Skip to content

chore(deps): bump the production-dependencies group across 1 directory with 6 updates#36

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-dependencies-ece7307a50
Open

chore(deps): bump the production-dependencies group across 1 directory with 6 updates#36
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-dependencies-ece7307a50

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 6, 2026

Bumps the production-dependencies group with 6 updates in the / directory:

Package From To
@sentry/node 10.47.0 10.56.0
helmet 8.1.0 8.2.0
pg 8.20.0 8.21.0
uuid 13.0.0 14.0.0
@sentry/react 10.47.0 10.56.0
react-dom 19.2.4 19.2.7

Updates @sentry/node from 10.47.0 to 10.56.0

Release notes

Sourced from @​sentry/node's releases.

10.56.0

Important Changes

  • feat(deno): Redis diagnostics channel based integration for Deno (#21087)

    Adds Redis integration support for Deno, covering both redis and ioredis clients.

Other Changes

  • feat(cloudflare): Only capture workflow step error on final retry attempt (#21025)
  • feat(hono): Emit warning if @sentry/node was imported instead of @sentry/hono/node (#21240)
  • feat(node): Use ioredis tracing channels (#21187)
  • fix(browser): Correctly parse sampleRate when consistentTraceSampling is enabled (#21281)
  • fix(cloudflare): Fix instrumentDurableObjectWithSentry breaking Cloudflare Agents (#21101)
  • fix(cloudflare): Wait for span links to be set (#21167)
  • fix(core): Use WeakRef for Span-Scope circular references (#21242)
  • fix(node): Vendor InstrumentationNodeModuleFile to fix Bun --bytecode crash (#21262)
  • fix(profiling-node): Ensure node version support warning includes latest 26 (#21229)
  • chore: Ignore scheduled_tasks.lock (#21252)
  • chore: Promote lint warnings to errors (#21213)
  • chore(docs): Document how to support a new node version (#21228)
  • chore(size-limit): Weekly auto-bump (#21243)
  • chore(skills): Add linear-project-status skill (#21214)
  • chore(skills): Add linear-project-update skill (#21233)
  • chore(skills): Improve triage-issue skill (#21257)
  • chore(skills): Update linear-project-status skill with more details & context (#21234)
  • feat(deps): Bump axios from 1.15.0 to 1.16.0 in /dev-packages/e2e-tests/test-applications/nestjs-basic (#21263)
  • feat(server-utils): Initial scaffolding (#21200)
  • ref(cloudflare): Move D1 instrumentation (#21266)
  • ref(node): Refactor usage of hrTime utilities from @opentelemetry/core (#21191)
  • ref(node): Stop mutating OTel RPC metadata to set http.route (#21193)
  • ref(opentelemetry): Vendor minimal TraceState implementation (#21192)
  • test(browser): Add unit test for http client header collection behavior (#21273)
  • test(browser): Move browser integration tests to dataCollection (#21282)
  • test(cloudflare): Remove vitest in CF e2e tests (#21259)

Bundle size 📦

Path Size
@​sentry/browser 26.57 KB
@​sentry/browser - with treeshaking flags 25.05 KB
@​sentry/browser (incl. Tracing) 44.19 KB
@​sentry/browser (incl. Tracing + Span Streaming) 46.37 KB

... (truncated)

Changelog

Sourced from @​sentry/node's changelog.

10.56.0

Important Changes

  • feat(deno): Redis diagnostics channel based integration for Deno (#21087)

    Adds Redis integration support for Deno, covering both redis and ioredis clients.

Other Changes

  • feat(cloudflare): Only capture workflow step error on final retry attempt (#21025)
  • feat(hono): Emit warning if @sentry/node was imported instead of @sentry/hono/node (#21240)
  • feat(node): Use ioredis tracing channels (#21187)
  • fix(browser): Correctly parse sampleRate when consistentTraceSampling is enabled (#21281)
  • fix(cloudflare): Fix instrumentDurableObjectWithSentry breaking Cloudflare Agents (#21101)
  • fix(cloudflare): Wait for span links to be set (#21167)
  • fix(core): Use WeakRef for Span-Scope circular references (#21242)
  • fix(node): Vendor InstrumentationNodeModuleFile to fix Bun --bytecode crash (#21262)
  • fix(profiling-node): Ensure node version support warning includes latest 26 (#21229)
  • chore: Ignore scheduled_tasks.lock (#21252)
  • chore: Promote lint warnings to errors (#21213)
  • chore(docs): Document how to support a new node version (#21228)
  • chore(size-limit): Weekly auto-bump (#21243)
  • chore(skills): Add linear-project-status skill (#21214)
  • chore(skills): Add linear-project-update skill (#21233)
  • chore(skills): Improve triage-issue skill (#21257)
  • chore(skills): Update linear-project-status skill with more details & context (#21234)
  • feat(deps): Bump axios from 1.15.0 to 1.16.0 in /dev-packages/e2e-tests/test-applications/nestjs-basic (#21263)
  • feat(server-utils): Initial scaffolding (#21200)
  • ref(cloudflare): Move D1 instrumentation (#21266)
  • ref(node): Refactor usage of hrTime utilities from @opentelemetry/core (#21191)
  • ref(node): Stop mutating OTel RPC metadata to set http.route (#21193)
  • ref(opentelemetry): Vendor minimal TraceState implementation (#21192)
  • test(browser): Add unit test for http client header collection behavior (#21273)
  • test(browser): Move browser integration tests to dataCollection (#21282)
  • test(cloudflare): Remove vitest in CF e2e tests (#21259)

10.55.0

Important Changes

  • feat(hono): Promote @sentry/hono to stable and deprecate honoIntegration (#21208)

    The @sentry/hono SDK is now stable. See the Sentry Hono SDK docs to get started.

... (truncated)

Commits
  • 29b276c release: 10.56.0
  • f94a87b Merge pull request #21291 from getsentry/prepare-release/10.56.0
  • 165c82a meta(changelog): Update changelog for 10.56.0
  • a7cb7e6 fix(cloudflare): Fix instrumentDurableObjectWithSentry breaking Cloudflare Ag...
  • d8015e2 feat(deps): Bump axios from 1.15.0 to 1.16.0 in /dev-packages/e2e-tests/test-...
  • 01104fb fix(browser): Correctly parse sampleRate when consistentTraceSampling is en...
  • 0613ef7 test(browser): Move browser integration tests to dataCollection (#21282)
  • 231e1f5 test(browser): Add unit test for http client header collection behavior (#21273)
  • ec5f82c feat(server-utils): initial scaffolding (#21200)
  • dfeeb11 fix(cloudflare): Wait for span links to be set (#21167)
  • Additional commits viewable in compare view

Updates helmet from 8.1.0 to 8.2.0

Changelog

Sourced from helmet's changelog.

8.2.0 - 2026-05-21

  • Cross-Origin-Opener-Policy: support noopener-allow-popups. See #522
  • Improve error message when passing duplicate options
Commits

Updates pg from 8.20.0 to 8.21.0

Changelog

Sourced from pg's changelog.

pg@8.21.0

Commits
  • 544b1ce Publish
  • cc03fa5 Add scramMaxIterations option to limit SCRAM iteration count (#3677)
  • f776327 Remove compatibility code for unsupported versions of Node (<16) (#3678)
  • f252870 cleanup: pg utils (#3675)
  • c8da6ab Assorted test cleanup (#3673)
  • fa47e73 fix: Client#end callback being called multiple times when first is no-op (#...
  • 88a7e60 cleanup: Move declaration to more natural place
  • 2095247 cleanup: Combine duplicated code in Client#query and avoid unneeded early n...
  • 0ac3edd fix: apply SASLprep (RFC 4013) to passwords before SCRAM-SHA-256 PBKDF2 (#3669)
  • be880d4 Assorted test fixes and cleanup (#3672)
  • Additional commits viewable in compare view

Updates uuid from 13.0.0 to 14.0.0

Release notes

Sourced from uuid's releases.

v14.0.0

14.0.0 (2026-04-19)

⚠ BREAKING CHANGES

  • expect crypto to be global everywhere (requires node@20+) (#935)
  • drop node@18 support (#934)

Features

Bug Fixes

  • expect crypto to be global everywhere (requires node@20+) (#935) (f2c235f)
  • Use GITHUB_TOKEN for release-please and enable npm provenance (#925) (ffa3138)

v13.0.2

13.0.2 (2026-05-04)

Bug Fixes

  • rerelease to fix provenance. (49ccb35)

v13.0.1

13.0.1 (2026-04-27)

Bug Fixes

Changelog

Sourced from uuid's changelog.

14.0.0 (2026-04-19)

Security

  • Fixes GHSA-w5hq-g745-h8pq: v3(), v5(), and v6() did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid offset was provided. A RangeError is now thrown if offset < 0 or offset + 16 > buf.length.

⚠ BREAKING CHANGES

  • crypto is now expected to be globally defined (requires node@20+) (#935)
  • drop node@18 support (#934)
  • upgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years
Commits
  • 7c1ea08 chore(main): release 14.0.0 (#926)
  • 3d2c5b0 Merge commit from fork
  • f2c235f fix!: expect crypto to be global everywhere (requires node@20+) (#935)
  • 529ef08 chore: upgrade TypeScript and fixup types (#927)
  • 086fd79 chore: update dependencies (#933)
  • dc4ddb8 feat!: drop node@18 support (#934)
  • 0f1f9c9 chore: switch to Biome for parsing and linting (#932)
  • e2879e6 chore: use maintained version of npm-run-all (#930)
  • ffa3138 fix: Use GITHUB_TOKEN for release-please and enable npm provenance (#925)
  • 0423d49 docs: remove obsolete v1 option notes (#915)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for uuid since your current version.


Updates @sentry/react from 10.47.0 to 10.56.0

Release notes

Sourced from @​sentry/react's releases.

10.56.0

Important Changes

  • feat(deno): Redis diagnostics channel based integration for Deno (#21087)

    Adds Redis integration support for Deno, covering both redis and ioredis clients.

Other Changes

  • feat(cloudflare): Only capture workflow step error on final retry attempt (#21025)
  • feat(hono): Emit warning if @sentry/node was imported instead of @sentry/hono/node (#21240)
  • feat(node): Use ioredis tracing channels (#21187)
  • fix(browser): Correctly parse sampleRate when consistentTraceSampling is enabled (#21281)
  • fix(cloudflare): Fix instrumentDurableObjectWithSentry breaking Cloudflare Agents (#21101)
  • fix(cloudflare): Wait for span links to be set (#21167)
  • fix(core): Use WeakRef for Span-Scope circular references (#21242)
  • fix(node): Vendor InstrumentationNodeModuleFile to fix Bun --bytecode crash (#21262)
  • fix(profiling-node): Ensure node version support warning includes latest 26 (#21229)
  • chore: Ignore scheduled_tasks.lock (#21252)
  • chore: Promote lint warnings to errors (#21213)
  • chore(docs): Document how to support a new node version (#21228)
  • chore(size-limit): Weekly auto-bump (#21243)
  • chore(skills): Add linear-project-status skill (#21214)
  • chore(skills): Add linear-project-update skill (#21233)
  • chore(skills): Improve triage-issue skill (#21257)
  • chore(skills): Update linear-project-status skill with more details & context (#21234)
  • feat(deps): Bump axios from 1.15.0 to 1.16.0 in /dev-packages/e2e-tests/test-applications/nestjs-basic (#21263)
  • feat(server-utils): Initial scaffolding (#21200)
  • ref(cloudflare): Move D1 instrumentation (#21266)
  • ref(node): Refactor usage of hrTime utilities from @opentelemetry/core (#21191)
  • ref(node): Stop mutating OTel RPC metadata to set http.route (#21193)
  • ref(opentelemetry): Vendor minimal TraceState implementation (#21192)
  • test(browser): Add unit test for http client header collection behavior (#21273)
  • test(browser): Move browser integration tests to dataCollection (#21282)
  • test(cloudflare): Remove vitest in CF e2e tests (#21259)

Bundle size 📦

Path Size
@​sentry/browser 26.57 KB
@​sentry/browser - with treeshaking flags 25.05 KB
@​sentry/browser (incl. Tracing) 44.19 KB
@​sentry/browser (incl. Tracing + Span Streaming) 46.37 KB

... (truncated)

Changelog

Sourced from @​sentry/react's changelog.

10.56.0

Important Changes

  • feat(deno): Redis diagnostics channel based integration for Deno (#21087)

    Adds Redis integration support for Deno, covering both redis and ioredis clients.

Other Changes

  • feat(cloudflare): Only capture workflow step error on final retry attempt (#21025)
  • feat(hono): Emit warning if @sentry/node was imported instead of @sentry/hono/node (#21240)
  • feat(node): Use ioredis tracing channels (#21187)
  • fix(browser): Correctly parse sampleRate when consistentTraceSampling is enabled (#21281)
  • fix(cloudflare): Fix instrumentDurableObjectWithSentry breaking Cloudflare Agents (#21101)
  • fix(cloudflare): Wait for span links to be set (#21167)
  • fix(core): Use WeakRef for Span-Scope circular references (#21242)
  • fix(node): Vendor InstrumentationNodeModuleFile to fix Bun --bytecode crash (#21262)
  • fix(profiling-node): Ensure node version support warning includes latest 26 (#21229)
  • chore: Ignore scheduled_tasks.lock (#21252)
  • chore: Promote lint warnings to errors (#21213)
  • chore(docs): Document how to support a new node version (#21228)
  • chore(size-limit): Weekly auto-bump (#21243)
  • chore(skills): Add linear-project-status skill (#21214)
  • chore(skills): Add linear-project-update skill (#21233)
  • chore(skills): Improve triage-issue skill (#21257)
  • chore(skills): Update linear-project-status skill with more details & context (#21234)
  • feat(deps): Bump axios from 1.15.0 to 1.16.0 in /dev-packages/e2e-tests/test-applications/nestjs-basic (#21263)
  • feat(server-utils): Initial scaffolding (#21200)
  • ref(cloudflare): Move D1 instrumentation (#21266)
  • ref(node): Refactor usage of hrTime utilities from @opentelemetry/core (#21191)
  • ref(node): Stop mutating OTel RPC metadata to set http.route (#21193)
  • ref(opentelemetry): Vendor minimal TraceState implementation (#21192)
  • test(browser): Add unit test for http client header collection behavior (#21273)
  • test(browser): Move browser integration tests to dataCollection (#21282)
  • test(cloudflare): Remove vitest in CF e2e tests (#21259)

10.55.0

Important Changes

  • feat(hono): Promote @sentry/hono to stable and deprecate honoIntegration (#21208)

    The @sentry/hono SDK is now stable. See the Sentry Hono SDK docs to get started.

... (truncated)

Commits
  • 29b276c release: 10.56.0
  • f94a87b Merge pull request #21291 from getsentry/prepare-release/10.56.0
  • 165c82a meta(changelog): Update changelog for 10.56.0
  • a7cb7e6 fix(cloudflare): Fix instrumentDurableObjectWithSentry breaking Cloudflare Ag...
  • d8015e2 feat(deps): Bump axios from 1.15.0 to 1.16.0 in /dev-packages/e2e-tests/test-...
  • 01104fb fix(browser): Correctly parse sampleRate when consistentTraceSampling is en...
  • 0613ef7 test(browser): Move browser integration tests to dataCollection (#21282)
  • 231e1f5 test(browser): Add unit test for http client header collection behavior (#21273)
  • ec5f82c feat(server-utils): initial scaffolding (#21200)
  • dfeeb11 fix(cloudflare): Wait for span links to be set (#21167)
  • Additional commits viewable in compare view

Updates react-dom from 19.2.4 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

19.2.6 (May 6th, 2026)

React Server Components

19.2.5 (April 8th, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the production-dependencies group across 1 director…
63688a5 
…y with 6 updates

Bumps the production-dependencies group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@sentry/node](https://github.com/getsentry/sentry-javascript) | `10.47.0` | `10.56.0` |
| [helmet](https://github.com/helmetjs/helmet) | `8.1.0` | `8.2.0` |
| [pg](https://github.com/brianc/node-postgres/tree/HEAD/packages/pg) | `8.20.0` | `8.21.0` |
| [uuid](https://github.com/uuidjs/uuid) | `13.0.0` | `14.0.0` |
| [@sentry/react](https://github.com/getsentry/sentry-javascript) | `10.47.0` | `10.56.0` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.7` |



Updates `@sentry/node` from 10.47.0 to 10.56.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@10.47.0...10.56.0)

Updates `helmet` from 8.1.0 to 8.2.0
- [Changelog](https://github.com/helmetjs/helmet/blob/main/CHANGELOG.md)
- [Commits](helmetjs/helmet@v8.1.0...v8.2.0)

Updates `pg` from 8.20.0 to 8.21.0
- [Changelog](https://github.com/brianc/node-postgres/blob/master/CHANGELOG.md)
- [Commits](https://github.com/brianc/node-postgres/commits/pg@8.21.0/packages/pg)

Updates `uuid` from 13.0.0 to 14.0.0
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v13.0.0...v14.0.0)

Updates `@sentry/react` from 10.47.0 to 10.56.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@10.47.0...10.56.0)

Updates `react-dom` from 19.2.4 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

---
updated-dependencies:
- dependency-name: "@sentry/node"
  dependency-version: 10.56.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: helmet
  dependency-version: 8.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: pg
  dependency-version: 8.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: uuid
  dependency-version: 14.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@sentry/react"
  dependency-version: 10.56.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency label Jun 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants