Skip to content

[Snyk] Upgrade @sentry/cli from 2.31.2 to 2.58.4 #245

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
MinhhTien wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

[Snyk] Upgrade @sentry/cli from 2.31.2 to 2.58.4 #245

MinhhTien wants to merge 1 commit into from

Conversation

@MinhhTien
Copy link
Collaborator

@MinhhTien MinhhTien commented Jan 8, 2026

snyk-top-banner

Snyk has created this PR to upgrade @sentry/cli from 2.31.2 to 2.58.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 60 versions ahead of your current version.

  • The recommended version was released a month ago.

Release notes
Package name: @sentry/cli
  • 2.58.4 - 2025-12-12

    Fixes

    • Use node directly in the postinstall script, instead of using npm run (#3030). This change ensures the postinstall script remains compatible with package managers other than npm.
  • 2.58.3 - 2025-12-10

    Improvements

    • For the sentry-cli build upload command, we now only auto-detect Git metadata when we detect we are running in a CI environment, unless the user manually overrides this behavior (#2974). This change prevents local development builds from triggiering GitHub status checks for size analysis.
      • We can detect most common CI environments based on the environment variables these set.
      • We introduced two new arguments, --force-git-metadata and --no-git-metadata, which force-enable and force-disable automatic Git data collection, respectively, overriding the default behavior.
    • The sentry-cli build upload command now automatically detects the correct branch or tag reference in non-PR GitHub Actions workflows (#2976). Previously, --head-ref was only auto-detected for pull request workflows. Now it works for push, release, and other workflow types by using the GITHUB_REF_NAME environment variable.

    Fixes

    • Fixed a bug where the sentry-cli sourcemaps inject command could inject JavaScript code into certain incorrectly formatted source map files, corrupting their JSON structure (#3003).
  • 2.58.3-alpha0 - 2025-12-10

    Improvements

    • For the sentry-cli build upload command, we now only auto-detect Git metadata when we detect we are running in a CI environment, unless the user manually overrides this behavior (#2974). This change prevents local development builds from triggiering GitHub status checks for size analysis.
      • We can detect most common CI environments based on the environment variables these set.
      • We introduced two new arguments, --force-git-metadata and --no-git-metadata, which force-enable and force-disable automatic Git data collection, respectively, overriding the default behavior.
    • The sentry-cli build upload command now automatically detects the correct branch or tag reference in non-PR GitHub Actions workflows (#2976). Previously, --head-ref was only auto-detected for pull request workflows. Now it works for push, release, and other workflow types by using the GITHUB_REF_NAME environment variable.

    Fixes

    • Fixed a bug where the sentry-cli sourcemaps inject command could inject JavaScript code into certain incorrectly formatted source map files, corrupting their JSON structure (#3003).
  • 2.58.2 - 2025-11-12

    Improvements

    • Added validation for the sentry-cli build upload command's --head-sha and --base-sha arguments (#2945). The CLI now validates that these are valid SHA1 sums. Passing an empty string is also allowed; this prevents the default values from being used, causing the values to instead be unset.

    Fixes

    • Fixed a bug where providing empty-string values for the sentry-cli build upload command's --vcs-provider, --head-repo-name, --head-ref, --base-ref, and --base-repo-name arguments resulted in 400 errors (#2946). Now, setting these to empty strings instead explicitly clears the default value we would set otherwise, as expected.
  • 2.58.1 - 2025-11-11

    Deprecations

    • Deprecated API key authentication (#2934, #2937). Users who are still using API keys to authenticate Sentry CLI should generate and use an Auth Token instead.

    Improvements

    • The sentry-cli debug-files bundle-jvm no longer makes any HTTP requests to Sentry, meaning auth tokens are no longer needed, and the command can be run offline (#2926).

    Fixes

    • Skip setting base_sha and base_ref when they equal head_sha during auto-inference, since comparing a commit to itself provides no meaningful baseline (#2924).
    • Improved error message when supplying a non-existent organization to sentry-cli sourcemaps upload. The error now correctly indicates the organization doesn't exist, rather than incorrectly suggesting the Sentry server lacks artifact bundle support (#2931).
  • 2.58.0 - 2025-11-06

    New Features

    • Removed experimental status from the sentry-cli build upload commands (#2899, #2905). At the time of this release, build uploads are still in closed beta on the server side, so most customers cannot use this functionality quite yet.
    • Added CLI version metadata to build upload archives (#2890).

    Deprecations

    • Deprecated the upload-proguard subcommand's --platform flag (#2863). This flag was a no-op for some time, so we will remove it in the next major.
    • Deprecated the upload-proguard subcommand's --android-manifest flag (#2891). This flag was a no-op for some time, so we will remove it in the next major.
    • Deprecated the sentry-cli sourcemaps upload command's --no-dedupe flag (#2913). The flag was no longer relevant for sourcemap uploads to modern Sentry servers and was made a no-op.

    Fixes

    • Fixed autofilled git base metadata (--base-ref, --base-sha) when using the build upload subcommand in git repos. Previously this worked only in the context of GitHub workflows (#2897, #2898).

    Performance

    • Slightly sped up the sentry-cli sourcemaps upload command by eliminating an HTTP request to the Sentry server, which was not required in most cases (#2913).
  • 2.57.0 - 2025-10-22

    New Features

    • (JS API) Add projects field to SentryCliUploadSourceMapsOptions (#2856)

    Deprecations

    • Deprecated the upload-proguard subcommand's --app-id, --version, and --version-code flags (#2852), as we plan to remove these flags in Sentry CLI 3.x. Users should simply stop using the flags; the values specified there have never had an effect on deobfuscation, and are no longer visible in Sentry.
    • Added a deprecation notice for release bundle uploads, a legacy method for uploading source maps (#2844). Release bundle uploads will be removed in Sentry CLI 3.x in favor of artifact bundles, the newer source map upload method introduced in Sentry version 23.6.2. Self-hosted users: You must upgrade to Sentry 23.6.2 or later before upgrading to Sentry CLI 3.x.

    Fixes

    • Fixed a bug where some log messages would not show up in CI environments or when redirecting stderr to a file (#2830). Specifically, this bug was affecting any subcommand that uses a progress bar, such as sentry-cli debug-files bundle-jvm and sentry-cli sourcemaps upload. Any stderr output during the progress bar was lost if stderr was redirected.
  • 2.56.1 - 2025-10-10
  • 2.56.0 - 2025-09-30
  • 2.55.0 - 2025-09-23
  • 2.54.0 - 2025-09-18
  • 2.53.0 - 2025-09-01
  • 2.53.0-alpha - 2025-08-27
  • 2.52.0 - 2025-08-13
  • 2.51.1 - 2025-08-08
  • 2.51.0 - 2025-08-07
  • 2.50.2 - 2025-07-22
  • 2.50.1 - 2025-07-22
  • 2.50.0 - 2025-07-18
  • 2.49.0 - 2025-07-18
  • 2.48.0 - 2025-07-18
  • 2.47.1 - 2025-07-14
  • 2.47.0 - 2025-07-08
  • 2.46.0 - 2025-05-27
  • 2.46.0-alpha - 2025-05-27
  • 2.45.0 - 2025-05-08
  • 2.44.0 - 2025-05-05
  • 2.43.1 - 2025-04-28
  • 2.43.0 - 2025-03-27
  • 2.42.5 - 2025-03-26
  • 2.42.5-alpha - 2025-03-25
  • 2.42.4 - 2025-03-19
  • 2.42.3 - 2025-03-13
  • 2.42.2 - 2025-02-24
  • 2.42.1 - 2025-02-18
  • 2.42.0 - 2025-02-18
  • 2.41.1 - 2025-01-21
  • 2.41.0 - 2025-01-20
  • 2.40.0 - 2025-01-02
  • 2.39.1 - 2024-11-26
  • 2.39.0 - 2024-11-22
  • 2.38.2 - 2024-11-04
  • 2.38.1 - 2024-10-30
  • 2.38.0 - 2024-10-22
  • 2.37.0 - 2024-10-07
  • 2.36.6 - 2024-10-02
  • 2.36.5 - 2024-10-01
  • 2.36.4 - 2024-09-30
  • 2.36.3 - 2024-09-26
  • 2.36.2 - 2024-09-23
  • 2.36.1 - 2024-09-10
  • 2.36.0 - 2024-09-09
  • 2.35.0 - 2024-09-05
  • 2.34.1 - 2024-08-28
  • 2.34.0 - 2024-08-28
  • 2.33.1 - 2024-08-02
  • 2.33.0 - 2024-07-23
  • 2.32.2 - 2024-07-15
  • 2.32.1 - 2024-05-28
  • 2.32.0 - 2024-05-28
  • 2.31.2 - 2024-05-02
from @sentry/cli GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade @sentry/cli from 2.31.2 to 2.58.4
47b056d 
Snyk has created this PR to upgrade @sentry/cli from 2.31.2 to 2.58.4.

See this package in npm:
@sentry/cli

See this project in Snyk:
https://app.snyk.io/org/minhhtien/project/485582dc-4f72-4001-85cc-58386c1555b3?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@MinhhTien @snyk-bot