feat(deps): bump @sentry/cli from 2.58.4 to 3.0.0

[dependabot]

Bumps @sentry/cli from 2.58.4 to 3.0.0.

Release notes

Sourced from @​sentry/cli's releases.

3.0.0

New Sentry Support Policy

sentry-cli 3.0.0 and above only officially supports Sentry SaaS and Sentry self-hosted versions 25.11.1 and higher. While many Sentry CLI features may, in practice, continue working with some older Sentry versions, continued support for Sentry versions older than 25.11.1 is not guaranteed. Changes which break support for Sentry versions below 25.11.1 may occur in minor or patch releases.

New Versioning Policy

Sentry CLI now defines a semantic versioning policy. We did not explicitly define a versioning policy before, but the new versioning policy contains some notable changes versus the previous implicit policy we had been following. The main change is that dropping support for self-hosted Sentry versions now only requires a minor version bump, although such changes will be clearly communicated in the changelog.

[!IMPORTANT] Self-hosted users: We strongly recommend pinning your Sentry CLI version, since Sentry CLI may drop support for your self-hosted Sentry version in any future minor release. Always check the changelog before upgrading Sentry CLI.

Breaking Changes

• Removed all sentry-cli files ... and sentry-cli releases files ... subcommands (#2956). These commands provided functionality for managing release files, a feature that has been deprecated in Sentry. Users still using sentry-cli files upload to upload source maps should migrate to sentry-cli sourcemaps upload.
• Removed the sentry-cli sourcemaps explain command (#2947). The command had been deprecated for some time, since Sentry now has a better in-product debugging flow for source map problems via the "Unminify Code" button, which is displayed on any JavaScript issues which could not be unminified.
• Removed the sentry-cli send-metric ... subcommands (#3006). These commands have been deprecated, and the data they send is no longer accepted by Sentry.
• Removed support for the legacy API key authentication method (#2935). Sentry CLI now only supports authenticating with Auth Tokens. If you are using API key authentication via any of the following methods, you need to generate and use an Auth Token, instead:
  • --api-key CLI flag
  • SENTRY_API_KEY environment variable
  • api_key configuration file field
  • apiKey option in the JavaScript API
• Removed the upload-proguard subcommand's --app-id, --version, --version-code, --android-manifest, and --platform arguments (#2876, #2940, #2948). Users using these arguments should stop using them, as they are unnecessary. The information passed to these arguments is no longer visible in Sentry.
• Removed the --started argument from the sentry-cli releases finalize command (#2972). This argument is a no-op, so any users using it should simply stop using it.
• Removed the --use-artifact-bundle flag from sentry-cli sourcemaps upload (#3002). The flag was a no-op that only emitted a deprecation warning.

Node.js Wrapper Breakages

The following changes only apply when using sentry-cli via the npm package @sentry/cli:

• The SentryCli.execute method's live parameter now only takes boolean values (#2971). Setting live to true now behaves like 'rejectOnError' did previously, with a zero exit status resolving the returned promise with "success (live mode)" and a non-zero status rejecting the promise with an error message.

• The option parameter to Releases.uploadSourceMaps no longer takes a live property (#2971). We now always execute the command with live set to true.

• Removed the apiKey option from SentryCliOptions (#2935). If you are using apiKey, you need to generate and use an Auth Token via the authToken option, instead.

• Removed the useArtifactBundle option from SentryCliUploadSourceMapsOptions (#3002). This deprecated option was a no-op that users should simply stop passing.

• Drop support for Node.js <18. The minimum required Node.js version is now 18.0.0 (#2985).

• The type export SentryCliReleases has been removed.

• The JavaScript wrapper now uses named exports instead of default exports (#2989). You need to update your imports:

  // Old (default import)
  const SentryCli = require('@sentry/cli');
  // New (named import)
  const { SentryCli } = require('@​sentry/cli');

  For ESM imports:

  // Old
  import SentryCli from '@sentry/cli';

... (truncated)

Changelog

Sourced from @​sentry/cli's changelog.

3.0.0

New Sentry Support Policy

sentry-cli 3.0.0 and above only officially supports Sentry SaaS and Sentry self-hosted versions 25.11.1 and higher. While many Sentry CLI features may, in practice, continue working with some older Sentry versions, continued support for Sentry versions older than 25.11.1 is not guaranteed. Changes which break support for Sentry versions below 25.11.1 may occur in minor or patch releases.

New Versioning Policy

Sentry CLI now defines a semantic versioning policy. We did not explicitly define a versioning policy before, but the new versioning policy contains some notable changes versus the previous implicit policy we had been following. The main change is that dropping support for self-hosted Sentry versions now only requires a minor version bump, although such changes will be clearly communicated in the changelog.

[!IMPORTANT] Self-hosted users: We strongly recommend pinning your Sentry CLI version, since Sentry CLI may drop support for your self-hosted Sentry version in any future minor release. Always check the changelog before upgrading Sentry CLI.

Breaking Changes

• Removed all sentry-cli files ... and sentry-cli releases files ... subcommands (#2956). These commands provided functionality for managing release files, a feature that has been deprecated in Sentry. Users still using sentry-cli files upload to upload source maps should migrate to sentry-cli sourcemaps upload.
• Removed the sentry-cli sourcemaps explain command (#2947). The command had been deprecated for some time, since Sentry now has a better in-product debugging flow for source map problems via the "Unminify Code" button, which is displayed on any JavaScript issues which could not be unminified.
• Removed the sentry-cli send-metric ... subcommands (#3006). These commands have been deprecated, and the data they send is no longer accepted by Sentry.
• Removed support for the legacy API key authentication method (#2935). Sentry CLI now only supports authenticating with Auth Tokens. If you are using API key authentication via any of the following methods, you need to generate and use an Auth Token, instead:
  • --api-key CLI flag
  • SENTRY_API_KEY environment variable
  • api_key configuration file field
  • apiKey option in the JavaScript API
• Removed the upload-proguard subcommand's --app-id, --version, --version-code, --android-manifest, and --platform arguments (#2876, #2940, #2948). Users using these arguments should stop using them, as they are unnecessary. The information passed to these arguments is no longer visible in Sentry.
• Removed the --started argument from the sentry-cli releases finalize command (#2972). This argument is a no-op, so any users using it should simply stop using it.
• Removed the --use-artifact-bundle flag from sentry-cli sourcemaps upload (#3002). The flag was a no-op that only emitted a deprecation warning.

Node.js Wrapper Breakages

The following changes only apply when using sentry-cli via the npm package @sentry/cli:

• The SentryCli.execute method's live parameter now only takes boolean values (#2971). Setting live to true now behaves like 'rejectOnError' did previously, with a zero exit status resolving the returned promise with "success (live mode)" and a non-zero status rejecting the promise with an error message.

• The option parameter to Releases.uploadSourceMaps no longer takes a live property (#2971). We now always execute the command with live set to true.

• Removed the apiKey option from SentryCliOptions (#2935). If you are using apiKey, you need to generate and use an Auth Token via the authToken option, instead.

• Removed the useArtifactBundle option from SentryCliUploadSourceMapsOptions (#3002). This deprecated option was a no-op that users should simply stop passing.

• Drop support for Node.js <18. The minimum required Node.js version is now 18.0.0 (#2985).

• The type export SentryCliReleases has been removed.

• The JavaScript wrapper now uses named exports instead of default exports (#2989). You need to update your imports:

  // Old (default import)
  const SentryCli = require('@sentry/cli');
  // New (named import)
  const { SentryCli } = require('@​sentry/cli');

  For ESM imports:

  // Old
  import SentryCli from '@sentry/cli';

... (truncated)

Commits

• 98e280e release: 3.0.0
• d8a8e1c meta(changelog): Move plugin tracking entry to Unreleased section (#3034)
• 490fa68 meta(versioning): Define versioning policy (#3025)
• aa1e54c ref: Use undici to download binary (#2993)
• e06b170 feat: Move javascript files to native typescript (#2989)
• 45d7dd9 feat(sourcemaps): Inject debugId into sourcemaps, not debug_id (#3005)
• fd2e2ce chore(metrics): Remove send-metric command (#3006)
• 62d88a7 ref(react-native): Remove appcenter subcommand (#3004)
• 0660a74 chore(sourcemaps): Remove --use-artifact-bundle (#3002)
• 04b4243 chore(api): Stop calling project-release endpoints (#2991)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[cursor]

Bug: Breaking import style change not applied for CLI v3

Bumping @sentry/cli to v3.0.0 introduces a breaking change where the package now uses named exports instead of default exports. The codebase still uses the old default import style (import SentryCli from '@sentry/cli' and const SentryCli = require('@sentry/cli')) in packages/react-router/src/vite/buildEnd/handleOnBuildEnd.ts, packages/remix/scripts/createRelease.js, and packages/remix/scripts/injectDebugId.js. These need to be updated to use named imports (import { SentryCli } from '@sentry/cli' or const { SentryCli } = require('@sentry/cli')).

Additional Locations (1)

• packages/remix/package.json#L70-L71

 

[cursor]

Bug: Execute method live parameter now requires boolean only

In @sentry/cli v3.0.0, the SentryCli.execute method's live parameter now only accepts boolean values. The code in packages/react-router/src/vite/buildEnd/handleOnBuildEnd.ts passes 'rejectOnError' string, which is no longer valid. Setting live to true now behaves like 'rejectOnError' did previously.

 

[cursor]

Bug: uploadSourceMaps live property removed in CLI v3

In @sentry/cli v3.0.0, the Releases.uploadSourceMaps method no longer accepts a live property in its options. The code in packages/react-router/src/vite/buildEnd/handleOnBuildEnd.ts and packages/remix/scripts/createRelease.js passes live: 'rejectOnError' which is no longer valid. The command now always executes with live set to true internally.

Additional Locations (1)

• packages/remix/package.json#L70-L71

 

[cursor]

Bug: useArtifactBundle option removed in CLI v3

In @sentry/cli v3.0.0, the useArtifactBundle option was removed from SentryCliUploadSourceMapsOptions. The code in packages/remix/scripts/createRelease.js passes useArtifactBundle: !argv.disableDebugIds which is no longer a valid option and needs to be removed.

 

[Lms24]

We will not bump to v3 for now, primarily because v3 drops support for self-hosted versions our SDK still supports.

We can revisit at a later point, most likely once we ship a new SDK major.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.