDetailAllowUrls: [''],
// opt-out of capturing bodies
networkCaptureBodies: false,
// These headers are captured _in addition to_ the default headers
networkRequestHeaders: ['X-Custom-Header'],
networkResponseHeaders: ['X-Custom-Header', 'X-Custom-Header-2']

Note that bodies will be truncated to a max length of ~150k characters.

**- feat(replay): Changes of sampling behavior & public API**
- feat(replay): Change the behavior of error-based sampling (7768)
- feat(replay): Change `flush()` API to record current event buffer (7743)
- feat(replay): Change `stop()` to flush and remove current session (7741)

We have changed the behavior of error-based sampling, as well as adding & adjusting APIs a bit to be more aligned with expectations.
See [Sampling](./packages/replay/README.mdsampling) for details.

We've also revamped some public APIs in order to be better aligned with expectations. See [Stoping & Starting Replays manually](./packages/replay/README.mdstopping--starting-replays-manually) for details.

- **feat(core): Add multiplexed transport (7926)**

We added a new transport to support multiplexing.
With this, you can configure Sentry to send events to different DSNs, depending on a logic of your choosing:

import { makeMultiplexedTransport } from 'sentry/core';
import { init, captureException, makeFetchTransport } from 'sentry/browser';

function dsnFromFeature({ getEvent }) {
const event = getEvent();
switch(event?.tags?.feature) {
case 'cart':
return ['__CART_DSN__'];
case 'gallery':
return ['__GALLERY_DSN__'];
return []

dsn: '__FALLBACK_DSN__',
transport: makeMultiplexedTransport(makeFetchTransport, dsnFromFeature)

Additional Features and Fixes

- feat(nextjs): Add `disableLogger` option that automatically tree shakes logger statements (7908)
- feat(node): Make Undici a default integration. (7967)
- feat(replay): Extend session idle time until expire to 15min (7955)
- feat(tracing): Add `db.system` span data to DB spans (7952)
- fix(core): Avoid crash when Function.prototype is frozen (7899)
- fix(nextjs): Fix inject logic for Next.js 13.3.1 canary (7921)
- fix(replay): Ensure console breadcrumb args are truncated (7917)
- fix(replay): Ensure we do not set replayId on dsc if replay is disabled (7939)
- fix(replay): Ensure we still truncate large bodies if they are failed JSON (7923)
- fix(utils): default normalize() to a max. of 100 levels deep instead of Inifnity (7957)

Work in this release contributed by Jack-Works. Thank you for your contribution!


Important Changes

- **feat(sveltekit): Read adapter output directory from `svelte.config.js` (7863)**

Our source maps upload plugin is now able to read `svelte.config.js`. This is necessary to automatically find the output directory that users can specify when setting up the Node adapter.

- **fix(replay): Ensure we normalize scope breadcrumbs to max. depth to avoid circular ref (7915)**

This release fixes a potential problem with how Replay captures console logs.
Any objects logged will now be cut off after a maximum depth of 10, as well as cutting off any properties after the 1000th.
This should ensure we do not accidentally capture massive console logs, where a stringified object could reach 100MB or more.

- **fix(utils): Normalize HTML elements as string (7916)**

We used to normalize references to HTML elements as POJOs.
This is both not very easily understandable, as well as potentially large, as HTML elements may have properties attached to them.
With this change, we now normalize them to e.g. `[HTMLElement: HTMLInputElement]`.

Additional Features and Fixes

- feat(browser): Simplify stack parsers (7897)
- feat(node): Add monitor upsert types (7914)
- feat(replay): Truncate network bodies to max size (7875)
- fix(gatsby): Don't crash build when auth token is missing (7858)
- fix(gatsby): Use `import` for `gatsby-browser.js` instead of `require` (7889)
- fix(nextjs): Handle braces in stack frame URLs (7900)
- fix(nextjs): Mark value injection loader result as uncacheable (7870)
- fix(node): Correct typo in trpc integration transaciton name (7871)
- fix(node): reduce deepReadDirSync runtime complexity (7910)
- fix(sveltekit): Avoid capturing "Not Found" errors in server `handleError` wrapper (7898)
- fix(sveltekit): Detect sentry release before creating the Vite plugins (7902)
- fix(sveltekit): Use `` file when uploading source maps (7890)
- fix(tracing): Ensure we use s instead of ms for startTimestamp (7877)
- ref(deprecate): Deprecate `timestampWithMs` (7878)
- ref(nextjs): Don't use Sentry Webpack Plugin in dev mode (7901)


Important Changes

- **feat(node): Add `AsyncLocalStorage` implementation of `AsyncContextStrategy` (7800)**
- feat(core): Extend `AsyncContextStrategy` to allow reuse of existing context (7778)
- feat(core): Make `runWithAsyncContext` public API (7817)
- feat(core): Add async context abstraction (7753)
- feat(node): Adds `domain` implementation of `AsyncContextStrategy` (7767)
- feat(node): Auto-select best `AsyncContextStrategy` for Node.js version (7804)
- feat(node): Migrate to domains used through `AsyncContextStrategy` (7779)

This release switches the SDK to use [`AsyncLocalStorage`]( as the async context isolation mechanism in the SDK for Node 14+. For Node 10 - 13, we continue to use the Node [`domain`]( standard library, since `AsyncLocalStorage` is not supported there. **Preliminary testing showed [a 30% improvement in latency and rps]( when making the switch from domains to `AsyncLocalStorage` on Node 16.**

If you want to manually add async context isolation to your application, you can use the new `runWithAsyncContext` API.

import * as Sentry from 'sentry/node';

const requestHandler = (ctx, next) => {
return new Promise((resolve, reject) => {
Sentry.runWithAsyncContext(async () => {
const hub = Sentry.getCurrentHub();

hub.configureScope(scope =>
scope.addEventProcessor(event =>
Sentry.addRequestDataToEvent(event, ctx.request, {
include: {
user: false,

try {
await next();
} catch (err) {

If you're manually using domains to isolate Sentry data, we strongly recommend switching to this API!

In addition to exporting `runWithAsyncContext` publicly, the SDK also uses it internally where we previously used domains.

- **feat(sveltekit): Remove `withSentryViteConfig` (7789)**
- feat(sveltekit): Remove SDK initialization via dedicated files (7791)

This release removes our `withSentryViteConfig` wrapper we previously instructed you to add to your `vite.config.js` file. It is replaced Vite plugins which you simply add to your Vite config, just like the `sveltekit()` Vite plugins. We believe this is a more transparent and Vite/SvelteKit-native way of applying build time modifications. Here's how to use the plugins:

// vite.config.js
import { sveltekit } from 'sveltejs/kit/vite';
import { sentrySvelteKit } from 'sentry/sveltekit';

export default {
plugins: [sentrySvelteKit(), sveltekit()],
// ... rest of your Vite config

Take a look at the [`README`]( for updated instructions!

Furthermore, with this transition, we removed the possibility to intialize the SDK in dedicated `sentry.(client|server).config.js` files. Please use SvelteKit's [hooks files]( to initialize the SDK.

Please note that these are **breaking changes**! We're sorry for the inconvenience but the SvelteKit SDK is still in alpha stage and we want to establish a clean and SvelteKit-friendly API before making the SDK stable. You have been [warned]( ;)

- **feat(sveltekit): Add Sentry Vite Plugin to upload source maps (7811)**

This release adds automatic upload of source maps to the SvelteKit SDK. No need to configure anything other than adding our Vite plugins to your SDK. The example above shows you how to do this.

Please make sure to follow the [`README`]( to specify your Sentry auth token, as well as org and project slugs.

**- feat(replay): Capture request & response headers (7816)**

Replay now captures the `content-length`, `content-type`, and `accept` headers from requests and responses automatically.

Additional Features and Fixes

- feat(browser): Export request instrumentation options (7818)
- feat(core): Add async context abstraction (7753)
- feat(core): Add DSC to all outgoing envelopes (7820)
- feat(core): Cache processed stacks for debug IDs (7825)
- feat(node): Add checkin envelope types (7777)
- feat(replay): Add `getReplayId()` method (7822)
- fix(browser): Adjust `BrowserTransportOptions` to support offline transport options (7775)
- fix(browser): DOMException SecurityError stacktrace parsing bug (7821)
- fix(core): Log warning when tracing extensions are missing (7601)
- fix(core): Only call `applyDebugMetadata` for error events (7824)
- fix(integrations): Ensure httpclient integration works with Request (7786)
- fix(node): `reuseExisting` does not need to call bind on domain (7780)
- fix(node): Fix domain scope inheritance (7799)
- fix(node): Make `trpcMiddleware` factory synchronous (7802)
- fix(serverless): Account when transaction undefined (7829)
- fix(utils): Make xhr instrumentation independent of parallel running SDK versions (7836)


Important Changes

- **feat(browser)**: Add captureUserFeedback (7729)

This release adds a new API, `Sentry.captureUserFeedback`, to browser-side SDKs that allows you to send user feedback to Sentry without loading and opening Sentry's user feedback dialog. This allows you to obtain user feedback however and whenever you want to and simply send it to Sentry using the SDK.

For instance, you can collect feedback, whenever convenient as shown in this example:

const eventId = Sentry.captureMessage('User Feedback');
const user = Sentry.getCurrentHub().getScope().getUser();
const userFeedback = {
event_id: eventId;
name: user.username
comments: 'I really like your App, thanks!'

Note that feedback needs to be coupled to an event but as in the example above, you can just use `Sentry.captureMessage` to generate one.

You could also collect feedback in a custom way if an error happens and use the SDK to send it along:
dsn: '__DSN__',
beforeSend: event => {
const userFeedback = collectYourUserFeedback();
const feedback = {
event_id: event.event_id.
return event;

- **feat(tracing)**: Deprecate `sentry/tracing` exports (7611)

With this release, we officially deprecate all exports from the `sentry/tracing` package, in favour of using them directly from the main SDK package. The `sentry/tracing` package will be removed in a future major release.

Please take a look at the [Migration docs](./ for more details.

Additional Features and Fixes

- feat(sveltekit): Add partial instrumentation for client-side `fetch` (7626)
- fix(angular): Handle routes with empty path (7686)
- fix(angular): Only open report dialog if error was sent (7750)
- fix(core): Determine debug ID paths from the top of the stack (7722)
- fix(ember): Ensure only one client is created & Replay works (7712)
- fix(integrations): Ensure HttpClient integration works with Axios (7714)
- fix(loader): Ensure JS loader works with tracing & add tests (7662)
- fix(nextjs): Restore tree shaking capabilities (7710)
- fix(node): Disable `LocalVariables` integration on Node < v18 (7748)
- fix(node): Redact URL authority only in breadcrumbs and spans (7740)
- fix(react): Only show report dialog if event was sent to Sentry (7754)
- fix(remix): Remove unnecessary dependencies (7708)
- fix(replay): Ensure circular references are handled (7752)
- fix(sveltekit): Don't capture thrown `Redirect`s as exceptions (7731)
- fix(sveltekit): Log error to console by default in `handleErrorWithSentry` (7674)
- fix(tracing): Make sure idle transaction does not override other transactions (7725)

Work in this release contributed by de-don and TrySound. Thank you for your contributions!


Important Changes

- **feat(sveltekit)**: Add Performance Monitoring for SvelteKit
- feat(sveltekit): Add meta tag for backend -> frontend (7574)
- fix(sveltekit): Explicitly export Node SDK exports (7644)
- fix(sveltekit): Handle nested server calls in `sentryHandle` (7598)
- ref(sveltekit): Split up universal and server load wrappers (7652)

This release adds support for Performance Monitoring in our SvelteKit SDK for the client/server. We've also changed how you should initialize your SDK. Please read our updated [SvelteKit README instructions](./packages/sveltekit/ for more details.

- **feat(core)**: Add `ignoreTransactions` option (7594)

You can now easily filter out certain transactions from being sent to Sentry based on their name.

ignoreTransactions: ['/api/healthcheck', '/ping'],

- **feat(node)**: Undici integration (7582)
- feat(nextjs): Add Undici integration automatically (7648)
- feat(sveltekit): Add Undici integration by default (7650)

We've added an integration that automatically instruments [Undici]( and Node server side fetch. This supports Undici `v4.7.0` or higher and requires Node `v16.7.0` or higher. After adding the integration outgoing requests made by Undici will have associated spans and breadcrumbs in Sentry.

integrations: [new Sentry.Integrations.Undici()],

In our Next.js and SvelteKit SDKs, this integration is automatically added.

- **feat(node)**: Add Sentry tRPC middleware (7511)

We've added a new middleware for [trpc]( that automatically adds TRPC information to Sentry transactions. This middleware is meant to be used in combination with a Sentry server integration (Next.js, Express, etc).

import { initTRPC } from 'trpc/server';
import * as Sentry from 'sentry/node';

const t = initTRPC.context().create();
const sentryMiddleware = t.middleware(
attachRpcInput: true,

const sentrifiedProcedure = t.procedure.use(sentryMiddleware);

- **feat(tracing)**: Remove requirement for `sentry/tracing` package

With `7.46.0` you no longer require the `sentry/tracing` package to use tracing and performance monitoring with the Sentry JavaScript SDKs. The `sentry/tracing` package will be removed in a future major release, but can still be used with no changes.

Please see the [Migration docs](./ for more details.

- **fix(node)**: Convert debugging code to callbacks to fix memory leak in `LocalVariables` integration (7637)

This fixes a memory leak in the opt-in [`LocalVariables` integration](, which adds local variables to the stacktraces sent to Sentry. The minimum recommended version to use the `LocalVariables` is now `7.46.0`.

Additional Features and Fixes

- feat(node): Auto discovery only returns integrations where dependency loads (7603)
- feat(node): Sanitize URLs in Span descriptions and breadcrumbs (PII) (7667)
- feat(replay): Add `responseStatus`, `decodedBodySize` to perf entries (7613)
- feat(replay): Add experiment to capture request/response bodies (7589)
- feat(replay): Capture replay mutation breadcrumbs & add experiment (7568)
- feat(tracing): Ensure `pageload` transaction starts at timeOrigin (7632)
- fix(core): Remove `abs_path` from stack trace (reverting 7167) (7623)
- fix(nextjs): Add loading component type to server component wrapping (7639)
- fix(nextjs): Don't report `NEXT_NOT_FOUND` and `NEXT_REDIRECT` errors (7642)
- fix(nextjs): Rewrite `abs_path` frames (7619)
- fix(nextjs): Show errors and warnings only once during build (7651)
- fix(nextjs): Use Next.js internal AsyncStorage (7630)
- fix(nextjs): Gracefully handle undefined `beforeFiles` in rewrites (7649)

Work in this release contributed by aldenquimby and bertho-zero. Thank you for your contributions!


- build(cdn): Ensure ES5 bundles do not use non-ES5 code (7550)
- feat(core): Add trace function (7556)
- feat(hub): Make scope always defined on the hub (7551)
- feat(replay): Add `replay_id` to transaction DSC (7571)
- feat(replay): Capture fetch body size for replay events (7524)
- feat(sveltekit): Add performance monitoring for client load (7537)
- feat(sveltekit): Add performance monitoring for server load (7536)
- feat(sveltekit): Add performance monitoring to Sveltekit server handle (7532)
- feat(sveltekit): Add SvelteKit routing instrumentation (7565)
- fix(browser): Ensure keepalive flag is correctly set for parallel requests (7553)
- fix(core): Ensure `ignoreErrors` only applies to error events (7573)
- fix(node): Consider tracing error handler for process exit (7558)
- fix(otel): Make sure we use correct hub on finish (7577)
- fix(react): Handle case where error.cause already defined (7557)

Page 25 of 223



Has known vulnerabilities

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.