build(deps): bump @sentry/browser from 10.28.0 to 10.29.0#2258
build(deps): bump @sentry/browser from 10.28.0 to 10.29.0#2258dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 10.28.0 to 10.29.0. - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md) - [Commits](getsentry/sentry-javascript@10.28.0...10.29.0) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-version: 10.29.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
|
Beginning January 27, 2026, Dependabot will no longer support the @dependabot merge command. Please use GitHub's native pull request controls instead. Please see the changelog announcement for additional details. |
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
| "@popperjs/core": "^2.11.8", | ||
| "@sentry/browser": "^10.28.0", | ||
| "@sentry/browser": "^10.29.0", | ||
| "@toast-ui/editor": "^3.2.2", |
There was a problem hiding this comment.
Bug: Sentry profiling will silently stop working after upgrade due to profilesSampleRate being ignored in v10.29.0.
Severity: CRITICAL | Confidence: High
🔍 Detailed Analysis
After upgrading to v10.29.0, Sentry's JavaScript SDK will silently ignore the profilesSampleRate: 1.0 configuration, which was deprecated in v10.27.0. This will cause profiling data collection to cease without any errors or warnings, despite the application's explicit intent to collect 100% of profiling data as indicated by Sentry.browserProfilingIntegration() and the Document-Policy: js-profiling header. This constitutes a major logical implication where a configured feature becomes inert.
💡 Suggested Fix
Update app/assets/javascripts/base.js to use profileSessionSampleRate instead of profilesSampleRate. Review config/initializers/sentry.rb for similar server-side configuration updates.
🤖 Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.
Location: package.json#L13
Potential issue: After upgrading to v10.29.0, Sentry's JavaScript SDK will silently
ignore the `profilesSampleRate: 1.0` configuration, which was deprecated in v10.27.0.
This will cause profiling data collection to cease without any errors or warnings,
despite the application's explicit intent to collect 100% of profiling data as indicated
by `Sentry.browserProfilingIntegration()` and the `Document-Policy: js-profiling`
header. This constitutes a major logical implication where a configured feature becomes
inert.
Did we get this right? 👍 / 👎 to inform future reviews.
Reference ID: 5684088
1 participant
Bumps @sentry/browser from 10.28.0 to 10.29.0.
Release notes
Sourced from
@sentry/browser's releases.... (truncated)
Changelog
Sourced from
@sentry/browser's changelog.Commits
3529d46release: 10.29.07b3b613Merge pull request #18407 from getsentry/prepare-release/10.29.0477f6admeta(changelog): Update changelog for 10.29.0cf5c4baMerge pull request #18406 from getsentry/manual-master-sync-dev3c5d47fMerge branch 'develop' into manual-master-sync-dev862f415test(nuxt): Relax captured unhandled error assertion (#18397)b6eb205fix(node): Include system message in anthropic-ai messages span (#18332)65f5006fix(tracing): Add missing attributes in vercel-ai spans (#18333)df4c541feat(solid|solidstart): Bump accepted@solidjs/routerrange (#18395)f961771ref(core): Avoid looking up openai integration options (#17695)You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot will merge this PR once CI passes on it, as requested by @openhpi-bot.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)