Bump sentry-sdk from 1.19.1 to 2.8.0

[dependabot]

Bumps sentry-sdk from 1.19.1 to 2.8.0.

Release notes

Sourced from sentry-sdk's releases.

2.8.0

Various fixes & improvements

• profiler_id uses underscore (#3249) by @​Zylphrex
• Don't send full env to subprocess (#3251) by @​kmichel-aiven
• Stop using Hub in HttpTransport (#3247) by @​szokeasaurusrex
• Remove ipdb from test requirements (#3237) by @​rominf
• Avoid propagation of empty baggage (#2968) by @​hartungstenio
• Add entry point for SentryPropagator (#3086) by @​mender
• Bump checkouts/data-schemas from 8c13457 to 88273a9 (#3225) by @​dependabot

2.7.1

Various fixes & improvements

• fix(otel): Fix missing baggage (#3218) by @​sentrivana
• This is the config file of asdf-vm which we do not use. (#3215) by @​antonpirker
• Added option to disable middleware spans in Starlette (#3052) by @​antonpirker
• build: Update tornado version in setup.py to match code check. (#3206) by @​aclemons

2.7.0

• Add origin to spans and transactions (#3133) by @​antonpirker
• OTel: Set up typing for OTel (#3168) by @​sentrivana
• OTel: Auto instrumentation skeleton (#3143) by @​sentrivana
• OpenAI: If there is an internal error, still return a value (#3192) by @​colin-sentry
• MongoDB: Add MongoDB collection span tag (#3182) by @​0Calories
• MongoDB: Change span operation from db.query to db (#3186) by @​0Calories
• MongoDB: Remove redundant command name in query description (#3189) by @​0Calories
• Apache Spark: Fix spark driver integration (#3162) by @​seyoon-lim
• Apache Spark: Add Spark test suite to tox.ini and to CI (#3199) by @​sentrivana
• Codecov: Add failed test commits in PRs (#3190) by @​antonpirker
• Update library, Python versions in tests (#3202) by @​sentrivana
• Remove Hub from our test suite (#3197) by @​antonpirker
• Use env vars for default CA cert bundle location (#3160) by @​DragoonAethis
• Create a separate test group for AI (#3198) by @​sentrivana
• Add additional stub packages for type checking (#3122) by @​Daverball
• Proper naming of requirements files (#3191) by @​antonpirker
• Pinning pip because new version does not work with some versions of Celery and Httpx (#3195) by @​antonpirker
• build(deps): bump supercharge/redis-github-action from 1.7.0 to 1.8.0 (#3193) by @​dependabot
• build(deps): bump actions/checkout from 4.1.6 to 4.1.7 (#3171) by @​dependabot
• build(deps): update pytest-asyncio requirement (#3087) by @​dependabot

2.6.0

• Introduce continuous profiling mode (#2830) by @​Zylphrex
• Profiling: Add deprecation comment for profiler internals (#3167) by @​sentrivana
• Profiling: Move thread data to trace context (#3157) by @​Zylphrex
• Explicitly export cron symbols for typecheckers (#3072) by @​spladug
• Cleaning up ASGI tests for Django (#3180) by @​antonpirker
• Celery: Add Celery receive latency (#3174) by @​antonpirker
• Metrics: Update type hints for tag values (#3156) by @​elramen
• Django: Fix psycopg3 reconnect error (#3111) by @​szokeasaurusrex

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

2.8.0

Various fixes & improvements

• profiler_id uses underscore (#3249) by @​Zylphrex
• Don't send full env to subprocess (#3251) by @​kmichel-aiven
• Stop using Hub in HttpTransport (#3247) by @​szokeasaurusrex
• Remove ipdb from test requirements (#3237) by @​rominf
• Avoid propagation of empty baggage (#2968) by @​hartungstenio
• Add entry point for SentryPropagator (#3086) by @​mender
• Bump checkouts/data-schemas from 8c13457 to 88273a9 (#3225) by @​dependabot

2.7.1

Various fixes & improvements

• fix(otel): Fix missing baggage (#3218) by @​sentrivana
• This is the config file of asdf-vm which we do not use. (#3215) by @​antonpirker
• Added option to disable middleware spans in Starlette (#3052) by @​antonpirker
• build: Update tornado version in setup.py to match code check. (#3206) by @​aclemons

2.7.0

• Add origin to spans and transactions (#3133) by @​antonpirker
• OTel: Set up typing for OTel (#3168) by @​sentrivana
• OTel: Auto instrumentation skeleton (#3143) by @​sentrivana
• OpenAI: If there is an internal error, still return a value (#3192) by @​colin-sentry
• MongoDB: Add MongoDB collection span tag (#3182) by @​0Calories
• MongoDB: Change span operation from db.query to db (#3186) by @​0Calories
• MongoDB: Remove redundant command name in query description (#3189) by @​0Calories
• Apache Spark: Fix spark driver integration (#3162) by @​seyoon-lim
• Apache Spark: Add Spark test suite to tox.ini and to CI (#3199) by @​sentrivana
• Codecov: Add failed test commits in PRs (#3190) by @​antonpirker
• Update library, Python versions in tests (#3202) by @​sentrivana
• Remove Hub from our test suite (#3197) by @​antonpirker
• Use env vars for default CA cert bundle location (#3160) by @​DragoonAethis
• Create a separate test group for AI (#3198) by @​sentrivana
• Add additional stub packages for type checking (#3122) by @​Daverball
• Proper naming of requirements files (#3191) by @​antonpirker
• Pinning pip because new version does not work with some versions of Celery and Httpx (#3195) by @​antonpirker
• build(deps): bump supercharge/redis-github-action from 1.7.0 to 1.8.0 (#3193) by @​dependabot
• build(deps): bump actions/checkout from 4.1.6 to 4.1.7 (#3171) by @​dependabot
• build(deps): update pytest-asyncio requirement (#3087) by @​dependabot

2.6.0

• Introduce continuous profiling mode (#2830) by @​Zylphrex
• Profiling: Add deprecation comment for profiler internals (#3167) by @​sentrivana
• Profiling: Move thread data to trace context (#3157) by @​Zylphrex
• Explicitly export cron symbols for typecheckers (#3072) by @​spladug

... (truncated)

Commits

• 6f4685e Update CHANGELOG.md
• 7e6998e release: 2.8.0
• 32335dd fix(profiling): profiler_id uses underscore (#3249)
• 763e40a fix(integrations): don't send full env to subprocess (#3251)
• 31efa62 ref(transport): Stop using Hub in HttpTransport (#3247)
• defb448 build: Remove ipdb from test requirements (#3237)
• 407f651 feat(opentelemetry): Add entry point for SentryPropagator (#3086)
• eab218c build(deps): bump checkouts/data-schemas from 8c13457 to 88273a9 (#3225)
• 5782560 fix(opentelemetry): avoid propagation of empty baggage (#2968)
• 6701616 Merge branch 'release/2.7.1'
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dryrunsecurity]

DryRun Security Summary

The provided code change updates the requirements.txt file to use the latest version of the sentry-sdk package, which may include security fixes or improvements, a positive security enhancement for the Python-based application.

Expand for full summary

Summary:

The provided code change is an update to the requirements.txt file, which is a file used to manage the dependencies for a Python-based application. The key change is the update of the sentry-sdk package from version 1.19.1 to 2.8.0. From an application security perspective, this change is positive as it may include security fixes or improvements in the newer version of the Sentry SDK. Keeping dependencies up-to-date is an important security practice to ensure the application is running on the latest versions with known security vulnerabilities addressed. Additionally, regularly reviewing and updating the requirements.txt file is crucial for maintaining the overall security of the Python-based application by mitigating risks associated with known vulnerabilities in the application's dependencies.

Files Changed:

• requirements.txt: The requirements.txt file has been updated to use the latest version of the sentry-sdk package, which has been upgraded from 1.19.1 to 2.8.0. This change is likely to include security fixes or improvements, which is a positive security enhancement for the application.

Code Analysis

We ran 9 analyzers against 1 file and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer	Findings
Sensitive Files Analyzer	1 finding

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.