Bump sentry-sdk from 1.5.12 to 1.45.1

[dependabot[bot]]

Bumps sentry-sdk from 1.5.12 to 1.45.1.

Release notes

Sourced from sentry-sdk's releases.

1.45.1

This is a security backport release.

• Don't send full env to subprocess (892dd800) by @​kmichel-aiven

  See also https://github.com/getsentry/sentry-python/security/advisories/GHSA-g92j-qhmh-64v2

1.45.0

This is the final 1.x release for the forseeable future. Development will continue on the 2.x release line. The first 2.x version will be available in the next few weeks.

Various fixes & improvements

• Allow to upsert monitors (#2929) by @​sentrivana

  It's now possible to provide monitor_config to the monitor decorator/context manager directly:

  from sentry_sdk.crons import monitor
  All keys except schedule are optional
  monitor_config = {
  
  "schedule": {"type": "crontab", "value": "0 0 * * *"},
  
  "timezone": "Europe/Vienna",
  
  "checkin_margin": 10,
  
  "max_runtime": 10,
  
  "failure_issue_threshold": 5,
  
  "recovery_threshold": 5,
  
  }
  @​monitor(monitor_slug='<monitor-slug>', monitor_config=monitor_config)
  
  def tell_the_world():
  
  print('My scheduled task...')
  
  

  Check out the cron docs for details.

• Add Django signals_denylist to filter signals that are attached to by signals_spans (#2758) by @​lieryan

  If you want to exclude some Django signals from performance tracking, you can use the new signals_denylist Django option:

  import django.db.models.signals
  import sentry_sdk
  sentry_sdk.init(
  
  ...
  
  integrations=[
  
  DjangoIntegration(
  
  ...
  
  signals_denylist=[
  
  

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

1.45.1

This is a security backport release.

• Don't send full env to subprocess (892dd800) by @​kmichel-aiven

  See also https://github.com/getsentry/sentry-python/security/advisories/GHSA-g92j-qhmh-64v2

1.45.0

This is the final 1.x release for the forseeable future. Development will continue on the 2.x release line. The first 2.x version will be available in the next few weeks.

Various fixes & improvements

• Allow to upsert monitors (#2929) by @​sentrivana

  It's now possible to provide monitor_config to the monitor decorator/context manager directly:

  from sentry_sdk.crons import monitor
  All keys except schedule are optional
  monitor_config = {
  
  "schedule": {"type": "crontab", "value": "0 0 * * *"},
  
  "timezone": "Europe/Vienna",
  
  "checkin_margin": 10,
  
  "max_runtime": 10,
  
  "failure_issue_threshold": 5,
  
  "recovery_threshold": 5,
  
  }
  @​monitor(monitor_slug='<monitor-slug>', monitor_config=monitor_config)
  
  def tell_the_world():
  
  print('My scheduled task...')
  
  

  Check out the cron docs for details.

• Add Django signals_denylist to filter signals that are attached to by signals_spans (#2758) by @​lieryan

  If you want to exclude some Django signals from performance tracking, you can use the new signals_denylist Django option:

  import django.db.models.signals
  import sentry_sdk
  sentry_sdk.init(
  
  ...
  
  integrations=[
  
  DjangoIntegration(
  
  

... (truncated)

Commits

• 282b8f7 Update CHANGELOG.md
• 6c867c4 release: 1.45.1
• 388e68e Fix tests (#3341)
• dfcab26 Run integrations tests on 1.x
• 2812640 Run CI on 1.x branch
• 892dd80 fix(integrations): don't send full env to subprocess
• 51a906c Update CHANGELOG.md
• 7570e39 release: 1.45.0
• e22abb6 fix(metrics): Change data_category from statsd to metric_bucket (#2954)
• fab65e6 feat(metrics): New normalization of keys, values, units (#2946)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.