
Security News
npm ‘is’ Package Hijacked in Expanding Supply Chain Attack
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.
@sentry-internal/replay-canvas
Advanced tools
Replay with canvas requires Node 14+, and browsers newer than IE11.
Replay and ReplayCanvas can be imported from @sentry/browser
, or a respective SDK package like @sentry/react
or
@sentry/vue
. You don't need to install anything in order to use Session Replay. The minimum version that includes
Replay is 7.27.0.
For details on using Replay when using Sentry via the CDN bundles, see CDN bundle.
To set up the canvas integration, add the following to your Sentry integrations:
Sentry.replayCanvasIntegration(),
import * as Sentry from '@sentry/browser';
// or e.g. import * as Sentry from '@sentry/react';
Sentry.init({
dsn: '__DSN__',
// This sets the sample rate to be 10%. You may want this to be 100% while
// in development and sample at a lower rate in production
replaysSessionSampleRate: 0.1,
// If the entire session is not sampled, use the below sample rate to sample
// sessions when an error occurs.
replaysOnErrorSampleRate: 1.0,
integrations: [Sentry.replayIntegration(), Sentry.replayCanvasIntegration()],
// ...
});
9.40.0
This release adds two Browser SDK APIs to let the main thread know about debugIds of worker files:
webWorkerIntegration({worker})
to be used in the main threadregisterWebWorker({self})
to be used in the web worker// main.js
Sentry.init({...})
const worker = new MyWorker(...);
Sentry.addIntegration(Sentry.webWorkerIntegration({ worker }));
worker.addEventListener('message', e => {...});
// worker.js
Sentry.registerWebWorker({ self });
self.postMessage(...);
The internal SDK logger
export from @sentry/core
has been deprecated in favor of the debug
export. debug
only exposes log
, warn
, and error
methods but is otherwise identical to logger
. Note that this deprecation does not affect the logger
export from other packages (like @sentry/browser
or @sentry/node
) which is used for Sentry Logging.
import { logger, debug } from '@sentry/core';
// before
logger.info('This is an info message');
// after
debug.log('This is an info message');
This release adds official support for instrumenting OpenAI SDK calls in with Sentry tracing, following OpenTelemetry semantic conventions for Generative AI. It instruments:
client.chat.completions.create()
- For chat-based completionsclient.responses.create()
- For the responses API// The integration respects your `sendDefaultPii` option, but you can override the behavior in the integration options
Sentry.init({
dsn: '__DSN__',
integrations: [
Sentry.openAIIntegration({
recordInputs: true, // Force recording prompts
recordOutputs: true, // Force recording responses
}),
],
});
@opentelemetry/instrumentation
range to cover 0.203.0
(#17043)Work in this release was contributed by @0xbad0c0d3 and @tommy-gilligan. Thank you for your contributions!
FAQs
Replay canvas integration
The npm package @sentry-internal/replay-canvas receives a total of 5,496,774 weekly downloads. As such, @sentry-internal/replay-canvas popularity was classified as popular.
We found that @sentry-internal/replay-canvas demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.
Security News
A critical flaw in the popular npm form-data package could allow HTTP parameter pollution, affecting millions of projects until patched versions are adopted.
Security News
Bun 1.2.19 introduces isolated installs for smoother monorepo workflows, along with performance boosts, new tooling, and key compatibility fixes.