Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Update Sentry SDK to v8 #16131

Open
mydea opened this issue Jul 29, 2024 · 2 comments
Open

Update Sentry SDK to v8 #16131

mydea opened this issue Jul 29, 2024 · 2 comments
Assignees
@brendankenny
Labels
P3

Comments

@mydea
Copy link

mydea commented Jul 29, 2024

Lighthouse has a dependency on @sentry/node v6.x. The current version is v8.

This can lead to cases where users that use Sentry themselves (in a more current version) can get peer dependency conflicts from the lighthouse package. This is not necessarily a fault of lighthouse, but a package resolution issue often, but it does happen.

By updating the Sentry SDK to v8, we should be able to "fix" this problem - in v8, the Sentry client is kept versioned on the global carrier, which should lead to the SDK not bleeding into other places.
@mydea mydea mentioned this issue Jul 29, 2024
Closed
3 tasks
@G-Rath
Copy link
Contributor

G-Rath commented Oct 8, 2024

Note that v6 @sentry/node is now pulling in a vulnerable version of cookie: GHSA-pxg6-pf52-xh8x

Updating to at least v7 would allow this to be resolved

@G-Rath G-Rath mentioned this issue Oct 8, 2024
Merged
@luixo
Copy link

luixo commented Nov 20, 2024

Do I get it right that Sentry is an optional error reporter?

I guess it should be put into optionalDependencies then or excluded completely (while nudging users to install it)?

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@brendankenny brendankenny

Labels
P3
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@brendankenny @luixo @mydea @G-Rath @adamraine @devtools-bot