Bump sentry-tower from 0.35.0 to 0.47.0

[dependabot]

Bumps sentry-tower from 0.35.0 to 0.47.0.

Release notes

Sourced from sentry-tower's releases.

0.47.0

Breaking Changes

• Update reqwest from 0.12.25 to 0.13.1 (#998). This change is breaking for users who use the RequestHttpTransport::with_client method.
• sentry_core::HubSwitchGuard is now !Send, preventing it from being moved across threads (#957).

New Features

• Added a Envelope::into_items method, which returns an iterator over owned EnvelopeItems in the Envelope (#983).
• Expose transport utilities (#949)

Fixes

• Fixed thread corruption bug where HubSwitchGuard could be dropped on wrong thread (#957).
• We now fork the Hub every time a span is entered. This prevents data from leaking across spans (#957).

0.46.2

New Features

• Log HTTP 413 responses as oversized envelope discards in HTTP transports (#966)

0.46.1

Improvements

• Make it possible to == Transaction/Span/TransactionOrSpan (#942)

Dependencies

• Update reqwest from 0.12.15 to 0.12.25 (#951)

0.46.0

Breaking changes

• Removed the ClientOptions struct's trim_backtraces and extra_border_frames fields (#925).
  • These fields configured backtrace trimming, which is being removed in this release.

Improvements

• Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with documented size limits (#925). This change ensures that as much data as possible remains available for debugging.
  • If you notice any new issues being created for existing errors after this change, please open an issue on GitHub.

Fixes

• fix: adjust sentry.origin for log integration (#919) by @​lcian

0.45.0

Breaking changes

• Add custom variant to AttachmentType that holds an arbitrary String. (#916)

... (truncated)

Changelog

Sourced from sentry-tower's changelog.

0.47.0

Breaking Changes

• Update reqwest from 0.12.25 to 0.13.1 (#998). This change is breaking for users who use the RequestHttpTransport::with_client method.
• sentry_core::HubSwitchGuard is now !Send, preventing it from being moved across threads (#957).

New Features

• Added a Envelope::into_items method, which returns an iterator over owned EnvelopeItems in the Envelope (#983).
• Expose transport utilities (#949)

Fixes

• Fixed thread corruption bug where HubSwitchGuard could be dropped on wrong thread (#957).
• We now fork the Hub every time a span is entered. This prevents data from leaking across spans (#957).

0.46.2

New Features

• Log HTTP 413 responses as oversized envelope discards in HTTP transports (#966)

Minimum Supported Rust Version

• Bump minimum supported Rust version to 1.88 (#970).

0.46.1

Improvements

• Make it possible to == Transaction/Span/TransactionOrSpan (#942)

Dependencies

• Update reqwest from 0.12.15 to 0.12.25 (#951)

0.46.0

Breaking changes

• Removed the ClientOptions struct's trim_backtraces and extra_border_frames fields (#925).
  • These fields configured backtrace trimming, which is being removed in this release.

Improvements

• Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with documented size limits (#925). This change ensures that as much data as possible remains available for debugging.
  • If you notice any new issues being created for existing errors after this change, please open an issue on GitHub.

Fixes

... (truncated)

Commits

• f638ca0 release: 0.47.0
• 79ada42 build(cargo): Run cargo update (#1030)
• e66f897 meta(changelog): Prepare for release (#1029)
• d7a6da9 ref(protocol): Generic items serializer (#1021)
• 1795e4a meta(zed): Add project settings for Zed editor (#1019)
• fe351f6 ref(sentry-core): Refactor logs batching into generic Batcher (#1018)
• 0600229 meta(ai): Remove trailing comma in .claude/settings.json (#1015)
• b913085 fix!(core): Make HubSwitchGuard !Send to prevent thread corruption (#957)
• a819520 build!: Update reqwest to v0.13.1 (#998)
• 108c51d chore(repo): Add Claude Code settings with basic permissions (#959)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[greptile-apps]

Greptile Summary

This PR bumps sentry-tower from 0.35.0 to 0.47.0 in data_manager, but leaves the companion sentry crate at 0.35 — creating an incompatible split between two major versions of the shared sentry-core dependency.

• Critical version mismatch: sentry 0.35 and sentry-tower 0.47 depend on different versions of sentry-core (0.35.0 and 0.47.0 respectively). In Rust these are distinct crates, so the Hub initialised by sentry is invisible to sentry-tower. The middleware will silently no-op instead of attaching request context to Sentry events.
• Required fix: sentry must also be bumped to 0.47 (with validation that breaking changes — e.g., removal of trim_backtraces/extra_border_frames from ClientOptions, and the reqwest 0.12 → 0.13 transport change — do not affect the existing setup), or sentry-tower should be reverted to 0.35 until a coordinated upgrade is performed.

Confidence Score: 1/5

• Not safe to merge — sentry-tower and sentry are on incompatible major versions, breaking the Sentry tower integration entirely.
• The partial upgrade causes two versions of sentry-core to coexist, making the tower middleware operate against an uninitialised hub. All request-level Sentry context (transactions, breadcrumbs, user info) will be silently dropped in production. The fix requires either completing the upgrade to sentry 0.47 or reverting this PR.
• applications/data_manager/Cargo.toml requires sentry to be bumped to 0.47 to match sentry-tower.

Important Files Changed

Filename	Overview
applications/data_manager/Cargo.toml	sentry-tower bumped to 0.47 while sentry remains at 0.35, causing a split in sentry-core versions that breaks the tower↔hub integration at runtime.
Cargo.lock	Lock file correctly reflects the version bump; the presence of both sentry-core 0.35.0 and sentry-core 0.47.0 in the dependency graph confirms the version mismatch.

Prompt To Fix All With AI

This is a comment left during a code review.
Path: applications/data_manager/Cargo.toml
Line: 40-41

Comment:
**Mismatched `sentry` and `sentry-tower` versions break integration**

`sentry` is still at `0.35` while `sentry-tower` has been bumped to `0.47`. These two crates are part of the same ecosystem and must be kept in lockstep — as confirmed by the `Cargo.lock` diff, they now pull in two separate, incompatible versions of `sentry-core`:

- `sentry 0.35` → `sentry-core 0.35.0`
- `sentry-tower 0.47` → `sentry-core 0.47.0`

Because Rust treats these as entirely distinct crates at the type level, the global `Hub` initialized by `sentry 0.35` (via `sentry-core 0.35.0`) is invisible to `sentry-tower 0.47` (which calls `Hub::current()` on `sentry-core 0.47.0`). The tower middleware will operate against an uninitialized, no-op hub, silently discarding all request-level Sentry context (breadcrumbs, transaction/trace data, user info, etc.) instead of associating it with the configured Sentry client.

Either bump `sentry` to `0.47` to match, or revert `sentry-tower` back to `0.35` until a coordinated upgrade is ready.

```suggestion
sentry = { version = "0.47", features = ["tracing", "reqwest", "rustls"] }
sentry-tower = { version = "0.47", features = ["http"] }
```

How can I resolve this? If you propose a fix, please make it concise.

_{Reviews (1): Last reviewed commit: "Bump sentry-tower from 0.35.0 to 0.47.0" | Re-trigger Greptile}

[greptile-apps]

Mismatched sentry and sentry-tower versions break integration

sentry is still at 0.35 while sentry-tower has been bumped to 0.47. These two crates are part of the same ecosystem and must be kept in lockstep — as confirmed by the Cargo.lock diff, they now pull in two separate, incompatible versions of sentry-core:

• sentry 0.35 → sentry-core 0.35.0
• sentry-tower 0.47 → sentry-core 0.47.0

Because Rust treats these as entirely distinct crates at the type level, the global Hub initialized by sentry 0.35 (via sentry-core 0.35.0) is invisible to sentry-tower 0.47 (which calls Hub::current() on sentry-core 0.47.0). The tower middleware will operate against an uninitialized, no-op hub, silently discarding all request-level Sentry context (breadcrumbs, transaction/trace data, user info, etc.) instead of associating it with the configured Sentry client.

Either bump sentry to 0.47 to match, or revert sentry-tower back to 0.35 until a coordinated upgrade is ready.

Suggested change

	sentry = { version = "0.35", features = ["tracing", "reqwest", "rustls"] }
	sentry-tower = { version = "0.35", features = ["http"] }
	sentry-tower = { version = "0.47", features = ["http"] }
	sentry = { version = "0.47", features = ["tracing", "reqwest", "rustls"] }
	sentry-tower = { version = "0.47", features = ["http"] }

Prompt To Fix With AI

This is a comment left during a code review.
Path: applications/data_manager/Cargo.toml
Line: 40-41

Comment:
**Mismatched `sentry` and `sentry-tower` versions break integration**

`sentry` is still at `0.35` while `sentry-tower` has been bumped to `0.47`. These two crates are part of the same ecosystem and must be kept in lockstep — as confirmed by the `Cargo.lock` diff, they now pull in two separate, incompatible versions of `sentry-core`:

- `sentry 0.35` → `sentry-core 0.35.0`
- `sentry-tower 0.47` → `sentry-core 0.47.0`

Because Rust treats these as entirely distinct crates at the type level, the global `Hub` initialized by `sentry 0.35` (via `sentry-core 0.35.0`) is invisible to `sentry-tower 0.47` (which calls `Hub::current()` on `sentry-core 0.47.0`). The tower middleware will operate against an uninitialized, no-op hub, silently discarding all request-level Sentry context (breadcrumbs, transaction/trace data, user info, etc.) instead of associating it with the configured Sentry client.

Either bump `sentry` to `0.47` to match, or revert `sentry-tower` back to `0.35` until a coordinated upgrade is ready.

```suggestion
sentry = { version = "0.47", features = ["tracing", "reqwest", "rustls"] }
sentry-tower = { version = "0.47", features = ["http"] }
```

How can I resolve this? If you propose a fix, please make it concise.

[forstmeier]

This is being addressed in #799.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.