[Snyk] Upgrade @sentry/react from 7.16.0 to 8.14.0 #781

q1blue · 2024-07-26T00:09:05Z

This PR was automatically created by Snyk using the credentials of a real user.

![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade @sentry/react from 7.16.0 to 8.14.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

The recommended version is 188 versions ahead of your current version.
The recommended version was released on 22 days ago.

Release notes

Package name: @sentry/react

8.14.0 - 2024-07-04

Important Changes

feat(nestjs): Filter 4xx errors (#12695)

The @ sentry/nestjs SDK no longer captures 4xx errors automatically.

Other Changes

chore(react): Remove private namespace JSX (#12691)
feat(deps): bump @ opentelemetry/propagator-aws-xray from 1.25.0 to 1.25.1 (#12719)
feat(deps): bump @ prisma/instrumentation from 5.16.0 to 5.16.1 (#12718)
feat(node): Add registerEsmLoaderHooks option (#12684)
feat(opentelemetry): Expose sampling helper (#12674)
fix(browser): Make sure measure spans have valid start timestamps (#12648)
fix(hapi): Widen type definitions (#12710)
fix(nextjs): Attempt to ignore critical dependency warnings (#12694)
fix(react): Fix React jsx runtime import for esm (#12740)
fix(replay): Start replay in afterAllSetup instead of next tick (#12709)

Work in this release was contributed by @ quisido. Thank you for your contribution!

Bundle size 📦

Path	Size
@ sentry/browser	22.22 KB
@ sentry/browser (incl. Tracing)	33.38 KB
@ sentry/browser (incl. Tracing, Replay)	69.12 KB
@ sentry/browser (incl. Tracing, Replay) - with treeshaking flags	62.45 KB
@ sentry/browser (incl. Tracing, Replay with Canvas)	73.18 KB
@ sentry/browser (incl. Tracing, Replay, Feedback)	85.8 KB
@ sentry/browser (incl. Tracing, Replay, Feedback, metrics)	87.66 KB
@ sentry/browser (incl. metrics)	26.5 KB
@ sentry/browser (incl. Feedback)	38.86 KB
@ sentry/browser (incl. sendFeedback)	26.85 KB
@ sentry/browser (incl. FeedbackAsync)	31.45 KB
@ sentry/react	24.97 KB
@ sentry/react (incl. Tracing)	36.43 KB
@ sentry/vue	26.33 KB
@ sentry/vue (incl. Tracing)	35.24 KB
@ sentry/svelte	22.36 KB
CDN Bundle	23.42 KB
CDN Bundle (incl. Tracing)	35.12 KB
CDN Bundle (incl. Tracing, Replay)	69.22 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	74.41 KB
CDN Bundle - uncompressed	68.8 KB
CDN Bundle (incl. Tracing) - uncompressed	103.82 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	214.21 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	226.92 KB
@ sentry/nextjs (client)	36.3 KB
@ sentry/sveltekit (client)	34.02 KB
@ sentry/node	130.68 KB
@ sentry/node - without tracing	91.71 KB
@ sentry/aws-serverless	116.88 KB

8.13.0 - 2024-06-27

Important Changes

feat(nestjs): Add Nest SDK This release adds a dedicated SDK for NestJS (@ sentry/nestjs)
in alpha state. The SDK is a drop-in replacement for the Sentry Node SDK (@ sentry/node) supporting the same set of
features. See the docs for how to use the SDK.

Other Changes

deps: Bump bundler plugins to 2.20.1 (#12641)
deps(nextjs): Remove react peer dep and allow rc (#12670)
feat: Update OTEL deps (#12635)
feat(deps): bump @ prisma/instrumentation from 5.15.0 to 5.15.1 (#12627)
feat(node): Add context info for missing instrumentation (#12639)
fix(feedback): Improve feedback error message (#12647)

Bundle size 📦

Path	Size
@ sentry/browser	22.22 KB
@ sentry/browser (incl. Tracing)	33.31 KB
@ sentry/browser (incl. Tracing, Replay)	69.09 KB
@ sentry/browser (incl. Tracing, Replay) - with treeshaking flags	62.42 KB
@ sentry/browser (incl. Tracing, Replay with Canvas)	73.15 KB
@ sentry/browser (incl. Tracing, Replay, Feedback)	85.75 KB
@ sentry/browser (incl. Tracing, Replay, Feedback, metrics)	87.61 KB
@ sentry/browser (incl. metrics)	26.5 KB
@ sentry/browser (incl. Feedback)	38.86 KB
@ sentry/browser (incl. sendFeedback)	26.84 KB
@ sentry/browser (incl. FeedbackAsync)	31.45 KB
@ sentry/react	24.97 KB
@ sentry/react (incl. Tracing)	36.36 KB
@ sentry/vue	26.33 KB
@ sentry/vue (incl. Tracing)	35.17 KB
@ sentry/svelte	22.36 KB
CDN Bundle	23.42 KB
CDN Bundle (incl. Tracing)	35.05 KB
CDN Bundle (incl. Tracing, Replay)	69.18 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	74.38 KB
CDN Bundle - uncompressed	68.8 KB
CDN Bundle (incl. Tracing) - uncompressed	103.66 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	214.13 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	226.84 KB
@ sentry/nextjs (client)	36.24 KB
@ sentry/sveltekit (client)	33.95 KB
@ sentry/node	130.61 KB
@ sentry/node - without tracing	91.63 KB
@ sentry/aws-serverless	116.8 KB

8.12.0 - 2024-06-25

Important Changes

feat(solid): Remove need to pass router hooks to solid integration (breaking)

This release introduces breaking changes to the @ sentry/solid package (which is currently out in alpha).

We've made it easier to get started with the solid router integration by removing the need to pass use* hooks
explicitly to solidRouterBrowserTracingIntegration. Import solidRouterBrowserTracingIntegration from
@ sentry/solid/solidrouter and add it to Sentry.init

import * as Sentry from '@ sentry/solid';
import { solidRouterBrowserTracingIntegration, withSentryRouterRouting } from '@ sentry/solid/solidrouter';
import { Router } from '@ solidjs/router';

Sentry.init({
dsn: 'PUBLIC_DSN',
integrations: [solidRouterBrowserTracingIntegration()],
tracesSampleRate: 1.0, // Capture 100% of the transactions
});

const SentryRouter = withSentryRouterRouting(Router);

feat(core): Return client from init method (#12585)

Sentry.init() now returns a client directly, so you don't need to explicitly call getClient() anymore:

const client = Sentry.init();

feat(nextjs): Add deleteSourcemapsAfterUpload option (#12457)

This adds an easy way to delete sourcemaps immediately after uploading them:

module.exports = withSentryConfig(nextConfig, {
  sourcemaps: {
    deleteSourcemapsAfterUpload: true,
  },
});

feat(node): Allow to configure maxSpanWaitDuration (#12610)

Adds configuration option for the max. duration in seconds that the SDK will wait for parent spans to be finished before
discarding a span. The SDK will automatically clean up spans that have no finished parent after this duration. This is
necessary to prevent memory leaks in case of parent spans that are never finished or otherwise dropped/missing. However,
if you have very long-running spans in your application, a shorter duration might cause spans to be discarded too early.
In this case, you can increase this duration to a value that fits your expected data.

Other Changes

feat(feedback): Extra check for iPad in screenshot support (#12593)
fix(bundle): Ensure CDN bundles do not overwrite window.Sentry (#12580)
fix(feedback): Inject preact from feedbackModal into feedbackScreenshot integration (#12535)
fix(node): Re-throw errors from koa middleware (#12609)
fix(remix): Mark isRemixV2 as optional in exposed types. (#12614)
ref(node): Add error message to NodeFetch log (#12612)

Work in this release was contributed by @ n4bb12. Thank you for your contribution!

Bundle size 📦

Path	Size
@ sentry/browser	22.22 KB
@ sentry/browser (incl. Tracing)	33.31 KB
@ sentry/browser (incl. Tracing, Replay)	69.09 KB
@ sentry/browser (incl. Tracing, Replay) - with treeshaking flags	62.42 KB
@ sentry/browser (incl. Tracing, Replay with Canvas)	73.15 KB
@ sentry/browser (incl. Tracing, Replay, Feedback)	85.76 KB
@ sentry/browser (incl. Tracing, Replay, Feedback, metrics)	87.62 KB
@ sentry/browser (incl. metrics)	26.5 KB
@ sentry/browser (incl. Feedback)	38.87 KB
@ sentry/browser (incl. sendFeedback)	26.85 KB
@ sentry/browser (incl. FeedbackAsync)	31.45 KB
@ sentry/react	24.97 KB
@ sentry/react (incl. Tracing)	36.36 KB
@ sentry/vue	26.33 KB
@ sentry/vue (incl. Tracing)	35.17 KB
@ sentry/svelte	22.36 KB
CDN Bundle	23.42 KB
CDN Bundle (incl. Tracing)	35.05 KB
CDN Bundle (incl. Tracing, Replay)	69.18 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	74.38 KB
CDN Bundle - uncompressed	68.8 KB
CDN Bundle (incl. Tracing) - uncompressed	103.66 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	214.13 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	226.79 KB
@ sentry/nextjs (client)	36.24 KB
@ sentry/sveltekit (client)	33.95 KB
@ sentry/node	113.27 KB
@ sentry/node - without tracing	90.65 KB
@ sentry/aws-serverless	99.74 KB

8.12.0-beta.0 - 2024-06-24

This pre-release includes an rrweb version bump that
includes quite a few upstream changes. We will test this on Sentry before a release.

Bundle size 📦

Path	Size
@ sentry/browser	22.23 KB
@ sentry/browser (incl. Tracing)	33.32 KB
@ sentry/browser (incl. Tracing, Replay)	69.4 KB
@ sentry/browser (incl. Tracing, Replay) - with treeshaking flags	62.7 KB
@ sentry/browser (incl. Tracing, Replay with Canvas)	73.8 KB
@ sentry/browser (incl. Tracing, Replay, Feedback)	85.67 KB
@ sentry/browser (incl. Tracing, Replay, Feedback, metrics)	87.55 KB
@ sentry/browser (incl. metrics)	26.51 KB
@ sentry/browser (incl. Feedback)	38.46 KB
@ sentry/browser (incl. sendFeedback)	26.86 KB
@ sentry/browser (incl. FeedbackAsync)	31.46 KB
@ sentry/react	24.97 KB
@ sentry/react (incl. Tracing)	36.37 KB
@ sentry/vue	26.33 KB
@ sentry/vue (incl. Tracing)	35.17 KB
@ sentry/svelte	22.36 KB
CDN Bundle	23.43 KB
CDN Bundle (incl. Tracing)	35.06 KB
CDN Bundle (incl. Tracing, Replay)	69.48 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	74.74 KB
CDN Bundle - uncompressed	68.81 KB
CDN Bundle (incl. Tracing) - uncompressed	103.66 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	215.52 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	228.18 KB
@ sentry/nextjs (client)	36.24 KB
@ sentry/sveltekit (client)	33.96 KB
@ sentry/node	113.27 KB
@ sentry/node - without tracing	90.67 KB
@ sentry/aws-serverless	99.76 KB

8.11.0 - 2024-06-21
8.10.0 - 2024-06-19
8.9.2 - 2024-06-12
8.9.1 - 2024-06-11
8.9.0 - 2024-06-11
8.8.0 - 2024-06-07
8.7.0 - 2024-05-29
8.6.0 - 2024-05-29
8.5.0 - 2024-05-27
8.4.0 - 2024-05-23
8.3.0 - 2024-05-22
8.2.1 - 2024-05-16
8.2.0 - 2024-05-16
8.1.0 - 2024-05-16
8.0.0 - 2024-05-13
8.0.0-rc.3 - 2024-05-10
8.0.0-rc.2 - 2024-05-08
8.0.0-rc.1 - 2024-05-07
8.0.0-rc.0 - 2024-05-06
8.0.0-beta.6 - 2024-05-03
8.0.0-beta.5 - 2024-04-30
8.0.0-beta.4 - 2024-04-24
8.0.0-beta.3 - 2024-04-19
8.0.0-beta.2 - 2024-04-17
8.0.0-beta.1 - 2024-04-15
8.0.0-alpha.9 - 2024-04-08
8.0.0-alpha.8 - 2024-04-08
8.0.0-alpha.7 - 2024-03-27
8.0.0-alpha.5 - 2024-03-22
8.0.0-alpha.4 - 2024-03-14
8.0.0-alpha.3 - 2024-03-14
8.0.0-alpha.2 - 2024-03-05
7.118.0 - 2024-06-21
7.117.0 - 2024-06-10
7.116.0 - 2024-05-17
7.115.0 - 2024-05-16
7.114.0 - 2024-05-08
7.113.0 - 2024-05-02
7.112.2 - 2024-04-24
7.112.1 - 2024-04-23
7.112.0 - 2024-04-23
7.111.0 - 2024-04-18
7.110.1 - 2024-04-15
7.110.0 - 2024-04-11
7.109.0 - 2024-03-28
7.108.0 - 2024-03-22
7.107.0 - 2024-03-14
7.106.1 - 2024-03-11
7.106.0 - 2024-03-08
7.105.0 - 2024-03-04
7.104.0 - 2024-02-29
7.103.0 - 2024-02-27
7.102.1 - 2024-02-22
7.102.0 - 2024-02-20
7.101.1 - 2024-02-15
7.101.0 - 2024-02-13
7.100.1 - 2024-02-07
7.100.0 - 2024-02-06
7.99.0 - 2024-01-30
7.98.0 - 2024-01-25
7.97.0 - 2024-01-25
7.95.0 - 2024-01-23
7.94.1 - 2024-01-19
7.93.0 - 2024-01-10
7.92.0 - 2024-01-04
7.91.0 - 2023-12-22
7.90.0 - 2023-12-20
7.89.0 - 2023-12-19
7.88.0 - 2023-12-14
7.87.0 - 2023-12-13
7.86.0 - 2023-12-07
7.85.0 - 2023-12-04
7.84.0 - 2023-11-30
7.83.0 - 2023-11-28
7.82.0 - 2023-11-27
7.81.1 - 2023-11-21
7.81.0 - 2023-11-20
7.80.2-alpha.1 - 2023-11-15
7.80.2-alpha.0 - 2023-11-14
7.80.1 - 2023-11-14
7.80.0 - 2023-11-09
7.79.0 - 2023-11-08
7.78.0 - 2023-11-08
7.77.0 - 2023-10-31
7.76.0 - 2023-10-27
7.75.1 - 2023-10-25
7.75.0 - 2023-10-24
7.74.2-alpha.1 - 2023-10-23
7.74.2-alpha.0 - 2023-10-19
7.74.1 - 2023-10-17
7.74.0 - 2023-10-13
7.73.0 - 2023-10-02
7.72.0 - 2023-09-26
7.71.0 - 2023-09-25
7.70.0 - 2023-09-20
7.70.0-beta.1 - 2023-09-15
7.70.0-beta.0 - 2023-09-14
7.69.0 - 2023-09-13
7.68.0 - 2023-09-06
7.67.0 - 2023-09-05
7.67.0-beta.0 - 2023-08-31
7.66.0 - 2023-08-30
7.66.0-alpha.0 - 2023-08-29
7.65.0 - 2023-08-28
7.65.0-alpha.0 - 2023-08-16
7.64.0 - 2023-08-14
7.64.0-alpha.0 - 2023-08-11
7.63.0 - 2023-08-10
7.62.0 - 2023-08-09
7.61.1 - 2023-08-04
7.61.0 - 2023-07-31
7.60.1 - 2023-07-26
7.60.0 - 2023-07-21
7.59.3 - 2023-07-19
7.59.2 - 2023-07-18
7.59.1 - 2023-07-18
7.59.0-beta.1 - 2023-07-17
7.59.0-beta.0 - 2023-07-13
7.58.1 - 2023-07-13
7.58.0 - 2023-07-12
7.57.0 - 2023-06-28
7.57.0-beta.0 - 2023-06-21
7.56.0 - 2023-06-19
7.55.2 - 2023-06-14
7.55.1 - 2023-06-14
7.55.0 - 2023-06-13
7.54.0 - 2023-06-01
7.53.1 - 2023-05-24
7.53.0 - 2023-05-23
7.52.1 - 2023-05-15
7.52.0 - 2023-05-15
7.51.2 - 2023-05-08
7.51.1 - 2023-05-08
7.51.0 - 2023-05-04
7.50.0 - 2023-04-27
7.49.0 - 2023-04-20
7.48.0 - 2023-04-14
7.47.0 - 2023-04-05
7.46.0 - 2023-03-30
7.45.0 - 2023-03-24
7.44.2 - 2023-03-21
7.44.1 - 2023-03-20
7.44.0 - 2023-03-20
7.43.0 - 2023-03-13
7.42.0 - 2023-03-09
7.41.0 - 2023-03-06
7.40.0 - 2023-03-01
7.39.0 - 2023-02-27
7.38.0 - 2023-02-17
7.37.2 - 2023-02-13
7.37.1 - 2023-02-10
7.37.0 - 2023-02-09
7.36.0 - 2023-02-02
7.35.0 - 2023-02-01
7.34.0 - 2023-01-26
7.34.0-beta.0 - 2023-01-25
7.33.0 - 2023-01-24
7.32.1 - 2023-01-23
7.32.0 - 2023-01-23
7.31.1 - 2023-01-17
7.31.0 - 2023-01-16
7.30.0 - 2023-01-10
7.29.0 - 2023-01-04
7.28.1 - 2022-12-22
7.28.0 - 2022-12-20
7.27.0 - 2022-12-16
7.26.0 - 2022-12-13
7.25.0 - 2022-12-12
7.24.2 - 2022-12-07
7.24.1 - 2022-12-07
7.24.0 - 2022-12-07
7.23.0 - 2022-12-01
7.22.0 - 2022-11-29
7.21.1 - 2022-11-23
7.21.0 - 2022-11-22
7.20.1 - 2022-11-21
7.20.0 - 2022-11-17
7.19.0 - 2022-11-10
7.18.0 - 2022-11-08
7.17.4 - 2022-11-03
7.17.3 - 2022-10-31
7.17.2 - 2022-10-28
7.17.1 - 2022-10-27
7.17.0 - 2022-10-27
7.16.0 - 2022-10-19

from @sentry/react GitHub release notes

Important

Warning: This PR contains a major version upgrade, and may be a breaking change.
Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade @sentry/react from 7.16.0 to 8.14.0. See this package in npm: @sentry/react See this project in Snyk: https://app.snyk.io/org/q1blue-rxw/project/5b430cad-b455-40c7-a7ff-af5a8804e8ca?utm_source=github&utm_medium=referral&page=upgrade-pr

changeset-bot · 2024-07-26T00:09:09Z

⚠️ No Changeset found

Latest commit: 96de3e6

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

socket-security · 2024-07-26T00:10:04Z

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@djagger/[email protected]	None	`+1`	59.7 kB	djagger
npm/@docusaurus/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	`+324`	32.8 MB	slorber
npm/@docusaurus/[email protected]	Transitive: filesystem, shell	`+16`	2.23 MB	slorber
npm/@docusaurus/[email protected]	filesystem Transitive: environment, eval, shell, unsafe	`+215`	20.9 MB	slorber
npm/@docusaurus/[email protected]	environment Transitive: eval, filesystem, shell, unsafe	`+213`	20.5 MB	slorber
npm/@docusaurus/[email protected]	environment Transitive: eval, filesystem, network, shell, unsafe	`+270`	25.6 MB	slorber
npm/@docusaurus/[email protected]	filesystem Transitive: environment, eval, network, shell, unsafe	`+287`	27.2 MB	slorber
npm/@emotion/[email protected]	environment Transitive: filesystem, unsafe	`+68`	13.7 MB	emotion-release-bot
npm/@emotion/[email protected]	environment	`+8`	197 kB	emotion-release-bot
npm/@emotion/[email protected]	environment Transitive: filesystem, unsafe	`+65`	13.2 MB	emotion-release-bot
npm/@geo-maps/[email protected]	None	`0`	1.06 MB	simonepri
npm/@makotot/[email protected]	environment	`0`	151 kB	makotot
npm/@mdx-js/[email protected]	None	`0`	15.5 kB	johno
npm/@mui/[email protected]	None	`+5`	20 MB	hbjorbj
npm/@mui/[email protected]	environment	`+20`	9.92 MB	michaldudak
npm/@mui/[email protected]	environment	`+22`	18.1 MB	michaldudak
npm/@mui/[email protected]	environment	`+16`	9.71 MB	alexandrefauquette
npm/@primer/[email protected]	None	`0`	1.22 MB	primer-css
npm/@sentry/[email protected]	Transitive: network	`+9`	10.1 MB	sentry-bot
npm/@sentry/[email protected]	None	`+4`	2.83 MB	sentry-bot
npm/@stackql/[email protected]	environment	`0`	3.73 kB	jeffreyaven
npm/@tidb-community/[email protected]	None	`+1`	148 kB	hustkiwi
npm/@tsconfig/[email protected]	None	`0`	2.69 kB	typescript-deploys
npm/@types/[email protected]	None	`0`	39.7 kB	types
npm/@types/[email protected]	None	`0`	8.75 kB	types
npm/@types/[email protected]	None	`0`	6.23 kB	types
npm/@types/[email protected]	None	`0`	113 kB	types
npm/@types/[email protected]	None	`+4`	1.38 MB	types
npm/@types/[email protected]	None	`0`	17.1 kB	types
npm/@typescript-eslint/[email protected]	Transitive: environment, filesystem	`+28`	5.13 MB	jameshenry
npm/[email protected]	None	`0`	49.1 MB	nightwing
npm/[email protected]	None	`+6`	2.95 MB	taoweng
npm/[email protected]	None	`0`	279 kB	eltonmesquita
npm/[email protected]	environment, network	`+1`	427 kB	jasonsaayman
npm/[email protected]	filesystem	`0`	27.2 kB	umidbekk
npm/[email protected]	None	`0`	21.1 MB	chartjs-ci
npm/[email protected]	None	`0`	92.4 kB	chartjs-ci
npm/[email protected]	None	`0`	5.67 kB	lukeed
npm/[email protected]	None	`0`	11.3 kB	thekelvinliu
npm/[email protected]	None	`0`	136 kB	mbostock
npm/[email protected]	None	`0`	6.87 MB	leshakoss
npm/[email protected]	None	`0`	30.1 kB	tehshrike
npm/[email protected]	None	`+1`	87.6 kB	atool
npm/[email protected]	Transitive: eval	`+1`	17.9 MB	lang
npm/[email protected]	environment, eval, network	`+1`	41.6 MB	100pah
npm/[email protected]	filesystem, unsafe Transitive: environment, eval	`+33`	3.21 MB	ljharb
npm/[email protected]	filesystem	`+10`	1.35 MB	weiran.zsd
npm/[email protected]	None	`0`	67.1 kB	eslint-community-bot
npm/[email protected]	filesystem Transitive: environment, eval	`+30`	3.09 MB	ljharb
npm/[email protected]	filesystem Transitive: environment, eval, shell, unsafe	`+52`	8.84 MB	eslintbot
npm/[email protected]	None	`0`	14.4 kB	julien-f
npm/[email protected]	None	`0`	20 kB	ianstormtaylor
npm/[email protected]	None	`0`	3.87 MB	icambron

View full report↗︎

socket-security · 2024-07-26T00:10:06Z

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Install scripts	npm/[email protected]	Install script: postinstall Source: `node -e "try{require('./postinstall')}catch(e){}"`	`web/package-lock.json` `web/package.json`	🚫

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

@SocketSecurity ignore npm/[email protected]

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade @sentry/react from 7.16.0 to 8.14.0 #781

[Snyk] Upgrade @sentry/react from 7.16.0 to 8.14.0 #781

q1blue commented Jul 26, 2024

Important Changes

Other Changes

Bundle size 📦

Important Changes

Other Changes

Bundle size 📦

Important Changes

Other Changes

Bundle size 📦

Bundle size 📦

changeset-bot bot commented Jul 26, 2024

socket-security bot commented Jul 26, 2024

socket-security bot commented Jul 26, 2024

[Snyk] Upgrade @sentry/react from 7.16.0 to 8.14.0 #781

Are you sure you want to change the base?

[Snyk] Upgrade @sentry/react from 7.16.0 to 8.14.0 #781

Conversation

q1blue commented Jul 26, 2024

Snyk has created this PR to upgrade @sentry/react from 7.16.0 to 8.14.0.

Important Changes

Other Changes

Bundle size 📦

Important Changes

Other Changes

Bundle size 📦

Important Changes

Other Changes

Bundle size 📦

Bundle size 📦

changeset-bot bot commented Jul 26, 2024

⚠️ No Changeset found

socket-security bot commented Jul 26, 2024

socket-security bot commented Jul 26, 2024

Next steps