deps(deps): bump @sentry/astro from 10.39.0 to 10.43.0

[dependabot]

Bumps @sentry/astro from 10.39.0 to 10.43.0.

Release notes

Sourced from @​sentry/astro's releases.

10.43.0

Important Changes

• feat(nextjs): Add Turbopack support for React component name annotation (#19604)

  We added experimental support for React component name annotation in Turbopack builds. When enabled, JSX elements are annotated with data-sentry-component, data-sentry-element, and data-sentry-source-file attributes at build time. This enables searching Replays by component name, seeing component names in breadcrumbs, and performance monitoring — previously only available with webpack builds.

  This feature requires Next.js 16+ and is currently behind an experimental flag:

  // next.config.ts
  import { withSentryConfig } from '@sentry/nextjs';
  export default withSentryConfig(nextConfig, {
  _experimental: {
  turbopackReactComponentAnnotation: {
  enabled: true,
  ignoredComponents: ['Header', 'Footer'], // optional
  },
  },
  });

• feat(hono): Instrument middlewares app.use() (#19611)

  Hono middleware registered via app.use() is now automatically instrumented, creating spans for each middleware invocation.

Other Changes

• feat(node-core,node): Add tracePropagation option to http and fetch integrations (#19712)
• feat(hono): Use parametrized names for errors (#19577)
• fix(browser): Fix missing traces for user feedback (#19660)
• fix(cloudflare): Use correct Proxy receiver in instrumentDurableObjectStorage (#19662)
• fix(core): Standardize Vercel AI span descriptions to align with GenAI semantic conventions (#19624)
• fix(deps): Bump hono to 4.12.5 to fix multiple vulnerabilities (#19653)
• fix(deps): Bump svgo to 4.0.1 to fix DoS via entity expansion (#19651)
• fix(deps): Bump tar to 7.5.10 to fix hardlink path traversal (#19650)
• fix(nextjs): Align Turbopack module metadata injection with webpack behavior (#19645)
• fix(node): Prevent duplicate LangChain spans from double module patching (#19684)
• fix(node-core,vercel-edge): Use HEROKU_BUILD_COMMIT env var for default release (#19617)
• fix(sveltekit): Fix file system race condition in source map cleaning (#19714)
• fix(tanstackstart-react): Add workerd and worker export conditions (#19461)
• fix(vercel-ai): Prevent tool call span map memory leak (#19328)
• feat(deps): Bump @​sentry/rollup-plugin from 5.1.0 to 5.1.1 (#19658)

... (truncated)

Changelog

Sourced from @​sentry/astro's changelog.

10.43.0

Important Changes

• feat(nextjs): Add Turbopack support for React component name annotation (#19604)

  We added experimental support for React component name annotation in Turbopack builds. When enabled, JSX elements are annotated with data-sentry-component, data-sentry-element, and data-sentry-source-file attributes at build time. This enables searching Replays by component name, seeing component names in breadcrumbs, and performance monitoring — previously only available with webpack builds.

  This feature requires Next.js 16+ and is currently behind an experimental flag:

  // next.config.ts
  import { withSentryConfig } from '@sentry/nextjs';
  export default withSentryConfig(nextConfig, {
  _experimental: {
  turbopackReactComponentAnnotation: {
  enabled: true,
  ignoredComponents: ['Header', 'Footer'], // optional
  },
  },
  });

• feat(hono): Instrument middlewares app.use() (#19611)

  Hono middleware registered via app.use() is now automatically instrumented, creating spans for each middleware invocation.

Other Changes

• feat(node-core,node): Add tracePropagation option to http and fetch integrations (#19712)
• feat(hono): Use parametrized names for errors (#19577)
• fix(browser): Fix missing traces for user feedback (#19660)
• fix(cloudflare): Use correct Proxy receiver in instrumentDurableObjectStorage (#19662)
• fix(core): Standardize Vercel AI span descriptions to align with GenAI semantic conventions (#19624)
• fix(deps): Bump hono to 4.12.5 to fix multiple vulnerabilities (#19653)
• fix(deps): Bump svgo to 4.0.1 to fix DoS via entity expansion (#19651)
• fix(deps): Bump tar to 7.5.10 to fix hardlink path traversal (#19650)
• fix(nextjs): Align Turbopack module metadata injection with webpack behavior (#19645)
• fix(node): Prevent duplicate LangChain spans from double module patching (#19684)
• fix(node-core,vercel-edge): Use HEROKU_BUILD_COMMIT env var for default release (#19617)
• fix(sveltekit): Fix file system race condition in source map cleaning (#19714)
• fix(tanstackstart-react): Add workerd and worker export conditions (#19461)
• fix(vercel-ai): Prevent tool call span map memory leak (#19328)
• feat(deps): Bump @​sentry/rollup-plugin from 5.1.0 to 5.1.1 (#19658)

... (truncated)

Commits

• 3fb8102 release: 10.43.0
• 8706e4e Merge pull request #19716 from getsentry/prepare-release/10.43.0
• 61d7a84 meta(changelog): Update changelog for 10.43.0
• f83f288 test(angular): Fix failing canary test (#19639)
• 2b3ce34 fix(sveltekit): Fix file system race condition in source map cleaning (#19714)
• 98be6b0 chore(skills): Add bump-size-limit skill (#19715)
• cdee7a9 chore(sourcemaps): Make sourcemaps e2e test more generic (#19678)
• b26df86 feat(node-core,node): Add tracePropagation option to http and fetch integrati...
• 7b69774 chore(ci): Allow triage action to run on issues from external users (#19701)
• 5651be2 fix(browser): Fix missing traces for user feedback (#19660)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Assignees

The following users could not be added as assignees: the3ash. Either the username does not exist or it does not have the correct permissions to be added as an assignee.

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
❌ Deployment failed View logs	jefrydco	9f559e8	Mar 16 2026, 01:59 AM