- 
          
- 
                Notifications
    You must be signed in to change notification settings 
- Fork 1.7k
fix(browser): Ignore unrealistically long INP values #16484
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
          
     Merged
      
        
      
    
                
     Merged
            
            
          Conversation
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
    
            
                  Abdkhan14
  
            
            approved these changes
            
                
                  Jun 4, 2025 
                
            
            
          
          
| size-limit report 📦
 | 
            
                  s1gr1d
  
            
            approved these changes
            
                
                  Jun 5, 2025 
                
            
            
          
          
|  | ||
| /** | ||
| * 60 seconds is the maximum for a plausible INP value | ||
| * (source: Me) | 
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
😂
I hope the git blame stays with your name
    
  mergify bot
      added a commit
        to reisene/HulajDusza-serwis
      that referenced
      this pull request
    
      Jul 7, 2025 
    
    
      
  
    
      
    
  
![snyk-io[bot]](https://badgen.net/badge/icon/snyk-io%5Bbot%5D/green?label=)  [<img width="16" alt="Powered by Pull Request Badge" src="https://user-images.githubusercontent.com/1393946/111216524-d2bb8e00-85d4-11eb-821b-ed4c00989c02.png">](https://pullrequestbadge.com/?utm_medium=github&utm_source=reisene&utm_campaign=badge_info)<!-- PR-BADGE: PLEASE DO NOT REMOVE THIS COMMENT -->  <h3>Snyk has created this PR to upgrade @sentry/browser from 9.26.0 to 9.28.1.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **3 versions** ahead of your current version. - The recommended version was released **22 days ago**. #### Issues fixed by the recommended upgrade: | | Issue | Score | Exploit Maturity | :-------------------------:|:-------------------------|:-------------------------|:-------------------------  | Regular Expression Denial of Service (ReDoS)<br/>[SNYK-JS-BRACEEXPANSION-9789073](https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073) | **57** | Proof of Concept  | Regular Expression Denial of Service (ReDoS)<br/>[SNYK-JS-BRACEEXPANSION-9789073](https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073) | **57** | Proof of Concept <details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>@sentry/browser</b></summary> <ul> <li> <b>9.28.1</b> - <a href="https://github.com/getsentry/sentry-javascript/releases/tag/9.28.1">2025-06-11</a></br><ul> <li>feat(deps): Bump @ sentry/cli from 2.45.0 to 2.46.0 (<a href="https://github.com/getsentry/sentry-javascript/pull/16516" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16516/hovercard">#16516</a>)</li> <li>fix(nextjs): Avoid tracing calls to symbolication server on dev (<a href="https://github.com/getsentry/sentry-javascript/pull/16533" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16533/hovercard">#16533</a>)</li> <li>fix(sveltekit): Add import attribute for node exports (<a href="https://github.com/getsentry/sentry-javascript/pull/16528" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16528/hovercard">#16528</a>)</li> </ul> <p>Work in this release was contributed by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/eltigerchino/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/eltigerchino">@ eltigerchino</a>. Thank you for your contribution!</p> <h2>Bundle size 📦</h2> <table> <thead> <tr> <th>Path</th> <th>Size</th> </tr> </thead> <tbody> <tr> <td>@ sentry/browser</td> <td>23.43 KB</td> </tr> <tr> <td>@ sentry/browser - with treeshaking flags</td> <td>23.2 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing)</td> <td>37.46 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay)</td> <td>74.68 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay) - with treeshaking flags</td> <td>67.94 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay with Canvas)</td> <td>79.33 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay, Feedback)</td> <td>91.13 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Feedback)</td> <td>39.78 KB</td> </tr> <tr> <td>@ sentry/browser (incl. sendFeedback)</td> <td>28.03 KB</td> </tr> <tr> <td>@ sentry/browser (incl. FeedbackAsync)</td> <td>32.8 KB</td> </tr> <tr> <td>@ sentry/react</td> <td>25.15 KB</td> </tr> <tr> <td>@ sentry/react (incl. Tracing)</td> <td>39.41 KB</td> </tr> <tr> <td>@ sentry/vue</td> <td>27.69 KB</td> </tr> <tr> <td>@ sentry/vue (incl. Tracing)</td> <td>39.27 KB</td> </tr> <tr> <td>@ sentry/svelte</td> <td>23.45 KB</td> </tr> <tr> <td>CDN Bundle</td> <td>24.88 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing)</td> <td>37.63 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay)</td> <td>72.66 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay, Feedback)</td> <td>77.99 KB</td> </tr> <tr> <td>CDN Bundle - uncompressed</td> <td>72.67 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing) - uncompressed</td> <td>111.42 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay) - uncompressed</td> <td>222.72 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed</td> <td>235.25 KB</td> </tr> <tr> <td>@ sentry/nextjs (client)</td> <td>41.03 KB</td> </tr> <tr> <td>@ sentry/sveltekit (client)</td> <td>37.93 KB</td> </tr> <tr> <td>@ sentry/node</td> <td>146.9 KB</td> </tr> <tr> <td>@ sentry/node - without tracing</td> <td>96.03 KB</td> </tr> <tr> <td>@ sentry/aws-serverless</td> <td>121.19 KB</td> </tr> </tbody> </table> </li> <li> <b>9.28.0</b> - <a href="https://github.com/getsentry/sentry-javascript/releases/tag/9.28.0">2025-06-10</a></br><h3>Important Changes</h3> <ul> <li><strong>feat(nestjs): Stop creating spans for <code>TracingInterceptor</code> (<a href="https://github.com/getsentry/sentry-javascript/pull/16501" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16501/hovercard">#16501</a>)</strong></li> </ul> <p>With this change we stop creating spans for <code>TracingInterceptor</code> as this interceptor only serves as an internal helper and adds noise for the user.</p> <ul> <li><strong>feat(node): Update vercel ai spans as per new conventions (<a href="https://github.com/getsentry/sentry-javascript/pull/16497" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16497/hovercard">#16497</a>)</strong></li> </ul> <p>This feature ships updates to the span names and ops to better match OpenTelemetry. This should make them more easily accessible to the new agents module view we are building.</p> <h3>Other Changes</h3> <ul> <li>fix(sveltekit): Export <code>vercelAIIntegration</code> from <code>@ sentry/node</code> (<a href="https://github.com/getsentry/sentry-javascript/pull/16496" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16496/hovercard">#16496</a>)</li> </ul> <p>Work in this release was contributed by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/agrattan0820/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/agrattan0820">@ agrattan0820</a>. Thank you for your contribution!</p> <h2>Bundle size 📦</h2> <table> <thead> <tr> <th>Path</th> <th>Size</th> </tr> </thead> <tbody> <tr> <td>@ sentry/browser</td> <td>23.43 KB</td> </tr> <tr> <td>@ sentry/browser - with treeshaking flags</td> <td>23.2 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing)</td> <td>37.46 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay)</td> <td>74.68 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay) - with treeshaking flags</td> <td>67.94 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay with Canvas)</td> <td>79.33 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay, Feedback)</td> <td>91.13 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Feedback)</td> <td>39.78 KB</td> </tr> <tr> <td>@ sentry/browser (incl. sendFeedback)</td> <td>28.03 KB</td> </tr> <tr> <td>@ sentry/browser (incl. FeedbackAsync)</td> <td>32.8 KB</td> </tr> <tr> <td>@ sentry/react</td> <td>25.15 KB</td> </tr> <tr> <td>@ sentry/react (incl. Tracing)</td> <td>39.41 KB</td> </tr> <tr> <td>@ sentry/vue</td> <td>27.69 KB</td> </tr> <tr> <td>@ sentry/vue (incl. Tracing)</td> <td>39.27 KB</td> </tr> <tr> <td>@ sentry/svelte</td> <td>23.45 KB</td> </tr> <tr> <td>CDN Bundle</td> <td>24.88 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing)</td> <td>37.63 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay)</td> <td>72.66 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay, Feedback)</td> <td>77.99 KB</td> </tr> <tr> <td>CDN Bundle - uncompressed</td> <td>72.67 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing) - uncompressed</td> <td>111.42 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay) - uncompressed</td> <td>222.72 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed</td> <td>235.25 KB</td> </tr> <tr> <td>@ sentry/nextjs (client)</td> <td>41.03 KB</td> </tr> <tr> <td>@ sentry/sveltekit (client)</td> <td>37.93 KB</td> </tr> <tr> <td>@ sentry/node</td> <td>146.9 KB</td> </tr> <tr> <td>@ sentry/node - without tracing</td> <td>96.03 KB</td> </tr> <tr> <td>@ sentry/aws-serverless</td> <td>121.19 KB</td> </tr> </tbody> </table> </li> <li> <b>9.27.0</b> - <a href="https://github.com/getsentry/sentry-javascript/releases/tag/9.27.0">2025-06-05</a></br><ul> <li>feat(node): Expand how vercel ai input/outputs can be set (<a href="https://github.com/getsentry/sentry-javascript/pull/16455" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16455/hovercard">#16455</a>)</li> <li>feat(node): Switch to new semantic conventions for Vercel AI (<a href="https://github.com/getsentry/sentry-javascript/pull/16476" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16476/hovercard">#16476</a>)</li> <li>feat(react-router): Add component annotation plugin (<a href="https://github.com/getsentry/sentry-javascript/pull/16472" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16472/hovercard">#16472</a>)</li> <li>feat(react-router): Export wrappers for server loaders and actions (<a href="https://github.com/getsentry/sentry-javascript/pull/16481" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16481/hovercard">#16481</a>)</li> <li>fix(browser): Ignore unrealistically long INP values (<a href="https://github.com/getsentry/sentry-javascript/pull/16484" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16484/hovercard">#16484</a>)</li> <li>fix(react-router): Conditionally add <code>ReactRouterServer</code> integration (<a href="https://github.com/getsentry/sentry-javascript/pull/16470" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16470/hovercard">#16470</a>)</li> </ul> <h2>Bundle size 📦</h2> <table> <thead> <tr> <th>Path</th> <th>Size</th> </tr> </thead> <tbody> <tr> <td>@ sentry/browser</td> <td>23.43 KB</td> </tr> <tr> <td>@ sentry/browser - with treeshaking flags</td> <td>23.2 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing)</td> <td>37.46 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay)</td> <td>74.68 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay) - with treeshaking flags</td> <td>67.94 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay with Canvas)</td> <td>79.33 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay, Feedback)</td> <td>91.13 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Feedback)</td> <td>39.77 KB</td> </tr> <tr> <td>@ sentry/browser (incl. sendFeedback)</td> <td>28.03 KB</td> </tr> <tr> <td>@ sentry/browser (incl. FeedbackAsync)</td> <td>32.8 KB</td> </tr> <tr> <td>@ sentry/react</td> <td>25.15 KB</td> </tr> <tr> <td>@ sentry/react (incl. Tracing)</td> <td>39.41 KB</td> </tr> <tr> <td>@ sentry/vue</td> <td>27.69 KB</td> </tr> <tr> <td>@ sentry/vue (incl. Tracing)</td> <td>39.27 KB</td> </tr> <tr> <td>@ sentry/svelte</td> <td>23.45 KB</td> </tr> <tr> <td>CDN Bundle</td> <td>24.88 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing)</td> <td>37.63 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay)</td> <td>72.66 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay, Feedback)</td> <td>77.99 KB</td> </tr> <tr> <td>CDN Bundle - uncompressed</td> <td>72.67 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing) - uncompressed</td> <td>111.42 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay) - uncompressed</td> <td>222.72 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed</td> <td>235.25 KB</td> </tr> <tr> <td>@ sentry/nextjs (client)</td> <td>41.03 KB</td> </tr> <tr> <td>@ sentry/sveltekit (client)</td> <td>37.93 KB</td> </tr> <tr> <td>@ sentry/node</td> <td>146.75 KB</td> </tr> <tr> <td>@ sentry/node - without tracing</td> <td>96.03 KB</td> </tr> <tr> <td>@ sentry/aws-serverless</td> <td>121.19 KB</td> </tr> </tbody> </table> </li> <li> <b>9.26.0</b> - <a href="https://github.com/getsentry/sentry-javascript/releases/tag/9.26.0">2025-06-04</a></br><ul> <li>feat(react-router): Re-export functions from <code>@ sentry/react</code> (<a href="https://github.com/getsentry/sentry-javascript/pull/16465" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16465/hovercard">#16465</a>)</li> <li>fix(nextjs): Skip re instrumentating on generate phase of experimental build mode (<a href="https://github.com/getsentry/sentry-javascript/pull/16410" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16410/hovercard">#16410</a>)</li> <li>fix(node): Ensure adding sentry-trace and baggage headers via SentryHttpInstrumentation doesn't crash (<a href="https://github.com/getsentry/sentry-javascript/pull/16473" data-hovercard-type="pull_request" data-hovercard-url="/getsentry/sentry-javascript/pull/16473/hovercard">#16473</a>)</li> </ul> <h2>Bundle size 📦</h2> <table> <thead> <tr> <th>Path</th> <th>Size</th> </tr> </thead> <tbody> <tr> <td>@ sentry/browser</td> <td>23.43 KB</td> </tr> <tr> <td>@ sentry/browser - with treeshaking flags</td> <td>23.2 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing)</td> <td>37.44 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay)</td> <td>74.69 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay) - with treeshaking flags</td> <td>67.96 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay with Canvas)</td> <td>79.33 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Tracing, Replay, Feedback)</td> <td>91.13 KB</td> </tr> <tr> <td>@ sentry/browser (incl. Feedback)</td> <td>39.78 KB</td> </tr> <tr> <td>@ sentry/browser (incl. sendFeedback)</td> <td>28.03 KB</td> </tr> <tr> <td>@ sentry/browser (incl. FeedbackAsync)</td> <td>32.8 KB</td> </tr> <tr> <td>@ sentry/react</td> <td>25.15 KB</td> </tr> <tr> <td>@ sentry/react (incl. Tracing)</td> <td>39.39 KB</td> </tr> <tr> <td>@ sentry/vue</td> <td>27.67 KB</td> </tr> <tr> <td>@ sentry/vue (incl. Tracing)</td> <td>39.24 KB</td> </tr> <tr> <td>@ sentry/svelte</td> <td>23.45 KB</td> </tr> <tr> <td>CDN Bundle</td> <td>24.88 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing)</td> <td>37.62 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay)</td> <td>72.64 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay, Feedback)</td> <td>77.93 KB</td> </tr> <tr> <td>CDN Bundle - uncompressed</td> <td>72.67 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing) - uncompressed</td> <td>111.4 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay) - uncompressed</td> <td>222.7 KB</td> </tr> <tr> <td>CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed</td> <td>235.22 KB</td> </tr> <tr> <td>@ sentry/nextjs (client)</td> <td>41.02 KB</td> </tr> <tr> <td>@ sentry/sveltekit (client)</td> <td>37.93 KB</td> </tr> <tr> <td>@ sentry/node</td> <td>146.56 KB</td> </tr> <tr> <td>@ sentry/node - without tracing</td> <td>96.03 KB</td> </tr> <tr> <td>@ sentry/aws-serverless</td> <td>121.19 KB</td> </tr> </tbody> </table> </li> </ul> from <a href="https://github.com/getsentry/sentry-javascript/releases">@sentry/browser GitHub release notes</a> </details> </details> --- > [!IMPORTANT] > > - Check the changes in this PR to ensure they won't cause issues with your project. > - This PR was automatically created by Snyk using the credentials of a real user. > - Max score is 1000. Note that the real score may have changed since the PR was raised. --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs._ **For more information:** <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIwMWI4Yjc0Yy0xNjRjLTRkNGItYWMwZi1kYzA4NzIxNTA4MTAiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjAxYjhiNzRjLTE2NGMtNGQ0Yi1hYzBmLWRjMDg3MjE1MDgxMCJ9fQ==" width="0" height="0"/> > - 🧐 [View latest project report](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr) > - 📜 [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates?utm_source=&utm_content=fix-pr-template) > - 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59/settings/integration?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr) > - 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59/settings/integration?pkg=@sentry/browser&utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) [//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"@sentry/browser","from":"9.26.0","to":"9.28.1"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":["SNYK-JS-BRACEEXPANSION-9789073","SNYK-JS-BRACEEXPANSION-9789073"],"prId":"01b8b74c-164c-4d4b-ac0f-dc0872150810","prPublicId":"01b8b74c-164c-4d4b-ac0f-dc0872150810","packageManager":"npm","priorityScoreList":[57],"projectPublicId":"55e114f8-489e-4f14-b900-20574b041e59","projectUrl":"https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-BRACEEXPANSION-9789073","SNYK-JS-BRACEEXPANSION-9789073"],"upgradeInfo":{"versionsDiff":3,"publishedDate":"2025-06-11T09:13:17.691Z"},"vulns":["SNYK-JS-BRACEEXPANSION-9789073","SNYK-JS-BRACEEXPANSION-9789073"]}' ## Podsumowanie od Sourcery Aktualizacja @sentry/browser do wersji 9.28.1 w celu usunięcia luk w zabezpieczeniach i utrzymania aktualności zależności. Poprawki błędów: - Załatanie luki Regular Expression Denial of Service w brace-expansion (SNYK-JS-BRACEEXPANSION) Prace porządkowe: - Podniesienie wersji @sentry/browser z 9.26.0 do 9.28.1 <details> <summary>Original summary in English</summary> ## Summary by Sourcery Upgrade @sentry/browser to version 9.28.1 to address security vulnerabilities and keep dependencies up to date. Bug Fixes: - Patch Regular Expression Denial of Service vulnerability in brace-expansion (SNYK-JS-BRACEEXPANSION) Chores: - Bump @sentry/browser from 9.26.0 to 9.28.1 </details>
  This was referenced Sep 29, 2025 
      
  This was referenced Oct 7, 2025 
      
  This was referenced Oct 15, 2025 
      
  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment
  
      
  Add this suggestion to a batch that can be applied as a single commit.
  This suggestion is invalid because no changes were made to the code.
  Suggestions cannot be applied while the pull request is closed.
  Suggestions cannot be applied while viewing a subset of changes.
  Only one suggestion per line can be applied in a batch.
  Add this suggestion to a batch that can be applied as a single commit.
  Applying suggestions on deleted lines is not supported.
  You must change the existing code in this line in order to create a valid suggestion.
  Outdated suggestions cannot be applied.
  This suggestion has been applied or marked resolved.
  Suggestions cannot be applied from pending reviews.
  Suggestions cannot be applied on multi-line comments.
  Suggestions cannot be applied while the pull request is queued to merge.
  Suggestion cannot be applied right now. Please check back later.
  
    
  
    
We shouldn't send values INP spans if the reported value is unrealistically long. I decided to draw the line at 60 seconds for now but if anyone has concerns or wants a different upper bound, happy to change it.
Adding this check after receiving reports of hour-long INP spans.
Added some unit tests to test this.