[Snyk] Upgrade @sentry/tracing from 7.16.0 to 7.120.4

[q1blue]

Snyk has created this PR to upgrade @sentry/tracing from 7.16.0 to 7.120.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 161 versions ahead of your current version.

• The recommended version was released 2 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LUXON-3225081	69	Proof of Concept
	Improper Handling of Exceptional Conditions SNYK-JS-OCTOKITWEBHOOKS-6129527	69	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	69	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	69	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	69	Proof of Concept
	Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	69	No Known Exploit
	Excessive Platform Resource Consumption within a Loop SNYK-JS-BRACES-6838727	69	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	69	Proof of Concept
	Denial of Service (DoS) SNYK-JS-SOCKETIOPARSER-5596892	69	No Known Exploit
	Improper Handling of Extra Parameters SNYK-JS-FOLLOWREDIRECTS-6141137	69	Proof of Concept
	Sandbox Bypass SNYK-JS-WEBPACK-3358798	69	Proof of Concept
	Path Traversal SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555	69	Proof of Concept
	Denial of Service (DoS) SNYK-JS-HTTPPROXYMIDDLEWARE-8229906	69	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	69	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	69	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	69	Proof of Concept
	Improper Check for Unusual or Exceptional Conditions SNYK-JS-HTTPPROXYMIDDLEWARE-9691389	69	No Known Exploit
	Prototype Pollution SNYK-JS-JSON5-3182856	69	Proof of Concept
	Improper Authentication SNYK-JS-JSONWEBTOKEN-3180022	69	No Known Exploit
	Improper Restriction of Security Token Assignment SNYK-JS-JSONWEBTOKEN-3180024	69	No Known Exploit
	Use of a Broken or Risky Cryptographic Algorithm SNYK-JS-JSONWEBTOKEN-3180026	69	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	69	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	69	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	69	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	69	No Known Exploit
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	69	No Known Exploit
	Improper Input Validation SNYK-JS-NANOID-8492085	69	No Known Exploit
	Improper Handling of Unexpected Data Type SNYK-JS-ONHEADERS-10773729	69	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	69	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	69	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	69	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-8482416	69	Proof of Concept
	Improper Input Validation SNYK-JS-POSTCSS-5926692	69	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELHELPERS-9397697	69	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIMECOREJS3-9397696	69	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	69	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	69	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SIDEWAYFORMULA-3317169	69	No Known Exploit
	Open Redirect SNYK-JS-EXPRESS-6474509	69	No Known Exploit
	Cross-site Scripting SNYK-JS-EXPRESS-7926867	69	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-3244450	69	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-WEBPACK-7840298	69	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	69	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	69	Proof of Concept
	Always-Incorrect Control Flow Implementation SNYK-JS-HTTPPROXYMIDDLEWARE-9691387	69	No Known Exploit
	Cross-site Scripting SNYK-JS-SEND-7926862	69	No Known Exploit
	Arbitrary Code Injection SNYK-JS-PRISMJS-9055448	69	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	69	Proof of Concept
	Prototype Pollution SNYK-JS-XML2JS-5414874	69	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	69	Proof of Concept
	Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	69	No Known Exploit

Release notes

Package name: @sentry/tracing

• 7.120.4 - 2025-07-29
• 7.120.4-alpha.1 - 2025-07-29
• 7.120.3 - 2025-01-10
• 7.120.2 - 2024-12-13
• 7.120.1 - 2024-12-05
• 7.120.0 - 2024-11-13
• 7.119.2 - 2024-10-10
• 7.119.1 - 2024-10-04
• 7.119.0 - 2024-08-14
• 7.118.0 - 2024-06-21
• 7.117.0 - 2024-06-10
• 7.116.0 - 2024-05-17
• 7.115.0 - 2024-05-16
• 7.114.0 - 2024-05-08
• 7.113.0 - 2024-05-02
• 7.112.2 - 2024-04-24
• 7.112.1 - 2024-04-23
• 7.112.0 - 2024-04-23
• 7.111.0 - 2024-04-18
• 7.110.1 - 2024-04-15
• 7.110.0 - 2024-04-11
• 7.109.0 - 2024-03-28
• 7.108.0 - 2024-03-22
• 7.107.0 - 2024-03-14
• 7.106.1 - 2024-03-11
• 7.106.0 - 2024-03-08
• 7.105.0 - 2024-03-04
• 7.104.0 - 2024-02-29
• 7.103.0 - 2024-02-27
• 7.102.1 - 2024-02-22
• 7.102.0 - 2024-02-20
• 7.101.1 - 2024-02-15
• 7.101.0 - 2024-02-13
• 7.100.1 - 2024-02-07
• 7.100.0 - 2024-02-06
• 7.99.0 - 2024-01-30
• 7.98.0 - 2024-01-25
• 7.97.0 - 2024-01-25
• 7.95.0 - 2024-01-23
• 7.94.1 - 2024-01-19
• 7.93.0 - 2024-01-10
• 7.92.0 - 2024-01-04
• 7.91.0 - 2023-12-22
• 7.90.0 - 2023-12-20
• 7.89.0 - 2023-12-19
• 7.88.0 - 2023-12-14
• 7.87.0 - 2023-12-13
• 7.86.0 - 2023-12-07
• 7.85.0 - 2023-12-04
• 7.84.0 - 2023-11-30
• 7.83.0 - 2023-11-28
• 7.82.0 - 2023-11-27
• 7.81.1 - 2023-11-21
• 7.81.0 - 2023-11-20
• 7.80.2-alpha.1 - 2023-11-15
• 7.80.2-alpha.0 - 2023-11-14
• 7.80.1 - 2023-11-14
• 7.80.0 - 2023-11-09
• 7.79.0 - 2023-11-08
• 7.78.0 - 2023-11-08
• 7.77.0 - 2023-10-31
• 7.76.0 - 2023-10-27
• 7.75.1 - 2023-10-25
• 7.75.0 - 2023-10-24
• 7.74.2-alpha.1 - 2023-10-23
• 7.74.1 - 2023-10-17
• 7.74.0 - 2023-10-13
• 7.73.0 - 2023-10-02
• 7.72.0 - 2023-09-26
• 7.71.0 - 2023-09-25
• 7.70.0 - 2023-09-20
• 7.70.0-beta.1 - 2023-09-15
• 7.70.0-beta.0 - 2023-09-14
• 7.69.0 - 2023-09-13
• 7.68.0 - 2023-09-06
• 7.67.0 - 2023-09-05
• 7.67.0-beta.0 - 2023-08-31
• 7.66.0 - 2023-08-30
• 7.66.0-alpha.0 - 2023-08-29
• 7.65.0 - 2023-08-28
• 7.65.0-alpha.0 - 2023-08-16
• 7.64.0 - 2023-08-14
• 7.64.0-alpha.0 - 2023-08-11
• 7.63.0 - 2023-08-10
• 7.62.0 - 2023-08-09
• 7.61.1 - 2023-08-04
• 7.61.0 - 2023-07-31
• 7.60.1 - 2023-07-26
• 7.60.0 - 2023-07-21
• 7.59.3 - 2023-07-19
• 7.59.2 - 2023-07-18
• 7.59.1 - 2023-07-18
• 7.59.0 - 2023-07-17
• 7.59.0-beta.1 - 2023-07-17
• 7.59.0-beta.0 - 2023-07-13
• 7.58.1 - 2023-07-13
• 7.58.0 - 2023-07-12
• 7.57.0 - 2023-06-28
• 7.57.0-beta.0 - 2023-06-21
• 7.56.0 - 2023-06-19
• 7.55.2 - 2023-06-14
• 7.55.1 - 2023-06-14
• 7.55.0 - 2023-06-13
• 7.54.0 - 2023-06-01
• 7.53.1 - 2023-05-24
• 7.53.0 - 2023-05-23
• 7.52.1 - 2023-05-15
• 7.52.0 - 2023-05-15
• 7.51.2 - 2023-05-08
• 7.51.1 - 2023-05-08
• 7.51.0 - 2023-05-04
• 7.50.0 - 2023-04-27
• 7.49.0 - 2023-04-20
• 7.48.0 - 2023-04-14
• 7.47.0 - 2023-04-05
• 7.46.0 - 2023-03-30
• 7.45.0 - 2023-03-24
• 7.44.2 - 2023-03-21
• 7.44.1 - 2023-03-20
• 7.44.0 - 2023-03-20
• 7.43.0 - 2023-03-13
• 7.42.0 - 2023-03-09
• 7.41.0 - 2023-03-06
• 7.40.0 - 2023-03-01
• 7.39.0 - 2023-02-27
• 7.38.0 - 2023-02-17
• 7.37.2 - 2023-02-13
• 7.37.1 - 2023-02-10
• 7.37.0 - 2023-02-09
• 7.36.0 - 2023-02-02
• 7.35.0 - 2023-02-01
• 7.34.0 - 2023-01-26
• 7.34.0-beta.0 - 2023-01-25
• 7.33.0 - 2023-01-24
• 7.32.1 - 2023-01-23
• 7.32.0 - 2023-01-23
• 7.31.1 - 2023-01-17
• 7.31.0 - 2023-01-16
• 7.30.0 - 2023-01-10
• 7.29.0 - 2023-01-04
• 7.28.1 - 2022-12-22
• 7.28.0 - 2022-12-20
• 7.27.0 - 2022-12-16
• 7.26.0 - 2022-12-13
• 7.25.0 - 2022-12-12
• 7.24.2 - 2022-12-07
• 7.24.1 - 2022-12-07
• 7.24.0 - 2022-12-07
• 7.23.0 - 2022-12-01
• 7.22.0 - 2022-11-29
• 7.21.1 - 2022-11-23
• 7.21.0 - 2022-11-22
• 7.20.1 - 2022-11-21
• 7.20.0 - 2022-11-17
• 7.19.0 - 2022-11-10
• 7.18.0 - 2022-11-08
• 7.17.4 - 2022-11-03
• 7.17.3 - 2022-10-31
• 7.17.2 - 2022-10-28
• 7.17.1 - 2022-10-27
• 7.17.0 - 2022-10-27
• 7.16.0 - 2022-10-19

from @sentry/tracing GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[changeset-bot]

⚠️ No Changeset found

Latest commit: 2738c09

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​types/​koa__cors@​5.0.0
	npm/​@​types/​node-schedule@​2.1.8
	npm/​@​types/​tail@​2.2.3
	npm/​@​types/​tiny-async-pool@​2.0.3
	npm/​@​types/​koa-static@​4.0.4
	npm/​@​types/​koa-router@​7.4.8
	npm/​@​types/​mysql@​2.15.27
	npm/​@​types/​koa@​3.0.0
	npm/​@​types/​async@​3.2.25
	npm/​@​types/​validator@​13.15.3
	npm/​@​goparrot/​geocoder@​4.5.0
	npm/​@​koa/​cors@​5.0.0

View full report