Opened 9 months ago
Closed 8 months ago
#20062 closed enhancement (fixed)
sentry_sdk-2.13.0 (Python module)
| Reported by: | Bruce Dubbs | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | normal | Milestone: | 12.2 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description (last modified by ) ¶
New minor version
Change History (10)
comment:1 by , 9 months ago
| Milestone: | 12.2 → 99-Waiting |
|---|
comment:2 by , 9 months ago
| Milestone: | 99-Waiting → pre-release |
|---|
comment:3 by , 8 months ago
| Milestone: | pre-release → 12.2 |
|---|---|
| Owner: | changed from to |
| Status: | new → assigned |
| Summary: | sentry_sdk-2.8.0 (Python module)(Wait until August) → sentry_sdk-2.8.0 (Python module) |
comment:4 by , 8 months ago
| Description: | modified (diff) |
|---|---|
| Summary: | sentry_sdk-2.8.0 (Python module) → sentry_sdk-2.12.0 (Python module) |
comment:5 by , 8 months ago
comment:6 by , 8 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
comment:8 by , 8 months ago
| Summary: | sentry_sdk-2.12.0 (Python module) → sentry_sdk-2.13.0 (Python module) |
|---|
comment:9 by , 8 months ago
Various fixes & improvements
New integration: Ray (#2400) (#2444) by @glowskir
Usage: (add the RayIntegration to your sentry_sdk.init() call and make sure it is
called in the worker processes)
import ray
import sentry_sdk
from sentry_sdk.integrations.ray import RayIntegration
def init_sentry():
sentry_sdk.init(
dsn="...",
traces_sample_rate=1.0,
integrations=[RayIntegration()],
)
init_sentry()
ray.init(
runtime_env=dict(worker_process_setup_hook=init_sentry),
)
For more information, see the documentation for the Ray integration.
New integration: Litestar (#2413) (#3358) by @KellyWalker
Usage: (add the LitestarIntegration to your sentry_sdk.init())
from litestar import Litestar, get
import sentry_sdk
from sentry_sdk.integrations.litestar import LitestarIntegration
sentry_sdk.init(
dsn="...",
traces_sample_rate=1.0,
integrations=[LitestarIntegration()],
)
@get("/")
async def index() -> str:
return "Hello, world!"
app = Litestar(...)
For more information, see the documentation for the Litestar integration.
New integration: Dramatiq from @jacobsvante (#3397) by @antonpirker
Usage: (add the DramatiqIntegration to your sentry_sdk.init())
import dramatiq
import sentry_sdk
from sentry_sdk.integrations.dramatiq import DramatiqIntegration
sentry_sdk.init(
dsn="...",
traces_sample_rate=1.0,
integrations=[DramatiqIntegration()],
)
@dramatiq.actor(max_retries=0)
def dummy_actor(x, y):
return x / y
dummy_actor.send(12, 0)
For more information, see the documentation for the Dramatiq integration.
New config option: Expose custom_repr function that precedes safe_repr invocation in
serializer (#3438) by @sl0thentr0py
See: https://docs.sentry.io/platforms/python/configuration/options/#custom-repr
Profiling: Add client SDK info to profile chunk (#3386) by @Zylphrex
Serialize vars early to avoid living references (#3409) by @sl0thentr0py
Deprecate hub-based sessions.py logic (#3419) by @szokeasaurusrex
Deprecate is_auto_session_tracking_enabled (#3428) by @szokeasaurusrex
Add note to generated yaml files (#3423) by @sentrivana
Slim down PR template (#3382) by @sentrivana
Use new banner in readme (#3390) by @sentrivana
comment:10 by , 8 months ago
| Resolution: | → fixed |
|---|---|
| Status: | reopened → closed |
Note:
See TracTickets
for help on using tickets.
2.8.0
2.8.0 Various fixes & improvements profiler_id uses underscore (#3249) by @Zylphrex Don't send full env to subprocess (#3251) by @kmichel-aiven Stop using Hub in HttpTransport (#3247) by @szokeasaurusrex Remove ipdb from test requirements (#3237) by @rominf Avoid propagation of empty baggage (#2968) by @hartungstenio Add entry point for SentryPropagator (#3086) by @mender Bump checkouts/data-schemas from 8c13457 to 88273a9 (#3225) by @dependabot2.9.0
2.9.0 Various fixes & improvements ref(transport): Improve event data category typing (#3243) by @szokeasaurusrex ref(tracing): Improved handling of span status (#3261) by @antonpirker test(client): Add tests for dropped span client reports (#3244) by @szokeasaurusrex test(transport): Test new client report features (#3244) by @szokeasaurusrex feat(tracing): Record lost spans in client reports (#3244) by @szokeasaurusrex test(sampling): Replace custom logic with capture_record_lost_event_calls (#3257) by @szokeasaurusrex test(transport): Non-order-dependent discarded events assertion (#3255) by @szokeasaurusrex test(core): Introduce capture_record_lost_event_calls fixture (#3254) by @szokeasaurusrex test(core): Fix non-idempotent test (#3253) by @szokeasaurusrex2.10.0
2.10.0 Various fixes & improvements Add client cert and key support to HttpTransport (#3258) by @grammy-jiang Add cert_file and key_file to your sentry_sdk.init to use a custom client cert and key. Alternatively, the environment variables CLIENT_CERT_FILE and CLIENT_KEY_FILE can be used as well. OpenAI: Lazy initialize tiktoken to avoid http at import time (#3287) by @colin-sentry OpenAI, Langchain: Make tiktoken encoding name configurable + tiktoken usage opt-in (#3289) by @colin-sentry Fixed a bug where having certain packages installed along the Sentry SDK caused an HTTP request to be made to OpenAI infrastructure when the Sentry SDK was initialized. The request was made when the tiktoken package and at least one of the openai or langchain packages were installed. The request was fetching a tiktoken encoding in order to correctly measure token usage in some OpenAI and Langchain calls. This behavior is now opt-in. The choice of encoding to use was made configurable as well. To opt in, set the tiktoken_encoding_name parameter in the OpenAPI or Langchain integration. sentry_sdk.init( integrations=[ OpenAIIntegration(tiktoken_encoding_name="cl100k_base"), LangchainIntegration(tiktoken_encoding_name="cl100k_base"), ], ) PyMongo: Send query description as valid JSON (#3291) by @0Calories Remove Python 2 compatibility code (#3284) by @szokeasaurusrex Fix sentry_sdk.init type hint (#3283) by @szokeasaurusrex Deprecate hub in Profile (#3270) by @szokeasaurusrex Stop using Hub in init (#3275) by @szokeasaurusrex Delete _should_send_default_pii (#3274) by @szokeasaurusrex Remove Hub usage in conftest (#3273) by @szokeasaurusrex Rename debug logging filter (#3260) by @szokeasaurusrex Update NoOpSpan.finish signature (#3267) by @szokeasaurusrex Remove Hub in Transaction.finish (#3267) by @szokeasaurusrex Remove Hub from capture_internal_exception logic (#3264) by @szokeasaurusrex Improve Scope._capture_internal_exception type hint (#3264) by @szokeasaurusrex Correct ExcInfo type (#3266) by @szokeasaurusrex Stop using Hub in tracing_utils (#3269) by @szokeasaurusrex2.11.0
2.11.0 Various fixes & improvements Add disabled_integrations (#3328) by @sentrivana Disabling individual integrations is now much easier. Instead of disabling all automatically enabled integrations and specifying the ones you want to keep, you can now use the new disabled_integrations config option to provide a list of integrations to disable: import sentry_sdk from sentry_sdk.integrations.flask import FlaskIntegration sentry_sdk.init( # Do not use the Flask integration even if Flask is installed. disabled_integrations=[ FlaskIntegration(), ], ) Use operation name as transaction name in Strawberry (#3294) by @sentrivana WSGI integrations respect SCRIPT_NAME env variable (#2622) by @sarvaSanjay Make Django DB spans have origin auto.db.django (#3319) by @antonpirker Sort breadcrumbs by time before sending (#3307) by @antonpirker Fix KeyError('sentry-monitor-start-timestamp-s') (#3278) by @Mohsen-Khodabakhshi Set MongoDB tags directly on span data (#3290) by @0Calories Lower logger level for some messages (#3305) by @sentrivana and @antonpirker Emit deprecation warnings from Hub API (#3280) by @szokeasaurusrex Clarify that instrumenter is internal-only (#3299) by @szokeasaurusrex Support Django 5.1 (#3207) by @sentrivana Remove apparently unnecessary if (#3298) by @szokeasaurusrex Preliminary support for Python 3.13 (#3200) by @sentrivana Move sentry_sdk.init out of hub.py (#3276) by @szokeasaurusrex Unhardcode integration list (#3240) by @rominf Allow passing of PostgreSQL port in tests (#3281) by @rominf Add tests for @ai_track decorator (#3325) by @colin-sentry Do not include type checking code in coverage report (#3327) by @antonpirker Fix test_installed_modules (#3309) by @szokeasaurusrex Fix typos and grammar in a comment (#3293) by @szokeasaurusrex Fixed failed tests setup (#3303) by @antonpirker Only assert warnings we are interested in (#3314) by @szokeasaurusrex2.12.0
2.12.0 Latest Various fixes & improvements API: Expose the scope getters to top level API and use them everywhere (#3357) by @sl0thentr0py API: push_scope deprecation warning (#3355) (#3355) by @szokeasaurusrex API: Replace push_scope (#3353, #3354) by @szokeasaurusrex API: Deprecate, avoid, or stop using configure_scope (#3348, #3349, #3350, #3351) by @szokeasaurusrex OTel: Remove experimental autoinstrumentation (#3239) by @sentrivana Graphene: Add span for grapqhl operation (#2788) by @czyber AI: Add async support for ai_track decorator (#3376) by @czyber CI: Workaround bug preventing Django test runs (#3371) by @szokeasaurusrex CI: Remove Django setuptools pin (#3378) by @szokeasaurusrex Tests: Test with Django 5.1 RC (#3370) by @sentrivana Broaden add_attachment type (#3342) by @szokeasaurusrex Add span data to the transactions trace context (#3374) by @antonpirker Gracefully fail attachment path not found case (#3337) by @sl0thentr0py Document attachment parameters (#3342) by @szokeasaurusrex Bump checkouts/data-schemas from 0feb234 to 6d2c435 (#3369) by @dependabot Bump checkouts/data-schemas from 88273a9 to 0feb234 (#3252) by @dependabotSecurity Advisory
In sentry_sdk-2.8.0, we got a security fix:
Impact The bug in Sentry's Python SDK <2.8.0 results in the unintentional exposure of environment variables to subprocesses despite the env={} setting. Details In Python's subprocess calls, all environment variables are passed to subprocesses by default. However, if you specifically do not want them to be passed to subprocesses, you may use env argument in subprocess calls, like in this example: >>> subprocess.check_output(["env"], env={"TEST":"1"}) b'TEST=1\n' If you'd want to not pass any variables, you can set an empty dict: >>> subprocess.check_output(["env"], env={}) b'' However, the bug in Sentry SDK <2.8.0 causes all environment variables to be passed to the subprocesses when env={} is set, unless the Sentry SDK's Stdlib integration is disabled. The Stdlib integration is enabled by default. Patches The issue has been patched in #3251 and the fix released in sentry-sdk==2.8.0. The fix was also backported to sentry-sdk==1.45.1. Workarounds We strongly recommend upgrading to the latest SDK version. However, if it's not possible, and if passing environment variables to child processes poses a security risk for you, there are two options: In your application, replace env={} with the minimal dict env={"EMPTY_ENV":"1"} or similar. OR Disable Stdlib integration: import sentry_sdk # Should go before sentry_sdk.init sentry_sdk.integrations._DEFAULT_INTEGRATIONS.remove("sentry_sdk.integrations.stdlib.Std libIntegration") sentry_sdk.init(...)Because sentry_sdk wasn't present in 12.1 though, no security advisory is necessary.