url.parse() deprecation warning in @sentry/nextjs v10.22.0 with Node.js 24.7.0

[mzubair481]

Environment

• SDK: @sentry/nextjs
• SDK Version: 10.22.0
• Framework: Next.js
• Framework Version: 16.0.0
• Node.js Version: 24.7.0
• Package Manager: pnpm 10.15.1

Description

When running a Next.js 16 app with @sentry/nextjs v10.22.0 on Node.js 24.7.0, a deprecation warning is emitted on the first HTTP request:

(node:11484) [DEP0169] DeprecationWarning: `url.parse()` behavior is not standardized and prone to errors that have security implications. Use the WHATWG URL API instead. CVEs are not issued for `url.parse()` vulnerabilities.
    at Object.urlParse [as parse] (node:url:134:13)
    at getAbsoluteUrl (/app/.next/dev/server/chunks/node_modules__pnpm_65214b1e._.js:386:31)
    at getOutgoingRequestAttributes (/app/.next/dev/server/chunks/node_modules__pnpm_65214b1e._.js:648:48)
    at outgoingRequest (/app/.next/dev/server/chunks/node_modules__pnpm_65214b1e._.js:1596:73)
    at Object.httpsOutgoingRequest [as request] (/app/.next/dev/server/chunks/node_modules__pnpm_65214b1e._.js:1380:93)
    at /app/.next/dev/server/chunks/12047_@sentry_node-core_build_cjs_0474ad7e._.js:4532:40
    ... (additional Sentry stack frames)

The warning originates from Sentry's bundled code in the Node.js fetch instrumentation, despite the source code using regex-based parsing (not url.parse()). The changelog mentions URL parsing improvements in v9.11.0, but this appears to be a regression in the published build.

Steps to Reproduce

1. Create a Next.js 16 app with @sentry/nextjs v10.22.0.
2. Use Node.js 24.7.0.
3. Run pnpm dev.
4. Make an HTTP request (e.g., load the app).
5. Observe the deprecation warning in the console.

Expected Behavior

No deprecation warnings from the Sentry SDK, as it should use modern URL APIs.

Actual Behavior

Deprecation warning appears, indicating the bundled SDK still calls url.parse().

Additional Context

Clearing .next cache doesn't resolve it,

[linear]

JS-1098

[JPeer264]

Thanks for the issue. This warning is triggered by openetelemetry and an issue has just been opened: open-telemetry/opentelemetry-js#6061.

I'll close this one here since it will be fixed in the other ticket.

[aaditmshah-commversion]

It seems like the issue has been fixed. However, I'm using the latest version of Sentry and I still see this warning. What I can do to resolve the issue?

[JPeer264]

Since opentelemtry has not yet published this PR yet the only thing we can do right now is to wait until opentelemetry released it. I am not quite sure if they cut a release in this year. However, once they release a new version we will also bump opentelemetry and create a new release.