Skip to content

fix(browser): Ignore unrealistically long INP values #16484

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Jun 5, 2025
Merged

fix(browser): Ignore unrealistically long INP values #16484

merged 9 commits into from
Jun 5, 2025

Conversation

Lms24
Copy link
Member

@Lms24 Lms24 commented Jun 4, 2025
edited
Loading

We shouldn't send values INP spans if the reported value is unrealistically long. I decided to draw the line at 60 seconds for now but if anyone has concerns or wants a different upper bound, happy to change it.

Adding this check after receiving reports of hour-long INP spans.

Added some unit tests to test this.

@Lms24 Lms24 self-assigned this Jun 4, 2025
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jun 4, 2025
edited
Loading

size-limit report 📦

Path Size % Change Change
@sentry/browser 23.99 kB - -
@sentry/browser - with treeshaking flags 23.76 kB - -
@sentry/browser (incl. Tracing) 38.36 kB +0.05% +18 B 🔺
@sentry/browser (incl. Tracing, Replay) 76.47 kB -0.01% -7 B 🔽
@sentry/browser (incl. Tracing, Replay) - with treeshaking flags 69.57 kB -0.04% -22 B 🔽
@sentry/browser (incl. Tracing, Replay with Canvas) 81.23 kB -0.01% -1 B 🔽
@sentry/browser (incl. Tracing, Replay, Feedback) 93.31 kB -0.01% -3 B 🔽
@sentry/browser (incl. Feedback) 40.73 kB - -
@sentry/browser (incl. sendFeedback) 28.7 kB - -
@sentry/browser (incl. FeedbackAsync) 33.59 kB - -
@sentry/react 25.76 kB - -
@sentry/react (incl. Tracing) 40.35 kB +0.05% +18 B 🔺
@sentry/vue 28.34 kB - -
@sentry/vue (incl. Tracing) 40.2 kB +0.05% +20 B 🔺
@sentry/svelte 24.01 kB - -
CDN Bundle 25.48 kB - -
CDN Bundle (incl. Tracing) 38.53 kB +0.04% +15 B 🔺
CDN Bundle (incl. Tracing, Replay) 74.4 kB +0.04% +23 B 🔺
CDN Bundle (incl. Tracing, Replay, Feedback) 79.86 kB +0.09% +68 B 🔺
CDN Bundle - uncompressed 74.41 kB - -
CDN Bundle (incl. Tracing) - uncompressed 114.1 kB +0.03% +25 B 🔺
CDN Bundle (incl. Tracing, Replay) - uncompressed 228.07 kB +0.02% +25 B 🔺
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed 240.89 kB +0.02% +25 B 🔺
@sentry/nextjs (client) 42.01 kB +0.03% +12 B 🔺
@sentry/sveltekit (client) 38.84 kB +0.02% +6 B 🔺
@sentry/node 150.28 kB - -
@sentry/node - without tracing 98.33 kB - -
@sentry/aws-serverless 124.09 kB -0.01% -1 B 🔽

View base workflow run

@Lms24 Lms24 marked this pull request as ready for review June 5, 2025 10:10
@Lms24 Lms24 requested a review from s1gr1d June 5, 2025 10:13
s1gr1d
s1gr1d approved these changes Jun 5, 2025
View reviewed changes
packages/browser-utils/src/metrics/inp.ts
@@ -22,6 +23,11 @@ import { getBrowserPerformanceAPI, msToSec, startStandaloneWebVitalSpan } from '
const LAST_INTERACTIONS: number[] = [];
const INTERACTIONS_SPAN_MAP = new Map<number, Span>();

/**
* 60 seconds is the maximum for a plausible INP value
* (source: Me)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

😂
I hope the git blame stays with your name

@Lms24 Lms24 merged commit 6d61be0 into develop Jun 5, 2025
163 checks passed
@Lms24 Lms24 deleted the lms/fix-browser-long-inp-values branch June 5, 2025 12:28
mergify bot added a commit to reisene/HulajDusza-serwis that referenced this pull request Jul 7, 2025
@mergify
[Snyk] Upgrade @sentry/browser from 9.26.0 to 9.28.1 (#450)
6879157 
![snyk-io[bot]](https://badgen.net/badge/icon/snyk-io%5Bbot%5D/green?label=)
![Contributor](https://badgen.net/badge/icon/Contributor/000000?label=)
[<img width="16" alt="Powered by Pull Request Badge"
src="https://user-images.githubusercontent.com/1393946/111216524-d2bb8e00-85d4-11eb-821b-ed4c00989c02.png">](https://pullrequestbadge.com/?utm_medium=github&utm_source=reisene&utm_campaign=badge_info)<!--
PR-BADGE: PLEASE DO NOT REMOVE THIS COMMENT -->


![snyk-top-banner](https://res.cloudinary.com/snyk/image/upload/r-d/scm-platform/snyk-pull-requests/pr-banner-default.svg)


<h3>Snyk has created this PR to upgrade @sentry/browser from 9.26.0 to
9.28.1.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.

<hr/>


- The recommended version is **3 versions** ahead of your current
version.

- The recommended version was released **22 days ago**.

#### Issues fixed by the recommended upgrade:

|  | Issue | Score | Exploit Maturity |

:-------------------------:|:-------------------------|:-------------------------|:-------------------------
![low
severity](https://res.cloudinary.com/snyk/image/upload/r-d/scm-platform/snyk-pull-requests//severity-low.svg
'low severity') | Regular Expression Denial of Service
(ReDoS)<br/>[SNYK-JS-BRACEEXPANSION-9789073](https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073)
| **57** | Proof of Concept
![low
severity](https://res.cloudinary.com/snyk/image/upload/r-d/scm-platform/snyk-pull-requests//severity-low.svg
'low severity') | Regular Expression Denial of Service
(ReDoS)<br/>[SNYK-JS-BRACEEXPANSION-9789073](https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073)
| **57** | Proof of Concept



<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>@sentry/browser</b></summary>
    <ul>
      <li>
<b>9.28.1</b> - <a
href="https://github.com/getsentry/sentry-javascript/releases/tag/9.28.1">2025-06-11</a></br><ul>
<li>feat(deps): Bump @ sentry/cli from 2.45.0 to 2.46.0 (<a
href="https://github.com/getsentry/sentry-javascript/pull/16516"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16516/hovercard">#16516</a>)</li>
<li>fix(nextjs): Avoid tracing calls to symbolication server on dev (<a
href="https://github.com/getsentry/sentry-javascript/pull/16533"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16533/hovercard">#16533</a>)</li>
<li>fix(sveltekit): Add import attribute for node exports (<a
href="https://github.com/getsentry/sentry-javascript/pull/16528"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16528/hovercard">#16528</a>)</li>
</ul>
<p>Work in this release was contributed by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/eltigerchino/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/eltigerchino">@ eltigerchino</a>.
Thank you for your contribution!</p>
<h2>Bundle size 📦</h2>
<table>
<thead>
<tr>
<th>Path</th>
<th>Size</th>
</tr>
</thead>
<tbody>
<tr>
<td>@ sentry/browser</td>
<td>23.43 KB</td>
</tr>
<tr>
<td>@ sentry/browser - with treeshaking flags</td>
<td>23.2 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing)</td>
<td>37.46 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay)</td>
<td>74.68 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay) - with treeshaking
flags</td>
<td>67.94 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay with Canvas)</td>
<td>79.33 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay, Feedback)</td>
<td>91.13 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Feedback)</td>
<td>39.78 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. sendFeedback)</td>
<td>28.03 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. FeedbackAsync)</td>
<td>32.8 KB</td>
</tr>
<tr>
<td>@ sentry/react</td>
<td>25.15 KB</td>
</tr>
<tr>
<td>@ sentry/react (incl. Tracing)</td>
<td>39.41 KB</td>
</tr>
<tr>
<td>@ sentry/vue</td>
<td>27.69 KB</td>
</tr>
<tr>
<td>@ sentry/vue (incl. Tracing)</td>
<td>39.27 KB</td>
</tr>
<tr>
<td>@ sentry/svelte</td>
<td>23.45 KB</td>
</tr>
<tr>
<td>CDN Bundle</td>
<td>24.88 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing)</td>
<td>37.63 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay)</td>
<td>72.66 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay, Feedback)</td>
<td>77.99 KB</td>
</tr>
<tr>
<td>CDN Bundle - uncompressed</td>
<td>72.67 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing) - uncompressed</td>
<td>111.42 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay) - uncompressed</td>
<td>222.72 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed</td>
<td>235.25 KB</td>
</tr>
<tr>
<td>@ sentry/nextjs (client)</td>
<td>41.03 KB</td>
</tr>
<tr>
<td>@ sentry/sveltekit (client)</td>
<td>37.93 KB</td>
</tr>
<tr>
<td>@ sentry/node</td>
<td>146.9 KB</td>
</tr>
<tr>
<td>@ sentry/node - without tracing</td>
<td>96.03 KB</td>
</tr>
<tr>
<td>@ sentry/aws-serverless</td>
<td>121.19 KB</td>
</tr>
</tbody>
</table>
      </li>
      <li>
<b>9.28.0</b> - <a
href="https://github.com/getsentry/sentry-javascript/releases/tag/9.28.0">2025-06-10</a></br><h3>Important
Changes</h3>
<ul>
<li><strong>feat(nestjs): Stop creating spans for
<code>TracingInterceptor</code> (<a
href="https://github.com/getsentry/sentry-javascript/pull/16501"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16501/hovercard">#16501</a>)</strong></li>
</ul>
<p>With this change we stop creating spans for
<code>TracingInterceptor</code> as this interceptor only serves as an
internal helper and adds noise for the user.</p>
<ul>
<li><strong>feat(node): Update vercel ai spans as per new conventions
(<a
href="https://github.com/getsentry/sentry-javascript/pull/16497"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16497/hovercard">#16497</a>)</strong></li>
</ul>
<p>This feature ships updates to the span names and ops to better match
OpenTelemetry. This should make them more easily accessible to the new
agents module view we are building.</p>
<h3>Other Changes</h3>
<ul>
<li>fix(sveltekit): Export <code>vercelAIIntegration</code> from <code>@
sentry/node</code> (<a
href="https://github.com/getsentry/sentry-javascript/pull/16496"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16496/hovercard">#16496</a>)</li>
</ul>
<p>Work in this release was contributed by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/agrattan0820/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://github.com/agrattan0820">@ agrattan0820</a>.
Thank you for your contribution!</p>
<h2>Bundle size 📦</h2>
<table>
<thead>
<tr>
<th>Path</th>
<th>Size</th>
</tr>
</thead>
<tbody>
<tr>
<td>@ sentry/browser</td>
<td>23.43 KB</td>
</tr>
<tr>
<td>@ sentry/browser - with treeshaking flags</td>
<td>23.2 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing)</td>
<td>37.46 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay)</td>
<td>74.68 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay) - with treeshaking
flags</td>
<td>67.94 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay with Canvas)</td>
<td>79.33 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay, Feedback)</td>
<td>91.13 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Feedback)</td>
<td>39.78 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. sendFeedback)</td>
<td>28.03 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. FeedbackAsync)</td>
<td>32.8 KB</td>
</tr>
<tr>
<td>@ sentry/react</td>
<td>25.15 KB</td>
</tr>
<tr>
<td>@ sentry/react (incl. Tracing)</td>
<td>39.41 KB</td>
</tr>
<tr>
<td>@ sentry/vue</td>
<td>27.69 KB</td>
</tr>
<tr>
<td>@ sentry/vue (incl. Tracing)</td>
<td>39.27 KB</td>
</tr>
<tr>
<td>@ sentry/svelte</td>
<td>23.45 KB</td>
</tr>
<tr>
<td>CDN Bundle</td>
<td>24.88 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing)</td>
<td>37.63 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay)</td>
<td>72.66 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay, Feedback)</td>
<td>77.99 KB</td>
</tr>
<tr>
<td>CDN Bundle - uncompressed</td>
<td>72.67 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing) - uncompressed</td>
<td>111.42 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay) - uncompressed</td>
<td>222.72 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed</td>
<td>235.25 KB</td>
</tr>
<tr>
<td>@ sentry/nextjs (client)</td>
<td>41.03 KB</td>
</tr>
<tr>
<td>@ sentry/sveltekit (client)</td>
<td>37.93 KB</td>
</tr>
<tr>
<td>@ sentry/node</td>
<td>146.9 KB</td>
</tr>
<tr>
<td>@ sentry/node - without tracing</td>
<td>96.03 KB</td>
</tr>
<tr>
<td>@ sentry/aws-serverless</td>
<td>121.19 KB</td>
</tr>
</tbody>
</table>
      </li>
      <li>
<b>9.27.0</b> - <a
href="https://github.com/getsentry/sentry-javascript/releases/tag/9.27.0">2025-06-05</a></br><ul>
<li>feat(node): Expand how vercel ai input/outputs can be set (<a
href="https://github.com/getsentry/sentry-javascript/pull/16455"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16455/hovercard">#16455</a>)</li>
<li>feat(node): Switch to new semantic conventions for Vercel AI (<a
href="https://github.com/getsentry/sentry-javascript/pull/16476"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16476/hovercard">#16476</a>)</li>
<li>feat(react-router): Add component annotation plugin (<a
href="https://github.com/getsentry/sentry-javascript/pull/16472"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16472/hovercard">#16472</a>)</li>
<li>feat(react-router): Export wrappers for server loaders and actions
(<a
href="https://github.com/getsentry/sentry-javascript/pull/16481"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16481/hovercard">#16481</a>)</li>
<li>fix(browser): Ignore unrealistically long INP values (<a
href="https://github.com/getsentry/sentry-javascript/pull/16484"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16484/hovercard">#16484</a>)</li>
<li>fix(react-router): Conditionally add <code>ReactRouterServer</code>
integration (<a
href="https://github.com/getsentry/sentry-javascript/pull/16470"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16470/hovercard">#16470</a>)</li>
</ul>
<h2>Bundle size 📦</h2>
<table>
<thead>
<tr>
<th>Path</th>
<th>Size</th>
</tr>
</thead>
<tbody>
<tr>
<td>@ sentry/browser</td>
<td>23.43 KB</td>
</tr>
<tr>
<td>@ sentry/browser - with treeshaking flags</td>
<td>23.2 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing)</td>
<td>37.46 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay)</td>
<td>74.68 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay) - with treeshaking
flags</td>
<td>67.94 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay with Canvas)</td>
<td>79.33 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay, Feedback)</td>
<td>91.13 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Feedback)</td>
<td>39.77 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. sendFeedback)</td>
<td>28.03 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. FeedbackAsync)</td>
<td>32.8 KB</td>
</tr>
<tr>
<td>@ sentry/react</td>
<td>25.15 KB</td>
</tr>
<tr>
<td>@ sentry/react (incl. Tracing)</td>
<td>39.41 KB</td>
</tr>
<tr>
<td>@ sentry/vue</td>
<td>27.69 KB</td>
</tr>
<tr>
<td>@ sentry/vue (incl. Tracing)</td>
<td>39.27 KB</td>
</tr>
<tr>
<td>@ sentry/svelte</td>
<td>23.45 KB</td>
</tr>
<tr>
<td>CDN Bundle</td>
<td>24.88 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing)</td>
<td>37.63 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay)</td>
<td>72.66 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay, Feedback)</td>
<td>77.99 KB</td>
</tr>
<tr>
<td>CDN Bundle - uncompressed</td>
<td>72.67 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing) - uncompressed</td>
<td>111.42 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay) - uncompressed</td>
<td>222.72 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed</td>
<td>235.25 KB</td>
</tr>
<tr>
<td>@ sentry/nextjs (client)</td>
<td>41.03 KB</td>
</tr>
<tr>
<td>@ sentry/sveltekit (client)</td>
<td>37.93 KB</td>
</tr>
<tr>
<td>@ sentry/node</td>
<td>146.75 KB</td>
</tr>
<tr>
<td>@ sentry/node - without tracing</td>
<td>96.03 KB</td>
</tr>
<tr>
<td>@ sentry/aws-serverless</td>
<td>121.19 KB</td>
</tr>
</tbody>
</table>
      </li>
      <li>
<b>9.26.0</b> - <a
href="https://github.com/getsentry/sentry-javascript/releases/tag/9.26.0">2025-06-04</a></br><ul>
<li>feat(react-router): Re-export functions from <code>@
sentry/react</code> (<a
href="https://github.com/getsentry/sentry-javascript/pull/16465"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16465/hovercard">#16465</a>)</li>
<li>fix(nextjs): Skip re instrumentating on generate phase of
experimental build mode (<a
href="https://github.com/getsentry/sentry-javascript/pull/16410"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16410/hovercard">#16410</a>)</li>
<li>fix(node): Ensure adding sentry-trace and baggage headers via
SentryHttpInstrumentation doesn't crash (<a
href="https://github.com/getsentry/sentry-javascript/pull/16473"
data-hovercard-type="pull_request"
data-hovercard-url="/getsentry/sentry-javascript/pull/16473/hovercard">#16473</a>)</li>
</ul>
<h2>Bundle size 📦</h2>
<table>
<thead>
<tr>
<th>Path</th>
<th>Size</th>
</tr>
</thead>
<tbody>
<tr>
<td>@ sentry/browser</td>
<td>23.43 KB</td>
</tr>
<tr>
<td>@ sentry/browser - with treeshaking flags</td>
<td>23.2 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing)</td>
<td>37.44 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay)</td>
<td>74.69 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay) - with treeshaking
flags</td>
<td>67.96 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay with Canvas)</td>
<td>79.33 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Tracing, Replay, Feedback)</td>
<td>91.13 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. Feedback)</td>
<td>39.78 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. sendFeedback)</td>
<td>28.03 KB</td>
</tr>
<tr>
<td>@ sentry/browser (incl. FeedbackAsync)</td>
<td>32.8 KB</td>
</tr>
<tr>
<td>@ sentry/react</td>
<td>25.15 KB</td>
</tr>
<tr>
<td>@ sentry/react (incl. Tracing)</td>
<td>39.39 KB</td>
</tr>
<tr>
<td>@ sentry/vue</td>
<td>27.67 KB</td>
</tr>
<tr>
<td>@ sentry/vue (incl. Tracing)</td>
<td>39.24 KB</td>
</tr>
<tr>
<td>@ sentry/svelte</td>
<td>23.45 KB</td>
</tr>
<tr>
<td>CDN Bundle</td>
<td>24.88 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing)</td>
<td>37.62 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay)</td>
<td>72.64 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay, Feedback)</td>
<td>77.93 KB</td>
</tr>
<tr>
<td>CDN Bundle - uncompressed</td>
<td>72.67 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing) - uncompressed</td>
<td>111.4 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay) - uncompressed</td>
<td>222.7 KB</td>
</tr>
<tr>
<td>CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed</td>
<td>235.22 KB</td>
</tr>
<tr>
<td>@ sentry/nextjs (client)</td>
<td>41.02 KB</td>
</tr>
<tr>
<td>@ sentry/sveltekit (client)</td>
<td>37.93 KB</td>
</tr>
<tr>
<td>@ sentry/node</td>
<td>146.56 KB</td>
</tr>
<tr>
<td>@ sentry/node - without tracing</td>
<td>96.03 KB</td>
</tr>
<tr>
<td>@ sentry/aws-serverless</td>
<td>121.19 KB</td>
</tr>
</tbody>
</table>
      </li>
    </ul>
from <a
href="https://github.com/getsentry/sentry-javascript/releases">@sentry/browser
GitHub release notes</a>
  </details>
</details>

---

> [!IMPORTANT]
>
> - Check the changes in this PR to ensure they won't cause issues with
your project.
> - This PR was automatically created by Snyk using the credentials of a
real user.
> - Max score is 1000. Note that the real score may have changed since
the PR was raised.

---

**Note:** _You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs._

**For more information:** <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIwMWI4Yjc0Yy0xNjRjLTRkNGItYWMwZi1kYzA4NzIxNTA4MTAiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjAxYjhiNzRjLTE2NGMtNGQ0Yi1hYzBmLWRjMDg3MjE1MDgxMCJ9fQ=="
width="0" height="0"/>

> - 🧐 [View latest project
report](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59?utm_source&#x3D;github-cloud-app&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)
> - 📜 [Customise PR
templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates?utm_source=&utm_content=fix-pr-template)
> - 🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59/settings/integration?utm_source&#x3D;github-cloud-app&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)
> - 🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59/settings/integration?pkg&#x3D;@sentry/browser&amp;utm_source&#x3D;github-cloud-app&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

[//]: #
'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"@sentry/browser","from":"9.26.0","to":"9.28.1"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":["SNYK-JS-BRACEEXPANSION-9789073","SNYK-JS-BRACEEXPANSION-9789073"],"prId":"01b8b74c-164c-4d4b-ac0f-dc0872150810","prPublicId":"01b8b74c-164c-4d4b-ac0f-dc0872150810","packageManager":"npm","priorityScoreList":[57],"projectPublicId":"55e114f8-489e-4f14-b900-20574b041e59","projectUrl":"https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-BRACEEXPANSION-9789073","SNYK-JS-BRACEEXPANSION-9789073"],"upgradeInfo":{"versionsDiff":3,"publishedDate":"2025-06-11T09:13:17.691Z"},"vulns":["SNYK-JS-BRACEEXPANSION-9789073","SNYK-JS-BRACEEXPANSION-9789073"]}'

## Podsumowanie od Sourcery

Aktualizacja @sentry/browser do wersji 9.28.1 w celu usunięcia luk w
zabezpieczeniach i utrzymania aktualności zależności.

Poprawki błędów:
- Załatanie luki Regular Expression Denial of Service w brace-expansion
(SNYK-JS-BRACEEXPANSION)

Prace porządkowe:
- Podniesienie wersji @sentry/browser z 9.26.0 do 9.28.1

<details>
<summary>Original summary in English</summary>

## Summary by Sourcery

Upgrade @sentry/browser to version 9.28.1 to address security
vulnerabilities and keep dependencies up to date.

Bug Fixes:
- Patch Regular Expression Denial of Service vulnerability in
brace-expansion (SNYK-JS-BRACEEXPANSION)

Chores:
- Bump @sentry/browser from 9.26.0 to 9.28.1

</details>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@s1gr1d s1gr1d s1gr1d approved these changes

@Abdkhan14 Abdkhan14 Abdkhan14 approved these changes

Assignees

@Lms24 Lms24

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Lms24 @s1gr1d @Abdkhan14