feat(v8/sveltekit): Deprecate fetchProxyScriptNonce option
#15011
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Lms24
changed the title
Lms24
changed the title
fetchProxyScriptNonce option
lforst
approved these changes
Jan 22, 2025
alexandresoro
pushed a commit
to alexandresoro/ouca-backend
that referenced
this pull request
Jan 22, 2025
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@sentry/node](https://github.com/getsentry/sentry-javascript/tree/master/packages/node) ([source](https://github.com/getsentry/sentry-javascript)) | dependencies | minor | [`8.50.0` -> `8.51.0`](https://renovatebot.com/diffs/npm/@sentry%2fnode/8.50.0/8.51.0) | --- ### Release Notes <details> <summary>getsentry/sentry-javascript (@​sentry/node)</summary> ### [`v8.51.0`](https://github.com/getsentry/sentry-javascript/releases/tag/8.51.0) [Compare Source](getsentry/sentry-javascript@8.50.0...8.51.0) ##### Important Changes - **feat(v8/node): Add `prismaInstrumentation` option to Prisma integration as escape hatch for all Prisma versions ([#​15128](getsentry/sentry-javascript#15128 This release adds a compatibility API to add support for Prisma version 6. To capture performance data for Prisma version 6: 1. Install the `@prisma/instrumentation` package on version 6. 2. Pass a `new PrismaInstrumentation()` instance as exported from `@prisma/instrumentation` to the `prismaInstrumentation` option: ```js import { PrismaInstrumentation } from '@​prisma/instrumentation'; Sentry.init({ integrations: [ prismaIntegration({ // Override the default instrumentation that Sentry uses prismaInstrumentation: new PrismaInstrumentation(), }), ], }); ``` The passed instrumentation instance will override the default instrumentation instance the integration would use, while the `prismaIntegration` will still ensure data compatibility for the various Prisma versions. 3. Remove the `previewFeatures = ["tracing"]` option from the client generator block of your Prisma schema. ##### Other Changes - feat(v8/browser): Add `multiplexedtransport.js` CDN bundle ([#​15046](getsentry/sentry-javascript#15046)) - feat(v8/browser): Add Unleash integration ([#​14948](getsentry/sentry-javascript#14948)) - feat(v8/deno): Deprecate Deno SDK as published on deno.land ([#​15121](getsentry/sentry-javascript#15121)) - feat(v8/sveltekit): Deprecate `fetchProxyScriptNonce` option ([#​15011](getsentry/sentry-javascript#15011)) - fix(v8/aws-lambda): Avoid overwriting root span name ([#​15054](getsentry/sentry-javascript#15054)) - fix(v8/core): `fatal` events should set session as crashed ([#​15073](getsentry/sentry-javascript#15073)) - fix(v8/node/nestjs): Use method on current fastify request ([#​15104](getsentry/sentry-javascript#15104)) Work in this release was contributed by [@​tjhiggins](https://github.com/tjhiggins), and [@​nwalters512](https://github.com/nwalters512). Thank you for your contributions! #### Bundle size 📦 | Path | Size | | ---------------------------------------------------------------- | ----------------- | | [@​sentry/browser](https://github.com/sentry/browser) | 23.29 KB | | [@​sentry/browser](https://github.com/sentry/browser) - with treeshaking flags | 23.17 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. Tracing) | 35.85 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. Tracing, Replay) | 73.2 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. Tracing, Replay) - with treeshaking flags | 66.66 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. Tracing, Replay with Canvas) | 77.51 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. Tracing, Replay, Feedback) | 89.44 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. Feedback) | 39.5 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. sendFeedback) | 27.9 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. FeedbackAsync) | 32.7 KB | | [@​sentry/react](https://github.com/sentry/react) | 25.97 KB | | [@​sentry/react](https://github.com/sentry/react) (incl. Tracing) | 38.68 KB | | [@​sentry/vue](https://github.com/sentry/vue) | 27.57 KB | | [@​sentry/vue](https://github.com/sentry/vue) (incl. Tracing) | 37.71 KB | | [@​sentry/svelte](https://github.com/sentry/svelte) | 23.46 KB | | CDN Bundle | 24.5 KB | | CDN Bundle (incl. Tracing) | 37.56 KB | | CDN Bundle (incl. Tracing, Replay) | 72.85 KB | | CDN Bundle (incl. Tracing, Replay, Feedback) | 78.21 KB | | CDN Bundle - uncompressed | 71.94 KB | | CDN Bundle (incl. Tracing) - uncompressed | 111.44 KB | | CDN Bundle (incl. Tracing, Replay) - uncompressed | 225.69 KB | | CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed | 238.79 KB | | [@​sentry/nextjs](https://github.com/sentry/nextjs) (client) | 38.93 KB | | [@​sentry/sveltekit](https://github.com/sentry/sveltekit) (client) | 36.36 KB | | [@​sentry/node](https://github.com/sentry/node) | 162.83 KB | | [@​sentry/node](https://github.com/sentry/node) - without tracing | 99.14 KB | | [@​sentry/aws-serverless](https://github.com/sentry/aws-serverless) | 126.65 KB | </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xMjIuMCIsInVwZGF0ZWRJblZlciI6IjM5LjEyMi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: https://git.tristess.app/alexandresoro/ouca-backend/pulls/491 Reviewed-by: Alexandre Soro <[email protected]> Co-authored-by: renovate <[email protected]> Co-committed-by: renovate <[email protected]>
alexandresoro
pushed a commit
to alexandresoro/ouca-web
that referenced
this pull request
Jan 22, 2025
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@sentry/react](https://github.com/getsentry/sentry-javascript/tree/master/packages/react) ([source](https://github.com/getsentry/sentry-javascript)) | dependencies | minor | [`8.50.0` -> `8.51.0`](https://renovatebot.com/diffs/npm/@sentry%2freact/8.50.0/8.51.0) | --- ### Release Notes <details> <summary>getsentry/sentry-javascript (@​sentry/react)</summary> ### [`v8.51.0`](https://github.com/getsentry/sentry-javascript/releases/tag/8.51.0) [Compare Source](getsentry/sentry-javascript@8.50.0...8.51.0) ##### Important Changes - **feat(v8/node): Add `prismaInstrumentation` option to Prisma integration as escape hatch for all Prisma versions ([#​15128](getsentry/sentry-javascript#15128 This release adds a compatibility API to add support for Prisma version 6. To capture performance data for Prisma version 6: 1. Install the `@prisma/instrumentation` package on version 6. 2. Pass a `new PrismaInstrumentation()` instance as exported from `@prisma/instrumentation` to the `prismaInstrumentation` option: ```js import { PrismaInstrumentation } from '@​prisma/instrumentation'; Sentry.init({ integrations: [ prismaIntegration({ // Override the default instrumentation that Sentry uses prismaInstrumentation: new PrismaInstrumentation(), }), ], }); ``` The passed instrumentation instance will override the default instrumentation instance the integration would use, while the `prismaIntegration` will still ensure data compatibility for the various Prisma versions. 3. Remove the `previewFeatures = ["tracing"]` option from the client generator block of your Prisma schema. ##### Other Changes - feat(v8/browser): Add `multiplexedtransport.js` CDN bundle ([#​15046](getsentry/sentry-javascript#15046)) - feat(v8/browser): Add Unleash integration ([#​14948](getsentry/sentry-javascript#14948)) - feat(v8/deno): Deprecate Deno SDK as published on deno.land ([#​15121](getsentry/sentry-javascript#15121)) - feat(v8/sveltekit): Deprecate `fetchProxyScriptNonce` option ([#​15011](getsentry/sentry-javascript#15011)) - fix(v8/aws-lambda): Avoid overwriting root span name ([#​15054](getsentry/sentry-javascript#15054)) - fix(v8/core): `fatal` events should set session as crashed ([#​15073](getsentry/sentry-javascript#15073)) - fix(v8/node/nestjs): Use method on current fastify request ([#​15104](getsentry/sentry-javascript#15104)) Work in this release was contributed by [@​tjhiggins](https://github.com/tjhiggins), and [@​nwalters512](https://github.com/nwalters512). Thank you for your contributions! #### Bundle size 📦 | Path | Size | | ---------------------------------------------------------------- | ----------------- | | [@​sentry/browser](https://github.com/sentry/browser) | 23.29 KB | | [@​sentry/browser](https://github.com/sentry/browser) - with treeshaking flags | 23.17 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. Tracing) | 35.85 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. Tracing, Replay) | 73.2 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. Tracing, Replay) - with treeshaking flags | 66.66 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. Tracing, Replay with Canvas) | 77.51 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. Tracing, Replay, Feedback) | 89.44 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. Feedback) | 39.5 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. sendFeedback) | 27.9 KB | | [@​sentry/browser](https://github.com/sentry/browser) (incl. FeedbackAsync) | 32.7 KB | | [@​sentry/react](https://github.com/sentry/react) | 25.97 KB | | [@​sentry/react](https://github.com/sentry/react) (incl. Tracing) | 38.68 KB | | [@​sentry/vue](https://github.com/sentry/vue) | 27.57 KB | | [@​sentry/vue](https://github.com/sentry/vue) (incl. Tracing) | 37.71 KB | | [@​sentry/svelte](https://github.com/sentry/svelte) | 23.46 KB | | CDN Bundle | 24.5 KB | | CDN Bundle (incl. Tracing) | 37.56 KB | | CDN Bundle (incl. Tracing, Replay) | 72.85 KB | | CDN Bundle (incl. Tracing, Replay, Feedback) | 78.21 KB | | CDN Bundle - uncompressed | 71.94 KB | | CDN Bundle (incl. Tracing) - uncompressed | 111.44 KB | | CDN Bundle (incl. Tracing, Replay) - uncompressed | 225.69 KB | | CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed | 238.79 KB | | [@​sentry/nextjs](https://github.com/sentry/nextjs) (client) | 38.93 KB | | [@​sentry/sveltekit](https://github.com/sentry/sveltekit) (client) | 36.36 KB | | [@​sentry/node](https://github.com/sentry/node) | 162.83 KB | | [@​sentry/node](https://github.com/sentry/node) - without tracing | 99.14 KB | | [@​sentry/aws-serverless](https://github.com/sentry/aws-serverless) | 126.65 KB | </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xMjIuMCIsInVwZGF0ZWRJblZlciI6IjM5LjEyMi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: https://git.tristess.app/alexandresoro/ouca-web/pulls/45 Reviewed-by: Alexandre Soro <[email protected]> Co-authored-by: renovate <[email protected]> Co-committed-by: renovate <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR deprecates the
fetchProxyScriptNonceoption which we'll remove in v9 due to security concerns.The replacements are outlined in the JSDoc.
Note: We cannot completely remove the script injection because it only became completely unnecessary with SvelteKit 2.16.0 which is too new that we could drop support for everything below it in v9. Maybe in v10 :)
For v9, I'll explore if we can dynamically decide to inject the script based on the sveltekit version.