Deps: Bump @sentry/react from 8.13.0 to 8.21.0

[dependabot]

Bumps @sentry/react from 8.13.0 to 8.21.0.

Release notes

Sourced from @​sentry/react's releases.

8.21.0

Important Changes

• Alpha release of Official Cloudflare SDK
  • feat(cloudflare): Add withSentry method (#13025)
  • feat(cloudflare): Add cloudflare sdk scaffolding (#12953)
  • feat(cloudflare): Add basic cloudflare package and tests (#12861)

This release contains the alpha version of @sentry/cloudflare, our SDK for the Cloudflare Workers JavaScript Runtime! For details on how to use it, please see the README. Any feedback/bug reports are greatly appreciated, please reach out on GitHub.

Please note that only Cloudflare Workers are tested and supported - official Cloudflare Pages support will come in an upcoming release.

Other Changes

• feat(feedback): Make cropped screenshot area draggable (#13071)
• feat(core): Adapt spans for client-side fetch to streaming responses (#12723)
• feat(core): Capture # of dropped spans through beforeSendTransaction (#13022)
• feat(deps): bump @opentelemetry/instrumentation-aws-sdk from 0.43.0 to 0.43.1 (#13089)
• feat(deps): bump @opentelemetry/instrumentation-express from 0.41.0 to 0.41.1 (#13090)
• feat(nestjs): Automatic instrumentation of nestjs middleware (#13065)
• feat(node): Upgrade import-in-the-middle to 1.11.0 (#13107)
• feat(nuxt): Add connected tracing meta tags (#13098)
• feat(nuxt): Add vue-router instrumentation (#13054)
• feat(solidstart): Add server action instrumentation helper (#13035)
• fix(feedback): Ensure pluggable feedback CDN bundle is correctly built (#13081)
• fix(nextjs): Only delete clientside bundle source maps with sourcemaps.deleteFilesAfterUpload (#13102)
• fix(node): Improve OTEL validation logic (#13079)

Bundle size 📦

Path	Size
@​sentry/browser	22.45 KB
@​sentry/browser (incl. Tracing)	34.22 KB
@​sentry/browser (incl. Tracing, Replay)	70.26 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	63.59 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	74.66 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	87.24 KB
@​sentry/browser (incl. Tracing, Replay, Feedback, metrics)	89.08 KB
@​sentry/browser (incl. metrics)	26.75 KB
@​sentry/browser (incl. Feedback)	39.37 KB
@​sentry/browser (incl. sendFeedback)	27.06 KB
@​sentry/browser (incl. FeedbackAsync)	31.7 KB
@​sentry/react	25.22 KB
@​sentry/react (incl. Tracing)	37.22 KB
@​sentry/vue	26.6 KB

... (truncated)

Changelog

Sourced from @​sentry/react's changelog.

8.21.0

Important Changes

• Alpha release of Official Cloudflare SDK
  • feat(cloudflare): Add withSentry method (#13025)
  • feat(cloudflare): Add cloudflare sdk scaffolding (#12953)
  • feat(cloudflare): Add basic cloudflare package and tests (#12861)

This release contains the alpha version of @sentry/cloudflare, our SDK for the Cloudflare Workers JavaScript Runtime! For details on how to use it, please see the README. Any feedback/bug reports are greatly appreciated, please reach out on GitHub.

Please note that only Cloudflare Workers are tested and supported - official Cloudflare Pages support will come in an upcoming release.

Other Changes

• feat(feedback): Make cropped screenshot area draggable (#13071)
• feat(core): Adapt spans for client-side fetch to streaming responses (#12723)
• feat(core): Capture # of dropped spans through beforeSendTransaction (#13022)
• feat(deps): bump @opentelemetry/instrumentation-aws-sdk from 0.43.0 to 0.43.1 (#13089)
• feat(deps): bump @opentelemetry/instrumentation-express from 0.41.0 to 0.41.1 (#13090)
• feat(nestjs): Automatic instrumentation of nestjs middleware (#13065)
• feat(node): Upgrade import-in-the-middle to 1.11.0 (#13107)
• feat(nuxt): Add connected tracing meta tags (#13098)
• feat(nuxt): Add vue-router instrumentation (#13054)
• feat(solidstart): Add server action instrumentation helper (#13035)
• fix(feedback): Ensure pluggable feedback CDN bundle is correctly built (#13081)
• fix(nextjs): Only delete clientside bundle source maps with sourcemaps.deleteFilesAfterUpload (#13102)
• fix(node): Improve OTEL validation logic (#13079)

8.20.0

Important Changes

• feat(node): Allow to pass registerEsmLoaderHooks to preload (#12998)

You can write your own custom preload script and configure this in the preload options. registerEsmLoaderHooks can be passed as an option to preloadOpenTelemetry, which allows to exclude/include packages in the preload.

• fix(node): Do not emit fetch spans when tracing is disabled (#13003)

Sentry will not emit "fetch" spans if tracing is disabled. This is relevant for user who use their own sampler.

Other Changes

• feat(feedback): Trigger button aria label configuration (#13008)
• feat(nestjs): Change nest sdk setup (#12920)

... (truncated)

Commits

• b316615 release: 8.21.0
• dd3b1aa Merge pull request #13110 from getsentry/prepare-release/8.21.0
• f3a4109 meta: Update CHANGELOG for 8.21.0
• 51f85e6 feat(node): Upgrade import-in-the-middle to 1.11.0 (#13107)
• d73a567 fix(browser-integration-tests): Fix feedback addon CDN bundle integration tes...
• d222dd5 Merge pull request #13109 from getsentry/lms/sync-master-develop
• ce53667 fix(nextjs): Only delete clientside bundle source maps with `sourcemaps.delet...
• cfafa71 Merge branch 'develop' into lms/sync-master-develop
• e3af1ce feat(nestjs): Automatic instrumentation of nestjs middleware (#13065)
• b7e62c4 test(astro): Switch to explicit vitest imports (#13093)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 6b846d3.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@sentry-internal/browser-utils	8.21.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 59 existing vulnerabilities detected
npm/@sentry-internal/feedback	8.21.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 59 existing vulnerabilities detected
npm/@sentry-internal/replay	8.21.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 59 existing vulnerabilities detected
npm/@sentry-internal/replay-canvas	8.21.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 59 existing vulnerabilities detected
npm/@sentry/browser	8.21.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 59 existing vulnerabilities detected
npm/@sentry/core	8.21.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 59 existing vulnerabilities detected
npm/@sentry/react	8.21.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 59 existing vulnerabilities detected
npm/@sentry/types	8.21.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 59 existing vulnerabilities detected
npm/@sentry/utils	8.21.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 59 existing vulnerabilities detected
npm/@sentry/react	^8.21.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 28 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 59 existing vulnerabilities detected

Scanned Manifest Files

package-lock.json

• @sentry-internal/[email protected]
• @sentry-internal/[email protected]
• @sentry-internal/[email protected]
• @sentry-internal/[email protected]
• @sentry/[email protected]
• @sentry/[email protected]
• @sentry/[email protected]
• @sentry/[email protected]
• @sentry/[email protected]
• @sentry-internal/[email protected]
• @sentry-internal/[email protected]
• @sentry-internal/[email protected]
• @sentry-internal/[email protected]
• @sentry/[email protected]
• @sentry/[email protected]
• @sentry/[email protected]
• @sentry/[email protected]
• @sentry/[email protected]

package.json

• @sentry/react@^8.21.0
• @sentry/react@^8.13.0

[github-actions]

Conventional Commits Report

Type	Number
Dependencies	1

🚀 Conventional commits found.

[dependabot]

Superseded by #4119.