Merge branch 'develop' into fix/node-fastify-deprecation

Author: AbhiPrasad

.github/actions/install-dependencies/action.yml

@@ -0,0 +1,29 @@
+name: "Install yarn dependencies"
+description: "Installs yarn dependencies and caches them."
+
+outputs:
+  cache_key:
+    description: "The dependency cache key"
+    value: ${{ steps.compute_lockfile_hash.outputs.hash }}
+
+runs:
+  using: "composite"
+  steps:
+      # we use a hash of yarn.lock as our cache key, because if it hasn't changed, our dependencies haven't changed,
+      # so no need to reinstall them
+    - name: Compute dependency cache key
+      id: compute_lockfile_hash
+      run: echo "hash=dependencies-${{ hashFiles('yarn.lock', 'packages/*/package.json', 'dev-packages/*/package.json') }}" >> "$GITHUB_OUTPUT"
+      shell: bash
+
+    - name: Check dependency cache
+      uses: actions/cache@v4
+      id: cache_dependencies
+      with:
+        path: ${{ env.CACHED_DEPENDENCY_PATHS }}
+        key: ${{ steps.compute_lockfile_hash.outputs.hash }}
+
+    - name: Install dependencies
+      if: steps.cache_dependencies.outputs.cache-hit != 'true'
+      run: yarn install --ignore-engines --frozen-lockfile
+      shell: bash

.github/actions/install-playwright/action.yml

@@ -13,14 +13,23 @@ runs:
         run: echo "version=$(node -p "require('@playwright/test/package.json').version")" >> $GITHUB_OUTPUT
         shell: bash
 
-      - name: Cache playwright binaries
-        uses: actions/cache@v4
+      - name: Restore cached playwright binaries
+        uses: actions/cache/restore@v4
         id: playwright-cache
         with:
           path: |
             ~/.cache/ms-playwright
           key: playwright-${{ runner.os }}-${{ steps.playwright-version.outputs.version }}
 
+      # Only store cache on develop branch
+      - name: Store cached playwright binaries
+        uses: actions/cache/save@v4
+        if: github.event_name == 'push' && github.ref == 'refs/heads/develop'
+        with:
+          path: |
+            ~/.cache/ms-playwright
+          key: playwright-${{ runner.os }}-${{ steps.playwright-version.outputs.version }}
+
       # We always install all browsers, if uncached
       - name: Install Playwright dependencies (uncached)
         run: npx playwright install chromium webkit firefox --with-deps

.github/workflows/build.yml

@@ -146,22 +146,9 @@ jobs:
         with:
           node-version-file: 'package.json'
 
-        # we use a hash of yarn.lock as our cache key, because if it hasn't changed, our dependencies haven't changed,
-        # so no need to reinstall them
-      - name: Compute dependency cache key
-        id: compute_lockfile_hash
-        run: echo "hash=${{ hashFiles('yarn.lock', '**/package.json') }}" >> "$GITHUB_OUTPUT"
-
-      - name: Check dependency cache
-        uses: actions/cache@v4
-        id: cache_dependencies
-        with:
-          path: ${{ env.CACHED_DEPENDENCY_PATHS }}
-          key: ${{ steps.compute_lockfile_hash.outputs.hash }}
-
-      - name: Install dependencies
-        if: steps.cache_dependencies.outputs.cache-hit != 'true'
-        run: yarn install --ignore-engines --frozen-lockfile
+      - name: Install Dependencies
+        uses: ./.github/actions/install-dependencies
+        id: install_dependencies
 
       - name: Check for Affected Nx Projects
         uses: dkhunt27/[email protected]
@@ -200,7 +187,7 @@ jobs:
         run: yarn build
 
     outputs:
-      dependency_cache_key: ${{ steps.compute_lockfile_hash.outputs.hash }}
+      dependency_cache_key: ${{ steps.install_dependencies.outputs.cache_key }}
       changed_node_integration: ${{ needs.job_get_metadata.outputs.changed_ci == 'true' || contains(steps.checkForAffected.outputs.affected, '@sentry-internal/node-integration-tests') }}
       changed_remix: ${{ needs.job_get_metadata.outputs.changed_ci == 'true' || contains(steps.checkForAffected.outputs.affected, '@sentry/remix') }}
       changed_node: ${{ needs.job_get_metadata.outputs.changed_ci == 'true' || contains(steps.checkForAffected.outputs.affected, '@sentry/node') }}
@@ -293,22 +280,9 @@ jobs:
         with:
           node-version-file: 'package.json'
 
-        # we use a hash of yarn.lock as our cache key, because if it hasn't changed, our dependencies haven't changed,
-        # so no need to reinstall them
-      - name: Compute dependency cache key
-        id: compute_lockfile_hash
-        run: echo "hash=${{ hashFiles('yarn.lock', '**/package.json') }}" >> "$GITHUB_OUTPUT"
-
-      - name: Check dependency cache
-        uses: actions/cache@v4
-        id: cache_dependencies
-        with:
-          path: ${{ env.CACHED_DEPENDENCY_PATHS }}
-          key: ${{ steps.compute_lockfile_hash.outputs.hash }}
-
-      - name: Install dependencies
-        if: steps.cache_dependencies.outputs.cache-hit != 'true'
-        run: yarn install --ignore-engines --frozen-lockfile
+      - name: Install Dependencies
+        uses: ./.github/actions/install-dependencies
+        id: install_dependencies
 
       - name: Check file formatting
         run: yarn lint:prettier && yarn lint:biome

CHANGELOG.md

@@ -10,6 +10,58 @@
 
 - "You miss 100 percent of the chances you don't take. — Wayne Gretzky" — Michael Scott
 
+## 8.26.0
+
+### Important Changes
+
+- **feat(node): Add `fsInstrumentation` (#13291)**
+
+  This release adds `fsIntegration`, an integration that instruments the `fs` API to the Sentry Node SDK. The
+  integration creates spans with naming patterns of `fs.readFile`, `fs.unlink`, and so on.
+
+  This integration is not enabled by default and needs to be registered in your `Sentry.init` call. You can configure
+  via options whether to include path arguments or error messages as span attributes when an fs call fails:
+
+  ```js
+  Sentry.init({
+    integrations: [
+      Sentry.fsIntegration({
+        recordFilePaths: true,
+        recordErrorMessagesAsSpanAttributes: true,
+      }),
+    ],
+  });
+  ```
+
+  **WARNING:** This integration may add significant overhead to your application. Especially in scenarios with a lot of
+  file I/O, like for example when running a framework dev server, including this integration can massively slow down
+  your application.
+
+### Other Changes
+
+- feat(browser): Add spotlightBrowser integration (#13263)
+- feat(browser): Allow sentry in safari extension background page (#13209)
+- feat(browser): Send CLS as standalone span (experimental) (#13056)
+- feat(core): Add OpenTelemetry-specific `getTraceData` implementation (#13281)
+- feat(nextjs): Always add `browserTracingIntegration` (#13324)
+- feat(nextjs): Always transmit trace data to the client (#13337)
+- feat(nextjs): export SentryBuildOptions (#13296)
+- feat(nextjs): Update `experimental_captureRequestError` to reflect `RequestInfo.path` change in Next.js canary
+  (#13344)
+
+- feat(nuxt): Always add tracing meta tags (#13273)
+- feat(nuxt): Set transaction name for server error (#13292)
+- feat(replay): Add a replay-specific logger (#13256)
+- feat(sveltekit): Add bundle size optimizations to plugin options (#13318)
+- feat(sveltekit): Always add browserTracingIntegration (#13322)
+- feat(tracing): Make long animation frames opt-out (#13255)
+- fix(astro): Correctly extract request data (#13315)
+- fix(astro): Only track access request headers in dynamic page requests (#13306)
+- fix(nuxt): Add import line for disabled `autoImport` (#13342)
+- fix(nuxt): Add vue to excludeEsmLoaderHooks array (#13346)
+- fix(opentelemetry): Do not overwrite http span name if kind is internal (#13282)
+- fix(remix): Ensure `origin` is correctly set for remix server spans (#13305)
+
 Work in this release was contributed by @MonstraG, @undead-voron and @Zen-cronic. Thank you for your contributions!
 
 ## 8.25.0

dev-packages/browser-integration-tests/loader-suites/loader/noOnLoad/sdkLoadedInMeanwhile/test.ts

@@ -1,5 +1,5 @@
-import fs from 'fs';
-import path from 'path';
+import * as fs from 'fs';
+import * as path from 'path';
 import { expect } from '@playwright/test';
 
 import { TEST_HOST, sentryTest } from '../../../../utils/fixtures';
@@ -28,19 +28,22 @@ sentryTest('it does not download the SDK if the SDK was loaded in the meanwhile'
     });
   });
 
+  const tmpDir = await getLocalTestUrl({ testDir: __dirname, skipRouteHandler: true });
+
   await page.route(`${TEST_HOST}/*.*`, route => {
     const file = route.request().url().split('/').pop();
 
     if (file === 'cdn.bundle.js') {
       cdnLoadedCount++;
     }
 
-    const filePath = path.resolve(__dirname, `./dist/${file}`);
+    const filePath = path.resolve(tmpDir, `./${file}`);
 
     return fs.existsSync(filePath) ? route.fulfill({ path: filePath }) : route.continue();
   });
 
-  const url = await getLocalTestUrl({ testDir: __dirname, skipRouteHandler: true });
+  const url = `${TEST_HOST}/index.html`;
+
   const req = await waitForErrorRequestOnUrl(page, url);
 
   const eventData = envelopeRequestParser(req);

dev-packages/browser-integration-tests/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sentry-internal/browser-integration-tests",
-  "version": "8.25.0",
+  "version": "8.26.0",
   "main": "index.js",
   "license": "MIT",
   "engines": {
@@ -43,7 +43,7 @@
     "@babel/preset-typescript": "^7.16.7",
     "@playwright/test": "^1.44.1",
     "@sentry-internal/rrweb": "2.11.0",
-    "@sentry/browser": "8.25.0",
+    "@sentry/browser": "8.26.0",
     "axios": "1.6.7",
     "babel-loader": "^8.2.2",
     "html-webpack-plugin": "^5.5.0",

dev-packages/browser-integration-tests/playwright.config.ts

@@ -31,6 +31,7 @@ const config: PlaywrightTestConfig = {
   ],
 
   globalSetup: require.resolve('./playwright.setup.ts'),
+  globalTeardown: require.resolve('./playwright.teardown.ts'),
 };
 
 export default config;

dev-packages/browser-integration-tests/playwright.teardown.ts

@@ -0,0 +1,5 @@
+import * as childProcess from 'child_process';
+
+export default function globalTeardown(): void {
+  childProcess.execSync('yarn clean', { stdio: 'inherit', cwd: process.cwd() });
+}

dev-packages/browser-integration-tests/suites/feedback/captureFeedbackCsp/init.js

@@ -0,0 +1,19 @@
+import * as Sentry from '@sentry/browser';
+// Import this separately so that generatePlugin can handle it for CDN scenarios
+import { feedbackIntegration } from '@sentry/browser';
+
+window.Sentry = Sentry;
+
+Sentry.init({
+  dsn: 'https://[email protected]/1337',
+  integrations: [
+    feedbackIntegration({ tags: { from: 'integration init' }, styleNonce: 'foo1234', scriptNonce: 'foo1234' }),
+  ],
+});
+
+document.addEventListener('securitypolicyviolation', () => {
+  const container = document.querySelector('#csp-violation');
+  if (container) {
+    container.innerText = 'CSP Violation';
+  }
+});

dev-packages/browser-integration-tests/suites/feedback/captureFeedbackCsp/template.html

@@ -0,0 +1,13 @@
+<!doctype html>
+<html>
+  <head>
+    <meta charset="utf-8" />
+    <meta
+      http-equiv="Content-Security-Policy"
+      content="style-src 'nonce-foo1234'; script-src sentry-test.io 'nonce-foo1234';"
+    />
+  </head>
+  <body>
+    <div id="csp-violation" />
+  </body>
+</html>