Update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@sentry/vue (source)	10.50.0 → 10.52.0			dependencies	minor
axios (source)	1.15.2 → 1.16.0			dependencies	minor
django (changelog)	==6.0.4 → ==6.0.5			project.dependencies	patch
django-resonant-settings	==0.50.4 → ==0.50.5			project.dependencies	patch
psycopg (changelog)	==3.3.3 → ==3.3.4			project.dependencies	patch
pydantic (changelog)	==2.13.3 → ==2.13.4			project.dependencies	patch
rabbitmq	4.2-management-alpine → 4.3-management-alpine			service	minor
rabbitmq	4.2-management-alpine → 4.3-management-alpine				minor
sentry-sdk (changelog)	==2.58.0 → ==2.59.0			project.dependencies	minor
vue (source)	3.5.33 → 3.5.34			dependencies	patch

---

Release Notes

getsentry/sentry-javascript (@​sentry/vue)

v10.52.0

Compare Source

Important Changes

• Beta release of the official Hono Sentry SDK

  This release marks the beta release of the @sentry/hono Sentry SDK. For details on how to use it, check out the
  Sentry Hono SDK docs. Please reach out on
  GitHub if you have any feedback or concerns.

• feat(browser): Add ingest_settings to v2 log envelope payload (#​20453)

  Inference of user data (e.g. IP address, browser name/version) on log events is now gated behind the sendDefaultPii option. Previously, this data was always inferred by default.

Other Changes

• docs(hono): Add new docs link and move to BETA release (#​20666)
• feat(browser): Add ingest_settings to v2 metrics envelope payload (#​20454)
• feat(browser): Migrate spotlight event processor to ignoreSpans (#​20595)
• feat(cloudflare): Capture request body via httpServerIntegration (#​20614)
• feat(cloudflare): Support rpc trace propagation for WorkerEntrypoint (#​20523)
• feat(cloudflare): Support tracing for queue producer (#​20529)
• feat(core): Apply request data to segment spans in span streaming (#​20654)
• feat(core): Migrate Vercel AI event processor to span streaming (#​20608)
• feat(deno): Add processSegmentSpan to Deno context integration (#​20613)
• feat(http): Portable node:http client instrumentation (#​20393)
• feat(nitro): Add unstorage tracing channel instrumentation (#​20615)
• feat(node-core): Add processSegmentSpan to node context integration (#​20678)
• feat(node): Use diagnostics_channel for redis >= 5.12.0 (#​20573)
• feat(node): Vendor ioredis, redis instrumentations (#​20510)
• feat(replay): Reset replay id from DSC on session expiry/refresh (#​20129)
• fix: Bump fast-xml-parser to fix vulnerability (#​20644)
• fix: Bump vite versions to fix vulnerability (#​20646)
• fix(core): Drain buffers in flush() when there is no transport (#​20207)
• fix(core): Guard against undefined chained in copyProps (#​20637)
• fix(deps): Bump rollup-plugin-license to fix lodash vulnerabilities (#​20636)
• fix(deps): Bump transitive deps for medium security fixes (#​20683)
• fix(hono): Do not capture 3xx and 4xx errors and add tests (#​20640)
• fix(nextjs): Skip build modification when SRI is enabled (#​20694)
• fix(opentelemetry): Respect OTEL_SERVICE_NAME, OTEL_RESOURCE_ATTRIBUTES (#​20509)

Internal Changes

• chore: Remove bundle-analyzer-scenarios dev packages (#​20680)
• chore(deps): Bump @​hono/node-server from 1.19.10 to 1.19.13 (#​20117)
• chore(deps): Bump @​nestjs packages to fix path-to-regexp ReDoS (#​20642)
• chore(deps): Bump axios from 1.15.0 to 1.15.2 (#​20665)
• chore(deps): Bump ip-address from 10.1.0 to 10.2.0 (#​20695)
• chore(deps): Bump simple-git from 3.33.0 to 3.36.0 (#​20696)
• chore(deps): Bump vulnerable testem version (#​20634)
• ci(deps): Bump actions/checkout from 4 to 6 (#​20620)
• ci(deps): Bump actions/create-github-app-token from 2 to 3 (#​20079)
• ci(deps): Bump denoland/setup-deno from 2.0.3 to 2.0.4 (#​20080)
• ci(deps): Bump getsentry/craft from 2.24.1 to 2.26.2 (#​20621)
• feat(deps): Bump @​xmldom/xmldom from 0.8.12 to 0.8.13 (#​20457)
• feat(deps): Bump follow-redirects from 1.15.11 to 1.16.0 (#​20267)
• feat(deps): Bump hono from 4.12.12 to 4.12.14 (#​20340)
• fix(tests): Use stable instrumentations api in rr tests (#​20690)
• ref(tests): Rename streamed http.client span test folders (#​20602)
• test(browser): Fix browserTracingIntegration unit test (#​20604)
• test(browser): Fix flaky browser integration test for profiles (#​20587)
• test(browser): Fix flaky loader test (#​20596)
• test(browser): Fix flaky loader test (#​20655)
• test(browser): Make browser profiling test less flaky (#​20664)
• test(cloudflare): Add e2e test for MCPAgent with DurableObject instrumentation (#​20601)
• test(cloudflare): Add integration tests for scheduled, D1, and workflow (#​20609)
• test(cloudflare): Reduce flakiness for cloudflare with sub workers (#​20632)
• test(cloudflare): Use Node v24 for Cloudflare e2e tests (#​20628)
• test(deps): Bump Next.js in E2E test apps to fix Server Components DoS (#​20633)
• test(e2e): Add node-express-streaming E2E test app (#​20684)
• test(e2e): Add span streaming test app for Cloudflare Workers (#​20681)
• test(e2e): Add span streaming test app for next 16 (#​20648)
• test(e2e): Add span streaming test app for React Router 7 SPA (#​20677)
• test(e2e): Remove remaining npmrc pointing to Verdaccio (#​20611)
• test(nextjs): Fix flaky node runtime metrics E2E tests (#​20624)
• test(node): Fix ANR test for flakiness (#​20656)
• test(node): Fix flaky node cron test (#​20661)
• test(node): Unflake mongodb test (#​20662)
• test(react-router): Fix flaky E2E tests (#​20630)
• test(test-utils): Add MemoryProfiler for heap snapshot testing via CDP (#​20555)

Work in this release was contributed by @​sbs44. Thank you for your contribution!

Bundle size 📦

Path	Size
@​sentry/browser	25.68 KB
@​sentry/browser - with treeshaking flags	24.2 KB
@​sentry/browser (incl. Tracing)	43.13 KB
@​sentry/browser (incl. Tracing + Span Streaming)	45.3 KB
@​sentry/browser (incl. Tracing, Profiling)	47.99 KB
@​sentry/browser (incl. Tracing, Replay)	81.67 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	71.37 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	86.25 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	98.57 KB
@​sentry/browser (incl. Feedback)	42.42 KB
@​sentry/browser (incl. sendFeedback)	30.38 KB
@​sentry/browser (incl. FeedbackAsync)	35.35 KB
@​sentry/browser (incl. Metrics)	26.95 KB
@​sentry/browser (incl. Logs)	27.08 KB
@​sentry/browser (incl. Metrics & Logs)	27.76 KB
@​sentry/react	27.38 KB
@​sentry/react (incl. Tracing)	45.31 KB
@​sentry/vue	30.45 KB
@​sentry/vue (incl. Tracing)	44.94 KB
@​sentry/svelte	25.7 KB
CDN Bundle	28.23 KB
CDN Bundle (incl. Tracing)	45.83 KB
CDN Bundle (incl. Logs, Metrics)	29.62 KB
CDN Bundle (incl. Tracing, Logs, Metrics)	46.91 KB
CDN Bundle (incl. Replay, Logs, Metrics)	67.84 KB
CDN Bundle (incl. Tracing, Replay)	82.15 KB
CDN Bundle (incl. Tracing, Replay, Logs, Metrics)	83.2 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	87.84 KB
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics)	88.89 KB
CDN Bundle - uncompressed	82.89 KB
CDN Bundle (incl. Tracing) - uncompressed	137.15 KB
CDN Bundle (incl. Logs, Metrics) - uncompressed	86.99 KB
CDN Bundle (incl. Tracing, Logs, Metrics) - uncompressed	140.53 KB
CDN Bundle (incl. Replay, Logs, Metrics) - uncompressed	208.3 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	252.48 KB
CDN Bundle (incl. Tracing, Replay, Logs, Metrics) - uncompressed	255.85 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	265.86 KB
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics) - uncompressed	269.22 KB
@​sentry/nextjs (client)	47.75 KB
@​sentry/sveltekit (client)	43.6 KB
@​sentry/node-core	59.05 KB
@​sentry/node	161.63 KB
@​sentry/node - without tracing	71.76 KB
@​sentry/aws-serverless	105.11 KB
@​sentry/cloudflare (withSentry) - minified	165.38 KB
@​sentry/cloudflare (withSentry)	417.48 KB

v10.51.0

Compare Source

Important Changes

• feat(cloudflare): Add trace propagation for RPC method calls (#​20343)

  Trace context is now propagated across Cloudflare Workers RPC calls, connecting traces between Workers and Durable Objects.
  This feature is opt-in and requires setting enableRpcTracePropagation: true in your SDK configuration:

  // Worker
  export default Sentry.withSentry(
    env => ({
      dsn: env.SENTRY_DSN,
      enableRpcTracePropagation: true,
    }),
    handler,
  );
  
  // Durable Object
  export const MyDurableObject = Sentry.instrumentDurableObjectWithSentry(
    env => ({
      dsn: env.SENTRY_DSN,
      enableRpcTracePropagation: true,
    }),
    MyDurableObjectBase,
  );

• feat(hono)!: Change setup for @sentry/hono/node (init in external file) (#​20497)

  To improve Node.js instrumentation, the sentry() middleware exported from @sentry/hono/node no longer accepts configuration options.
  Instead, you must configure the SDK by calling Sentry.init() in a dedicated instrumentation file that runs before your application code (read more in the Hono SDK readme:

  // instrument.mjs (or instrument.ts)
  import * as Sentry from '@​sentry/hono/node';
  
  Sentry.init({
    dsn: '__DSN__',
    tracesSampleRate: 1.0,
  });

• feat(nitro): Add @sentry/nitro SDK (#​19224)

  A new @sentry/nitro package provides first-class Sentry support for Nitro applications, with HTTP handler and error instrumentation, middleware tracing, request isolation, and build-time source map uploading via withSentryConfig.
  Read more in the Nitro SDK docs and the Nitro SDK readme.

Other Changes

• deps(minimatch): Upgrade patch version to use new brace-expansion peer-dep (#​20198)
• docs: Add deprecation notices to bin scripts (#​20570)
• feat(astro): Drop prerendered http.server filter via ignoreSpans (#​20513)
• feat(aws-serverless): Validate extension tunnel DSN against SENTRY_DSN (#​20528)
• feat(browser): Add ingest_settings to span v2 envelope payload (#​20411)
• feat(browser): Add support for streamed spans in httpContextIntegration (#​20464)
• feat(core): Backfill otel attributes on streamed spans (#​20439)
• feat(core): clear up integrations on dispose (#​20407)
• feat(core): Instrument langgraph createReactAgent (#​20344)
• feat(core): Support attribute matching in ignoreSpans (#​20512)
• feat(feedback): allow error messages to be customized (#​20474)
• feat(hono): Support middleware spans defined in app groups (#​20465)
• feat(nextjs): Filter unwanted segments when span streaming is enabled (#​20384)
• feat(nextjs): Migrate edge event processors to span-first APIs (#​20551)
• feat(nextjs): Migrate server event processors to span-first APIs (#​20527)
• feat(nextjs): Set global attribute for turbopack usage (#​20558)
• feat(nitro): Nitro SDK (#​19224)
• feat(react-router): Clean up bogus * http.route attribute on segment spans (#​20471)
• feat(react-router): Drop low-quality transactions via ignoreSpans (#​20514)
• feat(sveltekit): Support span streaming in svelteKitSpansEnhancement integration (#​20496)
• feat(tanstackstart-react): Add dynamic tunnel route helper and generator (#​20264)
• fix: update prisma v7 spans descriptions (#​20456)
• fix(core): Avoid parse-time SyntaxError on Safari <16.4 in postgresjs (#​20498)
• fix(core): Ensure isSentryRequest handles subdomains properly (#​20530)
• fix(core): Ensure ip address headers are stripped when lower case (#​20484)
• fix(core): Filter more cookie names for PII (#​20485)
• fix(core): Use symbol for normalization checks (#​20486)
• fix(hono): Distinguish .use() middleware in sub-apps from .all() handlers (#​20554)
• fix(nextjs): Ensure we do not match tunnel endpoints too broadly (#​20488)
• fix(opentelemetry): Add conditional browser export to avoid node deps (#​20556)
• fix(replay): Avoid main-thread blocking in WorkerHandler under event bursts (#​20548)
• fix(replay): Ensure maskAttributes works with maskAllText=false (#​20491)
• fix(supabase): Consider sendDefaultPii for supabase integration (#​20490)

Internal Changes

• chore: Add size limit reports on PRs for Cloudflare (#​20055)
• chore: Update CODEOWNERS (#​20559)
• chore(build): Opt-out of nx analytics (#​20487)
• chore(ci): Automatically bump size limit every week (#​20531)
• chore(ci): Bump pnpm/action-setup to v5 and pin to commit SHA (#​20462)
• chore(ci): Do not report flaky test issues if we cannot find a test name (#​20589)
• chore(ci): Streamline CI setup to split bundle, layer, tarball generation (#​20396)
• chore(ci): Vendor nx-affected-list action, drop dkhunt27 dependency (#​20463)
• chore(e2e): Add vue and vue-router to nuxt-4 canary build step to fix rollup resolution (#​20519)
• chore(e2e): Remove @​tanstack/start-plugin-core override (#​20518)
• chore(size-limit): weekly auto-bump (#​20572)
• chore(skill): Add skill for writing unit and E2E tests (#​20561)
• chore(test): Reduce unneeded idleTimeout test config (#​20467)
• ci(size-bump): Fix path in size-limit auto-bump workflow (#​20566)
• fix(e2e/tanstackstart-react): pin @​tanstack/start-plugin-core to unblock CI (#​20482)
• fix(tests): Remove nitro canary test job (#​20473)
• ref(browser): Use safeSetSpanJSONAttributes in cultureContext integration (#​20481)
• test(browser): Unflake some more tests (#​20591)
• test(nextjs): Pin eslint-config-next package to major (#​20552)
• test(node): Fix flaky ANR test (#​20592)
• test(node): Fix flaky worker thread integration test (#​20588)
• test(node): Unflake postgres tests (#​20593)
• test(node): Update timeout for cron integration tests (#​20586)
• test(supabase): Stop supabase before initializing (#​20563)
• test(tanstack): Prefix test labels (#​20569)

Bundle size 📦

Path	Size
@​sentry/browser	25.54 KB
@​sentry/browser - with treeshaking flags	24.06 KB
@​sentry/browser (incl. Tracing)	43.08 KB
@​sentry/browser (incl. Tracing + Span Streaming)	45.07 KB
@​sentry/browser (incl. Tracing, Profiling)	47.91 KB
@​sentry/browser (incl. Tracing, Replay)	81.5 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	71.23 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	86.07 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	98.42 KB
@​sentry/browser (incl. Feedback)	42.38 KB
@​sentry/browser (incl. sendFeedback)	30.24 KB
@​sentry/browser (incl. FeedbackAsync)	35.3 KB
@​sentry/browser (incl. Metrics)	26.8 KB
@​sentry/browser (incl. Logs)	26.95 KB
@​sentry/browser (incl. Metrics & Logs)	27.62 KB
@​sentry/react	27.25 KB
@​sentry/react (incl. Tracing)	45.26 KB
@​sentry/vue	30.3 KB
@​sentry/vue (incl. Tracing)	44.87 KB
@​sentry/svelte	25.57 KB
CDN Bundle	28.16 KB
CDN Bundle (incl. Tracing)	45.61 KB
CDN Bundle (incl. Logs, Metrics)	29.54 KB
CDN Bundle (incl. Tracing, Logs, Metrics)	46.68 KB
CDN Bundle (incl. Replay, Logs, Metrics)	67.71 KB
CDN Bundle (incl. Tracing, Replay)	81.91 KB
CDN Bundle (incl. Tracing, Replay, Logs, Metrics)	82.95 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	87.59 KB
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics)	88.66 KB
CDN Bundle - uncompressed	82.57 KB
CDN Bundle (incl. Tracing) - uncompressed	136.41 KB
CDN Bundle (incl. Logs, Metrics) - uncompressed	86.67 KB
CDN Bundle (incl. Tracing, Logs, Metrics) - uncompressed	139.79 KB
CDN Bundle (incl. Replay, Logs, Metrics) - uncompressed	207.73 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	251.45 KB
CDN Bundle (incl. Tracing, Replay, Logs, Metrics) - uncompressed	254.82 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	264.83 KB
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics) - uncompressed	268.18 KB
@​sentry/nextjs (client)	47.7 KB
@​sentry/sveltekit (client)	43.52 KB
@​sentry/node-core	57.57 KB
@​sentry/node	166.25 KB
@​sentry/node - without tracing	94.54 KB
@​sentry/aws-serverless	111 KB
@​sentry/cloudflare (withSentry) - minified	160.29 KB
@​sentry/cloudflare (withSentry)	405.47 KB

axios/axios (axios)

v1.16.0

Compare Source

v1.16.0 — May 2, 2026

This release adds support for the QUERY HTTP method and a new ECONNREFUSED error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.

⚠️ Notable Changes

A handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:

• Fetch adapter now enforces maxBodyLength and maxContentLength. These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (#​10795)
• Proxy requests now preserve user-supplied Host headers. Previously, the proxy path could overwrite a custom Host. Virtual-host-style routing through a proxy will now behave correctly. (#​10822)
• Basic auth credentials embedded in URLs are now URL-decoded. If you have percent-encoded credentials in a URL (e.g. https://user:p%40ss@host), the decoded value is what now goes on the wire. (#​10825)
• parseProtocol now strictly requires a colon in the protocol separator. Strings that loosely parsed as protocols before may no longer match. (#​10729)
• Deprecated unescape() replaced with modern UTF-8 encoding. Non-ASCII URL handling is now spec-correct; consumers depending on legacy unescape() quirks may see different output bytes. (#​7378)
• transformRequest input typing change was reverted. The typing change introduced in #​10745 was reverted in #​10810 after follow-up review — net behavior is unchanged from 1.15.2. (#​10745, #​10810)

🚀 New Features

• QUERY HTTP Method: Added support for the QUERY HTTP method across adapters and type definitions. (#​10802)
• ECONNREFUSED Error Constant: Exposed ECONNREFUSED as a constant on AxiosError so callers can match connection-refused failures without comparing string literals (closes #​6485). (#​10680)
• Encode Helper Export: Exported the internal encode helper from buildURL so userland param serializers can reuse the same encoding logic that axios uses internally. (#​6897)

🐛 Bug Fixes

• HTTP Adapter — Redirects & Headers: Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing requestDetails argument on beforeRedirect, preserved user-supplied Host headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (#​10794, #​10800, #​6241, #​10822, #​10825)
• HTTP Adapter — Streams & Timeouts: Preserved the partial response object on AxiosError when a stream is aborted after headers arrive, honoured the timeout option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and maxRedirects: 0. (#​10708, #​10819, #​7149)
• Fetch Adapter: Enforced maxBodyLength / maxContentLength in the fetch adapter, set the User-Agent header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a TypeError in restricted environments. (#​10795, #​10772, #​10806, #​7260)
• XHR Adapter: Unsubscribed the cancelToken and AbortSignal listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (#​10787)
• Error Handling: Attached the parsed response to AxiosError when JSON.parse fails inside dispatchRequest, prevented settle from emitting undefined error codes, and tightened the parseProtocol regex to require a colon in the protocol separator. (#​10724, #​7276, #​10729)
• Types & Exports: Aligned the CommonJS CancelToken typings with the ESM build, fixed a compiler error caused by RawAxiosHeaders, and re-exported create from the package index. (#​7414, #​6389, #​6460)
• UTF-8 Encoding: Replaced the deprecated unescape() call with a modern UTF-8 encoding implementation. (#​7378)
• Misc Cleanup: Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (#​10833)

🔧 Maintenance & Chores

• Refactor — ES6 Modernisation: Modernised the utils module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (#​10588, #​7419)
• Tests: Hardened the HTTP test server lifecycle to fix flaky FormData EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (#​10820, #​10791, #​10796)
• Docs: Documented paramsSerializer.encode for strict RFC 3986 query encoding, updated the parseReviver TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (#​10821, #​10782, #​10759, #​10804)
• Reverted: Reverted the transformRequest input typing change from #​10745 after follow-up review. (#​10745, #​10810)
• Dependencies: Bumped actions/setup-node, the github-actions group, and postcss (in /docs) to their latest versions. (#​10785, #​10813, #​10814)
• Release: Updated changelog and packages, and prepared the 1.16.0 release. (#​10790, #​10834)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

• @​singhankit001 (#​10588)
• @​cuiweixie (#​7419)
• @​iruizsalinas (#​10787)
• @​MarcosNocetti (#​10680)
• @​deepview-autofix (#​10729)
• @​atharvasingh7007 (#​10745)
• @​OfekDanny (#​10772)
• @​mnahkies (#​7414)
• @​tboyila (#​10759)
• @​Kingo64 (#​6897)
• @​ramram1048 (#​6389)
• @​FLNacif (#​6460)
• @​zozo123 (#​10806)
• @​pierluigilenoci (#​10802)
• @​afurm (#​10708)
• @​karan-lrn (#​7378)
• @​ebeigarts (#​7149)
• @​Raymondo97 (#​10782)
• @​mixelburg (#​10821)
• @​ashishkr96 (#​10822)
• @​cyphercodes (#​10819)
• @​Jye10032 (#​7260)
• @​VeerShah41 (#​7276)

Full Changelog

django/django (django)

v6.0.5

Compare Source

kitware-resonant/cookiecutter-resonant (django-resonant-settings)

v0.50.5

Compare Source

Cookiecutter Changes

• Pin RabbitMQ to a version compatible with Celery defaults
• Pin the NodeJS version in dev containers
• Fix compatibility between Allauth rate limiting and Heroku

psycopg/psycopg (psycopg)

v3.3.4

Compare Source

pydantic/pydantic (pydantic)

v2.13.4: 2026-05-06

Compare Source

v2.13.4 (2026-05-06)

What's Changed

Packaging

• Bump libc from 0.2.155 to 0.2.185 by @​Viicos in #​13109
• Adapt pydantic-core linker flags on macOS by @​washingtoneg and @​Viicos in #​13147

Fixes

• Preserve RootModel core metadata by @​Viicos in #​13129

Full Changelog: pydantic/pydantic@v2.13.3...v2.13.4

getsentry/sentry-python (sentry-sdk)

v2.59.0

Compare Source

New Features ✨

Langchain

• Record run_name as gen_ai.function_id on Invoke Agent Spans by @​alexander-alderman-webb in #​5926
• Record run_name in on_tool_start by @​alexander-alderman-webb in #​5925
• Record run_name in on_chat_model_start by @​alexander-alderman-webb in #​5924

Other

• (ci) Cancel in-progress PR workflows on new commit push by @​joshuarli in #​5994
• (consts) Add updated span convention constants to SPANDATA by @​ericapisani in #​6093
• (fastapi) Support span streaming in active thread tracking by @​ericapisani in #​6118
• (httpx) Migrate to span first by @​ericapisani in #​6084
• (huggingface_hub) Migrate to span first by @​ericapisani in #​6124
• (mcp) Migrate to span first by @​ericapisani in #​6131
• Add db.driver.name spans to database integrations by @​ericapisani in #​6082

Bug Fixes 🐛

We've put additional data that might contain sensitive information, like GraphQL documents, behind the send_default_pii option.

Httpx

• Consistently early-exit when adding request source by @​alexander-alderman-webb in #​6151
• Set code.namespace and code.function instead of code.function.name in span streaming by @​alexander-alderman-webb in #​6150

Langchain

• Record run_name as gen_ai.function_id for text completions by @​alexander-alderman-webb in #​6073
• Set agent name as gen_ai.agent.name for chat and tool spans by @​alexander-alderman-webb in #​5877

Other

• (asgi) Use inspect.iscoroutinefunction on Python 3.14+ by @​alexander-alderman-webb in #​6135
• (batcher) Reset lock and flusher in child after fork by @​ericapisani in #​6163
• (google_genai) Redact binary data in inline_data and fix multi-part message extraction by @​ericapisani in #​5977
• (grpc) Add isolation_scope to async server interceptor by @​robinvd in #​5940
• (metrics,logs) Don't attach span_id if no active span by @​sentrivana in #​6162
• (monitor) Release Monitor._thread_lock after fork (#​6148) by @​vokracko in #​6159
• (openai-agents) Resolve agent from bindings for openai-agents >= 0.14 by @​ericapisani in #​6102

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • Between 12:00 AM and 03:59 AM, only on Monday (* 0-3 * * 1)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[cloudflare-workers-and-pages]

Deploying bats-ai with    Cloudflare Pages

Latest commit:	803bae8
Status:	✅  Deploy successful!
Preview URL:	https://52078fdd.bats-ai.pages.dev
Branch Preview URL:	https://renovate-all-minor-patch.bats-ai.pages.dev

View logs