Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(sveltekit): Check for cached requests in client-side fetch instrumentation #8391

Merged
merged 4 commits into from
Jun 26, 2023

Conversation

Lms24
Copy link
Member

@Lms24 Lms24 commented Jun 22, 2023

As outlined in #8174 (comment), our current SvelteKit fetch instrumentation breaks SvelteKit's request caching mechanism. This is problematic as fetch requests from universal load functions were made again on the client side during hydration although the response was already cached from the initial server-side request.

The reason for the cache miss is that in the instrumentation we add our tracing headers to the requests, which lead to a different cache key than the one produced on the server side.

This PR vendors in code from the SvelteKit repo so that we can perform the same cache lookup in our instrumentation. If the lookup was successful (--> cache hit), we won't attach any headers or create breadcrumbs to 1. let Kit's fetch return the cached response and 2. not add spans for a fetch request that didn't even happen.

Small rant:
I would love to get rid of this code again because it's brittle (hash seed 👀) and adds a good chunk of bundle size. I tried to fix this in SvelteKit but the maintainers don't seem to have a big interest in reviewing/merging this. If SvelteKit would just use window.fetch and add their caching logic around it (which is def. possible), we could get rid of 100s of LoC in this SDK.
For the time being though, we need to add this ugly fix to get rid of the cache misses we cause.

Since this is vendored code, I opted to put it into a vendor subdirectory and added the original MIT license from the Sveltekit repo.

fixes #8174

* @param init second fetch param
* @returns true if a cache hit was encountered, false otherwise
*/
export function isRequestCached(input: URL | RequestInfo, init: RequestInit | undefined): boolean {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This function isn't 100% copied but a good part of its logic is. Therefore I think this should also live in the vendor subdir.

@Lms24 Lms24 marked this pull request as ready for review June 23, 2023 08:31
@Lms24 Lms24 requested review from a team, mydea and lforst and removed request for a team June 23, 2023 08:31
Copy link
Member

@lforst lforst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good :) Just optional suggestions for the tests

packages/sveltekit/test/client/vendor/lookUpCache.test.ts Outdated Show resolved Hide resolved
packages/sveltekit/test/client/vendor/lookUpCache.test.ts Outdated Show resolved Hide resolved
Comment on lines +158 to +160
if (isRequestCached(input, init)) {
return wrappingTarget.apply(thisArg, args);
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Love it. All this vendored code, just for this check 👌

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is our life now 🥲

Copy link
Member

@lforst lforst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good :) Just optional suggestions for the tests

@Lms24 Lms24 enabled auto-merge (squash) June 23, 2023 14:10
@github-actions
Copy link
Contributor

github-actions bot commented Jun 26, 2023

size-limit report 📦

Path Size
@sentry/browser - ES5 CDN Bundle (gzipped + minified) 21.3 KB (+0.62% 🔺)
@sentry/browser - ES5 CDN Bundle (minified) 66.43 KB (+0.46% 🔺)
@sentry/browser - ES6 CDN Bundle (gzipped + minified) 19.82 KB (+0.59% 🔺)
@sentry/browser - ES6 CDN Bundle (minified) 58.9 KB (+0.53% 🔺)
@sentry/browser - Webpack (gzipped + minified) 21.43 KB (+0.48% 🔺)
@sentry/browser - Webpack (minified) 69.87 KB (+0.51% 🔺)
@sentry/react - Webpack (gzipped + minified) 21.46 KB (+0.45% 🔺)
@sentry/nextjs Client - Webpack (gzipped + minified) 49.39 KB (+0.23% 🔺)
@sentry/browser + @sentry/tracing - ES5 CDN Bundle (gzipped + minified) 28.9 KB (+0.37% 🔺)
@sentry/browser + @sentry/tracing - ES6 CDN Bundle (gzipped + minified) 27.12 KB (+0.36% 🔺)
@sentry/replay ES6 CDN Bundle (gzipped + minified) 49.34 KB (+0.02% 🔺)
@sentry/replay - Webpack (gzipped + minified) 43.11 KB (+0.08% 🔺)
@sentry/browser + @sentry/tracing + @sentry/replay - ES6 CDN Bundle (gzipped + minified) 68.48 KB (+0.19% 🔺)
@sentry/browser + @sentry/replay - ES6 CDN Bundle (gzipped + minified) 61.38 KB (+0.21% 🔺)

@Lms24 Lms24 merged commit e583fe9 into develop Jun 26, 2023
@Lms24 Lms24 deleted the lms/fix-sveltekit-fetch-cache-check branch June 26, 2023 08:46
n1k0 pushed a commit to MTES-MCT/ecobalyse that referenced this pull request Jul 21, 2023
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade
@sentry/browser from 7.56.0 to 7.57.0.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

- The recommended version is **2 versions** ahead of your current
version.
- The recommended version was released **23 days ago**, on 2023-06-28.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>@sentry/browser</b></summary>
    <ul>
      <li>
<b>7.57.0</b> - <a
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/releases/tag/7.57.0">2023-06-28</a></br><h3>Important
Changes</h3>
<ul>
<li><strong>build: Update typescript from 3.8.3 to 4.9.5 (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1732343050" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8255"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8255/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8255">#8255</a>)</strong></li>
</ul>
<p>This release version <a
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8255"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8255/hovercard">bumps
the internally used typescript version from 3.8.x to 4.9.x</a>.<br>
We use ds-downlevel to generate two versions of our types, one for
&gt;=3.8, one for &gt;=4.9.<br>
This means that this change should be fully backwards compatible and not
have any noticable user impact,<br>
but if you still encounter issues please let us know.</p>
<ul>
<li><strong>feat(types): Add tracePropagationTargets to top level
options (<a class="issue-link js-issue-link" data-error-text="Failed to
load title" data-id="1771501713" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8395"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8395/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8395">#8395</a>)</strong></li>
</ul>
<p>Instead of passing <code>tracePropagationTargets</code> to the
<code>BrowserTracing</code> integration, you can now define them on the
top level:</p>
<div class="highlight highlight-source-js notranslate position-relative
overflow-auto" data-snippet-clipboard-copy-content="Sentry.init({
  tracePropagationTargets: ['api.site.com'],
});"><pre><span class="pl-v">Sentry</span><span
class="pl-kos">.</span><span class="pl-en">init</span><span
class="pl-kos">(</span><span class="pl-kos">{</span>
<span class="pl-c1">tracePropagationTargets</span>: <span
class="pl-kos">[</span><span class="pl-s">'api.site.com'</span><span
class="pl-kos">]</span><span class="pl-kos">,</span>
<span class="pl-kos">}</span><span class="pl-kos">)</span><span
class="pl-kos">;</span></pre></div>
<ul>
<li><strong>fix(angular): Filter out <code>TryCatch</code> integration
by default (<a class="issue-link js-issue-link" data-error-text="Failed
to load title" data-id="1764938256" data-permission-text="Title is
private"
data-url="getsentry/sentry-javascript#8367"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8367/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8367">#8367</a>)</strong></li>
</ul>
<p>The Angular and Angular-ivy SDKs will not install the TryCatch
integration anymore by default.<br>
This integration conflicted with the <code>SentryErrorHander</code>,
sometimes leading to duplicated errors and/or missing data on
events.</p>
<ul>
<li><strong>feat(browser): Better event name handling for non-Error
objects (<a class="issue-link js-issue-link" data-error-text="Failed to
load title" data-id="1767863342" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8374"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8374/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8374">#8374</a>)</strong></li>
</ul>
<p>When capturing non-errors via <code>Sentry.captureException()</code>,
e.g. <code>Sentry.captureException({ prop: "custom object"
})</code>,<br>
we now generate a more helpful value for the synthetic exception.
Instead of e.g. <code>Non-Error exception captured with keys:
currentTarget, isTrusted, target, type</code>, you'll now get messages
like:</p>
<div class="snippet-clipboard-content notranslate position-relative
overflow-auto" data-snippet-clipboard-copy-content="Object captured as
exception with keys: prop1, prop2
Event `MouseEvent` (type=click) captured as exception
Event `ErrorEvent` captured as exception with message `Script
error.`"><pre class="notranslate"><code>Object captured as exception
with keys: prop1, prop2
Event `MouseEvent` (type=click) captured as exception
Event `ErrorEvent` captured as exception with message `Script error.`
</code></pre></div>
<h3>Other Changes</h3>
<ul>
<li>feat(browser): Send profiles in same envelope as transactions (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1767979830" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8375"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8375/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8375">#8375</a>)</li>
<li>feat(profiling): Collect timings on profiler stop calls (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1777004306" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8409"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8409/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8409">#8409</a>)</li>
<li>feat(replay): Do not capture replays &lt; 5 seconds (GA) (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1736970479" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8277"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8277/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8277">#8277</a>)</li>
<li>feat(tracing): Add experiment to capture http timings (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1765573137" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8371"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8371/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8371">#8371</a>)</li>
<li>feat(tracing): Add <code>http.response.status_code</code> to
<code>span.data</code> (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1764892325"
data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8366"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8366/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8366">#8366</a>)</li>
<li>fix(angular): Stop routing spans on navigation cancel and error
events (<a class="issue-link js-issue-link" data-error-text="Failed to
load title" data-id="1765286148" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8369"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8369/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8369">#8369</a>)</li>
<li>fix(core): Only start spans in <code>trace</code> if tracing is
enabled (<a class="issue-link js-issue-link" data-error-text="Failed to
load title" data-id="1763395305" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8357"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8357/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8357">#8357</a>)</li>
<li>fix(nextjs): Inject init calls via loader instead of via entrypoints
(<a class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1764971073" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8368"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8368/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8368">#8368</a>)</li>
<li>fix(replay): Mark ui.slowClickDetected <code>clickCount</code> as
optional (<a class="issue-link js-issue-link" data-error-text="Failed to
load title" data-id="1768099155" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8376"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8376/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8376">#8376</a>)</li>
<li>fix(serverless): Export
<code>autoDiscoverNodePerformanceMonitoringIntegrations</code> from SDK
(<a class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1769506334" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8382"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8382/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8382">#8382</a>)</li>
<li>fix(sveltekit): Check for cached requests in client-side fetch
instrumentation (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1770104495"
data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8391"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8391/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8391">#8391</a>)</li>
<li>fix(sveltekit): Only instrument SvelteKit <code>fetch</code> if the
SDK client is valid (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1769261512"
data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8381"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8381/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8381">#8381</a>)</li>
<li>fix(tracing): Instrument Prisma client in constructor of integration
(<a class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1769565969" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8383"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8383/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8383">#8383</a>)</li>
<li>ref(replay): More graceful <code>sessionStorage</code> check (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1770880521" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8394"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8394/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8394">#8394</a>)</li>
<li>ref(replay): Remove circular dep in replay eventBuffer (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1769990964" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8389"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8389/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8389">#8389</a>)</li>
</ul>
<h2>Bundle size <g-emoji class="g-emoji" alias="package"
fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f4e6.png">📦</g-emoji></h2>
<table>
<thead>
<tr>
<th>Path</th>
<th>Size</th>
</tr>
</thead>
<tbody>
<tr>
<td>@ sentry/browser - ES5 CDN Bundle (gzipped + minified)</td>
<td>21.49 KB</td>
</tr>
<tr>
<td>@ sentry/browser - ES5 CDN Bundle (minified)</td>
<td>67.59 KB</td>
</tr>
<tr>
<td>@ sentry/browser - ES6 CDN Bundle (gzipped + minified)</td>
<td>19.82 KB</td>
</tr>
<tr>
<td>@ sentry/browser - ES6 CDN Bundle (minified)</td>
<td>58.9 KB</td>
</tr>
<tr>
<td>@ sentry/browser - Webpack (gzipped + minified)</td>
<td>21.43 KB</td>
</tr>
<tr>
<td>@ sentry/browser - Webpack (minified)</td>
<td>69.87 KB</td>
</tr>
<tr>
<td>@ sentry/react - Webpack (gzipped + minified)</td>
<td>21.46 KB</td>
</tr>
<tr>
<td>@ sentry/nextjs Client - Webpack (gzipped + minified)</td>
<td>49.81 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/tracing - ES5 CDN Bundle (gzipped +
minified)</td>
<td>29.39 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/tracing - ES6 CDN Bundle (gzipped +
minified)</td>
<td>27.48 KB</td>
</tr>
<tr>
<td>@ sentry/replay ES6 CDN Bundle (gzipped + minified)</td>
<td>49.34 KB</td>
</tr>
<tr>
<td>@ sentry/replay - Webpack (gzipped + minified)</td>
<td>43.11 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/tracing + @ sentry/replay - ES6 CDN
Bundle (gzipped + minified)</td>
<td>68.82 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/replay - ES6 CDN Bundle (gzipped +
minified)</td>
<td>61.38 KB</td>
</tr>
</tbody>
</table>
      </li>
      <li>
<b>7.57.0-beta.0</b> - <a
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/releases/tag/7.57.0-beta.0">2023-06-21</a></br><p>This
beta version <a
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8255"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8255/hovercard">bumps
the internally used typescript version from 3.8.x to 4.9.x</a>.<br>
We use ds-downlevel to generate two versions of our types, one for
&gt;=3.8, one for &gt;=4.9.<br>
This means that this change should be fully backwards compatible and not
have any noticable user impact.</p>
<p>However, since this touches the whole code base, we decided to
release this as a beta first in order to ensure this is fully
stable.</p>
<h3>Other Changes</h3>
<ul>
<li>feat(replay): Do not capture replays &lt; 5 seconds (GA) (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1736970479" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8277"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8277/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8277">#8277</a>)</li>
</ul>
<h2>Bundle size <g-emoji class="g-emoji" alias="package"
fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f4e6.png">📦</g-emoji></h2>
<table>
<thead>
<tr>
<th>Path</th>
<th>Size</th>
</tr>
</thead>
<tbody>
<tr>
<td>@ sentry/browser - ES5 CDN Bundle (gzipped + minified)</td>
<td>21.38 KB</td>
</tr>
<tr>
<td>@ sentry/browser - ES5 CDN Bundle (minified)</td>
<td>67.24 KB</td>
</tr>
<tr>
<td>@ sentry/browser - ES6 CDN Bundle (gzipped + minified)</td>
<td>19.72 KB</td>
</tr>
<tr>
<td>@ sentry/browser - ES6 CDN Bundle (minified)</td>
<td>58.61 KB</td>
</tr>
<tr>
<td>@ sentry/browser - Webpack (gzipped + minified)</td>
<td>21.34 KB</td>
</tr>
<tr>
<td>@ sentry/browser - Webpack (minified)</td>
<td>69.53 KB</td>
</tr>
<tr>
<td>@ sentry/react - Webpack (gzipped + minified)</td>
<td>21.37 KB</td>
</tr>
<tr>
<td>@ sentry/nextjs Client - Webpack (gzipped + minified)</td>
<td>49.29 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/tracing - ES5 CDN Bundle (gzipped +
minified)</td>
<td>29.03 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/tracing - ES6 CDN Bundle (gzipped +
minified)</td>
<td>27.04 KB</td>
</tr>
<tr>
<td>@ sentry/replay ES6 CDN Bundle (gzipped + minified)</td>
<td>49.34 KB</td>
</tr>
<tr>
<td>@ sentry/replay - Webpack (gzipped + minified)</td>
<td>43.08 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/tracing + @ sentry/replay - ES6 CDN
Bundle (gzipped + minified)</td>
<td>68.37 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/replay - ES6 CDN Bundle (gzipped +
minified)</td>
<td>61.27 KB</td>
</tr>
</tbody>
</table>
      </li>
      <li>
        <b>7.56.0</b> - 2023-06-19
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/releases">@sentry/browser
GitHub release notes</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI0MzczZjBlYi1iMTUyLTQ3Y2QtOTkxNi0yMzQ5NzY5NDIxZTIiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjQzNzNmMGViLWIxNTItNDdjZC05OTE2LTIzNDk3Njk0MjFlMiJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/mtes-mct/project/8a1190df-0364-4a9a-93bd-a9f28b54daf6?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/mtes-mct/project/8a1190df-0364-4a9a-93bd-a9f28b54daf6/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/mtes-mct/project/8a1190df-0364-4a9a-93bd-a9f28b54daf6/settings/integration?pkg&#x3D;@sentry/browser&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"4373f0eb-b152-47cd-9916-2349769421e2","prPublicId":"4373f0eb-b152-47cd-9916-2349769421e2","dependencies":[{"name":"@sentry/browser","from":"7.56.0","to":"7.57.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/mtes-mct/project/8a1190df-0364-4a9a-93bd-a9f28b54daf6?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"8a1190df-0364-4a9a-93bd-a9f28b54daf6","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":2,"publishedDate":"2023-06-28T15:27:04.479Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
n1k0 pushed a commit to MTES-MCT/ecobalyse that referenced this pull request Jul 21, 2023
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade
@sentry/tracing from 7.56.0 to 7.57.0.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

- The recommended version is **2 versions** ahead of your current
version.
- The recommended version was released **23 days ago**, on 2023-06-28.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>@sentry/tracing</b></summary>
    <ul>
      <li>
<b>7.57.0</b> - <a
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/releases/tag/7.57.0">2023-06-28</a></br><h3>Important
Changes</h3>
<ul>
<li><strong>build: Update typescript from 3.8.3 to 4.9.5 (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1732343050" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8255"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8255/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8255">#8255</a>)</strong></li>
</ul>
<p>This release version <a
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8255"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8255/hovercard">bumps
the internally used typescript version from 3.8.x to 4.9.x</a>.<br>
We use ds-downlevel to generate two versions of our types, one for
&gt;=3.8, one for &gt;=4.9.<br>
This means that this change should be fully backwards compatible and not
have any noticable user impact,<br>
but if you still encounter issues please let us know.</p>
<ul>
<li><strong>feat(types): Add tracePropagationTargets to top level
options (<a class="issue-link js-issue-link" data-error-text="Failed to
load title" data-id="1771501713" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8395"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8395/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8395">#8395</a>)</strong></li>
</ul>
<p>Instead of passing <code>tracePropagationTargets</code> to the
<code>BrowserTracing</code> integration, you can now define them on the
top level:</p>
<div class="highlight highlight-source-js notranslate position-relative
overflow-auto" data-snippet-clipboard-copy-content="Sentry.init({
  tracePropagationTargets: ['api.site.com'],
});"><pre><span class="pl-v">Sentry</span><span
class="pl-kos">.</span><span class="pl-en">init</span><span
class="pl-kos">(</span><span class="pl-kos">{</span>
<span class="pl-c1">tracePropagationTargets</span>: <span
class="pl-kos">[</span><span class="pl-s">'api.site.com'</span><span
class="pl-kos">]</span><span class="pl-kos">,</span>
<span class="pl-kos">}</span><span class="pl-kos">)</span><span
class="pl-kos">;</span></pre></div>
<ul>
<li><strong>fix(angular): Filter out <code>TryCatch</code> integration
by default (<a class="issue-link js-issue-link" data-error-text="Failed
to load title" data-id="1764938256" data-permission-text="Title is
private"
data-url="getsentry/sentry-javascript#8367"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8367/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8367">#8367</a>)</strong></li>
</ul>
<p>The Angular and Angular-ivy SDKs will not install the TryCatch
integration anymore by default.<br>
This integration conflicted with the <code>SentryErrorHander</code>,
sometimes leading to duplicated errors and/or missing data on
events.</p>
<ul>
<li><strong>feat(browser): Better event name handling for non-Error
objects (<a class="issue-link js-issue-link" data-error-text="Failed to
load title" data-id="1767863342" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8374"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8374/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8374">#8374</a>)</strong></li>
</ul>
<p>When capturing non-errors via <code>Sentry.captureException()</code>,
e.g. <code>Sentry.captureException({ prop: "custom object"
})</code>,<br>
we now generate a more helpful value for the synthetic exception.
Instead of e.g. <code>Non-Error exception captured with keys:
currentTarget, isTrusted, target, type</code>, you'll now get messages
like:</p>
<div class="snippet-clipboard-content notranslate position-relative
overflow-auto" data-snippet-clipboard-copy-content="Object captured as
exception with keys: prop1, prop2
Event `MouseEvent` (type=click) captured as exception
Event `ErrorEvent` captured as exception with message `Script
error.`"><pre class="notranslate"><code>Object captured as exception
with keys: prop1, prop2
Event `MouseEvent` (type=click) captured as exception
Event `ErrorEvent` captured as exception with message `Script error.`
</code></pre></div>
<h3>Other Changes</h3>
<ul>
<li>feat(browser): Send profiles in same envelope as transactions (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1767979830" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8375"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8375/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8375">#8375</a>)</li>
<li>feat(profiling): Collect timings on profiler stop calls (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1777004306" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8409"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8409/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8409">#8409</a>)</li>
<li>feat(replay): Do not capture replays &lt; 5 seconds (GA) (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1736970479" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8277"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8277/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8277">#8277</a>)</li>
<li>feat(tracing): Add experiment to capture http timings (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1765573137" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8371"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8371/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8371">#8371</a>)</li>
<li>feat(tracing): Add <code>http.response.status_code</code> to
<code>span.data</code> (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1764892325"
data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8366"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8366/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8366">#8366</a>)</li>
<li>fix(angular): Stop routing spans on navigation cancel and error
events (<a class="issue-link js-issue-link" data-error-text="Failed to
load title" data-id="1765286148" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8369"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8369/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8369">#8369</a>)</li>
<li>fix(core): Only start spans in <code>trace</code> if tracing is
enabled (<a class="issue-link js-issue-link" data-error-text="Failed to
load title" data-id="1763395305" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8357"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8357/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8357">#8357</a>)</li>
<li>fix(nextjs): Inject init calls via loader instead of via entrypoints
(<a class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1764971073" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8368"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8368/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8368">#8368</a>)</li>
<li>fix(replay): Mark ui.slowClickDetected <code>clickCount</code> as
optional (<a class="issue-link js-issue-link" data-error-text="Failed to
load title" data-id="1768099155" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8376"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8376/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8376">#8376</a>)</li>
<li>fix(serverless): Export
<code>autoDiscoverNodePerformanceMonitoringIntegrations</code> from SDK
(<a class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1769506334" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8382"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8382/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8382">#8382</a>)</li>
<li>fix(sveltekit): Check for cached requests in client-side fetch
instrumentation (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1770104495"
data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8391"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8391/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8391">#8391</a>)</li>
<li>fix(sveltekit): Only instrument SvelteKit <code>fetch</code> if the
SDK client is valid (<a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1769261512"
data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8381"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8381/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8381">#8381</a>)</li>
<li>fix(tracing): Instrument Prisma client in constructor of integration
(<a class="issue-link js-issue-link" data-error-text="Failed to load
title" data-id="1769565969" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8383"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8383/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8383">#8383</a>)</li>
<li>ref(replay): More graceful <code>sessionStorage</code> check (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1770880521" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8394"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8394/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8394">#8394</a>)</li>
<li>ref(replay): Remove circular dep in replay eventBuffer (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1769990964" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8389"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8389/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8389">#8389</a>)</li>
</ul>
<h2>Bundle size <g-emoji class="g-emoji" alias="package"
fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f4e6.png">📦</g-emoji></h2>
<table>
<thead>
<tr>
<th>Path</th>
<th>Size</th>
</tr>
</thead>
<tbody>
<tr>
<td>@ sentry/browser - ES5 CDN Bundle (gzipped + minified)</td>
<td>21.49 KB</td>
</tr>
<tr>
<td>@ sentry/browser - ES5 CDN Bundle (minified)</td>
<td>67.59 KB</td>
</tr>
<tr>
<td>@ sentry/browser - ES6 CDN Bundle (gzipped + minified)</td>
<td>19.82 KB</td>
</tr>
<tr>
<td>@ sentry/browser - ES6 CDN Bundle (minified)</td>
<td>58.9 KB</td>
</tr>
<tr>
<td>@ sentry/browser - Webpack (gzipped + minified)</td>
<td>21.43 KB</td>
</tr>
<tr>
<td>@ sentry/browser - Webpack (minified)</td>
<td>69.87 KB</td>
</tr>
<tr>
<td>@ sentry/react - Webpack (gzipped + minified)</td>
<td>21.46 KB</td>
</tr>
<tr>
<td>@ sentry/nextjs Client - Webpack (gzipped + minified)</td>
<td>49.81 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/tracing - ES5 CDN Bundle (gzipped +
minified)</td>
<td>29.39 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/tracing - ES6 CDN Bundle (gzipped +
minified)</td>
<td>27.48 KB</td>
</tr>
<tr>
<td>@ sentry/replay ES6 CDN Bundle (gzipped + minified)</td>
<td>49.34 KB</td>
</tr>
<tr>
<td>@ sentry/replay - Webpack (gzipped + minified)</td>
<td>43.11 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/tracing + @ sentry/replay - ES6 CDN
Bundle (gzipped + minified)</td>
<td>68.82 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/replay - ES6 CDN Bundle (gzipped +
minified)</td>
<td>61.38 KB</td>
</tr>
</tbody>
</table>
      </li>
      <li>
<b>7.57.0-beta.0</b> - <a
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/releases/tag/7.57.0-beta.0">2023-06-21</a></br><p>This
beta version <a
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8255"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8255/hovercard">bumps
the internally used typescript version from 3.8.x to 4.9.x</a>.<br>
We use ds-downlevel to generate two versions of our types, one for
&gt;=3.8, one for &gt;=4.9.<br>
This means that this change should be fully backwards compatible and not
have any noticable user impact.</p>
<p>However, since this touches the whole code base, we decided to
release this as a beta first in order to ensure this is fully
stable.</p>
<h3>Other Changes</h3>
<ul>
<li>feat(replay): Do not capture replays &lt; 5 seconds (GA) (<a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1736970479" data-permission-text="Title is private"
data-url="getsentry/sentry-javascript#8277"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/8277/hovercard"
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/pull/8277">#8277</a>)</li>
</ul>
<h2>Bundle size <g-emoji class="g-emoji" alias="package"
fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f4e6.png">📦</g-emoji></h2>
<table>
<thead>
<tr>
<th>Path</th>
<th>Size</th>
</tr>
</thead>
<tbody>
<tr>
<td>@ sentry/browser - ES5 CDN Bundle (gzipped + minified)</td>
<td>21.38 KB</td>
</tr>
<tr>
<td>@ sentry/browser - ES5 CDN Bundle (minified)</td>
<td>67.24 KB</td>
</tr>
<tr>
<td>@ sentry/browser - ES6 CDN Bundle (gzipped + minified)</td>
<td>19.72 KB</td>
</tr>
<tr>
<td>@ sentry/browser - ES6 CDN Bundle (minified)</td>
<td>58.61 KB</td>
</tr>
<tr>
<td>@ sentry/browser - Webpack (gzipped + minified)</td>
<td>21.34 KB</td>
</tr>
<tr>
<td>@ sentry/browser - Webpack (minified)</td>
<td>69.53 KB</td>
</tr>
<tr>
<td>@ sentry/react - Webpack (gzipped + minified)</td>
<td>21.37 KB</td>
</tr>
<tr>
<td>@ sentry/nextjs Client - Webpack (gzipped + minified)</td>
<td>49.29 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/tracing - ES5 CDN Bundle (gzipped +
minified)</td>
<td>29.03 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/tracing - ES6 CDN Bundle (gzipped +
minified)</td>
<td>27.04 KB</td>
</tr>
<tr>
<td>@ sentry/replay ES6 CDN Bundle (gzipped + minified)</td>
<td>49.34 KB</td>
</tr>
<tr>
<td>@ sentry/replay - Webpack (gzipped + minified)</td>
<td>43.08 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/tracing + @ sentry/replay - ES6 CDN
Bundle (gzipped + minified)</td>
<td>68.37 KB</td>
</tr>
<tr>
<td>@ sentry/browser + @ sentry/replay - ES6 CDN Bundle (gzipped +
minified)</td>
<td>61.27 KB</td>
</tr>
</tbody>
</table>
      </li>
      <li>
        <b>7.56.0</b> - 2023-06-19
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/getsentry/sentry-javascript/releases">@sentry/tracing
GitHub release notes</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI3NzRmZmVjZC03ZmJkLTRlZTEtYTI0Mi1hMWMzNTBkMjNmYTMiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6Ijc3NGZmZWNkLTdmYmQtNGVlMS1hMjQyLWExYzM1MGQyM2ZhMyJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/mtes-mct/project/8a1190df-0364-4a9a-93bd-a9f28b54daf6?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/mtes-mct/project/8a1190df-0364-4a9a-93bd-a9f28b54daf6/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/mtes-mct/project/8a1190df-0364-4a9a-93bd-a9f28b54daf6/settings/integration?pkg&#x3D;@sentry/tracing&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"774ffecd-7fbd-4ee1-a242-a1c350d23fa3","prPublicId":"774ffecd-7fbd-4ee1-a242-a1c350d23fa3","dependencies":[{"name":"@sentry/tracing","from":"7.56.0","to":"7.57.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/mtes-mct/project/8a1190df-0364-4a9a-93bd-a9f28b54daf6?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"8a1190df-0364-4a9a-93bd-a9f28b54daf6","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":2,"publishedDate":"2023-06-28T15:27:04.555Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Svelte Kit fetch requests are repeated again during client hydration
2 participants