← Back to Blog Home
You're probably overdue for a Sentry SDK upgrade
Roughly half of all Sentry JavaScript SDK installations remain on v8 or older, missing critical features and security patches. This guide details what’s available in newer versions and why upgrading matters.
Key Statistics
According to npm download data (March 2026):
- @sentry/node: 14.9M weekly installs; 32% still on v7
- @sentry/browser: 14.5M weekly installs; 22% still on v7
- @sentry/react: 9.9M weekly installs; 20% still on v7
Combined, v7 and v8 represent approximately 50% of all installs across major packages.
Modern SDK Capabilities
Session Replay (v8+)
Captures browser activity before, during, and after errors. The feature reconstructs DOM interactions, clicks, navigation, and console output into playback format. Privacy controls mask text inputs by default, and replay data links directly to corresponding errors and traces.
Structured Logging (v9+)
Introduces Sentry.logger with six severity levels. Logs attach to active traces and include structured attributes:
Sentry.logger.error('Payment processing failed', {
orderId: 'order-123',
amount: 99.99,
gateway: 'stripe',
retryCount: 3,
});
Template strings enable intelligent grouping:
Sentry.logger.info(Sentry.logger.fmt`User ${userId} completed checkout for order ${orderId}`, {
amount: 99.99,
paymentMethod: 'credit_card',
});
AI Monitoring (v9+/v10+)
Automatic instrumentation for LLM calls. v9 supports OpenAI and LangChain; v10 adds Anthropic and Vercel AI SDK. Tracks token usage, latency, and errors.
OpenTelemetry Tracing (v8+)
Shifted from manual transaction/span lifecycle management to automatic span handling. v8+ simplifies instrumentation:
// v8+: automatic lifecycle
const result = Sentry.startSpan({ name: 'checkout', op: 'db.query' }, () => {
return db.query('SELECT ...');
});
// Nested spans work automatically
Sentry.startSpan({ name: 'checkout' }, () => {
Sentry.startSpan({ name: 'validate-cart', op: 'function' }, () => {
validateCart();
});
});
Server-side frameworks (Express, Fastify, Hapi) and databases (Postgres, MongoDB, Redis, Prisma) auto-instrument with no manual configuration.
Version Evolution
v8 Changes
- Consolidated
@sentry/tracing,@sentry/hub,@sentry/integrations,@sentry/replayinto core SDKs - Converted integrations from classes to functions for better tree-shaking
- Introduced new scope model (
getCurrentScope(),getIsolationScope(),getGlobalScope()) - Deprecated
HubandgetCurrentHub()
v9 Changes
- Removed deprecated scope APIs entirely
- Merged
@sentry/utilsinto@sentry/core - Deprecated
@sentry/types - Established ES2020 as baseline
- Added feature flag tracking with LaunchDarkly and OpenFeature support
- Required Node.js 18 minimum
v10 Changes
- Upgraded underlying OpenTelemetry to v2.x
- Replaced FID with INP (Interaction to Next Paint) metric
- Introduced lightweight
@sentry/node-coremode - Added Next.js Turbopack support
Security Considerations
CVE-2023-46729 affected Next.js tunnel routing; patches landed only in v7.77.0+ and current release lines. Older pinned versions remained vulnerable.
IP address inference disabled by default starting v9, enforced in v10.4.0. Transitive dependency security patches (fast-xml-parser, rollup, tar, nuxt) only reach current major version lines.
Performance Improvements
@sentry/browserbase: 26 KB gzipped (v10), reducible to ~24.5 KB with tree-shaking- ES5 polyfills dropped in v8; ES2020 as minimum in v9
- Six legacy packages consolidated in v8; two more deprecated in v9
- Session Replay bundle reduced ~20% through tree-shaking optimizations
Deprecated Packages
Still present in some lockfiles from earlier versions:
@sentry/tracing(merged v8)@sentry/hub(merged v8)@sentry/integrations(merged v8)@sentry/replay(merged v8)@sentry/types(deprecated v9)@sentry/utils(deprecated v9)
These remain unmaintained and add unnecessary weight.
Feature Availability Reference
| Feature | Minimum Version | Packages | Status |
|---|---|---|---|
| Cron Monitoring | v7+ | Node, server SDKs | Available |
| Session Replay | v8+ | Browser, React, Vue, Angular, Svelte | Available |
| User Feedback Widget | v8+ | Browser, frontend SDKs | Available |
| Structured Logs | v9+ | All | Available |
| Feature Flag Tracking | v9+ | All | Available |
| AI Monitoring (OpenAI, LangChain) | v9+ | Node | Available |
| AI Monitoring (Anthropic, Vercel) | v10+ | Node | Available |
| INP as Core Web Vital | v10+ | Browser, frontend SDKs | Available |
AI-Assisted Upgrade
Sentry publishes agent skills for Claude Code, Cursor, GitHub Copilot, and other AI assistants. The sentry-sdk-upgrade skill automates migration through four phases: detection, recommendation, guided application, and verification.
npx skills add getsentry/sentry-for-ai --skill sentry-sdk-upgrade
The tool handles v7→v8, v8→v9, and v9→v10 migrations automatically, detecting deprecated patterns and applying fixes file by file.
