Skip to content

build(deps-dev): Bump @sentry/cli from 3.4.2 to 3.4.3#1129

Merged
notheotherben merged 1 commit into
mainfrom
dependabot/npm_and_yarn/sentry/cli-3.4.3
May 21, 2026
Merged

build(deps-dev): Bump @sentry/cli from 3.4.2 to 3.4.3#1129
notheotherben merged 1 commit into
mainfrom
dependabot/npm_and_yarn/sentry/cli-3.4.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 21, 2026

Copy link
Copy Markdown
Contributor

Bumps @sentry/cli from 3.4.2 to 3.4.3.

Release notes

Sourced from @​sentry/cli's releases.

3.4.3

Security Fixes

  • Behavior-breaking: Disable Xcode Info.plist preprocessing by default to avoid passing project-controlled compiler settings to cc during release auto-discovery. This affects sentry-cli releases propose-version, sentry-cli send-event and sentry-cli bash-hook --send-event release inference, and sentry-cli react-native xcode auto-release detection. Use --allow-xcode-infoplist-preprocessing only for trusted projects that require preprocessing.
  • Ensure restrictive file permissions maintained when sentry-cli login updates existing config files.
  • Disable TLS verification only when http.verify_ssl is set to false, case-insensitively.
  • Shell-escape generated bash-hook arguments, including paths, tags, release names, and the CLI path.
  • Stop sending environment variables in sentry-cli bash-hook events.
  • Verify the downloaded binary checksum before replacing the current executable in sentry-cli update.

Performance

  • (snapshots) Skip uploading images that already exist in objectstore by batch-checking with HEAD requests first (#3305)

Fixes

  • (snapshots) Reject snapshot uploads that have a PR number but no base SHA, since comparisons cannot work without a base reference (#3300)

3.4.3-snapshot.20260521.69f5028

Snapshot build from master at 69f5028.

3.4.3-snapshot.20260520.9eabaaa

Snapshot build from master at 9eabaaa.

3.4.3-snapshot.20260511.6679316

Snapshot build from master at 6679316.

3.4.3-snapshot.20260511.7a3b571

Snapshot build from master at 7a3b571.

Changelog

Sourced from @​sentry/cli's changelog.

3.4.3

Security Fixes

  • Behavior-breaking: Disable Xcode Info.plist preprocessing by default to avoid passing project-controlled compiler settings to cc during release auto-discovery. This affects sentry-cli releases propose-version, sentry-cli send-event and sentry-cli bash-hook --send-event release inference, and sentry-cli react-native xcode auto-release detection. Use --allow-xcode-infoplist-preprocessing only for trusted projects that require preprocessing.
  • Ensure restrictive file permissions maintained when sentry-cli login updates existing config files.
  • Disable TLS verification only when http.verify_ssl is set to false, case-insensitively.
  • Shell-escape generated bash-hook arguments, including paths, tags, release names, and the CLI path.
  • Stop sending environment variables in sentry-cli bash-hook events.
  • Verify the downloaded binary checksum before replacing the current executable in sentry-cli update.

Performance

  • (snapshots) Skip uploading images that already exist in objectstore by batch-checking with HEAD requests first (#3305)

Fixes

  • (snapshots) Reject snapshot uploads that have a PR number but no base SHA, since comparisons cannot work without a base reference (#3300)
Commits
  • ee52869 release: 3.4.3
  • 69f5028 fix: Various fixes (#3308)
  • 9eabaaa perf(snapshots): Skip uploading images that already exist in objectstore (#3305)
  • 2624b8d fix(snapshots): Reject uploads with pr_number but no base_sha (#3300)
  • 6679316 build(npm): 🤖 Bump optional dependencies to 3.4.2
  • 7a3b571 Merge branch 'release/3.4.2'
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps-dev): Bump @sentry/cli from 3.4.2 to 3.4.3
1b3f274 
Bumps [@sentry/cli](https://github.com/getsentry/sentry-cli) from 3.4.2 to 3.4.3.
- [Release notes](https://github.com/getsentry/sentry-cli/releases)
- [Changelog](https://github.com/getsentry/sentry-cli/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-cli@3.4.2...3.4.3)

---
updated-dependencies:
- dependency-name: "@sentry/cli"
  dependency-version: 3.4.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 21, 2026
notheotherben
notheotherben approved these changes May 21, 2026
View reviewed changes

@notheotherben notheotherben left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR has been automatically approved because it was created by @dependabot.

@notheotherben notheotherben enabled auto-merge May 21, 2026 18:22
@notheotherben notheotherben merged commit 156e58d into main May 21, 2026
6 checks passed
@notheotherben notheotherben deleted the dependabot/npm_and_yarn/sentry/cli-3.4.3 branch May 21, 2026 18:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@notheotherben notheotherben notheotherben approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@notheotherben