[Snyk] Upgrade @sentry/react from 7.16.0 to 7.116.0 #744

q1blue · 2024-06-08T04:36:41Z

This PR was automatically created by Snyk using the credentials of a real user.

![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade @sentry/react from 7.16.0 to 7.116.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 150 versions ahead of your current version.
The recommended version was released on 22 days ago.

Release notes

Package name: @sentry/react

7.116.0 - 2024-05-17

build(craft): Publish lambda layer under its own name for v7 (#12098) (#12099)

This release publishes a new AWS Lambda layer under the name SentryNodeServerlessSDKv7 that users still running v7 can
use instead of pinning themselves to SentryNodeServerlessSDK:235.

Bundle size 📦

Path	Size
@ sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped)	80.83 KB
@ sentry/browser (incl. Tracing, Replay) - Webpack (gzipped)	71.77 KB
@ sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped)	76.02 KB
@ sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped)	65.38 KB
@ sentry/browser (incl. Tracing) - Webpack (gzipped)	35.64 KB
@ sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped)	35.53 KB
@ sentry/browser (incl. Feedback) - Webpack (gzipped)	31.6 KB
@ sentry/browser (incl. sendFeedback) - Webpack (gzipped)	31.61 KB
@ sentry/browser - Webpack (gzipped)	22.78 KB
@ sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped)	79.04 KB
@ sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped)	70.37 KB
@ sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped)	36.05 KB
@ sentry/browser - ES6 CDN Bundle (gzipped)	25.28 KB
@ sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed)	221.49 KB
@ sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed)	109.08 KB
@ sentry/browser - ES6 CDN Bundle (minified & uncompressed)	75.81 KB
@ sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped)	39.33 KB
@ sentry/react (incl. Tracing, Replay) - Webpack (gzipped)	72.27 KB
@ sentry/react - Webpack (gzipped)	22.81 KB
@ sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped)	90.03 KB
@ sentry/nextjs Client - Webpack (gzipped)	54.15 KB
@ sentry-internal/feedback - Webpack (gzipped)	17.34 KB

7.115.0 - 2024-05-16

feat(v7): Add support for global onUnhandled Error/Promise for Bun (#11959)
fix(replay/v7): Fix user activity not being updated in start() (#12003)
ref(api): Remove lastEventId deprecation warnings (#12042)

Bundle size 📦

Path	Size
@ sentry/browser (incl. Tracing, Replay, Feedback) - Webpack (gzipped)	80.83 KB
@ sentry/browser (incl. Tracing, Replay) - Webpack (gzipped)	71.77 KB
@ sentry/browser (incl. Tracing, Replay with Canvas) - Webpack (gzipped)	76.02 KB
@ sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped)	65.38 KB
@ sentry/browser (incl. Tracing) - Webpack (gzipped)	35.64 KB
@ sentry/browser (incl. browserTracingIntegration) - Webpack (gzipped)	35.53 KB
@ sentry/browser (incl. Feedback) - Webpack (gzipped)	31.6 KB
@ sentry/browser (incl. sendFeedback) - Webpack (gzipped)	31.61 KB
@ sentry/browser - Webpack (gzipped)	22.78 KB
@ sentry/browser (incl. Tracing, Replay, Feedback) - ES6 CDN Bundle (gzipped)	79.04 KB
@ sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped)	70.37 KB
@ sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped)	36.05 KB
@ sentry/browser - ES6 CDN Bundle (gzipped)	25.28 KB
@ sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed)	221.49 KB
@ sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed)	109.08 KB
@ sentry/browser - ES6 CDN Bundle (minified & uncompressed)	75.81 KB
@ sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped)	39.33 KB
@ sentry/react (incl. Tracing, Replay) - Webpack (gzipped)	72.27 KB
@ sentry/react - Webpack (gzipped)	22.81 KB
@ sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped)	90.03 KB
@ sentry/nextjs Client - Webpack (gzipped)	54.15 KB
@ sentry-internal/feedback - Webpack (gzipped)	17.34 KB

7.114.0 - 2024-05-08
7.113.0 - 2024-05-02
7.112.2 - 2024-04-24
7.112.1 - 2024-04-23
7.112.0 - 2024-04-23
7.111.0 - 2024-04-18
7.110.1 - 2024-04-15
7.110.0 - 2024-04-11
7.109.0 - 2024-03-28
7.108.0 - 2024-03-22
7.107.0 - 2024-03-14
7.106.1 - 2024-03-11
7.106.0 - 2024-03-08
7.105.0 - 2024-03-04
7.104.0 - 2024-02-29
7.103.0 - 2024-02-27
7.102.1 - 2024-02-22
7.102.0 - 2024-02-20
7.101.1 - 2024-02-15
7.101.0 - 2024-02-13
7.100.1 - 2024-02-07
7.100.0 - 2024-02-06
7.99.0 - 2024-01-30
7.98.0 - 2024-01-25
7.97.0 - 2024-01-25
7.95.0 - 2024-01-23
7.94.1 - 2024-01-19
7.93.0 - 2024-01-10
7.92.0 - 2024-01-04
7.91.0 - 2023-12-22
7.90.0 - 2023-12-20
7.89.0 - 2023-12-19
7.88.0 - 2023-12-14
7.87.0 - 2023-12-13
7.86.0 - 2023-12-07
7.85.0 - 2023-12-04
7.84.0 - 2023-11-30
7.83.0 - 2023-11-28
7.82.0 - 2023-11-27
7.81.1 - 2023-11-21
7.81.0 - 2023-11-20
7.80.2-alpha.1 - 2023-11-15
7.80.2-alpha.0 - 2023-11-14
7.80.1 - 2023-11-14
7.80.0 - 2023-11-09
7.79.0 - 2023-11-08
7.78.0 - 2023-11-08
7.77.0 - 2023-10-31
7.76.0 - 2023-10-27
7.75.1 - 2023-10-25
7.75.0 - 2023-10-24
7.74.2-alpha.1 - 2023-10-23
7.74.2-alpha.0 - 2023-10-19
7.74.1 - 2023-10-17
7.74.0 - 2023-10-13
7.73.0 - 2023-10-02
7.72.0 - 2023-09-26
7.71.0 - 2023-09-25
7.70.0 - 2023-09-20
7.70.0-beta.1 - 2023-09-15
7.70.0-beta.0 - 2023-09-14
7.69.0 - 2023-09-13
7.68.0 - 2023-09-06
7.67.0 - 2023-09-05
7.67.0-beta.0 - 2023-08-31
7.66.0 - 2023-08-30
7.66.0-alpha.0 - 2023-08-29
7.65.0 - 2023-08-28
7.65.0-alpha.0 - 2023-08-16
7.64.0 - 2023-08-14
7.64.0-alpha.0 - 2023-08-11
7.63.0 - 2023-08-10
7.62.0 - 2023-08-09
7.61.1 - 2023-08-04
7.61.0 - 2023-07-31
7.60.1 - 2023-07-26
7.60.0 - 2023-07-21
7.59.3 - 2023-07-19
7.59.2 - 2023-07-18
7.59.1 - 2023-07-18
7.59.0-beta.1 - 2023-07-17
7.59.0-beta.0 - 2023-07-13
7.58.1 - 2023-07-13
7.58.0 - 2023-07-12
7.57.0 - 2023-06-28
7.57.0-beta.0 - 2023-06-21
7.56.0 - 2023-06-19
7.55.2 - 2023-06-14
7.55.1 - 2023-06-14
7.55.0 - 2023-06-13
7.54.0 - 2023-06-01
7.53.1 - 2023-05-24
7.53.0 - 2023-05-23
7.52.1 - 2023-05-15
7.52.0 - 2023-05-15
7.51.2 - 2023-05-08
7.51.1 - 2023-05-08
7.51.0 - 2023-05-04
7.50.0 - 2023-04-27
7.49.0 - 2023-04-20
7.48.0 - 2023-04-14
7.47.0 - 2023-04-05
7.46.0 - 2023-03-30
7.45.0 - 2023-03-24
7.44.2 - 2023-03-21
7.44.1 - 2023-03-20
7.44.0 - 2023-03-20
7.43.0 - 2023-03-13
7.42.0 - 2023-03-09
7.41.0 - 2023-03-06
7.40.0 - 2023-03-01
7.39.0 - 2023-02-27
7.38.0 - 2023-02-17
7.37.2 - 2023-02-13
7.37.1 - 2023-02-10
7.37.0 - 2023-02-09
7.36.0 - 2023-02-02
7.35.0 - 2023-02-01
7.34.0 - 2023-01-26
7.34.0-beta.0 - 2023-01-25
7.33.0 - 2023-01-24
7.32.1 - 2023-01-23
7.32.0 - 2023-01-23
7.31.1 - 2023-01-17
7.31.0 - 2023-01-16
7.30.0 - 2023-01-10
7.29.0 - 2023-01-04
7.28.1 - 2022-12-22
7.28.0 - 2022-12-20
7.27.0 - 2022-12-16
7.26.0 - 2022-12-13
7.25.0 - 2022-12-12
7.24.2 - 2022-12-07
7.24.1 - 2022-12-07
7.24.0 - 2022-12-07
7.23.0 - 2022-12-01
7.22.0 - 2022-11-29
7.21.1 - 2022-11-23
7.21.0 - 2022-11-22
7.20.1 - 2022-11-21
7.20.0 - 2022-11-17
7.19.0 - 2022-11-10
7.18.0 - 2022-11-08
7.17.4 - 2022-11-03
7.17.3 - 2022-10-31
7.17.2 - 2022-10-28
7.17.1 - 2022-10-27
7.17.0 - 2022-10-27
7.16.0 - 2022-10-19

from @sentry/react GitHub release notes

Important

Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade @sentry/react from 7.16.0 to 7.116.0. See this package in npm: @sentry/react See this project in Snyk: https://app.snyk.io/org/q1bluequantumblockchainlabs.onmicrosoft.com/project/da0af71a-b3d1-4f60-96fa-757f094054c3?utm_source=github&utm_medium=referral&page=upgrade-pr

changeset-bot · 2024-06-08T04:36:45Z

⚠️ No Changeset found

Latest commit: eb94a8c

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

socket-security · 2024-06-08T04:37:41Z

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@djagger/echartsx@0.0.22	None	`+1`	59.7 kB	djagger
npm/@docusaurus/core@2.1.0	Transitive: environment, eval, filesystem, network, shell, unsafe	`+323`	32.8 MB	slorber
npm/@docusaurus/module-type-aliases@2.1.0	Transitive: filesystem, shell	`+16`	2.23 MB	slorber
npm/@docusaurus/plugin-client-redirects@2.1.0	filesystem Transitive: environment, eval, shell, unsafe	`+215`	20.9 MB	slorber
npm/@docusaurus/plugin-google-gtag@2.1.0	environment Transitive: eval, filesystem, shell, unsafe	`+213`	20.5 MB	slorber
npm/@docusaurus/preset-classic@2.1.0	environment Transitive: eval, filesystem, network, shell, unsafe	`+270`	25.6 MB	slorber
npm/@docusaurus/theme-search-algolia@2.1.0	filesystem Transitive: environment, eval, network, shell, unsafe	`+287`	27.2 MB	slorber
npm/@emotion/react@11.10.4	environment Transitive: filesystem, unsafe	`+68`	13.7 MB	emotion-release-bot
npm/@emotion/server@11.10.0	environment	`+8`	197 kB	emotion-release-bot
npm/@emotion/styled@11.10.4	environment Transitive: filesystem, unsafe	`+65`	13.2 MB	emotion-release-bot
npm/@geo-maps/countries-land-10km@0.6.0	None	`0`	1.06 MB	simonepri
npm/@makotot/ghostui@2.0.0	environment	`0`	151 kB	makotot
npm/@mdx-js/react@1.6.22	None	`0`	15.5 kB	johno
npm/@mui/icons-material@5.10.9	None	`+5`	20 MB	hbjorbj
npm/@mui/lab@5.0.0-alpha.104	environment	`+20`	9.92 MB	michaldudak
npm/@mui/material@5.10.10	environment	`+22`	18.1 MB	michaldudak
npm/@mui/x-data-grid@5.17.8	environment	`+16`	9.71 MB	alexandrefauquette
npm/@primer/octicons-react@16.3.1	None	`0`	1.22 MB	primer-css
npm/@sentry/react@7.116.0	Transitive: network	`+13`	11.5 MB	sentry-bot
npm/@sentry/tracing@7.16.0	None	`+4`	2.83 MB	sentry-bot
npm/@stackql/docusaurus-plugin-hubspot@1.0.1	environment	`0`	3.73 kB	jeffreyaven
npm/@tidb-community/tracking-script@0.1.0	None	`+1`	148 kB	hustkiwi
npm/@tsconfig/docusaurus@1.0.6	None	`0`	2.69 kB	typescript-deploys
npm/@types/d3-hierarchy@3.1.0	None	`0`	39.7 kB	types
npm/@types/grecaptcha@3.0.4	None	`0`	8.75 kB	types
npm/@types/is-hotkey@0.1.7	None	`0`	6.23 kB	types
npm/@types/react-copy-to-clipboard@5.0.4	None	`+4`	1.38 MB	types
npm/@types/webpack-env@1.18.0	None	`0`	17.1 kB	types
npm/@typescript-eslint/eslint-plugin@5.42.0	Transitive: environment, filesystem	`+28`	5.13 MB	jameshenry
npm/ace-builds@1.12.3	None	`0`	49.1 MB	nightwing
npm/ahooks@3.7.2	None	`+6`	2.95 MB	taoweng
npm/animate.css@4.1.1	None	`0`	279 kB	eltonmesquita
npm/axios@0.26.1	environment, network	`+1`	427 kB	jasonsaayman
npm/babel-plugin-direct-import@1.0.0	filesystem	`0`	27.2 kB	umidbekk
npm/chart.js@3.9.1	None	`0`	21.1 MB	chartjs-ci
npm/chartjs-plugin-datalabels@2.1.0	None	`0`	92.4 kB	chartjs-ci
npm/clsx@1.2.1	None	`0`	5.67 kB	lukeed
npm/country-code-emoji@2.3.0	None	`0`	11.3 kB	thekelvinliu
npm/d3-hierarchy@3.1.2	None	`0`	136 kB	mbostock
npm/date-fns@2.29.3	None	`0`	6.87 MB	leshakoss
npm/deepmerge@4.2.2	None	`0`	30.1 kB	tehshrike
npm/echarts-for-react@3.0.2	None	`+1`	87.6 kB	atool
npm/echarts-gl@2.0.9	Transitive: eval	`+1`	17.9 MB	lang
npm/echarts@5.4.0	environment, eval, network	`+1`	41.6 MB	100pah
npm/eslint-plugin-import@2.26.0	filesystem, unsafe Transitive: environment, eval	`+33`	3.21 MB	ljharb
npm/eslint-plugin-n@15.4.0	filesystem	`+10`	1.35 MB	weiran.zsd
npm/eslint-plugin-promise@6.1.1	None	`0`	67.1 kB	eslint-community-bot
npm/eslint-plugin-react@7.31.10	filesystem Transitive: environment, eval	`+30`	3.09 MB	ljharb
npm/eslint@8.26.0	filesystem Transitive: environment, eval, shell, unsafe	`+52`	8.84 MB	eslintbot
npm/human-format@1.0.0	None	`0`	14.4 kB	julien-f
npm/is-hotkey@0.2.0	None	`0`	20 kB	ianstormtaylor

🚮 Removed packages: npm/@fastify/autoload@5.8.3, npm/@fastify/env@4.3.0, npm/@fastify/mysql@4.3.0, npm/@fastify/sensible@5.6.0, npm/@mailchimp/mailchimp_transactional@1.0.59, npm/@types/async@3.2.24, npm/@types/cron@2.4.0, npm/@types/html-minifier@4.0.5, npm/@types/luxon@3.4.2, npm/@types/mjml-react@2.0.10, npm/@types/mjml@4.7.4, npm/@types/node@18.19.34, npm/@types/nodemailer@6.4.15, npm/@types/react-dom@17.0.25, npm/@types/react@17.0.80, npm/@types/tap@15.0.11, npm/@typescript-eslint/eslint-plugin@5.62.0, npm/@typescript-eslint/parser@5.62.0, npm/async@3.2.5, npm/axios@0.27.2, npm/bufferutil@4.0.8, npm/canvas@2.11.2, npm/commander@11.0.0, npm/concurrently@7.6.0, npm/cron@2.4.4, npm/dotenv@16.4.5, npm/encoding@0.1.13, npm/eslint-plugin-import@2.29.1, npm/eslint-plugin-n@15.7.0, npm/eslint-plugin-promise@6.2.0, npm/eslint-plugin-react@7.34.2, npm/eslint@8.57.0, npm/fastify-cli@5.9.0, npm/fastify-cron@1.3.1, npm/fastify-plugin@4.5.1, npm/fastify-tsconfig@1.0.1, npm/fastify@4.27.0, npm/html-minifier@4.0.0, npm/husky@8.0.3, npm/lint-staged@13.3.0, npm/luxon@3.4.4, npm/mailing-core@0.8.19, npm/mailing@0.8.19, npm/yaml@2.3.1

View full report↗︎

socket-security · 2024-06-08T04:37:44Z

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/core-js-pure@3.26.0	Install script: postinstall Source: `node -e "try{require('./postinstall')}catch(e){}"`	`web/package-lock.json` `web/package.json`
Install scripts	npm/core-js@3.26.0	Install script: postinstall Source: `node -e "try{require('./postinstall')}catch(e){}"`	`web/package-lock.json` `web/package.json`
Install scripts	npm/core-js@2.6.12	Install script: postinstall Source: `node -e "try{require('./postinstall')}catch(e){}"`	Source
Install scripts	npm/esbuild@0.15.18	Install script: postinstall Source: `node install.js`	Source
Install scripts	npm/canvas@2.11.2	Install script: install Source: `node-pre-gyp install --fallback-to-build --update-binary`	Source
Install scripts	npm/fast-folder-size@1.6.1	Install script: postinstall Source: `node get-sysinternals-du.js`	Source
Install scripts	npm/bcrypt@5.1.1	Install script: install Source: `node-pre-gyp install --fallback-to-build`	Source
Install scripts	npm/@prisma/engines@4.6.1	Install script: postinstall Source: `node scripts/postinstall.js`	Source
Install scripts	npm/@prisma/client@4.16.2	Install script: postinstall Source: `node scripts/postinstall.js`	Source
Install scripts	npm/@prisma/engines@4.16.2	Install script: postinstall Source: `node scripts/postinstall.js`	Source

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

@SocketSecurity ignore npm/core-js-pure@3.26.0
@SocketSecurity ignore npm/core-js@3.26.0
@SocketSecurity ignore npm/core-js@2.6.12
@SocketSecurity ignore npm/esbuild@0.15.18
@SocketSecurity ignore npm/canvas@2.11.2
@SocketSecurity ignore npm/fast-folder-size@1.6.1
@SocketSecurity ignore npm/bcrypt@5.1.1
@SocketSecurity ignore npm/@prisma/engines@4.6.1
@SocketSecurity ignore npm/@prisma/client@4.16.2
@SocketSecurity ignore npm/@prisma/engines@4.16.2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade @sentry/react from 7.16.0 to 7.116.0 #744

[Snyk] Upgrade @sentry/react from 7.16.0 to 7.116.0 #744

q1blue commented Jun 8, 2024

Bundle size 📦

Bundle size 📦

changeset-bot bot commented Jun 8, 2024

socket-security bot commented Jun 8, 2024

socket-security bot commented Jun 8, 2024

[Snyk] Upgrade @sentry/react from 7.16.0 to 7.116.0 #744

Are you sure you want to change the base?

[Snyk] Upgrade @sentry/react from 7.16.0 to 7.116.0 #744

Conversation

q1blue commented Jun 8, 2024

Snyk has created this PR to upgrade @sentry/react from 7.16.0 to 7.116.0.

Bundle size 📦

Bundle size 📦

changeset-bot bot commented Jun 8, 2024

⚠️ No Changeset found

socket-security bot commented Jun 8, 2024

socket-security bot commented Jun 8, 2024

Next steps