chore(deps): update dependency @sentry/nuxt to v8.49.0 [security]#695
Open
renovate[bot] wants to merge 1 commit into
Open
chore(deps): update dependency @sentry/nuxt to v8.49.0 [security]#695renovate[bot] wants to merge 1 commit into
renovate[bot] wants to merge 1 commit into
Conversation
|
✅ Deploy Preview for enspire-staging ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
January 30, 2025 18:52
441d917 to
c9b6450
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
February 9, 2025 14:47
c9b6450 to
7aee5c0
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
March 3, 2025 16:17
7aee5c0 to
6f90f17
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
3 times, most recently
from
March 17, 2025 18:28
3eac1e7 to
93895c9
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
April 1, 2025 10:26
93895c9 to
428884e
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
April 8, 2025 11:39
428884e to
37412bd
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
April 24, 2025 09:07
37412bd to
e0d86b8
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
May 19, 2025 19:57
e0d86b8 to
0c97b59
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
May 28, 2025 09:22
0c97b59 to
48ef8ea
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
June 4, 2025 10:48
48ef8ea to
ce9a272
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
June 22, 2025 12:53
ce9a272 to
8dafcd1
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
July 2, 2025 21:33
8dafcd1 to
62d55e0
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
2 times, most recently
from
August 13, 2025 13:43
efd6686 to
f51a4d4
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
August 19, 2025 18:45
f51a4d4 to
f5800b2
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
August 31, 2025 11:12
f5800b2 to
d340bd0
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
September 25, 2025 13:58
d340bd0 to
9f2e4f6
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
October 21, 2025 23:41
9f2e4f6 to
0ca03a2
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
November 11, 2025 00:41
0ca03a2 to
92d9a24
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
November 18, 2025 16:03
92d9a24 to
0ce445a
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
December 3, 2025 14:41
0ce445a to
e4d98b0
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
December 31, 2025 17:05
e4d98b0 to
236e3d0
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
January 8, 2026 17:32
236e3d0 to
2b508d5
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
2 times, most recently
from
January 24, 2026 07:04
ccc5adf to
eadc12d
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
February 2, 2026 21:38
eadc12d to
7ad35e3
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
2 times, most recently
from
February 17, 2026 20:50
896d6ad to
6e57d9c
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
March 5, 2026 19:56
6e57d9c to
48da394
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
March 13, 2026 14:41
48da394 to
514045e
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
2 times, most recently
from
April 1, 2026 20:53
81564ac to
9bb5efb
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
April 8, 2026 17:15
9bb5efb to
bb5d154
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
3 times, most recently
from
April 29, 2026 10:58
cf699e6 to
ef1b4a0
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
2 times, most recently
from
May 18, 2026 20:01
dc52cd1 to
a9ea856
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
2 times, most recently
from
June 1, 2026 22:49
a2dbeb5 to
03cacd4
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
June 13, 2026 15:42
03cacd4 to
456ea4a
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
July 12, 2026 17:54
456ea4a to
3c28c1d
Compare
renovate
Bot
force-pushed
the
renovate/npm-sentry-nuxt-vulnerability
branch
from
July 16, 2026 14:12
3c28c1d to
282d500
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
8.47.0→8.49.0Potential DoS when using ContextLines integration
GHSA-r5w7-f542-q2j4
More information
Details
Impact
The ContextLines integration uses readable streams to more efficiently use memory when reading files. The ContextLines integration is used to attach source context to outgoing events.
The stream was not explicitly closed after use. This could lead to excessive amounts of file handles open on the system and potentially lead to a Denial of Service (DoS).
The ContextLines integration is enabled by default in the Node SDK (
@sentry/node) and SDKs that run in Node.js environments (@sentry/astro,@sentry/aws-serverless,@sentry/bun,@sentry/google-cloud-serverless,@sentry/nestjs,@sentry/nextjs,@sentry/nuxt,@sentry/remix,@sentry/solidstart,@sentry/sveltekit).Patches
Users should upgrade to version
8.49.0or higher.Workarounds
To remediate this issue in affected versions without upgrading to version
8.49.0and above you can disable the ContextLines integration. See the docs for more details.If you disable the ContextLines integration, you will lose source context on your error events.
References
Severity
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:LReferences
This data is provided by the GitHub Advisory Database (CC-BY 4.0).
Release Notes
getsentry/sentry-javascript (@sentry/nuxt)
v8.49.0Compare Source
handledprop to ErrorBoundary (#14978)require,__filenameand__dirnameon global object (#14952)Work in this release was contributed by @HHK1 and @mstrokin. Thank you for your contribution!
Bundle size 📦
v8.48.0Compare Source
Deprecations
feat(v8/core): Deprecate
getDomElementmethod (#14799)Deprecates
getDomElement. There is no replacement.Other changes
continueTraceimplementation in core (#14819)NODE_OPTIONSis not passed to worker threads (#14825)tagNamewhen name is not provided toTraceDirective(#14828)openTelemetrySpanProcessorsoption (#14853)Setas theallRoutescontainer. (#14878) (#14884)normalizedRequesttosamplingContext(#14903)syncFeedbackIntegration(#14918)Work in this release was contributed by @arturovt. Thank you for your contribution!
Bundle size 📦
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.