Skip to content

chore(deps): bump the all-non-major group with 2 updates#33

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/all-non-major-e128ecc345
Closed

chore(deps): bump the all-non-major group with 2 updates#33
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/all-non-major-e128ecc345

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github Mar 20, 2026
edited
Loading

Bumps the all-non-major group with 2 updates: @sentry/nextjs and next.

Updates @sentry/nextjs from 10.43.0 to 10.45.0

Release notes

Sourced from @​sentry/nextjs's releases.

10.45.0

Important Changes

  • feat(remix): Server Timing Headers Trace Propagation (#18653)

    The Remix SDK now supports automatic trace propagation via Server-Timing response headers to continue pageload traces on the client side. This means, you no longer have to define a custom meta function to add Sentry <meta> tags to your page as previously. We'll update out Remix tracing docs after this release.

Other Changes

  • fix(cloudflare): Use correct env types for withSentry (#19836)
  • fix(core): Align error span status message with core SpanStatusType for langchain/google-genai (#19863)
  • fix(deno): Clear pre-existing OTel global before registering TracerProvider (#19723)
  • fix(nextjs): Skip tracing for tunnel requests (#19861)
  • fix(node-core): Recycle propagationContext for each request (#19835)
  • ref(core): Simplify core utility functions for smaller bundle (#19854)
  • chore(deps): bump next from 16.1.5 to 16.1.7 in /dev-packages/e2e-tests/test-applications/nextjs-16 (#19851)
  • ci(release): Switch from action-prepare-release to Craft (#18763)
  • fix(deps): bump devalue 5.6.3 to 5.6.4 to fix CVE-2026-30226 (#19849)
  • fix(deps): bump file-type to 21.3.2 and @​nestjs/common to 11.1.17 (#19847)
  • fix(deps): bump flatted 3.3.1 to 3.4.2 to fix CVE-2026-32141 (#19842)
  • fix(deps): bump hono 4.12.5 to 4.12.7 in cloudflare-hono E2E test app (#19850)
  • fix(deps): bump next to 15.5.13/16.1.7 to fix CVE-2026-1525, CVE-202-33036 and related (#19870)
  • fix(deps): bump tar 7.5.10 to 7.5.11 to fix CVE-2026-31802 (#19846)
  • fix(deps): bump undici 6.23.0 to 6.24.1 to fix multiple CVEs (#19841)
  • fix(deps): bump unhead 2.1.4 to 2.1.12 to fix CVE-2026-31860 and CVE-2026-31873 (#19848)
  • test(nextjs): Skip broken ISR tests (#19871)
  • test(react): Add gql tests for react router (#19844)

Bundle size 📦

Path Size
@​sentry/browser 24.93 KB
@​sentry/browser - with treeshaking flags 23.47 KB
@​sentry/browser (incl. Tracing) 41.51 KB
@​sentry/browser (incl. Tracing, Profiling) 46.07 KB
@​sentry/browser (incl. Tracing, Replay) 79.41 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags 69.22 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) 84 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) 95.97 KB
@​sentry/browser (incl. Feedback) 41.35 KB
@​sentry/browser (incl. sendFeedback) 29.49 KB

... (truncated)

Changelog

Sourced from @​sentry/nextjs's changelog.

10.45.0

Important Changes

  • feat(remix): Server Timing Headers Trace Propagation (#18653)

    The Remix SDK now supports automatic trace propagation via Server-Timing response headers to continue pageload traces on the client side. This means, you no longer have to define a custom meta function to add Sentry <meta> tags to your page as previously. We'll update out Remix tracing docs after this release.

Other Changes

  • fix(cloudflare): Use correct env types for withSentry (#19836)
  • fix(core): Align error span status message with core SpanStatusType for langchain/google-genai (#19863)
  • fix(deno): Clear pre-existing OTel global before registering TracerProvider (#19723)
  • fix(nextjs): Skip tracing for tunnel requests (#19861)
  • fix(node-core): Recycle propagationContext for each request (#19835)
  • ref(core): Simplify core utility functions for smaller bundle (#19854)
  • chore(deps): bump next from 16.1.5 to 16.1.7 in /dev-packages/e2e-tests/test-applications/nextjs-16 (#19851)
  • ci(release): Switch from action-prepare-release to Craft (#18763)
  • fix(deps): bump devalue 5.6.3 to 5.6.4 to fix CVE-2026-30226 (#19849)
  • fix(deps): bump file-type to 21.3.2 and @​nestjs/common to 11.1.17 (#19847)
  • fix(deps): bump flatted 3.3.1 to 3.4.2 to fix CVE-2026-32141 (#19842)
  • fix(deps): bump hono 4.12.5 to 4.12.7 in cloudflare-hono E2E test app (#19850)
  • fix(deps): bump next to 15.5.13/16.1.7 to fix CVE-2026-1525, CVE-202-33036 and related (#19870)
  • fix(deps): bump tar 7.5.10 to 7.5.11 to fix CVE-2026-31802 (#19846)
  • fix(deps): bump undici 6.23.0 to 6.24.1 to fix multiple CVEs (#19841)
  • fix(deps): bump unhead 2.1.4 to 2.1.12 to fix CVE-2026-31860 and CVE-2026-31873 (#19848)
  • test(nextjs): Skip broken ISR tests (#19871)
  • test(react): Add gql tests for react router (#19844)

10.44.0

Important Changes

  • feat(effect): Add @sentry/effect SDK (Alpha) (#19644)

    This release introduces @sentry/effect, a new SDK for Effect.ts applications. The SDK provides Sentry integration via composable Effect layers for both Node.js and browser environments.

    Compose the effectLayer with optional tracing, logging, and metrics layers to instrument your Effect application:

    import * as Sentry from '@sentry/effect';
import * as Layer from 'effect/Layer';

... (truncated)

Commits
  • ef79d28 release: 10.45.0
  • 28208bc Merge pull request #19877 from getsentry/prepare-release/10.45.0
  • 2e2fd35 meta(changelog): Update changelog for 10.45.0
  • 79241b0 fix(nextjs): Skip tracing for tunnel requests (#19861)
  • 938ab2d ref(core): Simplify core utility functions for smaller bundle (#19854)
  • 3bb4325 fix(core): Align error span status message with core SpanStatusType for lan...
  • 3e5499a fix(deps): bump next to 15.5.13/16.1.7 to fix CVE-2026-1525, CVE-202-33036 an...
  • 6f17b8a fix(cloudflare): Use correct env types for withSentry (#19836)
  • b4b9e71 test(nextjs): Skip broken ISR tests (#19871)
  • ae7206f feat(remix): Server Timing Headers Trace Propagation (#18653)
  • Additional commits viewable in compare view

Updates next from 16.1.6 to 16.2.0

Release notes

Sourced from next's releases.

v16.2.0

[!TIP]
Check out our Next v16.2 Blog Post to learn more about this release.

Core Changes

  • Upgrade React from f93b9fd4-20251217 to 65eec428-20251218: #87323
  • Turbopack: Create junction points instead of symlinks on Windows: #87606
  • Turbopack: Symlink handling follow-up: #87637
  • Add experimental routing package for resolving adapter routes: #86404
  • Ensure outputs are correct with cache components in deployment adapters: #87018
  • Move off of deprecated url.parse: #87257
  • [strict-route-types] Add experimental.strictRouteTypes config: #87378
  • misc: fix type check log for CI envs: #87838
  • fix: revalidateTag with profile should not trigger client cache invalidation: #88069
  • chore: warn when running tests against stale build: #88001
  • Redesign default error pages with cleaner, more user-friendly UI: #87988
  • dx: avoid next-env.d.ts change in dev: #88103
  • prevent browser cache from using stale RSC responses from previous builds: #86554
  • [strict-route-types] Typecheck App Router page props: #87386
  • [strict-route-types] Enforce common React Component return types in App Router: #87389
  • [strict-route-types] Switch to satisfies when validating page and route modules: #87398
  • [strict-route-types] Don't reject number in config.api.bodyParser.sizeLimit when validating route: #87633
  • Revert "dx: avoid next-env.d.ts change in dev": #88153
  • [strict-route-types] Typecheck pages router routes in absence of App Router: #87628
  • [strict-route-types] Ensure cache profiles and routes are type-checked even if .next is excluded: #87768
  • add compilation error for taint when not enabled: #88173
  • feat(next/image)!: add images.maximumResponseBody config: #88183
  • Add maximum size limit for postponed body parsing: #88175
  • metadata: use fixed segment in dynamic routes with static metadata files: #88113
  • feat: add --experimental-cpu-prof flag for dev, build, and start: #87946
  • Add experimental option to use no-cache instead of no-store in dev: #88182
  • fix overlay frames cannot be opened sometimes: #88210
  • Handle pnpm-workspace.yaml while searching for monorepo root: #74818
  • Add more debug logs to 'use cache' wrapper: #88219
  • Omit unused arguments from 'use cache' function calls: #86920
  • Only log pending revalidates... debug log if applicable: #88221
  • fix(next/image): bump [email protected]: #88238
  • Disallow javascript urls in router methods and redirects: #88185
  • Fix relative same host redirects in node middleware: #88253
  • Remove loadConfig from main development process, pass value from child process: #88230
  • Update deploy adapters outputs and handler interfaces for node and edge: #88247
  • Move Ready in time before handler initialization: #88235
  • next/image: support custom cache handlers: #88248
  • feat: add Claude Code plugin marketplace with Cache Components skill: #87993
  • refactor: consolidate PPR into cacheComponents architecture: #88243
  • Turbopack: include fewer traced files for standalone: #88322
  • feat(turbopack): add resolve plugin condition variant of Always and Never: #88190
  • perf: use length = 0 to clear the logging array: #88244
  • Time logs: Show full millisecond instead of 1 decimal: #88313

... (truncated)

Commits
  • c5c94df v16.2.0
  • 649d302 Unflake router events deploy test (#91589)
  • bcd9c19 docs: Clarify ignoreBuildErrors behavior (#91367)
  • 3683192 v16.2.0-canary.104
  • b61823d SRI turbopack documentation (#90477)
  • 0ca967b Add group depth tracking to instant validation boundary discovery (#91208)
  • a41bef9 improve allowedDevOrigins error (#91521)
  • 75c51c6 Turbopack: Use debug = "line-tables-only" for dev builds (#91539)
  • 39e705c Turbopack: Merge release-with-assertions-no-lto profile into release-with-ass...
  • 4de2201 [turbopack] Share scratch buffer across shards using thread local (#90167)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the all-non-major group with 2 updates
dfbf9d2 
Bumps the all-non-major group with 2 updates: [@sentry/nextjs](https://github.com/getsentry/sentry-javascript) and [next](https://github.com/vercel/next.js).


Updates `@sentry/nextjs` from 10.43.0 to 10.45.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@10.43.0...10.45.0)

Updates `next` from 16.1.6 to 16.2.0
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v16.1.6...v16.2.0)

---
updated-dependencies:
- dependency-name: "@sentry/nextjs"
  dependency-version: 10.45.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-non-major
- dependency-name: next
  dependency-version: 16.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-non-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 20, 2026
@vercel
Copy link
Copy Markdown

vercel Bot commented Mar 20, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
litheplan Ready Ready Preview, Comment Mar 20, 2026 5:27am

@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github Apr 3, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Apr 3, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/all-non-major-e128ecc345 branch April 3, 2026 05:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants