Skip to content

fix: ignore third-party monkeypatches in pushState/replaceState warning #15267

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
FrankFMY wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix: ignore third-party monkeypatches in pushState/replaceState warning #15267

FrankFMY wants to merge 1 commit into from
+8 −0

Conversation

@FrankFMY
Copy link
Contributor

@FrankFMY FrankFMY commented Feb 5, 2026

Summary

When third-party libraries like Sentry SDK monkeypatch history.pushState and history.replaceState, they insert additional stack frames. The dev-mode warning that checks if these methods are called from outside SvelteKit relies on stack trace inspection, but the extra frames from monkeypatching libraries cause false positives — the warning fires even for SvelteKit's own internal calls.

This PR filters out stack frames originating from node_modules before checking the call origin, so that monkeypatching libraries (Sentry, analytics tools, etc.) no longer trigger the false positive warning.

Before

Any library in node_modules that wraps history.pushState/replaceState (like @sentry/svelte) would cause the following false warning on every SvelteKit navigation:

Avoid using history.pushState(...) and history.replaceState(...) as these will conflict with SvelteKit's router.

After

Stack frames from node_modules are filtered out before the origin check, so SvelteKit correctly identifies its own internal calls regardless of how many third-party wrappers are in the call chain.

How it works

The stack trace for SvelteKit's internal pushState call with Sentry looks like:

warn (client.js)
history.pushState (client.js)   ← SvelteKit monkeypatch
pushState (sentry/instrument.js) ← Sentry monkeypatch (node_modules)
pushState (client.js)            ← SvelteKit internal call

After slice(2), the first frame is Sentry's — not client.js — triggering the false warning. By filtering node_modules frames, the first remaining frame is correctly identified as client.js.

Closes #12177

Test plan

  • All unit tests pass (417 passed)
  • All pushState-related integration tests pass
  • All shallow routing tests pass (9 passed)
  • Verified all four scenarios work correctly:
    • SvelteKit internal call without monkeypatch → no warning ✓
    • SvelteKit internal call with monkeypatch → no warning ✓
    • External call without monkeypatch → warning ✓
    • External call with monkeypatch → warning ✓

@FrankFMY
fix: ignore third-party monkeypatches in pushState/replaceState warning
dfb77be 
When third-party libraries like Sentry monkeypatch history.pushState
and history.replaceState, they add extra stack frames. This causes the
dev-mode warning to incorrectly fire for SvelteKit's own internal calls.

Filter out stack frames from node_modules before checking the call
origin, so that monkeypatching libraries don't trigger false positives.

Closes sveltejs#12177
@changeset-bot
Copy link

changeset-bot bot commented Feb 5, 2026

🦋 Changeset detected

Latest commit: dfb77be

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package
Name Type
@sveltejs/kit Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@svelte-docs-bot
Copy link

svelte-docs-bot bot commented Feb 5, 2026

Preview: https://svelte-dev-git-preview-kit-15267-svelte.vercel.app/

dummdidumm
dummdidumm approved these changes Feb 6, 2026
View reviewed changes
Copy link
Member

@dummdidumm dummdidumm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fix is good enough for me (I mean I originally proposed it), the possibility that something in node_modules initiated history.push is slim - but wanna get some other maintainer opinions here before merging

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dummdidumm dummdidumm dummdidumm approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

False positive pushState warnings when using Sentry

2 participants

@FrankFMY @dummdidumm