build(deps-dev): bump @sentry/browser from 10.44.0 to 10.45.0 in /browser-ext

[dependabot]

Bumps @sentry/browser from 10.44.0 to 10.45.0.

Release notes

Sourced from @​sentry/browser's releases.

10.45.0

Important Changes

• feat(remix): Server Timing Headers Trace Propagation (#18653)

  The Remix SDK now supports automatic trace propagation via Server-Timing response headers to continue pageload traces on the client side. This means, you no longer have to define a custom meta function to add Sentry <meta> tags to your page as previously. We'll update out Remix tracing docs after this release.

Other Changes

• fix(cloudflare): Use correct env types for withSentry (#19836)
• fix(core): Align error span status message with core SpanStatusType for langchain/google-genai (#19863)
• fix(deno): Clear pre-existing OTel global before registering TracerProvider (#19723)
• fix(nextjs): Skip tracing for tunnel requests (#19861)
• fix(node-core): Recycle propagationContext for each request (#19835)
• ref(core): Simplify core utility functions for smaller bundle (#19854)

• chore(deps): bump next from 16.1.5 to 16.1.7 in /dev-packages/e2e-tests/test-applications/nextjs-16 (#19851)
• ci(release): Switch from action-prepare-release to Craft (#18763)
• fix(deps): bump devalue 5.6.3 to 5.6.4 to fix CVE-2026-30226 (#19849)
• fix(deps): bump file-type to 21.3.2 and @​nestjs/common to 11.1.17 (#19847)
• fix(deps): bump flatted 3.3.1 to 3.4.2 to fix CVE-2026-32141 (#19842)
• fix(deps): bump hono 4.12.5 to 4.12.7 in cloudflare-hono E2E test app (#19850)
• fix(deps): bump next to 15.5.13/16.1.7 to fix CVE-2026-1525, CVE-202-33036 and related (#19870)
• fix(deps): bump tar 7.5.10 to 7.5.11 to fix CVE-2026-31802 (#19846)
• fix(deps): bump undici 6.23.0 to 6.24.1 to fix multiple CVEs (#19841)
• fix(deps): bump unhead 2.1.4 to 2.1.12 to fix CVE-2026-31860 and CVE-2026-31873 (#19848)
• test(nextjs): Skip broken ISR tests (#19871)
• test(react): Add gql tests for react router (#19844)

Bundle size 📦

Path	Size
@​sentry/browser	24.93 KB
@​sentry/browser - with treeshaking flags	23.47 KB
@​sentry/browser (incl. Tracing)	41.51 KB
@​sentry/browser (incl. Tracing, Profiling)	46.07 KB
@​sentry/browser (incl. Tracing, Replay)	79.41 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	69.22 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	84 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	95.97 KB
@​sentry/browser (incl. Feedback)	41.35 KB
@​sentry/browser (incl. sendFeedback)	29.49 KB

... (truncated)

Changelog

Sourced from @​sentry/browser's changelog.

10.45.0

Important Changes

• feat(remix): Server Timing Headers Trace Propagation (#18653)

  The Remix SDK now supports automatic trace propagation via Server-Timing response headers to continue pageload traces on the client side. This means, you no longer have to define a custom meta function to add Sentry <meta> tags to your page as previously. We'll update out Remix tracing docs after this release.

Other Changes

• fix(cloudflare): Use correct env types for withSentry (#19836)
• fix(core): Align error span status message with core SpanStatusType for langchain/google-genai (#19863)
• fix(deno): Clear pre-existing OTel global before registering TracerProvider (#19723)
• fix(nextjs): Skip tracing for tunnel requests (#19861)
• fix(node-core): Recycle propagationContext for each request (#19835)
• ref(core): Simplify core utility functions for smaller bundle (#19854)

• chore(deps): bump next from 16.1.5 to 16.1.7 in /dev-packages/e2e-tests/test-applications/nextjs-16 (#19851)
• ci(release): Switch from action-prepare-release to Craft (#18763)
• fix(deps): bump devalue 5.6.3 to 5.6.4 to fix CVE-2026-30226 (#19849)
• fix(deps): bump file-type to 21.3.2 and @​nestjs/common to 11.1.17 (#19847)
• fix(deps): bump flatted 3.3.1 to 3.4.2 to fix CVE-2026-32141 (#19842)
• fix(deps): bump hono 4.12.5 to 4.12.7 in cloudflare-hono E2E test app (#19850)
• fix(deps): bump next to 15.5.13/16.1.7 to fix CVE-2026-1525, CVE-202-33036 and related (#19870)
• fix(deps): bump tar 7.5.10 to 7.5.11 to fix CVE-2026-31802 (#19846)
• fix(deps): bump undici 6.23.0 to 6.24.1 to fix multiple CVEs (#19841)
• fix(deps): bump unhead 2.1.4 to 2.1.12 to fix CVE-2026-31860 and CVE-2026-31873 (#19848)
• test(nextjs): Skip broken ISR tests (#19871)
• test(react): Add gql tests for react router (#19844)

Commits

• ef79d28 release: 10.45.0
• 28208bc Merge pull request #19877 from getsentry/prepare-release/10.45.0
• 2e2fd35 meta(changelog): Update changelog for 10.45.0
• 79241b0 fix(nextjs): Skip tracing for tunnel requests (#19861)
• 938ab2d ref(core): Simplify core utility functions for smaller bundle (#19854)
• 3bb4325 fix(core): Align error span status message with core SpanStatusType for lan...
• 3e5499a fix(deps): bump next to 15.5.13/16.1.7 to fix CVE-2026-1525, CVE-202-33036 an...
• 6f17b8a fix(cloudflare): Use correct env types for withSentry (#19836)
• b4b9e71 test(nextjs): Skip broken ISR tests (#19871)
• ae7206f feat(remix): Server Timing Headers Trace Propagation (#18653)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 38.40%. Comparing base (53195dd) to head (5af3718).
⚠️ Report is 2 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #737   +/-   ##
=======================================
  Coverage   38.40%   38.40%           
=======================================
  Files         204      204           
  Lines        6945     6945           
=======================================
  Hits         2667     2667           
  Misses       3946     3946           
  Partials      332      332           

Flag	Coverage Δ
go-e2e	42.55% <ø> (ø)
go-integration	15.80% <ø> (ø)
go-macos-15	14.03% <ø> (ø)
go-ubuntu-24.04	13.53% <ø> (ø)
go-ubuntu-24.04-arm	13.01% <ø> (ø)
go-windows-2025	13.26% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[codecov]

Bundle Report

Changes will decrease total bundle size by 277 bytes (-0.01%) ⬇️. This is within the configured threshold ✅

Detailed changes

Bundle name	Size	Change
browser-ext-esm	4.41MB	-277 bytes (-0.01%) ⬇️

Affected Assets, Files, and Routes:

view changes for bundle: browser-ext-esm

Assets Changed:

Asset Name	Size Change	Total Size	Change (%)
sentry-*.js	-277 bytes	314.63kB	-0.09%