Security News
npm Updates Search Experience with New Objective Sorting Options
npm has a revamped search experience with new, more transparent sorting options—Relevance, Downloads, Dependents, and Publish Date.
@sentry/opentelemetry
Advanced tools
This package allows you to send your OpenTelemetry trace data to Sentry via OpenTelemetry SpanProcessors.
If you are using @sentry/node
, OpenTelemetry support is included out of the box. This package is only necessary if you
are setting up OpenTelemetry support for Sentry yourself.
npm install @sentry/opentelemetry
# Or yarn
yarn add @sentry/opentelemetry
Note that @sentry/opentelemetry
depends on the following peer dependencies:
@opentelemetry/api
version 1.0.0
or greater@opentelemetry/core
version 1.0.0
or greater@opentelemetry/semantic-conventions
version 1.0.0
or greater@opentelemetry/sdk-trace-base
version 1.0.0
or greater, or a package that implements that, like
@opentelemetry/sdk-node
.This package exposes a few building blocks you can add to your OpenTelemetry setup in order to capture OpenTelemetry traces to Sentry.
This is how you can use this in your app:
@sentry/node
!setupEventContextTrace(client)
SentrySampler
as samplerSentrySpanProcessor
as span processorwrapContextManagerClass
SentryPropagator
as propagatorsetOpenTelemetryContextAsyncContextStrategy()
For example, you could set this up as follows:
import * as Sentry from '@sentry/node';
import {
SentryPropagator,
SentrySampler,
SentrySpanProcessor,
setupEventContextTrace,
wrapContextManagerClass,
setOpenTelemetryContextAsyncContextStrategy,
} from '@sentry/opentelemetry';
import { AsyncLocalStorageContextManager } from '@opentelemetry/context-async-hooks';
function setupSentry() {
Sentry.init({
dsn: 'xxx',
});
const client = Sentry.getClient();
setupEventContextTrace(client);
const provider = new BasicTracerProvider({
sampler: new SentrySampler(client),
});
provider.addSpanProcessor(new SentrySpanProcessor());
const SentryContextManager = wrapContextManagerClass(AsyncLocalStorageContextManager);
// Initialize the provider
provider.register({
propagator: new SentryPropagator(),
contextManager: new SentryContextManager(),
});
setOpenTelemetryContextAsyncContextStrategy();
}
A full setup example can be found in node-experimental.
8.41.0
meta(nuxt): Require minimum Nuxt v3.7.0 (#14473)
We formalized that the Nuxt SDK is at minimum compatible with Nuxt version 3.7.0 and above.
Additionally, the SDK requires the implicit nitropack
dependency to satisfy version ^2.6.1
and ofetch
to satisfy ^1.3.3
.
It is recommended to check your lock-files and manually upgrade these dependencies if they don't match the version ranges.
We are deprecating a few APIs which will be removed in the next major.
The following deprecations will potentially affect you:
feat(core): Update & deprecate undefined
option handling (#14450)
In the next major version we will change how passing undefined
to tracesSampleRate
/ tracesSampler
/ enableTracing
will behave.
Currently, doing the following:
Sentry.init({
tracesSampleRate: undefined,
});
Will result in tracing being enabled (although no spans will be generated) because the tracesSampleRate
key is present in the options object.
In the next major version, this behavior will be changed so that passing undefined
(or rather having a tracesSampleRate
key) will result in tracing being disabled, the same as not passing the option at all.
If you are currently relying on undefined
being passed, and and thus have tracing enabled, it is recommended to update your config to set e.g. tracesSampleRate: 0
instead, which will also enable tracing in v9.
The same applies to tracesSampler
and enableTracing
.
feat(core): Log warnings when returning null
in beforeSendSpan
(#14433)
Currently, the beforeSendSpan
option in Sentry.init()
allows you to drop individual spans from a trace by returning null
from the hook.
Since this API lends itself to creating "gaps" inside traces, we decided to change how this API will work in the next major version.
With the next major version the beforeSendSpan
API can only be used to mutate spans, but no longer to drop them.
With this release the SDK will warn you if you are using this API to drop spans.
Instead, it is recommended to configure instrumentation (i.e. integrations) directly to control what spans are created.
Additionally, with the next major version, root spans will also be passed to beforeSendSpan
.
feat(utils): Deprecate @sentry/utils
(#14431)
With the next major version the @sentry/utils
package will be merged into the @sentry/core
package.
It is therefore no longer recommended to use the @sentry/utils
package.
feat(vue): Deprecate configuring Vue tracing options anywhere else other than through the vueIntegration
's tracingOptions
option (#14385)
Currently it is possible to configure tracing options in various places in the Sentry Vue SDK:
Sentry.init()
tracingOptions
in Sentry.init()
vueIntegration()
optionstracingOptions
in the vueIntegration()
optionsBecause this is a bit messy and confusing to document, the only recommended way to configure tracing options going forward is through the tracingOptions
in the vueIntegration()
.
The other means of configuration will be removed in the next major version of the SDK.
feat: Deprecate registerEsmLoaderHooks.include
and registerEsmLoaderHooks.exclude
(#14486)
Currently it is possible to define registerEsmLoaderHooks.include
and registerEsmLoaderHooks.exclude
options in Sentry.init()
to only apply ESM loader hooks to a subset of modules.
This API served as an escape hatch in case certain modules are incompatible with ESM loader hooks.
Since this API was introduced, a way was found to only wrap modules that there exists instrumentation for (meaning a vetted list).
To only wrap modules that have instrumentation, it is recommended to instead set registerEsmLoaderHooks.onlyIncludeInstrumentedModules
to true
.
Note that onlyIncludeInstrumentedModules: true
will become the default behavior in the next major version and the registerEsmLoaderHooks
will no longer accept fine-grained options.
The following deprecations will most likely not affect you unless you are building an SDK yourself:
arrayify
(#14405)flatten
(#14454)urlEncode
(#14406)validSeverityLevels
(#14407)getNumberOfUrlSegments
(#14458)memoBuilder
, BAGGAGE_HEADER_NAME
, and makeFifoCache
(#14434)addRequestDataToEvent
and extractRequestData
(#14430)sentry-trace
, baggage
and DSC handling (#14364)openTelemetryInstrumentations
option (#14484)NEXT_REDIRECT
from browser (#14440)Work in this release was contributed by @NEKOYASAN and @fmorett. Thank you for your contributions!
FAQs
Official Sentry utilities for OpenTelemetry
The npm package @sentry/opentelemetry receives a total of 1,318,833 weekly downloads. As such, @sentry/opentelemetry popularity was classified as popular.
We found that @sentry/opentelemetry demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 11 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
npm has a revamped search experience with new, more transparent sorting options—Relevance, Downloads, Dependents, and Publish Date.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.