@sentry/core
Advanced tools
@sentry/core - npm Package Compare versions
| Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' }); | ||
| const api = require('../api.js'); | ||
| const debugLogger = require('./debug-logger.js'); | ||
| const dsn = require('./dsn.js'); | ||
| const envelope = require('./envelope.js'); | ||
| /** | ||
| * Core Sentry tunnel handler - framework agnostic. | ||
| * | ||
| * Validates the envelope DSN against allowed DSNs, then forwards the | ||
| * envelope to the Sentry ingest endpoint. | ||
| * | ||
| * @returns A `Response` — either the upstream Sentry response on success, or an error response. | ||
| */ | ||
| async function handleTunnelRequest(options) { | ||
| const { request, allowedDsns } = options; | ||
| if (allowedDsns.length === 0) { | ||
| return new Response('Tunnel not configured', { status: 500 }); | ||
| } | ||
| const body = new Uint8Array(await request.arrayBuffer()); | ||
| let envelopeHeader; | ||
| try { | ||
| [envelopeHeader] = envelope.parseEnvelope(body); | ||
| } catch { | ||
| return new Response('Invalid envelope', { status: 400 }); | ||
| } | ||
| if (!envelopeHeader) { | ||
| return new Response('Invalid envelope: missing header', { status: 400 }); | ||
| } | ||
| const dsn$1 = envelopeHeader.dsn; | ||
| if (!dsn$1) { | ||
| return new Response('Invalid envelope: missing DSN', { status: 400 }); | ||
| } | ||
| // SECURITY: Validate that the envelope DSN matches one of the allowed DSNs | ||
| // This prevents SSRF attacks where attackers send crafted envelopes | ||
| // with malicious DSNs pointing to arbitrary hosts | ||
| const isAllowed = allowedDsns.some(allowed => allowed === dsn$1); | ||
| if (!isAllowed) { | ||
| debugLogger.debug.warn(`Sentry tunnel: rejected request with unauthorized DSN (${dsn$1})`); | ||
| return new Response('DSN not allowed', { status: 403 }); | ||
| } | ||
| const dsnComponents = dsn.makeDsn(dsn$1); | ||
| if (!dsnComponents) { | ||
| debugLogger.debug.warn(`Could not extract DSN Components from: ${dsn$1}`); | ||
| return new Response('Invalid DSN', { status: 403 }); | ||
| } | ||
| const sentryIngestUrl = api.getEnvelopeEndpointWithUrlEncodedAuth(dsnComponents); | ||
| try { | ||
| return await fetch(sentryIngestUrl, { | ||
| method: 'POST', | ||
| headers: { | ||
| 'Content-Type': 'application/x-sentry-envelope', | ||
| }, | ||
| body, | ||
| }); | ||
| } catch (error) { | ||
| debugLogger.debug.error('Sentry tunnel: failed to forward envelope', error); | ||
| return new Response('Failed to forward envelope to Sentry', { status: 500 }); | ||
| } | ||
| } | ||
| exports.handleTunnelRequest = handleTunnelRequest; | ||
| //# sourceMappingURL=tunnel.js.map |
| {"version":3,"file":"tunnel.js","sources":["../../../src/utils/tunnel.ts"],"sourcesContent":["import { getEnvelopeEndpointWithUrlEncodedAuth } from '../api';\nimport { debug } from './debug-logger';\nimport { makeDsn } from './dsn';\nimport { parseEnvelope } from './envelope';\n\nexport interface HandleTunnelRequestOptions {\n /** Incoming request containing the Sentry envelope as its body */\n request: Request;\n /** Pre-parsed array of allowed DSN strings */\n allowedDsns: Array<string>;\n}\n\n/**\n * Core Sentry tunnel handler - framework agnostic.\n *\n * Validates the envelope DSN against allowed DSNs, then forwards the\n * envelope to the Sentry ingest endpoint.\n *\n * @returns A `Response` — either the upstream Sentry response on success, or an error response.\n */\nexport async function handleTunnelRequest(options: HandleTunnelRequestOptions): Promise<Response> {\n const { request, allowedDsns } = options;\n\n if (allowedDsns.length === 0) {\n return new Response('Tunnel not configured', { status: 500 });\n }\n\n const body = new Uint8Array(await request.arrayBuffer());\n\n let envelopeHeader;\n try {\n [envelopeHeader] = parseEnvelope(body);\n } catch {\n return new Response('Invalid envelope', { status: 400 });\n }\n\n if (!envelopeHeader) {\n return new Response('Invalid envelope: missing header', { status: 400 });\n }\n\n const dsn = envelopeHeader.dsn;\n if (!dsn) {\n return new Response('Invalid envelope: missing DSN', { status: 400 });\n }\n\n // SECURITY: Validate that the envelope DSN matches one of the allowed DSNs\n // This prevents SSRF attacks where attackers send crafted envelopes\n // with malicious DSNs pointing to arbitrary hosts\n const isAllowed = allowedDsns.some(allowed => allowed === dsn);\n\n if (!isAllowed) {\n debug.warn(`Sentry tunnel: rejected request with unauthorized DSN (${dsn})`);\n return new Response('DSN not allowed', { status: 403 });\n }\n\n const dsnComponents = makeDsn(dsn);\n if (!dsnComponents) {\n debug.warn(`Could not extract DSN Components from: ${dsn}`);\n return new Response('Invalid DSN', { status: 403 });\n }\n\n const sentryIngestUrl = getEnvelopeEndpointWithUrlEncodedAuth(dsnComponents);\n\n try {\n return await fetch(sentryIngestUrl, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-sentry-envelope',\n },\n body,\n });\n } catch (error) {\n debug.error('Sentry tunnel: failed to forward envelope', error);\n return new Response('Failed to forward envelope to Sentry', { status: 500 });\n }\n}\n"],"names":["parseEnvelope","dsn","debug","makeDsn","getEnvelopeEndpointWithUrlEncodedAuth"],"mappings":";;;;;;;AAYA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAe,mBAAmB,CAAC,OAAO,EAAiD;AAClG,EAAE,MAAM,EAAE,OAAO,EAAE,WAAA,EAAY,GAAI,OAAO;;AAE1C,EAAE,IAAI,WAAW,CAAC,MAAA,KAAW,CAAC,EAAE;AAChC,IAAI,OAAO,IAAI,QAAQ,CAAC,uBAAuB,EAAE,EAAE,MAAM,EAAE,GAAA,EAAK,CAAC;AACjE,EAAE;;AAEF,EAAE,MAAM,IAAA,GAAO,IAAI,UAAU,CAAC,MAAM,OAAO,CAAC,WAAW,EAAE,CAAC;;AAE1D,EAAE,IAAI,cAAc;AACpB,EAAE,IAAI;AACN,IAAI,CAAC,cAAc,CAAA,GAAIA,sBAAa,CAAC,IAAI,CAAC;AAC1C,EAAE,EAAE,MAAM;AACV,IAAI,OAAO,IAAI,QAAQ,CAAC,kBAAkB,EAAE,EAAE,MAAM,EAAE,GAAA,EAAK,CAAC;AAC5D,EAAE;;AAEF,EAAE,IAAI,CAAC,cAAc,EAAE;AACvB,IAAI,OAAO,IAAI,QAAQ,CAAC,kCAAkC,EAAE,EAAE,MAAM,EAAE,GAAA,EAAK,CAAC;AAC5E,EAAE;;AAEF,EAAE,MAAMC,KAAA,GAAM,cAAc,CAAC,GAAG;AAChC,EAAE,IAAI,CAACA,KAAG,EAAE;AACZ,IAAI,OAAO,IAAI,QAAQ,CAAC,+BAA+B,EAAE,EAAE,MAAM,EAAE,GAAA,EAAK,CAAC;AACzE,EAAE;;AAEF;AACA;AACA;AACA,EAAE,MAAM,SAAA,GAAY,WAAW,CAAC,IAAI,CAAC,OAAA,IAAW,OAAA,KAAYA,KAAG,CAAC;;AAEhE,EAAE,IAAI,CAAC,SAAS,EAAE;AAClB,IAAIC,iBAAK,CAAC,IAAI,CAAC,CAAC,uDAAuD,EAAED,KAAG,CAAC,CAAC,CAAC,CAAC;AAChF,IAAI,OAAO,IAAI,QAAQ,CAAC,iBAAiB,EAAE,EAAE,MAAM,EAAE,GAAA,EAAK,CAAC;AAC3D,EAAE;;AAEF,EAAE,MAAM,aAAA,GAAgBE,WAAO,CAACF,KAAG,CAAC;AACpC,EAAE,IAAI,CAAC,aAAa,EAAE;AACtB,IAAIC,iBAAK,CAAC,IAAI,CAAC,CAAC,uCAAuC,EAAED,KAAG,CAAC,CAAA,CAAA;AACA,IAAA,OAAA,IAAA,QAAA,CAAA,aAAA,EAAA,EAAA,MAAA,EAAA,GAAA,EAAA,CAAA;AACA,EAAA;;AAEA,EAAA,MAAA,eAAA,GAAAG,yCAAA,CAAA,aAAA,CAAA;;AAEA,EAAA,IAAA;AACA,IAAA,OAAA,MAAA,KAAA,CAAA,eAAA,EAAA;AACA,MAAA,MAAA,EAAA,MAAA;AACA,MAAA,OAAA,EAAA;AACA,QAAA,cAAA,EAAA,+BAAA;AACA,OAAA;AACA,MAAA,IAAA;AACA,KAAA,CAAA;AACA,EAAA,CAAA,CAAA,OAAA,KAAA,EAAA;AACA,IAAAF,iBAAA,CAAA,KAAA,CAAA,2CAAA,EAAA,KAAA,CAAA;AACA,IAAA,OAAA,IAAA,QAAA,CAAA,sCAAA,EAAA,EAAA,MAAA,EAAA,GAAA,EAAA,CAAA;AACA,EAAA;AACA;;;;"} |
| import { getEnvelopeEndpointWithUrlEncodedAuth } from '../api.js'; | ||
| import { debug } from './debug-logger.js'; | ||
| import { makeDsn } from './dsn.js'; | ||
| import { parseEnvelope } from './envelope.js'; | ||
| /** | ||
| * Core Sentry tunnel handler - framework agnostic. | ||
| * | ||
| * Validates the envelope DSN against allowed DSNs, then forwards the | ||
| * envelope to the Sentry ingest endpoint. | ||
| * | ||
| * @returns A `Response` — either the upstream Sentry response on success, or an error response. | ||
| */ | ||
| async function handleTunnelRequest(options) { | ||
| const { request, allowedDsns } = options; | ||
| if (allowedDsns.length === 0) { | ||
| return new Response('Tunnel not configured', { status: 500 }); | ||
| } | ||
| const body = new Uint8Array(await request.arrayBuffer()); | ||
| let envelopeHeader; | ||
| try { | ||
| [envelopeHeader] = parseEnvelope(body); | ||
| } catch { | ||
| return new Response('Invalid envelope', { status: 400 }); | ||
| } | ||
| if (!envelopeHeader) { | ||
| return new Response('Invalid envelope: missing header', { status: 400 }); | ||
| } | ||
| const dsn = envelopeHeader.dsn; | ||
| if (!dsn) { | ||
| return new Response('Invalid envelope: missing DSN', { status: 400 }); | ||
| } | ||
| // SECURITY: Validate that the envelope DSN matches one of the allowed DSNs | ||
| // This prevents SSRF attacks where attackers send crafted envelopes | ||
| // with malicious DSNs pointing to arbitrary hosts | ||
| const isAllowed = allowedDsns.some(allowed => allowed === dsn); | ||
| if (!isAllowed) { | ||
| debug.warn(`Sentry tunnel: rejected request with unauthorized DSN (${dsn})`); | ||
| return new Response('DSN not allowed', { status: 403 }); | ||
| } | ||
| const dsnComponents = makeDsn(dsn); | ||
| if (!dsnComponents) { | ||
| debug.warn(`Could not extract DSN Components from: ${dsn}`); | ||
| return new Response('Invalid DSN', { status: 403 }); | ||
| } | ||
| const sentryIngestUrl = getEnvelopeEndpointWithUrlEncodedAuth(dsnComponents); | ||
| try { | ||
| return await fetch(sentryIngestUrl, { | ||
| method: 'POST', | ||
| headers: { | ||
| 'Content-Type': 'application/x-sentry-envelope', | ||
| }, | ||
| body, | ||
| }); | ||
| } catch (error) { | ||
| debug.error('Sentry tunnel: failed to forward envelope', error); | ||
| return new Response('Failed to forward envelope to Sentry', { status: 500 }); | ||
| } | ||
| } | ||
| export { handleTunnelRequest }; | ||
| //# sourceMappingURL=tunnel.js.map |
| {"version":3,"file":"tunnel.js","sources":["../../../src/utils/tunnel.ts"],"sourcesContent":["import { getEnvelopeEndpointWithUrlEncodedAuth } from '../api';\nimport { debug } from './debug-logger';\nimport { makeDsn } from './dsn';\nimport { parseEnvelope } from './envelope';\n\nexport interface HandleTunnelRequestOptions {\n /** Incoming request containing the Sentry envelope as its body */\n request: Request;\n /** Pre-parsed array of allowed DSN strings */\n allowedDsns: Array<string>;\n}\n\n/**\n * Core Sentry tunnel handler - framework agnostic.\n *\n * Validates the envelope DSN against allowed DSNs, then forwards the\n * envelope to the Sentry ingest endpoint.\n *\n * @returns A `Response` — either the upstream Sentry response on success, or an error response.\n */\nexport async function handleTunnelRequest(options: HandleTunnelRequestOptions): Promise<Response> {\n const { request, allowedDsns } = options;\n\n if (allowedDsns.length === 0) {\n return new Response('Tunnel not configured', { status: 500 });\n }\n\n const body = new Uint8Array(await request.arrayBuffer());\n\n let envelopeHeader;\n try {\n [envelopeHeader] = parseEnvelope(body);\n } catch {\n return new Response('Invalid envelope', { status: 400 });\n }\n\n if (!envelopeHeader) {\n return new Response('Invalid envelope: missing header', { status: 400 });\n }\n\n const dsn = envelopeHeader.dsn;\n if (!dsn) {\n return new Response('Invalid envelope: missing DSN', { status: 400 });\n }\n\n // SECURITY: Validate that the envelope DSN matches one of the allowed DSNs\n // This prevents SSRF attacks where attackers send crafted envelopes\n // with malicious DSNs pointing to arbitrary hosts\n const isAllowed = allowedDsns.some(allowed => allowed === dsn);\n\n if (!isAllowed) {\n debug.warn(`Sentry tunnel: rejected request with unauthorized DSN (${dsn})`);\n return new Response('DSN not allowed', { status: 403 });\n }\n\n const dsnComponents = makeDsn(dsn);\n if (!dsnComponents) {\n debug.warn(`Could not extract DSN Components from: ${dsn}`);\n return new Response('Invalid DSN', { status: 403 });\n }\n\n const sentryIngestUrl = getEnvelopeEndpointWithUrlEncodedAuth(dsnComponents);\n\n try {\n return await fetch(sentryIngestUrl, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/x-sentry-envelope',\n },\n body,\n });\n } catch (error) {\n debug.error('Sentry tunnel: failed to forward envelope', error);\n return new Response('Failed to forward envelope to Sentry', { status: 500 });\n }\n}\n"],"names":[],"mappings":";;;;;AAYA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,eAAe,mBAAmB,CAAC,OAAO,EAAiD;AAClG,EAAE,MAAM,EAAE,OAAO,EAAE,WAAA,EAAY,GAAI,OAAO;;AAE1C,EAAE,IAAI,WAAW,CAAC,MAAA,KAAW,CAAC,EAAE;AAChC,IAAI,OAAO,IAAI,QAAQ,CAAC,uBAAuB,EAAE,EAAE,MAAM,EAAE,GAAA,EAAK,CAAC;AACjE,EAAE;;AAEF,EAAE,MAAM,IAAA,GAAO,IAAI,UAAU,CAAC,MAAM,OAAO,CAAC,WAAW,EAAE,CAAC;;AAE1D,EAAE,IAAI,cAAc;AACpB,EAAE,IAAI;AACN,IAAI,CAAC,cAAc,CAAA,GAAI,aAAa,CAAC,IAAI,CAAC;AAC1C,EAAE,EAAE,MAAM;AACV,IAAI,OAAO,IAAI,QAAQ,CAAC,kBAAkB,EAAE,EAAE,MAAM,EAAE,GAAA,EAAK,CAAC;AAC5D,EAAE;;AAEF,EAAE,IAAI,CAAC,cAAc,EAAE;AACvB,IAAI,OAAO,IAAI,QAAQ,CAAC,kCAAkC,EAAE,EAAE,MAAM,EAAE,GAAA,EAAK,CAAC;AAC5E,EAAE;;AAEF,EAAE,MAAM,GAAA,GAAM,cAAc,CAAC,GAAG;AAChC,EAAE,IAAI,CAAC,GAAG,EAAE;AACZ,IAAI,OAAO,IAAI,QAAQ,CAAC,+BAA+B,EAAE,EAAE,MAAM,EAAE,GAAA,EAAK,CAAC;AACzE,EAAE;;AAEF;AACA;AACA;AACA,EAAE,MAAM,SAAA,GAAY,WAAW,CAAC,IAAI,CAAC,OAAA,IAAW,OAAA,KAAY,GAAG,CAAC;;AAEhE,EAAE,IAAI,CAAC,SAAS,EAAE;AAClB,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,uDAAuD,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;AAChF,IAAI,OAAO,IAAI,QAAQ,CAAC,iBAAiB,EAAE,EAAE,MAAM,EAAE,GAAA,EAAK,CAAC;AAC3D,EAAE;;AAEF,EAAE,MAAM,aAAA,GAAgB,OAAO,CAAC,GAAG,CAAC;AACpC,EAAE,IAAI,CAAC,aAAa,EAAE;AACtB,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,uCAAuC,EAAE,GAAG,CAAC,CAAA,CAAA;AACA,IAAA,OAAA,IAAA,QAAA,CAAA,aAAA,EAAA,EAAA,MAAA,EAAA,GAAA,EAAA,CAAA;AACA,EAAA;;AAEA,EAAA,MAAA,eAAA,GAAA,qCAAA,CAAA,aAAA,CAAA;;AAEA,EAAA,IAAA;AACA,IAAA,OAAA,MAAA,KAAA,CAAA,eAAA,EAAA;AACA,MAAA,MAAA,EAAA,MAAA;AACA,MAAA,OAAA,EAAA;AACA,QAAA,cAAA,EAAA,+BAAA;AACA,OAAA;AACA,MAAA,IAAA;AACA,KAAA,CAAA;AACA,EAAA,CAAA,CAAA,OAAA,KAAA,EAAA;AACA,IAAA,KAAA,CAAA,KAAA,CAAA,2CAAA,EAAA,KAAA,CAAA;AACA,IAAA,OAAA,IAAA,QAAA,CAAA,sCAAA,EAAA,EAAA,MAAA,EAAA,GAAA,EAAA,CAAA;AACA,EAAA;AACA;;;;"} |
| export interface HandleTunnelRequestOptions { | ||
| /** Incoming request containing the Sentry envelope as its body */ | ||
| request: Request; | ||
| /** Pre-parsed array of allowed DSN strings */ | ||
| allowedDsns: Array<string>; | ||
| } | ||
| /** | ||
| * Core Sentry tunnel handler - framework agnostic. | ||
| * | ||
| * Validates the envelope DSN against allowed DSNs, then forwards the | ||
| * envelope to the Sentry ingest endpoint. | ||
| * | ||
| * @returns A `Response` — either the upstream Sentry response on success, or an error response. | ||
| */ | ||
| export declare function handleTunnelRequest(options: HandleTunnelRequestOptions): Promise<Response>; | ||
| //# sourceMappingURL=tunnel.d.ts.map |
| export interface HandleTunnelRequestOptions { | ||
| /** Incoming request containing the Sentry envelope as its body */ | ||
| request: Request; | ||
| /** Pre-parsed array of allowed DSN strings */ | ||
| allowedDsns: Array<string>; | ||
| } | ||
| /** | ||
| * Core Sentry tunnel handler - framework agnostic. | ||
| * | ||
| * Validates the envelope DSN against allowed DSNs, then forwards the | ||
| * envelope to the Sentry ingest endpoint. | ||
| * | ||
| * @returns A `Response` — either the upstream Sentry response on success, or an error response. | ||
| */ | ||
| export declare function handleTunnelRequest(options: HandleTunnelRequestOptions): Promise<Response>; | ||
| //# sourceMappingURL=tunnel.d.ts.map |
| {"version":3,"file":"tunnel.d.ts","sourceRoot":"","sources":["../../../src/utils/tunnel.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,0BAA0B;IACzC,kEAAkE;IAClE,OAAO,EAAE,OAAO,CAAC;IACjB,8CAA8C;IAC9C,WAAW,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;CAC5B;AAED;;;;;;;GAOG;AACH,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,0BAA0B,GAAG,OAAO,CAAC,QAAQ,CAAC,CAuDhG"} |
@@ -402,2 +402,3 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' }); | ||
| async close(timeout) { | ||
| internal._INTERNAL_flushLogsBuffer(this); | ||
| const result = await this.flush(timeout); | ||
@@ -404,0 +405,0 @@ this.getOptions().enabled = false; |
@@ -11,2 +11,3 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' }); | ||
| const prepareEvent = require('./utils/prepareEvent.js'); | ||
| const scopeData = require('./utils/scopeData.js'); | ||
| const time = require('./utils/time.js'); | ||
@@ -266,4 +267,5 @@ const worldwide = require('./utils/worldwide.js'); | ||
| const isolationScope = currentScopes.getIsolationScope(); | ||
| const currentScope = currentScopes.getCurrentScope(); | ||
| const { user } = scopeData.getCombinedScopeData(isolationScope, currentScopes.getCurrentScope()); | ||
| // Will fetch userAgent if called from browser sdk | ||
@@ -273,3 +275,3 @@ const { userAgent } = worldwide.GLOBAL_OBJ.navigator || {}; | ||
| const session$1 = session.makeSession({ | ||
| user: currentScope.getUser() || isolationScope.getUser(), | ||
| user, | ||
| ...(userAgent && { userAgent }), | ||
@@ -276,0 +278,0 @@ ...context, |
@@ -35,3 +35,3 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' }); | ||
| if (handlerData.endTimestamp && shouldCreateSpanResult) { | ||
| if (handlerData.endTimestamp) { | ||
| const spanId = handlerData.fetchData.__span; | ||
@@ -41,10 +41,14 @@ if (!spanId) return; | ||
| const span = spans[spanId]; | ||
| if (span) { | ||
| endSpan(span, handlerData); | ||
| // Only end the span and call hooks if we're actually recording | ||
| if (shouldCreateSpanResult) { | ||
| endSpan(span, handlerData); | ||
| _callOnRequestSpanEnd(span, handlerData, spanOriginOrOptions); | ||
| } | ||
| _callOnRequestSpanEnd(span, handlerData, spanOriginOrOptions); | ||
| // eslint-disable-next-line @typescript-eslint/no-dynamic-delete | ||
| delete spans[spanId]; | ||
| } | ||
| return undefined; | ||
@@ -51,0 +55,0 @@ } |
@@ -41,2 +41,3 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' }); | ||
| const parameterize = require('./utils/parameterize.js'); | ||
| const tunnel = require('./utils/tunnel.js'); | ||
| const ipAddress = require('./utils/ipAddress.js'); | ||
@@ -258,2 +259,3 @@ const spanUtils = require('./utils/spanUtils.js'); | ||
| exports.parameterize = parameterize.parameterize; | ||
| exports.handleTunnelRequest = tunnel.handleTunnelRequest; | ||
| exports.addAutoIpAddressToSession = ipAddress.addAutoIpAddressToSession; | ||
@@ -385,2 +387,3 @@ exports.addAutoIpAddressToUser = ipAddress.addAutoIpAddressToUser; | ||
| exports.getEventDescription = misc.getEventDescription; | ||
| exports.isAlreadyCaptured = misc.isAlreadyCaptured; | ||
| exports.parseSemver = misc.parseSemver; | ||
@@ -387,0 +390,0 @@ exports.uuid4 = misc.uuid4; |
@@ -129,3 +129,3 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' }); | ||
| const inputMessages = | ||
| args.length > 0 ? ((args[0] ).messages ?? []) : []; | ||
| args.length > 0 ? ((args[0] )?.messages ?? []) : []; | ||
@@ -132,0 +132,0 @@ if (inputMessages && recordInputs) { |
@@ -211,2 +211,8 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' }); | ||
| /** | ||
| * Checks whether we've already captured the given exception (note: not an identical exception - the very object). | ||
| * It is considered already captured if it has the `__sentry_captured__` property set to `true`. | ||
| * | ||
| * @internal Only considered for internal usage | ||
| */ | ||
| function isAlreadyCaptured(exception) { | ||
@@ -223,4 +229,5 @@ try { | ||
| exports.getEventDescription = getEventDescription; | ||
| exports.isAlreadyCaptured = isAlreadyCaptured; | ||
| exports.parseSemver = parseSemver; | ||
| exports.uuid4 = uuid4; | ||
| //# sourceMappingURL=misc.js.map |
@@ -94,5 +94,6 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' }); | ||
| const maybeDecodedFilename = filename ? _safeDecodeURI(filename) : undefined; | ||
| return { | ||
| filename: filename ? decodeURI(filename) : undefined, | ||
| module: getModule ? getModule(filename) : undefined, | ||
| filename: maybeDecodedFilename ?? filename, | ||
| module: maybeDecodedFilename && getModule?.(maybeDecodedFilename), | ||
| function: functionName, | ||
@@ -129,2 +130,10 @@ lineno: _parseIntOrUndefined(lineMatch[3]), | ||
| function _safeDecodeURI(filename) { | ||
| try { | ||
| return decodeURI(filename); | ||
| } catch { | ||
| return undefined; | ||
| } | ||
| } | ||
| exports.filenameIsInApp = filenameIsInApp; | ||
@@ -131,0 +140,0 @@ exports.node = node; |
@@ -5,5 +5,5 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' }); | ||
| const SDK_VERSION = "10.39.0" ; | ||
| const SDK_VERSION = "10.40.0" ; | ||
| exports.SDK_VERSION = SDK_VERSION; | ||
| //# sourceMappingURL=version.js.map |
@@ -400,2 +400,3 @@ import { getEnvelopeEndpointWithUrlEncodedAuth } from './api.js'; | ||
| async close(timeout) { | ||
| _INTERNAL_flushLogsBuffer(this); | ||
| const result = await this.flush(timeout); | ||
@@ -402,0 +403,0 @@ this.getOptions().enabled = false; |
@@ -9,2 +9,3 @@ import { getIsolationScope, getCurrentScope, getClient, withIsolationScope } from './currentScopes.js'; | ||
| import { parseEventHintOrCaptureContext } from './utils/prepareEvent.js'; | ||
| import { getCombinedScopeData } from './utils/scopeData.js'; | ||
| import { timestampInSeconds } from './utils/time.js'; | ||
@@ -264,4 +265,5 @@ import { GLOBAL_OBJ } from './utils/worldwide.js'; | ||
| const isolationScope = getIsolationScope(); | ||
| const currentScope = getCurrentScope(); | ||
| const { user } = getCombinedScopeData(isolationScope, getCurrentScope()); | ||
| // Will fetch userAgent if called from browser sdk | ||
@@ -271,3 +273,3 @@ const { userAgent } = GLOBAL_OBJ.navigator || {}; | ||
| const session = makeSession({ | ||
| user: currentScope.getUser() || isolationScope.getUser(), | ||
| user, | ||
| ...(userAgent && { userAgent }), | ||
@@ -274,0 +276,0 @@ ...context, |
@@ -33,3 +33,3 @@ import { getClient } from './currentScopes.js'; | ||
| if (handlerData.endTimestamp && shouldCreateSpanResult) { | ||
| if (handlerData.endTimestamp) { | ||
| const spanId = handlerData.fetchData.__span; | ||
@@ -39,10 +39,14 @@ if (!spanId) return; | ||
| const span = spans[spanId]; | ||
| if (span) { | ||
| endSpan(span, handlerData); | ||
| // Only end the span and call hooks if we're actually recording | ||
| if (shouldCreateSpanResult) { | ||
| endSpan(span, handlerData); | ||
| _callOnRequestSpanEnd(span, handlerData, spanOriginOrOptions); | ||
| } | ||
| _callOnRequestSpanEnd(span, handlerData, spanOriginOrOptions); | ||
| // eslint-disable-next-line @typescript-eslint/no-dynamic-delete | ||
| delete spans[spanId]; | ||
| } | ||
| return undefined; | ||
@@ -49,0 +53,0 @@ } |
@@ -39,2 +39,3 @@ export { registerSpanErrorInstrumentation } from './tracing/errors.js'; | ||
| export { fmt, parameterize } from './utils/parameterize.js'; | ||
| export { handleTunnelRequest } from './utils/tunnel.js'; | ||
| export { addAutoIpAddressToSession, addAutoIpAddressToUser } from './utils/ipAddress.js'; | ||
@@ -108,3 +109,3 @@ export { addChildSpanToSpan, convertSpanLinksForEnvelope, getActiveSpan, getRootSpan, getSpanDescendants, getStatusMessage, spanIsSampled, spanTimeInputToSeconds, spanToJSON, spanToTraceContext, spanToTraceHeader, updateSpanName } from './utils/spanUtils.js'; | ||
| export { CONSOLE_LEVELS, consoleSandbox, debug, originalConsoleMethods } from './utils/debug-logger.js'; | ||
| export { addContextToFrame, addExceptionMechanism, addExceptionTypeValue, checkOrSetAlreadyCaught, getEventDescription, parseSemver, uuid4 } from './utils/misc.js'; | ||
| export { addContextToFrame, addExceptionMechanism, addExceptionTypeValue, checkOrSetAlreadyCaught, getEventDescription, isAlreadyCaptured, parseSemver, uuid4 } from './utils/misc.js'; | ||
| export { isNodeEnv, loadModule } from './utils/node.js'; | ||
@@ -111,0 +112,0 @@ export { normalize, normalizeToSize, normalizeUrlToBase } from './utils/normalize.js'; |
@@ -1,1 +0,1 @@ | ||
| {"type":"module","version":"10.39.0","sideEffects":false} | ||
| {"type":"module","version":"10.40.0","sideEffects":false} |
@@ -127,3 +127,3 @@ import { captureException } from '../../exports.js'; | ||
| const inputMessages = | ||
| args.length > 0 ? ((args[0] ).messages ?? []) : []; | ||
| args.length > 0 ? ((args[0] )?.messages ?? []) : []; | ||
@@ -130,0 +130,0 @@ if (inputMessages && recordInputs) { |
@@ -209,2 +209,8 @@ import { addNonEnumerableProperty } from './object.js'; | ||
| /** | ||
| * Checks whether we've already captured the given exception (note: not an identical exception - the very object). | ||
| * It is considered already captured if it has the `__sentry_captured__` property set to `true`. | ||
| * | ||
| * @internal Only considered for internal usage | ||
| */ | ||
| function isAlreadyCaptured(exception) { | ||
@@ -216,3 +222,3 @@ try { | ||
| export { addContextToFrame, addExceptionMechanism, addExceptionTypeValue, checkOrSetAlreadyCaught, getEventDescription, parseSemver, uuid4 }; | ||
| export { addContextToFrame, addExceptionMechanism, addExceptionTypeValue, checkOrSetAlreadyCaught, getEventDescription, isAlreadyCaptured, parseSemver, uuid4 }; | ||
| //# sourceMappingURL=misc.js.map |
@@ -92,5 +92,6 @@ import { normalizeStackTracePath, UNKNOWN_FUNCTION } from './stacktrace.js'; | ||
| const maybeDecodedFilename = filename ? _safeDecodeURI(filename) : undefined; | ||
| return { | ||
| filename: filename ? decodeURI(filename) : undefined, | ||
| module: getModule ? getModule(filename) : undefined, | ||
| filename: maybeDecodedFilename ?? filename, | ||
| module: maybeDecodedFilename && getModule?.(maybeDecodedFilename), | ||
| function: functionName, | ||
@@ -127,3 +128,11 @@ lineno: _parseIntOrUndefined(lineMatch[3]), | ||
| function _safeDecodeURI(filename) { | ||
| try { | ||
| return decodeURI(filename); | ||
| } catch { | ||
| return undefined; | ||
| } | ||
| } | ||
| export { filenameIsInApp, node, nodeStackLineParser }; | ||
| //# sourceMappingURL=node-stack-trace.js.map |
| // This is a magic string replaced by rollup | ||
| const SDK_VERSION = "10.39.0" ; | ||
| const SDK_VERSION = "10.40.0" ; | ||
| export { SDK_VERSION }; | ||
| //# sourceMappingURL=version.js.map |
@@ -37,2 +37,4 @@ export { ClientClass as SentryCoreCurrentScopes } from './sdk'; | ||
| export { parameterize, fmt } from './utils/parameterize'; | ||
| export { HandleTunnelRequestOptions } from './utils/tunnel'; | ||
| export { handleTunnelRequest } from './utils/tunnel'; | ||
| export { addAutoIpAddressToSession } from './utils/ipAddress'; | ||
@@ -119,3 +121,3 @@ export { addAutoIpAddressToUser } from './utils/ipAddress'; | ||
| export { SentryDebugLogger } from './utils/debug-logger'; | ||
| export { addContextToFrame, addExceptionMechanism, addExceptionTypeValue, checkOrSetAlreadyCaught, getEventDescription, parseSemver, uuid4, } from './utils/misc'; | ||
| export { addContextToFrame, addExceptionMechanism, addExceptionTypeValue, checkOrSetAlreadyCaught, isAlreadyCaptured, getEventDescription, parseSemver, uuid4, } from './utils/misc'; | ||
| export { isNodeEnv, loadModule } from './utils/node'; | ||
@@ -122,0 +124,0 @@ export { normalize, normalizeToSize, normalizeUrlToBase } from './utils/normalize'; |
@@ -79,3 +79,10 @@ import { Event } from '../types-hoist/event'; | ||
| export declare function checkOrSetAlreadyCaught(exception: unknown): boolean; | ||
| /** | ||
| * Checks whether we've already captured the given exception (note: not an identical exception - the very object). | ||
| * It is considered already captured if it has the `__sentry_captured__` property set to `true`. | ||
| * | ||
| * @internal Only considered for internal usage | ||
| */ | ||
| export declare function isAlreadyCaptured(exception: unknown): boolean | void; | ||
| export {}; | ||
| //# sourceMappingURL=misc.d.ts.map |
@@ -56,4 +56,2 @@ /** | ||
| _sentryEsmLoaderHookRegistered?: boolean; | ||
| _sentryInjectLoaderHookRegister?: () => void; | ||
| _sentryInjectLoaderHookRegistered?: boolean; | ||
| } & Carrier; | ||
@@ -60,0 +58,0 @@ /** Get's the global object for the current JavaScript runtime */ |
@@ -37,2 +37,4 @@ export type { ClientClass as SentryCoreCurrentScopes } from './sdk'; | ||
| export { parameterize, fmt } from './utils/parameterize'; | ||
| export type { HandleTunnelRequestOptions } from './utils/tunnel'; | ||
| export { handleTunnelRequest } from './utils/tunnel'; | ||
| export { addAutoIpAddressToSession } from './utils/ipAddress'; | ||
@@ -117,3 +119,3 @@ export { addAutoIpAddressToUser } from './utils/ipAddress'; | ||
| export type { SentryDebugLogger } from './utils/debug-logger'; | ||
| export { addContextToFrame, addExceptionMechanism, addExceptionTypeValue, checkOrSetAlreadyCaught, getEventDescription, parseSemver, uuid4, } from './utils/misc'; | ||
| export { addContextToFrame, addExceptionMechanism, addExceptionTypeValue, checkOrSetAlreadyCaught, isAlreadyCaptured, getEventDescription, parseSemver, uuid4, } from './utils/misc'; | ||
| export { isNodeEnv, loadModule } from './utils/node'; | ||
@@ -120,0 +122,0 @@ export { normalize, normalizeToSize, normalizeUrlToBase } from './utils/normalize'; |
@@ -79,3 +79,10 @@ import type { Event } from '../types-hoist/event'; | ||
| export declare function checkOrSetAlreadyCaught(exception: unknown): boolean; | ||
| /** | ||
| * Checks whether we've already captured the given exception (note: not an identical exception - the very object). | ||
| * It is considered already captured if it has the `__sentry_captured__` property set to `true`. | ||
| * | ||
| * @internal Only considered for internal usage | ||
| */ | ||
| export declare function isAlreadyCaptured(exception: unknown): boolean | void; | ||
| export {}; | ||
| //# sourceMappingURL=misc.d.ts.map |
@@ -56,4 +56,2 @@ /** | ||
| _sentryEsmLoaderHookRegistered?: boolean; | ||
| _sentryInjectLoaderHookRegister?: () => void; | ||
| _sentryInjectLoaderHookRegistered?: boolean; | ||
| } & Carrier; | ||
@@ -60,0 +58,0 @@ /** Get's the global object for the current JavaScript runtime */ |
+2
-3
| { | ||
| "name": "@sentry/core", | ||
| "version": "10.39.0", | ||
| "version": "10.40.0", | ||
| "description": "Base implementation for all Sentry JavaScript SDKs", | ||
@@ -48,6 +48,5 @@ "repository": "git://github.com/getsentry/sentry-javascript.git", | ||
| "build:types:downlevel": "yarn downlevel-dts build/types build/types-ts3.8 --to ts3.8", | ||
| "build:watch": "run-p build:transpile:watch build:types:watch", | ||
| "build:watch": "run-p build:transpile:watch", | ||
| "build:dev:watch": "yarn build:watch", | ||
| "build:transpile:watch": "rollup -c rollup.npm.config.mjs --watch", | ||
| "build:types:watch": "tsc -p tsconfig.types.json --watch", | ||
| "build:tarball": "npm pack", | ||
@@ -54,0 +53,0 @@ "circularDepCheck": "madge --circular src/index.ts", |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 7 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 7 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
5894770
0.33%- Number of package files
1474
0.48%- Lines of code
69092
0.3%Worsened metrics
- Number of medium supply chain risk alerts
129
1.57%