Skip to content

build(deps): bump the npm_and_yarn group across 2 directories with 6 updates #356

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

build(deps): bump the npm_and_yarn group across 2 directories with 6 updates #356

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 24, 2025

Bumps the npm_and_yarn group with 4 updates in the /src/front directory: @sentry/browser, @sentry/react-native, send and expo.
Bumps the npm_and_yarn group with 2 updates in the /src/website directory: undici and vite.

Updates @sentry/browser from 7.117.0 to 7.119.1

Release notes

Sourced from @​sentry/browser's releases.

7.119.1

  • fix(browser/v7): Ensure wrap() only returns functions (#13838 backport)

Work in this release contributed by @​legobeat. Thank you for your contribution!

7.119.0

  • backport(tracing): Report dropped spans for transactions (#13343)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.96 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.89 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 76.14 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.52 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.77 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.66 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.71 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.72 KB
@​sentry/browser - Webpack (gzipped) 22.91 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped) 79.17 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 70.49 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 36.17 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 25.41 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 221.92 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 109.52 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 76.24 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 39.45 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 72.4 KB
@​sentry/react - Webpack (gzipped) 22.94 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 90.16 KB
@​sentry/nextjs Client - Webpack (gzipped) 54.27 KB
@​sentry-internal/feedback - Webpack (gzipped) 17.34 KB

7.118.0

  • fix(v7/bundle): Ensure CDN bundles do not overwrite window.Sentry (#12579)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped) 80.83 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 71.77 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped) 76.02 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 65.38 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 35.64 KB
@​sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped) 35.53 KB
@​sentry/browser (incl. Feedback) - Webpack (gzipped) 31.6 KB
@​sentry/browser (incl. sendFeedback) - Webpack (gzipped) 31.61 KB

... (truncated)

Changelog

Sourced from @​sentry/browser's changelog.

7.119.1

  • fix(browser/v7): Ensure wrap() only returns functions (#13838 backport)

Work in this release contributed by @​legobeat. Thank you for your contribution!

7.119.0

  • backport(tracing): Report dropped spans for transactions (#13343)

7.118.0

  • fix(v7/bundle): Ensure CDN bundles do not overwrite window.Sentry (#12579)
Commits

Updates @sentry/react-native from 5.24.3 to 5.36.0

Release notes

Sourced from @​sentry/react-native's releases.

5.36.0

Fixes

  • Replay maskAll* set to false on iOS kept all masked (#4257, #4309)
  • browserReplayIntegration is no longer included by default on React Native Web (#4270, #4308)
  • Fix Replay redacting of RN Classes on iOS (#4243, #4309)

Dependencies

5.35.0

Fixes

  • Enhanced accuracy of time-to-display spans. (#4042)
  • TimeToDisplay correctly warns about not supporting the new React Native architecture (#4160)
  • Native Wrapper method setContext ensures only values convertible to NativeMap are passed (#4168)
  • Native Wrapper method setExtra ensures only stringified values are passed (#4168)
  • setContext('key', null) removes the key value also from platform context (#4168)

5.35.0-beta.0

Fixes

  • Enhanced accuracy of time-to-display spans. (#4042)
  • TimeToDisplay correctly warns about not supporting the new React Native architecture (#4160)
  • Native Wrapper method setContext ensures only values convertible to NativeMap are passed (#4168)
  • Native Wrapper method setExtra ensures only stringified values are passed (#4168)
  • setContext('key', null) removes the key value also from platform context (#4168)

5.34.0

Fixes

  • Handles error with string cause (#4163)
  • Use appLaunchedInForeground to determine invalid app start data on Android (#4146)
  • Upload source maps for all release variants on Android (not only the last found) (#4125)

Dependencies

... (truncated)

Changelog

Sourced from @​sentry/react-native's changelog.

5.36.0

Fixes

  • Replay maskAll* set to false on iOS kept all masked (#4257, #4309)
  • browserReplayIntegration is no longer included by default on React Native Web (#4270, #4308)
  • Fix Replay redacting of RN Classes on iOS (#4243, #4309)

Dependencies

5.35.0

Fixes

  • Enhanced accuracy of time-to-display spans. (#4042)
  • TimeToDisplay correctly warns about not supporting the new React Native architecture (#4160)
  • Native Wrapper method setContext ensures only values convertible to NativeMap are passed (#4168)
  • Native Wrapper method setExtra ensures only stringified values are passed (#4168)
  • setContext('key', null) removes the key value also from platform context (#4168)

5.35.0-beta.0

Fixes

  • Enhanced accuracy of time-to-display spans. (#4042)
  • TimeToDisplay correctly warns about not supporting the new React Native architecture (#4160)
  • Native Wrapper method setContext ensures only values convertible to NativeMap are passed (#4168)
  • Native Wrapper method setExtra ensures only stringified values are passed (#4168)
  • setContext('key', null) removes the key value also from platform context (#4168)

5.34.0

Fixes

  • Handles error with string cause (#4163)
  • Use appLaunchedInForeground to determine invalid app start data on Android (#4146)
  • Upload source maps for all release variants on Android (not only the last found) (#4125)

Dependencies

... (truncated)

Commits

Updates send from 0.18.0 to 0.19.1

Release notes

Sourced from send's releases.

0.19.0

What's Changed

New Contributors

Full Changelog: pillarjs/send@0.18.0...0.19.0

Changelog

Sourced from send's changelog.

1.1.0 / 2024-09-10

  • Changes from 0.19.0

1.0.0 / 2024-07-25

  • Drop support for Node.js <18.0
  • statuses@^2.0.1
  • range-parser@^1.2.1
  • on-finished@^2.4.1
  • ms@^2.1.3
  • mime-types@^2.1.35
  • http-errors@^2.0.0
  • fresh@^0.5.2
  • etag@^1.8.1
  • escape-html@^1.0.3
  • encodeurl@^2.0.0
  • destroy@^1.2.0
  • debug@^4.3.5

1.0.0-beta.2 / 2024-03-04

  • Changes from 0.18.0

1.0.0-beta.1 / 2022-02-04

  • Drop support for Node.js 0.8
  • Remove hidden option -- use dotfiles option
  • Remove from alias to root -- use root directly
  • Remove send.etag() -- use etag in options
  • Remove send.index() -- use index in options
  • Remove send.maxage() -- use maxAge in options
  • Remove send.root() -- use root in options
  • Use mime-types for file to content type mapping -- removed send.mime
  • deps: debug@3.1.0
    • Add DEBUG_HIDE_DATE environment variable
    • Change timer to per-namespace instead of global
    • Change non-TTY date format
    • Remove DEBUG_FD environment variable support
    • Support 256 namespace colors

0.19.0 / 2024-09-10

  • Remove link renderization in html while redirecting
Commits
Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for send since your current version.


Updates expo from 51.0.39 to 52.0.27

Changelog

Sourced from expo's changelog.

Changelog

This is the log of notable changes to the Expo client that are developer-facing. Package-specific changes not released in any SDK will be added here just before the release. Until then, you can find them in changelogs of the individual packages (see packages directory).

Unpublished

📚 3rd party library updates

🛠 Breaking changes

🎉 New features

🐛 Bug fixes

52.0.0 — 2024-11-08

📚 3rd party library updates

🛠 Breaking changes

... (truncated)

Commits

Updates undici from 6.21.0 to 6.21.1

Release notes

Sourced from undici's releases.

v6.21.1

⚠️ Security Release ⚠️

Fixes CVE CVE-2025-22150 GHSA-c76h-2ccp-4975 (embargoed until 22-01-2025).

What's Changed

Full Changelog: nodejs/undici@v6.21.0...v6.21.1

Commits

Updates vite from 5.4.11 to 5.4.14

Release notes

Sourced from vite's releases.

v5.4.14

Please refer to CHANGELOG.md for details.

v5.4.13

Please refer to CHANGELOG.md for details.

v5.4.12

This version contains a breaking change due to security fixes. See GHSA-vg6x-rcgg-rjx6 for more details.

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.4.14 (2025-01-21)

5.4.13 (2025-01-20)

5.4.12 (2025-01-20)

  • fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (9da4abc)
  • fix!: default server.cors: false to disallow fetching from untrusted origins (dfea38f)
  • fix: verify token for HMR WebSocket connection (b71a5c8)
  • chore: add deps update changelog (ecd2375)
Commits
  • e7eb3c5 release: v5.4.14
  • 7d1699c fix: allow CORS from loopback addresses by default (#19249)
  • 9df6e6b fix: preview.allowedHosts with specific values was not respected (#19246)
  • a1824c5 release: v5.4.13
  • 5946215 fix: try parse server.origin URL (#19241)
  • f428aa9 release: v5.4.12
  • 9da4abc fix!: check host header to prevent DNS rebinding attacks and introduce `serve...
  • b71a5c8 fix: verify token for HMR WebSocket connection
  • dfea38f fix!: default server.cors: false to disallow fetching from untrusted origins
  • ecd2375 chore: add deps update changelog
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump the npm_and_yarn group across 2 directories with 6 …
de2342e 
…updates

Bumps the npm_and_yarn group with 4 updates in the /src/front directory: [@sentry/browser](https://github.com/getsentry/sentry-javascript), [@sentry/react-native](https://github.com/getsentry/sentry-react-native), [send](https://github.com/pillarjs/send) and [expo](https://github.com/expo/expo/tree/HEAD/packages/expo).
Bumps the npm_and_yarn group with 2 updates in the /src/website directory: [undici](https://github.com/nodejs/undici) and [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).


Updates `@sentry/browser` from 7.117.0 to 7.119.1
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/7.119.1/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@7.117.0...7.119.1)

Updates `@sentry/react-native` from 5.24.3 to 5.36.0
- [Release notes](https://github.com/getsentry/sentry-react-native/releases)
- [Changelog](https://github.com/getsentry/sentry-react-native/blob/5.36.0/CHANGELOG.md)
- [Commits](getsentry/sentry-react-native@5.24.3...5.36.0)

Updates `send` from 0.18.0 to 0.19.1
- [Release notes](https://github.com/pillarjs/send/releases)
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](https://github.com/pillarjs/send/commits)

Updates `expo` from 51.0.39 to 52.0.27
- [Changelog](https://github.com/expo/expo/blob/main/CHANGELOG.md)
- [Commits](https://github.com/expo/expo/commits/HEAD/packages/expo)

Updates `undici` from 6.21.0 to 6.21.1
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v6.21.0...v6.21.1)

Updates `vite` from 5.4.11 to 5.4.14
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v5.4.14/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.4.14/packages/vite)

---
updated-dependencies:
- dependency-name: "@sentry/browser"
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@sentry/react-native"
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: send
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: expo
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: undici
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jan 24, 2025
@stdavis stdavis self-assigned this May 22, 2025
@stdavis
Copy link
Member

stdavis commented Aug 1, 2025

@dependabot recreate

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 1, 2025

The dependabot.yml entry that created this PR has been deleted so this PR can't be recreated. Please close the PR so Dependabot can create a new one with the current dependabot.yml.

@stdavis stdavis closed this Aug 1, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 1, 2025

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot bot deleted the dependabot/npm_and_yarn/src/front/npm_and_yarn-042143c69f branch August 1, 2025 17:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@stdavis stdavis

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@stdavis