deps(deps-dev): bump @sentry/nextjs from 7.120.4 to 10.37.0

[dependabot]

Bumps @sentry/nextjs from 7.120.4 to 10.37.0.

Release notes

Sourced from @​sentry/nextjs's releases.

10.37.0

Important Changes

• feat(core): Introduces a new Sentry.setConversationId() API to track multi turn AI conversations across API calls. (#18909)

  You can now set a conversation ID that will be automatically applied to spans within that scope. This allows you to link traces from the same conversation together.

  import * as Sentry from '@sentry/node';
  // Set conversation ID for all subsequent spans
  Sentry.setConversationId('conv_abc123');
  // All AI spans will now include the gen_ai.conversation.id attribute
  await openai.chat.completions.create({...});

  This is particularly useful for tracking multiple AI API calls that are part of the same conversation, allowing you to analyze entire conversation flows in Sentry. The conversation ID is stored on the isolation scope and automatically applied to spans via the new conversationIdIntegration.

• feat(tanstackstart-react): Auto-instrument global middleware in sentryTanstackStart Vite plugin (#18844)

  The sentryTanstackStart Vite plugin now automatically instruments requestMiddleware and functionMiddleware arrays in createStart(). This captures performance data without requiring manual wrapping.

  Auto-instrumentation is enabled by default. To disable it:

  // vite.config.ts
  sentryTanstackStart({
    authToken: process.env.SENTRY_AUTH_TOKEN,
    org: 'your-org',
    project: 'your-project',
    autoInstrumentMiddleware: false,
  });

Other Changes

• feat(core): simplify truncation logic to only keep the newest message (#18906)
• feat(core): Support new client discard reason invalid (#18901)
• feat(deps): Bump OpenTelemetry instrumentations (#18934)
• feat(nextjs): Update default ignore list for sourcemaps (#18938)
• feat(node): pass prisma instrumentation options through (#18900)
• feat(nuxt): Don't run source maps related code on Nuxt "prepare" (#18936)
• feat(replay): Update client report discard reason for invalid sessions (#18796)
• feat(winston): Add customLevelMap for winston transport (#18922)
• feat(react-router): Add support for React Router instrumentation API (#18580)
• fix(astro): Do not show warnings for valid options (#18947)
• fix(core): Report well known values in gen_ai.operation.name attribute (#18925)
• fix(node-core): ignore vercel AbortError by default on unhandled rejection (#18973)

... (truncated)

Changelog

Sourced from @​sentry/nextjs's changelog.

10.37.0

Important Changes

• feat(core): Introduces a new Sentry.setConversationId() API to track multi turn AI conversations across API calls. (#18909)

  You can now set a conversation ID that will be automatically applied to spans within that scope. This allows you to link traces from the same conversation together.

  import * as Sentry from '@sentry/node';
  // Set conversation ID for all subsequent spans
  Sentry.setConversationId('conv_abc123');
  // All AI spans will now include the gen_ai.conversation.id attribute
  await openai.chat.completions.create({...});

  This is particularly useful for tracking multiple AI API calls that are part of the same conversation, allowing you to analyze entire conversation flows in Sentry. The conversation ID is stored on the isolation scope and automatically applied to spans via the new conversationIdIntegration.

• feat(tanstackstart-react): Auto-instrument global middleware in sentryTanstackStart Vite plugin (#18844)

  The sentryTanstackStart Vite plugin now automatically instruments requestMiddleware and functionMiddleware arrays in createStart(). This captures performance data without requiring manual wrapping.

  Auto-instrumentation is enabled by default. To disable it:

  // vite.config.ts
  sentryTanstackStart({
    authToken: process.env.SENTRY_AUTH_TOKEN,
    org: 'your-org',
    project: 'your-project',
    autoInstrumentMiddleware: false,
  });

Other Changes

• feat(core): simplify truncation logic to only keep the newest message (#18906)
• feat(core): Support new client discard reason invalid (#18901)
• feat(deps): Bump OpenTelemetry instrumentations (#18934)
• feat(nextjs): Update default ignore list for sourcemaps (#18938)
• feat(node): pass prisma instrumentation options through (#18900)
• feat(nuxt): Don't run source maps related code on Nuxt "prepare" (#18936)
• feat(replay): Update client report discard reason for invalid sessions (#18796)
• feat(winston): Add customLevelMap for winston transport (#18922)
• feat(react-router): Add support for React Router instrumentation API (#18580)
• fix(astro): Do not show warnings for valid options (#18947)
• fix(core): Report well known values in gen_ai.operation.name attribute (#18925)

... (truncated)

Commits

• 8aec947 release: 10.37.0
• c60ca61 meta(changelog): Update changelog for 10.37.0 (#18984)
• 429ac16 meta(changelog): Update changelog for 10.37.0
• 11f38a7 feat(winston): Add customLevelMap for winston transport (#18922)
• 93a91cc test(prisma): Move to yarn prisma (#18975)
• b0add63 ref(core): Set system message as separate attribute (#18978)
• 9a2b6a4 chore: Add external contributor to CHANGELOG.md (#18977)
• cf738e7 deps: Bump version of sentry-bundler-plugins (#18972)
• 693ca47 test(nextjs): Added nextjs CF workers test app (#18928)
• 75f0e20 feat(react-router): Add support for React Router instrumentation API (#18580)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: dependencies, security. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[codeant-ai]

Skipping PR review because a bot author is detected.

If you want to trigger CodeAnt AI, comment @codeant-ai review to trigger a manual review.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[dependabot]

Superseded by #140.