Skip to content

chore(deps): bump the npm_and_yarn group across 1 directory with 6 updates #19499

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump the npm_and_yarn group across 1 directory with 6 updates #19499

wants to merge 1 commit into from
+647 −227

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 23, 2025
edited
Loading

Bumps the npm_and_yarn group with 6 updates in the / directory:

Package From To
@sentry/node 8.42.0 8.49.0
axios 1.8.4 1.12.0
next 14.2.29 14.2.32
pm2 5.4.3 6.0.9
on-headers 1.0.2 1.1.0
@eslint/plugin-kit 0.3.3 0.3.5

Updates @sentry/node from 8.42.0 to 8.49.0

Release notes

Sourced from @​sentry/node's releases.

8.49.0

  • feat(v8/browser): Flush offline queue on flush and browser online event (#14969)
  • feat(v8/react): Add a handled prop to ErrorBoundary (#14978)
  • fix(profiling/v8): Don't put require, __filename and __dirname on global object (#14952)
  • fix(v8/node): Enforce that ContextLines integration does not leave open file handles (#14997)
  • fix(v8/replay): Disable mousemove sampling in rrweb for iOS browsers (#14944)
  • fix(v8/sveltekit): Ensure source maps deletion is called after source ma… (#14963)
  • fix(v8/vue): Re-throw error when no errorHandler exists (#14943)

Work in this release was contributed by @​HHK1 and @​mstrokin. Thank you for your contribution!

Bundle size 📦

Path Size
@​sentry/browser 23.29 KB
@​sentry/browser - with treeshaking flags 21.96 KB
@​sentry/browser (incl. Tracing) 35.85 KB
@​sentry/browser (incl. Tracing, Replay) 73.19 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags 63.58 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) 77.5 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) 89.44 KB
@​sentry/browser (incl. Feedback) 39.5 KB
@​sentry/browser (incl. sendFeedback) 27.89 KB
@​sentry/browser (incl. FeedbackAsync) 32.69 KB
@​sentry/react 25.97 KB
@​sentry/react (incl. Tracing) 38.67 KB
@​sentry/vue 27.57 KB
@​sentry/vue (incl. Tracing) 37.71 KB
@​sentry/svelte 23.45 KB
CDN Bundle 24.49 KB
CDN Bundle (incl. Tracing) 37.56 KB
CDN Bundle (incl. Tracing, Replay) 72.84 KB
CDN Bundle (incl. Tracing, Replay, Feedback) 78.2 KB
CDN Bundle - uncompressed 71.93 KB
CDN Bundle (incl. Tracing) - uncompressed 111.42 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed 225.68 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed 238.78 KB
@​sentry/nextjs (client) 38.92 KB
@​sentry/sveltekit (client) 36.36 KB
@​sentry/node 162.82 KB
@​sentry/node - without tracing 98.95 KB
@​sentry/aws-serverless 126.65 KB

8.48.0

Deprecations

  • feat(v8/core): Deprecate getDomElement method (#14799)

    Deprecates getDomElement. There is no replacement.

... (truncated)

Changelog

Sourced from @​sentry/node's changelog.

8.49.0

  • feat(v8/browser): Flush offline queue on flush and browser online event (#14969)
  • feat(v8/react): Add a handled prop to ErrorBoundary (#14978)
  • fix(profiling/v8): Don't put require, __filename and __dirname on global object (#14952)
  • fix(v8/node): Enforce that ContextLines integration does not leave open file handles (#14997)
  • fix(v8/replay): Disable mousemove sampling in rrweb for iOS browsers (#14944)
  • fix(v8/sveltekit): Ensure source maps deletion is called after source ma… (#14963)
  • fix(v8/vue): Re-throw error when no errorHandler exists (#14943)

Work in this release was contributed by @​HHK1 and @​mstrokin. Thank you for your contribution!

8.48.0

Deprecations

  • feat(v8/core): Deprecate getDomElement method (#14799)

    Deprecates getDomElement. There is no replacement.

Other changes

  • fix(nestjs/v8): Use correct main/module path in package.json (#14791)
  • fix(v8/core): Use consistent continueTrace implementation in core (#14819)
  • fix(v8/node): Correctly resolve debug IDs for ANR events with custom appRoot (#14823)
  • fix(v8/node): Ensure NODE_OPTIONS is not passed to worker threads (#14825)
  • fix(v8/angular): Fall back to element tagName when name is not provided to TraceDirective (#14828)
  • fix(aws-lambda): Remove version suffix from lambda layer (#14843)
  • fix(v8/node): Ensure express requests are properly handled (#14851)
  • feat(v8/node): Add openTelemetrySpanProcessors option (#14853)
  • fix(v8/react): Use Set as the allRoutes container. (#14878) (#14884)
  • fix(v8/react): Improve handling of routes nested under path="/" (#14897)
  • feat(v8/core): Add normalizedRequest to samplingContext (#14903)
  • fix(v8/feedback): Avoid lazy loading code for syncFeedbackIntegration (#14918)

Work in this release was contributed by @​arturovt. Thank you for your contribution!

8.47.0

  • feat(v8/core): Add updateSpanName helper function (#14736)
  • feat(v8/node): Do not overwrite prisma db.system in newer Prisma versions (#14772)
  • feat(v8/node/deps): Bump @​prisma/instrumentation from 5.19.1 to 5.22.0 (#14755)
  • feat(v8/replay): Mask srcdoc iframe contents per default (#14779)
  • ref(v8/nextjs): Fix typo in source maps deletion warning (#14776)

Work in this release was contributed by @​aloisklink and @​benjick. Thank you for your contributions!

8.46.0

  • feat: Allow capture of more than 1 ANR event [v8] (#14713)

... (truncated)

Commits
  • db51933 release: 8.49.0
  • 629fba2 meta(changelog): Update CHANGELOG for 8.49.0 (#15019)
  • f5ac627 fix(v8/node): Enforce that ContextLines integration does not leave open file ...
  • 286f6b0 test(v8/e2e): Fix node-express test transitive dependency (#15004)
  • 798a932 feat(v8/browser): Flush offline queue on flush and browser online event (#14969)
  • 0c3b2a4 fix(v8/replay): Disable mousemove sampling in rrweb for iOS browsers (#14944)
  • fda1aee feat(v8/react): Add a handled prop to ErrorBoundary (#14978)
  • 5182853 chore(v8/repo): Add missing v7 changelog entries (#14961)
  • af00c8f fix(v8/sveltekit): Ensure source maps deletion is called after source ma… (#1...
  • 8926cb7 fix(v8/vue): Re-throw error when no errorHandler exists (#14943)
  • Additional commits viewable in compare view

Updates axios from 1.8.4 to 1.12.0

Release notes

Sourced from axios's releases.

Release v1.12.0

Release notes:

Bug Fixes

Features

  • adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
  • fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
  • support reviver on JSON.parse (#5926) (2a97634), closes #5924
  • types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

Release v1.11.0

Release notes:

Bug Fixes

  • form-data npm pakcage (#6970) (e72c193)
  • prevent RangeError when using large Buffers (#6961) (a2214ca)
  • types: resolve type discrepancies between ESM and CJS TypeScript declaration files (#6956) (8517aa1)

Contributors to this release

... (truncated)

Changelog

Sourced from axios's changelog.

1.12.0 (2025-09-11)

Bug Fixes

Features

  • adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
  • fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
  • support reviver on JSON.parse (#5926) (2a97634), closes #5924
  • types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

1.11.0 (2025-07-22)

Bug Fixes

  • form-data npm pakcage (#6970) (e72c193)
  • prevent RangeError when using large Buffers (#6961) (a2214ca)
  • types: resolve type discrepancies between ESM and CJS TypeScript declaration files (#6956) (8517aa1)

Contributors to this release

... (truncated)

Commits
  • 0d8ad6e chore(release): v1.12.0 (#7013)
  • fd7f404 fix: release pr run
  • a2edc36 fix: dont add dist on release
  • 9ec86de fix: adding build artifacts
  • 945435f fix(node): enforce maxContentLength for data: URLs (#7011)
  • 28e5e30 chore(sponsor): update sponsor block (#7005)
  • d03f245 chore(CI): fixed release info script to use npm registry instead of git as fi...
  • a0bc911 chore: removing dist files from src (#7002)
  • c959ff2 feat(fetch): add fetch, Request, Response env config variables for the adapte...
  • a9f47af fix(fetch-adapter): set correct Content-Type for Node FormData (#6998)
  • Additional commits viewable in compare view

Updates next from 14.2.29 to 14.2.32

Release notes

Sourced from next's releases.

v14.2.32

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • fix router handling when setting a location response header #82588

Credits

Huge thanks to @​ztanner for helping!

Commits
  • 89ee561 v14.2.32
  • 6a974ad [backport v14]: fix router handling when setting a location response header (...
  • 55f7662 v14.2.31
  • 5dd68a5 [backport v14]: fix(next/image): improve and simplify detect-content-type (#8...
  • bcc7c65 [backport v14]: fix(next/image): fix image-optimizer.ts headers (#82114) (#82...
  • 243072b v14.2.30
  • f523d4a [backport]: config.allowedDevOrigins (#80410)
  • See full diff in compare view

Updates pm2 from 5.4.3 to 6.0.9

Release notes

Sourced from pm2's releases.

v6.0.9

6.0.9

  • updates all typescript definitions
  • upgrade github ci workflows
  • upgrade mocha dep and adapt tests
  • bump packages
  • fix:Potential ReDoS Vulnerability or Inefficient Regular Expression in Project: Need for Assessment and Mitigation #5971

v6.0.8

  • fix: package-lock update

v6.0.7

v6.0.6

v6.0.5

6.0.5

Changelog

Sourced from pm2's changelog.

6.0.9

  • updates all typescript definitions
  • upgrade github ci workflows
  • upgrade mocha dep and adapt tests
  • bump packages
  • fix:Potential ReDoS Vulnerability or Inefficient Regular Expression in Project: Need for Assessment and Mitigation #5971

6.0.8

  • fix: package-lock update

6.0.7

6.0.6

  • refactor: replace chalk with smaller alternative by @​webdiscus

6.0.5

Commits

Updates on-headers from 1.0.2 to 1.1.0

Release notes

Sourced from on-headers's releases.

1.1.0

Important

What's Changed

New Contributors

Full Changelog: jshttp/on-headers@v1.0.2...v1.1.0

Changelog

Sourced from on-headers's changelog.

1.1.0 / 2025-07-17

Commits
  • 4b017af 1.1.0
  • b636f2d ♻️ refactor header array code
  • 3e2c2d4 ✨ ignore falsy header keys, matching node behavior
  • 172eb41 ✨ support duplicate headers
  • c6e3849 🔒️ fix array handling
  • 6893518 💚 update CI - add newer node versions
  • 56a345d ✨ add script to update known hashes
  • 175ab21 👷 add upstream change detection (#31)
  • ce0b2c8 ci: apply OSSF Scorecard security best practices (#20)
  • 1a38c54 fix: use ubuntu-latest as ci runner (#19)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for on-headers since your current version.


Updates @eslint/plugin-kit from 0.3.3 to 0.3.5

Release notes

Sourced from @​eslint/plugin-kit's releases.

plugin-kit: v0.3.5

0.3.5 (2025-08-05)

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​eslint/core bumped from ^0.15.1 to ^0.15.2

plugin-kit: v0.3.4

0.3.4 (2025-07-21)

Bug Fixes

  • potential quadratic runtime in regular expression (#240) (b283f64)
Changelog

Sourced from @​eslint/plugin-kit's changelog.

0.3.5 (2025-08-05)

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​eslint/core bumped from ^0.15.1 to ^0.15.2

0.3.4 (2025-07-21)

Bug Fixes

  • potential quadratic runtime in regular expression (#240) (b283f64)
Commits

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
axios [>= 1.6.a, < 1.7]
axios [>= 1.7.a, < 1.8]
next [>= 15.0.a, < 15.1]
next [>= 15.1.a, < 15.2]
@sentry/node [>= 9.a, < 10]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file maintenance labels Sep 23, 2025
@dependabot dependabot bot requested a review from a team as a code owner September 23, 2025 21:09
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-f8fb7cdb32 branch 4 times, most recently from 35b0a19 to ac2b7b4 Compare September 29, 2025 23:11
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-f8fb7cdb32 branch from ac2b7b4 to d2eaf7a Compare October 16, 2025 18:17
@dependabot
chore(deps): bump the npm_and_yarn group across 1 directory with 6 up…
96d49ee 
…dates

Bumps the npm_and_yarn group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@sentry/node](https://github.com/getsentry/sentry-javascript) | `8.42.0` | `8.49.0` |
| [axios](https://github.com/axios/axios) | `1.8.4` | `1.12.0` |
| [next](https://github.com/vercel/next.js) | `14.2.29` | `14.2.32` |
| [pm2](https://github.com/Unitech/pm2) | `5.4.3` | `6.0.9` |
| [on-headers](https://github.com/jshttp/on-headers) | `1.0.2` | `1.1.0` |
| [@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit) | `0.3.3` | `0.3.5` |



Updates `@sentry/node` from 8.42.0 to 8.49.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/8.49.0/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@8.42.0...8.49.0)

Updates `axios` from 1.8.4 to 1.12.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.8.4...v1.12.0)

Updates `next` from 14.2.29 to 14.2.32
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v14.2.29...v14.2.32)

Updates `pm2` from 5.4.3 to 6.0.9
- [Release notes](https://github.com/Unitech/pm2/releases)
- [Changelog](https://github.com/Unitech/pm2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Unitech/pm2/commits/v6.0.9)

Updates `on-headers` from 1.0.2 to 1.1.0
- [Release notes](https://github.com/jshttp/on-headers/releases)
- [Changelog](https://github.com/jshttp/on-headers/blob/master/HISTORY.md)
- [Commits](jshttp/on-headers@v1.0.2...v1.1.0)

Updates `@eslint/plugin-kit` from 0.3.3 to 0.3.5
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/plugin-kit/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/plugin-kit-v0.3.5/packages/plugin-kit)

---
updated-dependencies:
- dependency-name: "@sentry/node"
  dependency-version: 8.49.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.12.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: next
  dependency-version: 14.2.32
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: pm2
  dependency-version: 6.0.9
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: on-headers
  dependency-version: 1.1.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@eslint/plugin-kit"
  dependency-version: 0.3.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-f8fb7cdb32 branch from d2eaf7a to 96d49ee Compare October 20, 2025 15:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file maintenance

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants