chore(deps): update JavaScript Sibling SDKs to v9.23.0

[github-actions]

Bumps scripts/update-javascript-siblings.sh from 9.11.0 to 9.23.0.

Auto-generated by a dependency updater.

Changelog

9.23.0

Important changes

• feat(browser): option to ignore certain resource types (#16389)

Adds an option to opt out of certain resource.* spans via ignoreResourceSpans.

For example, to opt out of resource.script spans:

Sentry.browserTracingIntegration({
  ignoreResourceSpans: ['resource.script'],
}),

Other changes

• feat: Export isEnabled from all SDKs (#16405)
• feat(browser): Disable client when browser extension is detected in init() (#16354)
• feat(core): Allow re-use of captureLog (#16352)
• feat(core): Export _INTERNAL_captureSerializedLog (#16387)
• feat(deps): bump opentelemetry/semantic-conventions from 1.32.0 to 1.34.0 (#16393)
• feat(deps): bump prisma/instrumentation from 6.7.0 to 6.8.2 (#16392)
• feat(deps): bump sentry/cli from 2.43.0 to 2.45.0 (#16395)
• feat(deps): bump sentry/webpack-plugin from 3.3.1 to 3.5.0 (#16394)
• feat(nextjs): Include static/chunks/main-* files for widenClientFileUpload (#16406)
• feat(node): Do not add HTTP & fetch span instrumentation if tracing is disabled (#15730)
• feat(nuxt): Added support for nuxt layers (#16372)
• fix(browser): Ensure logs are flushed when sendClientReports=false (#16351)
• fix(browser): Move browserTracingIntegration code to setup hook (#16386)
• fix(cloudflare): Capture exceptions thrown in hono (#16355)
• fix(node): Don't warn about Spotlight on empty NODE_ENV (#16381)
• fix(node): Suppress Spotlight calls (#16380)
• fix(nuxt): Add sentry/nuxt as external in Rollup (#16407)
• fix(opentelemetry): Ensure withScope keeps span active & _getTraceInfoFromScope works (#16385)

Work in this release was contributed by Xenossolitarius. Thank you for your contribution!

9.22.0

Important changes

• Revert "feat(browser): Track measure detail as span attributes" (#16348)

This is a revert of a feature introduced in 9.20.0 with #16240. This feature was causing crashes in firefox, so we are reverting it. We will re-enable this functionality in the future after fixing the crash.

Other changes

• feat(deps): bump sentry/rollup-plugin from 3.1.2 to 3.2.1 (#15511)
• fix(remix): Use generic types for ServerBuild argument and return (#16336)

9.21.0

• docs: Fix v7 migration link (#14629)
• feat(node): Vendor in fastify/otel (#16328)
• fix(nestjs): Handle multiple OnEvent decorators (#16306)
• fix(node): Avoid creating breadcrumbs for suppressed requests (#16285)
• fix(remix): Add missing client exports to server and cloudflare entries (#16341)

Work in this release was contributed by phthhieu. Thank you for your contribution!

9.20.0

Important changes

• feat(browser): Track measure detail as span attributes (#16240)

The SDK now automatically collects details passed to performance.measure options.

Other changes

• feat(node): Add maxIncomingRequestBodySize (#16225)
• feat(react-router): Add server action instrumentation (#16292)
• feat(react-router): Filter manifest requests (#16294)
• feat(replay): Extend default list for masking with aria-label (#16192)
• fix(browser): Ensure pageload & navigation spans have correct data (#16279)
• fix(cloudflare): Account for static fields in wrapper type (#16303)
• fix(nextjs): Preserve next.route attribute on root spans (#16297)
• feat(node): Fork isolation scope in tRPC middleware (#16296)
• feat(core): Add orgId option to init and DSC (sentry-org_id in baggage) (#16305)

9.19.0

• feat(react-router): Add otel instrumentation for server requests (#16147)
• feat(remix): Vendor in opentelemetry-instrumentation-remix (#16145)
• fix(browser): Ensure spans auto-ended for navigations have cancelled reason (#16277)
• fix(node): Pin fastify/otel fork to direct url to allow installing without git (#16287)
• fix(react): Handle nested parameterized routes in reactrouterv3 transaction normalization (#16274)

Work in this release was contributed by sidx1024. Thank you for your contribution!

9.18.0

Important changes

• feat: Support Node 24 (#16236)

We now also publish profiling binaries for Node 24.

Other changes

• deps(node): Bump import-in-the-middle to 1.13.1 (#16260)
• feat: Export consoleLoggingIntegration from vercel edge sdk (#16228)
• feat(cloudflare): Add support for email, queue, and tail handler (#16233)
• feat(cloudflare): Improve http span data (#16232)
• feat(nextjs): Add more attributes for generation functions (#16214)
• feat(opentelemetry): Widen peer dependencies to support Otel v2 (#16246)
• fix(core): Gracefully handle invalid baggage entries (#16257)
• fix(node): Ensure traces are propagated without spans in Node 22+ (#16221)
• fix(node): Use sentry forked fastify/otel dependency with pinned Otel v1 deps (#16256)
• fix(remix): Remove vendored types (#16218)

9.17.0

• feat(node): Migrate to fastify/otel (#15542)

9.16.1

• fix(core): Make sure logs get flushed in server-runtime-client (#16222)
• ref(node): Remove vercel flushing code that does nothing (#16217)

9.16.0

Important changes

• feat: Create a Vite plugin that injects sentryConfig into the global config (#16197)

Add a new plugin makeConfigInjectorPlugin within our existing vite plugin that updates the global vite config with sentry options

• feat(browser): Add option to sample linked traces consistently (#16037)

This PR implements consistent sampling across traces as outlined in (#15754)

• feat(cloudflare): Add support for durable objects (#16180)

This PR introduces a new instrumentDurableObjectWithSentry method to the SDK, which instruments durable objects. We capture both traces and errors automatically.

• feat(node): Add Prisma integration by default (#16073)

Prisma integration is enabled by default, it should work for both ESM and CJS.

• feat(react-router): Add client-side router instrumentation (#16185)

Adds client-side instrumentation for react router's HydratedRouter. To enable it, simply replace browserTracingIntegration() with reactRouterTracingIntegration() in your client-side init call.

• fix(node): Avoid double-wrapping http module (#16177)

When running your application in ESM mode, there have been scenarios that resulted in the http/https emitting duplicate spans for incoming requests. This was apparently caused by us double-wrapping the modules for incoming request isolation.

In order to solve this problem, the modules are no longer monkey patched by us for request isolation. Instead, we register diagnosticschannel hooks to handle request isolation now.
While this is generally not expected to break anything, there is one tiny change that _may affect you if you have been relying on very specific functionality:

The ignoreOutgoingRequests option of httpIntegration receives the RequestOptions as second argument. This type is not changed, however due to how the wrapping now works, we no longer pass through the full RequestOptions, but re-construct this partially based on the generated request. For the vast majority of cases, this should be fine, but for the sake of completeness, these are the only fields that may be available there going forward - other fields that may have existed before may no longer be set:

ignoreOutgoingRequests(url: string, {
  method: string;
  protocol: string;
  host: string;
  hostname: string; // same as host
  path: string;
  headers: OutgoingHttpHeaders;
})

Other changes

• feat(cloudflare): Add logs exports (#16165)
• feat(vercel-edge): Add logs export (#16166)
• feat(cloudflare): Read SENTRY_RELEASE from env (#16201)
• feat(node): Drop http.server spans with 404 status by default (#16205)
• fix(browser): Respect manually set sentry tracing headers in XHR requests (#16184)
• fix(core): Respect manually set sentry tracing headers in fetch calls (#16183)
• fix(feedback): Prevent removeFromDom() from throwing (#16030)
• fix(node): Use class constructor in docstring for winston transport (#16167)
• fix(node): Fix vercel flushing logic & add test for it (#16208)
• fix(node): Fix 404 route handling in express 5 (#16211)
• fix(logs): Ensure logs can be flushed correctly (#16216)
• ref(core): Switch to standardized log envelope (#16133)

9.15.0

Important Changes

• feat: Export wrapMcpServerWithSentry from server packages (#16127)

Exports the wrapMcpServerWithSentry which is our MCP server instrumentation from all the server packages.

• feat(core): Associate resource/tool/prompt invocations with request span instead of response span (#16126)

Adds a best effort mechanism to associate handler spans for resource, tool and prompt with the incoming message requests instead of the outgoing SSE response.

Other Changes

• fix: Vercel ai ESM patching (#16152)
• fix(node): Update version range for module.register (#16125)
• fix(react-router): Spread unstable_sentryVitePluginOptions correctly (#16156)
• fix(react): Fix Redux integration failing with reducer injection (#16106)
• fix(remix): Add ESM-compatible exports (#16124)
• fix(remix): Avoid rewrapping root loader. (#16136)

Work in this release was contributed by AntoineDuComptoirDesPharmacies. Thank you for your contribution!

9.14.0

Important Changes

• feat: Add Supabase Integration (#15719)

This PR adds Supabase integration to sentry/core, allowing automatic instrumentation of Supabase client operations (database queries and authentication) for performance monitoring and error tracking.

• feat(nestjs): Gracefully handle RPC scenarios in SentryGlobalFilter (#16066)

This PR adds better RPC exception handling to sentry/nestjs, preventing application crashes while still capturing errors and warning users when a dedicated filter is needed. The implementation gracefully handles the 'rpc' context type in SentryGlobalFilter to improve reliability in hybrid applications.

• feat(react-router): Trace propagation (#16070)

This PR adds trace propagation to sentry/react-router by providing utilities to inject trace meta tags into HTML headers and offering a pre-built Sentry-instrumented request handler, improving distributed tracing capabilities across page loads.

Other Changes

• feat(deps): Bump prisma/instrumentation from 6.5.0 to 6.6.0 (#16102)
• feat(nextjs): Improve server component data (#15996)
• feat(nuxt): Log when adding HTML trace meta tags (#16044)
• fix(node): Make body capturing more robust (#16105)
• ref(node): Log when incoming request bodies are being captured (#16104)

9.13.0

Important Changes

• feat(node): Add support for winston logger (#15983)

  Sentry is adding support for structured logging. In this release we've added support for sending logs to Sentry via the winston logger to the Sentry Node SDK (and SDKs that use the Node SDK under the hood like sentry/nestjs). The Logging APIs in the Sentry SDK are still experimental and subject to change.

  const winston = require('winston');
  const Transport = require('winston-transport');
  
  const transport = Sentry.createSentryWinstonTransport(Transport);
  
  const logger = winston.createLogger({
    transports: [transport],
  });

• feat(core): Add wrapMcpServerWithSentry to instrument MCP servers from modelcontextprotocol/sdk (#16032)

  The Sentry SDK now supports instrumenting MCP servers from the modelcontextprotocol/sdk package. Compatible with versions ^1.9.0 of the modelcontextprotocol/sdk package.

  import { McpServer } from 'modelcontextprotocol/sdk/server/mcp.js';
  
  // Create an MCP server
  const server = new McpServer({
    name: 'Demo',
    version: '1.0.0',
  });
  
  // Use the instrumented server in your application
  const instrumentedServer = Sentry.wrapMcpServerWithSentry(server);

• feat(core): Move console integration into core and add to cloudflare/vercel-edge (#16024)

  Console instrumentation has been added to sentry/cloudflare and sentry/nextjs Edge Runtime and is enabled by default. Now calls to the console object will be captured as breadcrumbs for those SDKs.

• feat(bun): Support new Bun.serve APIs (#16035)

  Bun 1.2.6 and above have a new Bun.serve API, which the Bun SDK now supports. The SDK instruments the new routes object that can be used to define routes for the server.

  Thanks to Jarred-Sumner for helping us get this supported!

Other Changes

• feat(browser): Warn on duplicate browserTracingIntegration (#16042)
• feat(core): Allow delayed sending with offline transport (#15937)
• feat(deps): Bump sentry/webpack-plugin from 3.2.4 to 3.3.1 (#16057)
• feat(vue): Apply stateTransformer to attachments in Pinia Plugin (#16034)
• fix(core): Run beforeSendLog after we process log (#16019)
• fix(nextjs): Don't show turbopack warning for newer Next.js canaries (#16065)
• fix(nextjs): Include patch version 0 for min supported 15.3.0 (#16026)
• fix(node): Ensure late init works with all integrations (#16016)
• fix(react-router): Pass unstable_sentryVitePluginOptions to cli instance (#16033)
• fix(serverless-aws): Overwrite root span name with GraphQL if set (#16010)

9.12.0

Important Changes

• feat(feedback): Implement highlighting and hiding controls for screenshots (#15951)

  The Sentry SDK now supports highlighting and hiding controls for screenshots in user feedback reports. This functionality is enabled by default.

• feat(node): Add ignoreIncomingRequestBody callback to httpIntegration (#15959)

  The httpIntegration now supports an optional ignoreIncomingRequestBody callback that can be used to skip capturing the body of incoming requests.

  Sentry.init({
    integrations: [
      Sentry.httpIntegration({
        ignoreIncomingRequestBody: (url, request) => {
          return request.method === 'GET' && url.includes('/api/large-payload');
        },
      }),
    ],
  });

  The ignoreIncomingRequestBody callback receives the URL of the request and should return true if the body should be ignored.

• Logging Improvements

  Sentry is adding support for structured logging. In this release we've made a variety of improvements to logging functionality in the Sentry SDKs.

  • feat(node): Add server.address to nodejs logs (#16006)
  • feat(core): Add sdk name and version to logs (#16005)
  • feat(core): Add sentry origin attribute to console logs integration (#15998)
  • fix(core): Do not abbreviate message parameter attribute (#15987)
  • fix(core): Prefix release and environment correctly (#15999)
  • fix(node): Make log flushing logic more robust (#15991)

Other Changes

• build(aws-serverless): Include debug logs in lambda layer SDK bundle (#15974)
• feat(astro): Add tracking of errors during HTML streaming (#15995)
• feat(browser): Add onRequestSpanStart hook to browser tracing integration (#15979)
• feat(deps): Bump sentry/cli from 2.42.3 to 2.43.0 (#16001)
• feat(nextjs): Add captureRouterTransitionStart hook for capturing navigations (#15981)
• feat(nextjs): Mark clientside prefetch request spans with http.request.prefetch: true attribute (#15980)
• feat(nextjs): Un experimentify clientInstrumentationHook (#15992)
• feat(nextjs): Warn when client was initialized more than once (#15971)
• feat(node): Add support for SENTRY_DEBUG env variable (#15972)
• fix(tss-react): Change authToken type to string (#15985)

Work in this release was contributed by Page- and Fryuni. Thank you for your contributions!

[lucas-zimerman]

LGTM when CI pass