Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Sentry SDK to v8 #16131

Open
mydea opened this issue Jul 29, 2024 · 2 comments
Open

Update Sentry SDK to v8 #16131

mydea opened this issue Jul 29, 2024 · 2 comments
Assignees
Labels

Comments

@mydea
Copy link

mydea commented Jul 29, 2024

Lighthouse has a dependency on @sentry/node v6.x. The current version is v8.

This can lead to cases where users that use Sentry themselves (in a more current version) can get peer dependency conflicts from the lighthouse package. This is not necessarily a fault of lighthouse, but a package resolution issue often, but it does happen.

By updating the Sentry SDK to v8, we should be able to "fix" this problem - in v8, the Sentry client is kept versioned on the global carrier, which should lead to the SDK not bleeding into other places.

@G-Rath
Copy link
Contributor

G-Rath commented Oct 8, 2024

Note that v6 @sentry/node is now pulling in a vulnerable version of cookie: GHSA-pxg6-pf52-xh8x

Updating to at least v7 would allow this to be resolved

@luixo
Copy link

luixo commented Nov 20, 2024

Do I get it right that Sentry is an optional error reporter?

I guess it should be put into optionalDependencies then or excluded completely (while nudging users to install it)?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

6 participants