Sentry CLI Changelog File — Sentry

Changelog

Unreleased

Features

(snapshots) Compress preprod snapshot manifest with zstd (#3336)

Fixes

(snapshots) Update snapshots download to use the new archive endpoint, triggering the archive build and polling until it is ready before downloading (#3344)
(snapshots) Show a clear "project was renamed" error instead of a cryptic JSON parse failure when uploading to a renamed project slug (#3341)

3.5.1

Internal Changes 🔧

Deps

Bump objectstore-client to 0.1.12 by @NicoHinderling in #3334
Bump shell-quote from 1.8.3 to 1.8.4 by @dependabot in #3327
Bump docker/login-action from 4.1.0 to 4.2.0 by @dependabot in #3323
Bump actions/github-script from 8.0.0 to 9.0.0 by @dependabot in #3325
Bump getsentry/craft from 2.26.3 to 2.26.6 by @dependabot in #3322
Bump docker/build-push-action from 7.1.0 to 7.2.0 by @dependabot in #3324

Other

(npm) 🤖 Bump optional dependencies to 3.5.0 by @sentry-release-bot[bot] in 8c2c0e9a
Remove experimental flag from snapshots and build commands by @NicoHinderling in #3329

3.5.0

Features

(snapshots) Add snapshots diff command for locally comparing directories of PNG snapshot images using odiff (#3306)
(snapshots) Add snapshots download command for downloading baseline snapshot images from Sentry (#3310)
(snapshots) Add --all-image-file-names and --all-image-file-names-file flags to snapshots upload for detecting image removals and renames in selective builds (#3312)
Add PE DWARF companion support (#3240)
Add Windows ARM64 PE unwind support (#3240)

Fixes

Improve error message when organization slug is missing from config (#3311)
Respect CURL_CA_BUNDLE and SSL_CERT_FILE when configuring TLS certificate authorities (#3301).

Internal changes

Bump symbolic to 13.1.1 (#3240)

3.4.3

Security Fixes

Behavior-breaking: Disable Xcode Info.plist preprocessing by default to avoid passing project-controlled compiler settings to cc during release auto-discovery. This affects sentry-cli releases propose-version, sentry-cli send-event and sentry-cli bash-hook --send-event release inference, and sentry-cli react-native xcode auto-release detection. Use --allow-xcode-infoplist-preprocessing only for trusted projects that require preprocessing.
Ensure restrictive file permissions maintained when sentry-cli login updates existing config files.
Disable TLS verification only when http.verify_ssl is set to false, case-insensitively.
Shell-escape generated bash-hook arguments, including paths, tags, release names, and the CLI path.
Stop sending environment variables in sentry-cli bash-hook events.
Verify the downloaded binary checksum before replacing the current executable in sentry-cli update.

Performance

(snapshots) Skip uploading images that already exist in objectstore by batch-checking with HEAD requests first (#3305)

Fixes

(snapshots) Reject snapshot uploads that have a PR number but no base SHA, since comparisons cannot work without a base reference (#3300)

3.4.2

Fixes

(snapshots) Stop sending Sentry auth token to Objectstore (#3286)
(js) Fix argument injection in JavaScript API's serializeOptions. String/number options now validate input types and prevent Array.prototype.concat() from flattening array values into separate CLI arguments. (#3287)

3.4.1

Improvements

(bundle-jvm) Warn and skip subsequent duplicates when multiple files strip to the same URL (e.g. Android build variants contributing the same FQCN). The warning points users at --exclude to scope the bundle to a single variant (#3275).

Fixes

(bundle-jvm) Strip the [<module>/]src/<sourceset>/<lang>/ prefix from bundle URLs so Symbolicator can resolve them from package-based stack traces (e.g. sentry-android-core/src/main/java/io/sentry/android/core/ANRWatchDog.java → ~/io/sentry/android/core/ANRWatchDog.jvm) (#3275).

3.4.0

Features

(snapshots) Add --selective flag to build snapshots to indicate the upload contains only a subset of images (#3268)
(bundle-jvm) Allow running directly on a project root (including multi-module repos) by automatically collecting only JVM source files (.java, .kt, .scala, .groovy), respecting .gitignore, and excluding common build output directories (#3260)
(bundle-jvm) Add --exclude option for custom glob patterns to exclude files/directories from source collection (#3260)

Performance

(snapshots) Parallelize image hashing with rayon (#3250)

Fixes

(snapshots) Chunk image uploads to avoid file descriptor exhaustion and 413 errors when uploading hundreds of images (#3249)
(snapshots) Preserve subdirectory structure in snapshot manifest keys instead of flattening to bare filenames (#3269)
Replace eprintln! with log::info! for progress bar completion messages when the progress bar is disabled (e.g. in CI). This avoids spurious stderr output that some CI systems treat as errors (#3223).

3.3.5

Performance

(snapshots) Parallelize image hashing with rayon (#3250)

Fixes

(sourcemaps) Skip non-base64 embedded sourcemaps during injection (#3243)

3.3.4

New Features ✨

(snapshots) Add --diff-threshold option to build snapshots to set a minimum pixel difference percentage for reporting image changes (#3259)
Add sentry-cli build download command to download installable builds (IPA/APK) by build ID (#3221).
Add sentry-cli code-mappings upload command to bulk upload code mappings from a JSON file (#3207, #3208, #3209, #3210).
- Code mappings link stack trace paths (e.g. com/example/module) to source paths in your repository (e.g. src/main/java/com/example/module), enabling Sentry to display source context and link directly to your code from error stack traces.
- Repository name and default branch are automatically inferred from your local git remotes, or can be specified explicitly with --repo and --default-branch.
- Large mapping files are automatically split into batches for upload.

3.3.3

Internal Changes 🔧

(npm) 🤖 Bump optional dependencies to 3.3.2 in afdef906

3.3.2

New Features ✨

(preprod) Add VCS parameters to snapshots upload command by @rbro112 in #3200

Internal Changes 🔧

(npm) 🤖 Bump optional dependencies to 3.3.1 in 3200dfb9

3.3.1

Fixes

Accept ProGuard mapping files without line information instead of rejecting them (#3192).
Improve error message when uploading .xcarchive or .ipa files on non-Apple Silicon Macs (#3211).

Experimental Feature 🧑‍🔬 (internal-only)

Pipe snapshot sidecar metadata into upload as part of sentry-cli build snapshots command (#3163).

3.3.0

New Features

Added sentry-cli proguard uuid <PATH> to compute and print the UUID for a ProGuard mapping file (#3176).

Improvements

Moved sentry-cli upload-proguard to sentry-cli proguard upload, aligning the API with similar upload commands like debug-files upload and sourcemaps upload (#3174). sentry-cli upload-proguard remains supported as an alias, so no migration is required.

Experimental Feature 🧑‍🔬 (internal-only)

Print snapshot URL after successful upload (#3167).

3.2.3

Experimental Feature 🧑‍🔬 (internal-only)

Added experimental sentry-cli build snapshots command to upload build snapshots to a project (#3110).
- This command uploads files from a specified directory to Sentry's Objectstore, associating them with a snapshot identifier.
- The command is experimental and subject to breaking changes or removal in future releases.

3.2.2

Fixes

Updated minimatch dependency to fix a vulnerability (#3153)

3.2.1

Fixes

The dart-symbol-map upload command now correctly resolves the organization from the auth token payload (#3065).
Retry DNS resolution failures for sentry.io requests to reduce intermittent failures for some users (#3085)

3.2.0

Features

Add sourceMaps.inject() for injecting debug IDs (#3088)
Add --install-group parameter to sentry-cli build upload for controlling update visibility between builds (#3094)

Fixes

Recognize *.ghe.com URLs as github_enterprise VCS provider (#3127).
Fixed a bug where the dart-symbol-map command did not accept the --url argument (#3108).
Add timeout to build upload polling loop to prevent infinite loop when server returns unexpected state (#3118).

3.1.0

New Features

In the JavaScript API, added multi-project support to releases.newDeploy() method. This method now accept a projects option (array of project slugs), aligning them with the Rust CLI's multi-project capabilities and matching the existing behavior of releases.new() and releases.uploadSourceMaps() (#3001).

Improvements

This release includes some changes to enable support for older self-hosted Sentry versions. With these changes, Sentry CLI now officially self-hosted Sentry versions 24.11.1 and above (#3070)

Fixes

Fixed a bug that prevented project IDs from being used with the sentry-cli releases new command for users with self-hosted Sentry instances on versions older than 25.12.1 (#3068).
Fixed a bug, introduced in version 3.0.0, where the sentry-cli releases list command ignored the --project option (#3048). The command now correctly can filter releases by a single project when supplied via --project. This change does not enable filtering by multiple projects, which has never been supported.

3.0.3

Fixes

Fixed a bug on Intel-based macOS systems that prevented Sentry CLI from respecting self-signed certificates trusted in the macOS keychain (#3059).

3.0.2

Fixes

Fixed a bug on ARM-based macOS systems that prevented Sentry CLI from respecting self-signed certificates trusted in the macOS keychain (#3057).

Versioning Policy Update

Our versioning policy has reclassified the minimum supported self-hosted Sentry version as being part of the public API. Therefore, we will only increase this minimum supported self-hosted Sentry version in a major release of Sentry CLI.

3.0.1

Performance Improvements

We switch to a faster compression algorithm (zstd) for uploading size analysis builds (sentry build upload) in preparation for this week's beta release! (#3038)

3.0.0

New Sentry Support Policy

sentry-cli 3.0.0 and above only officially supports Sentry SaaS and Sentry self-hosted versions 25.11.1 and higher. While many Sentry CLI features may, in practice, continue working with some older Sentry versions, continued support for Sentry versions older than 25.11.1 is not guaranteed. Changes which break support for Sentry versions below 25.11.1 may occur in minor or patch releases.

New Versioning Policy

Sentry CLI now defines a semantic versioning policy. We did not explicitly define a versioning policy previously, and this new policy should give more clarity about what can change in minor or patch releases versus what requires a major version bump.

Breaking Changes

Removed all sentry-cli files ... and sentry-cli releases files ... subcommands (#2956). These commands provided functionality for managing release files, a feature that has been deprecated in Sentry. Users still using sentry-cli files upload to upload source maps should migrate to sentry-cli sourcemaps upload.
Removed the sentry-cli sourcemaps explain command (#2947). The command had been deprecated for some time, since Sentry now has a better in-product debugging flow for source map problems via the "Unminify Code" button, which is displayed on any JavaScript issues which could not be unminified.
Removed the sentry-cli send-metric ... subcommands (#3006). These commands have been deprecated, and the data they send is no longer accepted by Sentry.
Removed support for the legacy API key authentication method (#2935). Sentry CLI now only supports authenticating with Auth Tokens. If you are using API key authentication via any of the following methods, you need to generate and use an Auth Token, instead:
- --api-key CLI flag
- SENTRY_API_KEY environment variable
- api_key configuration file field
- apiKey option in the JavaScript API
Removed the upload-proguard subcommand's --app-id, --version, --version-code, --android-manifest, and --platform arguments (#2876, #2940, #2948). Users using these arguments should stop using them, as they are unnecessary. The information passed to these arguments is no longer visible in Sentry.
Removed the --started argument from the sentry-cli releases finalize command (#2972). This argument is a no-op, so any users using it should simply stop using it.
Removed the --use-artifact-bundle flag from sentry-cli sourcemaps upload (#3002). The flag was a no-op that only emitted a deprecation warning.

Node.js Wrapper Breakages

The following changes only apply when using sentry-cli via the npm package @sentry/cli:

The SentryCli.execute method's live parameter now only takes boolean values (#2971). Setting live to true now behaves like 'rejectOnError' did previously, with a zero exit status resolving the returned promise with "success (live mode)" and a non-zero status rejecting the promise with an error message.
The option parameter to Releases.uploadSourceMaps no longer takes a live property (#2971). We now always execute the command with live set to true.
Removed the apiKey option from SentryCliOptions (#2935). If you are using apiKey, you need to generate and use an Auth Token via the authToken option, instead.
Removed the useArtifactBundle option from SentryCliUploadSourceMapsOptions (#3002). This deprecated option was a no-op that users should simply stop passing.
Drop support for Node.js <18. The minimum required Node.js version is now 18.0.0 (#2985).
The type export SentryCliReleases has been removed.

The JavaScript wrapper now uses named exports instead of default exports (#2989). You need to update your imports:

// Old (default import)
const SentryCli = require('@sentry/cli');

// New (named import)
const { SentryCli } = require('@sentry/cli');

For ESM imports:

// Old
import SentryCli from '@sentry/cli';

// New
import { SentryCli } from '@sentry/cli';

Improvements

The sentry-cli upload-proguard command now uses chunked uploading by default (#2918). Users who previously set the SENTRY_EXPERIMENTAL_PROGUARD_CHUNK_UPLOAD environment variable to opt into this behavior no longer need to set the variable.
We now place source map debug IDs under the source map's debugId field, per the TC39 Debug ID proposal (#3005). This change affects the sentry-cli sourcemaps inject command and, unless --no-rewrite is passed, the sentry-cli sourcemaps upload command. Sentry CLI can still read the debug_id field, but whenever the CLI writes or rewrites a source map, we always use debugId.
The sentry-cli build upload command now automatically tracks Sentry plugin versions from the SENTRY_PIPELINE environment variable (#2994). When SENTRY_PIPELINE contains a recognized Sentry plugin (e.g., sentry-gradle-plugin/4.12.0 or sentry-fastlane-plugin/1.2.3), the plugin version is written to the .sentry-cli-metadata.txt file in uploaded build archives, enabling the backend to store metadata for size analysis and build distribution tracking.

Fixes

Fixed misleading error message claiming the server doesn't support chunk uploading when the actual error was a non-existent organization (#2930).

2.58.4

Fixes

Use node directly in the postinstall script, instead of using npm run (#3030). This change ensures the postinstall script remains compatible with package managers other than npm.

2.58.3

Improvements

For the sentry-cli build upload command, we now only auto-detect Git metadata when we detect we are running in a CI environment, unless the user manually overrides this behavior (#2974). This change prevents local development builds from triggiering GitHub status checks for size analysis.
- We can detect most common CI environments based on the environment variables these set.
- We introduced two new arguments, --force-git-metadata and --no-git-metadata, which force-enable and force-disable automatic Git data collection, respectively, overriding the default behavior.
The sentry-cli build upload command now automatically detects the correct branch or tag reference in non-PR GitHub Actions workflows (#2976). Previously, --head-ref was only auto-detected for pull request workflows. Now it works for push, release, and other workflow types by using the GITHUB_REF_NAME environment variable.

Fixes

Fixed a bug where the sentry-cli sourcemaps inject command could inject JavaScript code into certain incorrectly formatted source map files, corrupting their JSON structure (#3003).

2.58.2

Improvements

Added validation for the sentry-cli build upload command's --head-sha and --base-sha arguments (#2945). The CLI now validates that these are valid SHA1 sums. Passing an empty string is also allowed; this prevents the default values from being used, causing the values to instead be unset.

Fixes

Fixed a bug where providing empty-string values for the sentry-cli build upload command's --vcs-provider, --head-repo-name, --head-ref, --base-ref, and --base-repo-name arguments resulted in 400 errors (#2946). Now, setting these to empty strings instead explicitly clears the default value we would set otherwise, as expected.

2.58.1

Deprecations

Deprecated API key authentication (#2934, #2937). Users who are still using API keys to authenticate Sentry CLI should generate and use an Auth Token instead.

Improvements

The sentry-cli debug-files bundle-jvm no longer makes any HTTP requests to Sentry, meaning auth tokens are no longer needed, and the command can be run offline (#2926).

Fixes

Skip setting base_sha and base_ref when they equal head_sha during auto-inference, since comparing a commit to itself provides no meaningful baseline (#2924).
Improved error message when supplying a non-existent organization to sentry-cli sourcemaps upload. The error now correctly indicates the organization doesn't exist, rather than incorrectly suggesting the Sentry server lacks artifact bundle support (#2931).

2.58.0

New Features

Removed experimental status from the sentry-cli build upload commands (#2899, #2905). At the time of this release, build uploads are still in closed beta on the server side, so most customers cannot use this functionality quite yet.
Added CLI version metadata to build upload archives (#2890).

Deprecations

Deprecated the upload-proguard subcommand's --platform flag (#2863). This flag was a no-op for some time, so we will remove it in the next major.
Deprecated the upload-proguard subcommand's --android-manifest flag (#2891). This flag was a no-op for some time, so we will remove it in the next major.
Deprecated the sentry-cli sourcemaps upload command's --no-dedupe flag (#2913). The flag was no longer relevant for sourcemap uploads to modern Sentry servers and was made a no-op.

Fixes

Fixed autofilled git base metadata (--base-ref, --base-sha) when using the build upload subcommand in git repos. Previously this worked only in the context of GitHub workflows (#2897, #2898).

Performance

Slightly sped up the sentry-cli sourcemaps upload command by eliminating an HTTP request to the Sentry server, which was not required in most cases (#2913).

Internal changes

Migrated JavaScript wrapper to TypeScript for better type safety (#2910)

2.57.0

New Features

(JS API) Add projects field to SentryCliUploadSourceMapsOptions (#2856)

Deprecations

Deprecated the upload-proguard subcommand's --app-id, --version, and --version-code flags (#2852), as we plan to remove these flags in Sentry CLI 3.x. Users should simply stop using the flags; the values specified there have never had an effect on deobfuscation, and are no longer visible in Sentry.
Added a deprecation notice for release bundle uploads, a legacy method for uploading source maps (#2844). Release bundle uploads will be removed in Sentry CLI 3.x in favor of artifact bundles, the newer source map upload method introduced in Sentry version 23.6.2. Self-hosted users: You must upgrade to Sentry 23.6.2 or later before upgrading to Sentry CLI 3.x.

Fixes

Fixed a bug where some log messages would not show up in CI environments or when redirecting stderr to a file (#2830). Specifically, this bug was affecting any subcommand that uses a progress bar, such as sentry-cli debug-files bundle-jvm and sentry-cli sourcemaps upload. Any stderr output during the progress bar was lost if stderr was redirected.

2.56.1

Deprecations

Added a deprecation notice for legacy uploading methods (#2836, #2837)
- Support for these legacy uploading methods, required to upload to self-hosted Sentry servers below version 10.0.0, will be removed in the next major release (3.x). If you observe these new deprecation notices, we recommend upgrading your self-hosted Sentry server, or pinning Sentry CLI to a compatible version (2.x).
- You may encounter these deprecation notices when uploading debug files or sourcemaps.

Fixes & improvements

Fixed a bug with sourcemap injection (#2764) by @szokeasaurusrex
- This change ensures we do not attempt to associate multiple compiled sources with the same sourcemap. As there should be at most one sourcemap for each compiled source, associating multiple compiled sources with the same sourcemap would lead to an invalid state.
Updated some outdated dependencies (#2816, #2818, and #2819)

2.56.0

Various fixes & improvements

feat: auto-fetch head-ref from GitHub Actions in detached HEAD state (#2805) by @runningcode
feat: automatically fetch base SHA in GitHub Actions PR workflows (#2799) by @runningcode
feat(preprod): use deflated compression when creating the zip file (#2800) by @trevor-e
feat(preprod): make sure at least one app bundle is present for upload (#2795) by @trevor-e
feat(preprod): fail upload if app is missing Info.plist (#2793) by @trevor-e
feat: restore GitHub Actions base branch detection (#2792) by @runningcode
fix: lower log level for missing base ref detection (EME-369) (#2813) by @runningcode
fix: simplify debug logging for PR number detection (EME-362) (#2812) by @runningcode
fix: serialize VCS tests to prevent race conditions (EME-368) (#2811) by @runningcode
fix: Validate SENTRY_RELEASE environment variable (#2807) by @szokeasaurusrex
fix: use actual PR head SHA in GitHub Actions instead of merge commit (#2785) by @runningcode
fix: suppress warning messages in failing build upload tests (#2791) by @runningcode

2.55.0

Various fixes & improvements

feat(build): preserve repository name case for build upload (#2777) by @runningcode
fix(sourcemaps): Display injection errors (#2775) by @szokeasaurusrex
feat: Normalize VCS provider names to match backend (#2770) by @runningcode
feat: Improve upload error message to show cause (#2765) by @runningcode
fix: Safer asset catalog reader for liquid glass (#2771) by @noahsmartin
fix(releases): handle partial SHAs correctly in commit resolution (#2734) by @srest2021

2.54.0

Various fixes & improvements

Fix: symlinks in normalized upload (#2744) by @noahsmartin
feat(vcs): Prefer upstream remote over origin for base repo name (#2737) by @runningcode
feat(build): Add auto-detection of base_repo_name from git remote (#2735) by @runningcode
feat(build): Add auto-detection of PR number from GitHub Actions (#2722) by @runningcode
feat(build): Auto-detect base_ref from git merge-base (#2720) by @runningcode
feat(logs): support log streaming (#2666) by @vgrozdanic

2.53.0

Various fixes & improvements

feat(mobile-app): Add release notes option (#2712) by @noahsmartin

Changes from 2.53.0-alpha

2.53.0-alpha reintroduced the build (previously named mobile-app) commands. 2.53.0 is the first stable release to reintroduce them.

Please note, the build commands are still experimental, and are therefore subject to breaking changes, including removal, in any release, without notice.

feat(mobile-app): Add default vcs base_ref parsing for mobile-app subcommand (#2706) by @rbro112
chore(mobile-app): Rename mobile-app subcommand to build (#2719) by @rbro112
Revert "feat(mobile-app): Reintroduce mobile-app feature gating (#2643)" (#2670) by @noahsmartin
meta(cursor): Add rule to avoid explicit type annotations (#2717) by @szokeasaurusrex
retry on cloudflare timeout (#2695) by @manishrawat1992

2.53.0-alpha

This release reintroduces the build (previously named mobile-app) commands.

Various fixes & improvements

feat(mobile-app): Add default vcs base_ref parsing for mobile-app subcommand (#2706) by @rbro112
chore(mobile-app): Rename mobile-app subcommand to build (#2719) by @rbro112
Revert "feat(mobile-app): Reintroduce mobile-app feature gating (#2643)" (#2670) by @noahsmartin
meta(cursor): Add rule to avoid explicit type annotations (#2717) by @szokeasaurusrex
retry on cloudflare timeout (#2695) by @manishrawat1992

2.52.0

Various fixes & improvements

feat(dart): add dart-symbol-map upload command (#2691) by @buenaflor
Add default vcs head_repo_name and provider parsing for mobile-app subcommand (#2699) by @rbro112
ref(debug-files): Remove unnecessary collect (#2705) by @szokeasaurusrex
build(deps): bump github/codeql-action from 3.29.5 to 3.29.8 (#2700) by @dependabot
build(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#2701) by @dependabot
build(deps): bump actions/create-github-app-token from 2.0.6 to 2.1.1 (#2702) by @dependabot
build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 (#2703) by @dependabot
Use URL from backend (#2698) by @chromy
feat(mobile-app): Add new VCS params to mobile-app command (#2682) by @rbro112
feat(launchpad): Add asset catalog files to zip without adding to folder (#2667) by @noahsmartin
feat(preprod): Show analysis URL after mobile-app upload (#2675) by @chromy
feat(logs): allow project slugs in logs list (#2688) by @shellmayr
fix(debug-files): Run all processing steps with --no-upload (#2693) by @P1n3appl3

2.51.1

Various fixes & improvements

fix(logs): Mark logs command as beta (#2690) by @szokeasaurusrex

2.51.0

Logs command

This release introduces a new sentry-cli logs list command, which lists your Sentry logs. For more details, see sentry-cli logs list --help.

Please note: if you receive a 403 error when using the new command, you may need to generate a new auth token with different permissions. You can do this by navigating to Settings → Developer Settings → Personal Tokens in Sentry. On the Personal Tokens page, generate a token with org:read scope, and pass this to the command using --auth-token or by setting the SENTRY_AUTH_TOKEN environment variable.

Various fixes & improvements

fix(js): Stop calling releases files upload-sourcemaps (#2676) by @szokeasaurusrex

2.50.2

This change removes the mobile-app upload experimental feature which was introduced in 2.50.1.

2.50.1

Various fixes & improvements

build(deps): bump form-data from 3.0.1 to 3.0.4 (#2638) by @dependabot

New experimental feature

This release introduces the new experimental mobile-app upload subcommand. This command is experimental, and therefore subject to changes, including breaking changes and/or removal, in any release. The command might not work as expected.

2.50.0

Various fixes & improvements

feat(js): Expose rejectOnError in public execute type declarations (#2628) by @Lms24

2.49.0

Various fixes & improvements

feat(js): Export live option type for releases.uploadSourceMaps (#2627) by @Lms24

2.48.0

Various fixes & improvements

feat(js): Add live: 'rejectOnError' execution mode to execute method (#2605) by @Lms24

Build-time changes

feat: allow optionally disabling Swift sandbox (#2587) by @carlocab

2.47.1

No user-facing changes.

2.47.0

Various fixes & improvements

ref: Exclude mobile-app command from release builds (#2582) by @szokeasaurusrex
feat(login): Improve error output for login errors (#2581) by @szokeasaurusrex
test(monitors): pass empty options to grep (#2562) by @lcian
feat(login): Warn when overwriting existing auth token (#2554) by @szokeasaurusrex
meta: Add .sentryclirc to gitignore (#2547) by @rbro112
build: Bump MSRV to 1.86

2.46.0

Various fixes & improvements

feat: Mark react-native appcenter as deprecated (#2522) by @chromy
docs: Fix typo "the the" -> "the" (#2519) by @chromy
feat(npm): Add support for installing npm package on Android (#2524) by @szokeasaurusrex
feat: Retry all HTTP requests (#2523) by @szokeasaurusrex
ref: Only obtain max retry count once (#2521) by @szokeasaurusrex
fix: Don't error if invalid value supplied for max retries (#2520) by @szokeasaurusrex
fix: Explicitly deprecate --started flag (#2515) by @szokeasaurusrex
fix: Use orig_path for bundle sources output file name (#2514) by @szokeasaurusrex
feat: Mark all files subcommands as deprecated. (#2512) by @Swatinem
Support multiple files in SENTRY_DOTENV_PATH (#2454) by @Kinqdos
fix(sourcemaps): Avoid associating only sourcemap with all minified sources (#2447) by @szokeasaurusrex

2.45.0

New feature

feat(sourcemaps): Multi-project sourcemaps upload (#2497) by @szokeasaurusrex
- Sourcemaps can now be uploaded to multiple projects at once by passing each project to the sentry-cli sourcemaps upload command, like so:
```
sentry-cli sourcemaps upload -p project1 -p project2 /path/to/sourcemaps
```
- Note that users on old versions of self-hosted Sentry may need to upgrade their self-hosted server to a newer version to take advantage of multi-project uploads.

Various fixes & improvements

ref: Rename fixup_js_file_end (#2475) by @szokeasaurusrex
ref: Use slice instead of vec for assemble artifact request (#2498) by @szokeasaurusrex
ref: Separate LegacyUploadContext for legacy uploads (#2494) by @szokeasaurusrex
feat: Remove organization and project info log (#2490) by @szokeasaurusrex

2.44.0

Various fixes & improvements

feat(sourcemaps): Support injecting indexed sourcemaps (#2470) by @szokeasaurusrex
test(sourcemaps): Assert injection outputs (#2483) by @szokeasaurusrex

2.43.1

Various fixes & improvements

build: Bump tokio to 1.44.2 (#2474) by @szokeasaurusrex
chore: Fix nightly clippy lints (#2469) by @loewenheim

2.43.0

This release explicitly deprecates the sentry-cli debug-files upload command's --info-plist argument, since the argument does nothing. If you are using the --info-plist argument, you should stop using it.

Various fixes & improvements

fix(debug_files): Don't call xcodebuild (#2443) by @szokeasaurusrex

2.42.5

This is a re-release of 2.45.5-alpha as a stable release. There are no code changes from 2.45.5-alpha, since the Windows ARM build for that version was published successfully.

2.42.5-alpha

This release adds a binary for Windows on ARM.

We are releasing this as an alpha to test that the new Windows ARM build is published to NPM correctly.

Various fixes & improvements

ci(npm): Release Windows ARM build to npm (#2436) by @szokeasaurusrex
ci: Run lint action on all target operating systems (#2360) by @szokeasaurusrex
ref: Simplify is_homebrew_install (#2434) by @szokeasaurusrex
build(deps): bump github/codeql-action from 3.28.12 to 3.28.13 (#2435) by @dependabot
ref: Simplify set_executable_mode (#2433) by @szokeasaurusrex
ci: Build for Windows ARM (#2429) by @szokeasaurusrex
build: Replace username with whoami (#2432) by @szokeasaurusrex
build: Remove direct winapi dependency (#2431) by @szokeasaurusrex
build(deps): bump actions/create-github-app-token from 1.11.0 to 1.11.7 (#2430) by @dependabot
ci: Auto-update GHA with Dependabot (#2428) by @szokeasaurusrex
ci: Update and securely pin all actions (#2427) by @szokeasaurusrex
ci: Remove unneeded -D warnings (#2425) by @szokeasaurusrex
ci: Stop using actions-rs (#2424) by @szokeasaurusrex
deps: Update zip to 2.4.2 (#2423) by @loewenheim
build: update zip dependency (#2421) by @szokeasaurusrex

2.42.4

Various fixes & improvements

build(macos): Sign macOS binaries (#2401) by @szokeasaurusrex
ci(docker): Fix GHCR releases so they are multiarch (#2418) by @szokeasaurusrex

2.42.3

Changelog

Unreleased

Features

(snapshots) Compress preprod snapshot manifest with zstd (#3336)

Fixes

(snapshots) Update snapshots download to use the new archive endpoint, triggering the archive build and polling until it is ready before downloading (#3344)
(snapshots) Show a clear "project was renamed" error instead of a cryptic JSON parse failure when uploading to a renamed project slug (#3341)

3.5.1

Internal Changes 🔧

Deps

Bump objectstore-client to 0.1.12 by @NicoHinderling in #3334
Bump shell-quote from 1.8.3 to 1.8.4 by @dependabot in #3327
Bump docker/login-action from 4.1.0 to 4.2.0 by @dependabot in #3323
Bump actions/github-script from 8.0.0 to 9.0.0 by @dependabot in #3325
Bump getsentry/craft from 2.26.3 to 2.26.6 by @dependabot in #3322
Bump docker/build-push-action from 7.1.0 to 7.2.0 by @dependabot in #3324

Other

(npm) 🤖 Bump optional dependencies to 3.5.0 by @sentry-release-bot[bot] in 8c2c0e9a
Remove experimental flag from snapshots and build commands by @NicoHinderling in #3329

3.5.0

Features

(snapshots) Add snapshots diff command for locally comparing directories of PNG snapshot images using odiff (#3306)
(snapshots) Add snapshots download command for downloading baseline snapshot images from Sentry (#3310)
(snapshots) Add --all-image-file-names and --all-image-file-names-file flags to snapshots upload for detecting image removals and renames in selective builds (#3312)
Add PE DWARF companion support (#3240)
Add Windows ARM64 PE unwind support (#3240)

Fixes

Improve error message when organization slug is missing from config (#3311)
Respect CURL_CA_BUNDLE and SSL_CERT_FILE when configuring TLS certificate authorities (#3301).

Internal changes

Bump symbolic to 13.1.1 (#3240)

3.4.3

Security Fixes

Behavior-breaking: Disable Xcode Info.plist preprocessing by default to avoid passing project-controlled compiler settings to cc during release auto-discovery. This affects sentry-cli releases propose-version, sentry-cli send-event and sentry-cli bash-hook --send-event release inference, and sentry-cli react-native xcode auto-release detection. Use --allow-xcode-infoplist-preprocessing only for trusted projects that require preprocessing.
Ensure restrictive file permissions maintained when sentry-cli login updates existing config files.
Disable TLS verification only when http.verify_ssl is set to false, case-insensitively.
Shell-escape generated bash-hook arguments, including paths, tags, release names, and the CLI path.
Stop sending environment variables in sentry-cli bash-hook events.
Verify the downloaded binary checksum before replacing the current executable in sentry-cli update.

Performance

(snapshots) Skip uploading images that already exist in objectstore by batch-checking with HEAD requests first (#3305)

Fixes

(snapshots) Reject snapshot uploads that have a PR number but no base SHA, since comparisons cannot work without a base reference (#3300)

3.4.2

Fixes

(snapshots) Stop sending Sentry auth token to Objectstore (#3286)
(js) Fix argument injection in JavaScript API's serializeOptions. String/number options now validate input types and prevent Array.prototype.concat() from flattening array values into separate CLI arguments. (#3287)

3.4.1

Improvements

(bundle-jvm) Warn and skip subsequent duplicates when multiple files strip to the same URL (e.g. Android build variants contributing the same FQCN). The warning points users at --exclude to scope the bundle to a single variant (#3275).

Fixes

(bundle-jvm) Strip the [<module>/]src/<sourceset>/<lang>/ prefix from bundle URLs so Symbolicator can resolve them from package-based stack traces (e.g. sentry-android-core/src/main/java/io/sentry/android/core/ANRWatchDog.java → ~/io/sentry/android/core/ANRWatchDog.jvm) (#3275).

3.4.0

Features

(snapshots) Add --selective flag to build snapshots to indicate the upload contains only a subset of images (#3268)
(bundle-jvm) Allow running directly on a project root (including multi-module repos) by automatically collecting only JVM source files (.java, .kt, .scala, .groovy), respecting .gitignore, and excluding common build output directories (#3260)
(bundle-jvm) Add --exclude option for custom glob patterns to exclude files/directories from source collection (#3260)

Performance

(snapshots) Parallelize image hashing with rayon (#3250)

Fixes

(snapshots) Chunk image uploads to avoid file descriptor exhaustion and 413 errors when uploading hundreds of images (#3249)
(snapshots) Preserve subdirectory structure in snapshot manifest keys instead of flattening to bare filenames (#3269)
Replace eprintln! with log::info! for progress bar completion messages when the progress bar is disabled (e.g. in CI). This avoids spurious stderr output that some CI systems treat as errors (#3223).

3.3.5

Performance

(snapshots) Parallelize image hashing with rayon (#3250)

Fixes

(sourcemaps) Skip non-base64 embedded sourcemaps during injection (#3243)

3.3.4

New Features ✨

(snapshots) Add --diff-threshold option to build snapshots to set a minimum pixel difference percentage for reporting image changes (#3259)
Add sentry-cli build download command to download installable builds (IPA/APK) by build ID (#3221).
Add sentry-cli code-mappings upload command to bulk upload code mappings from a JSON file (#3207, #3208, #3209, #3210).
- Code mappings link stack trace paths (e.g. com/example/module) to source paths in your repository (e.g. src/main/java/com/example/module), enabling Sentry to display source context and link directly to your code from error stack traces.
- Repository name and default branch are automatically inferred from your local git remotes, or can be specified explicitly with --repo and --default-branch.
- Large mapping files are automatically split into batches for upload.

3.3.3

Internal Changes 🔧

(npm) 🤖 Bump optional dependencies to 3.3.2 in afdef906

3.3.2

New Features ✨

(preprod) Add VCS parameters to snapshots upload command by @rbro112 in #3200

Internal Changes 🔧

(npm) 🤖 Bump optional dependencies to 3.3.1 in 3200dfb9

3.3.1

Fixes

Accept ProGuard mapping files without line information instead of rejecting them (#3192).
Improve error message when uploading .xcarchive or .ipa files on non-Apple Silicon Macs (#3211).

Experimental Feature 🧑‍🔬 (internal-only)

Pipe snapshot sidecar metadata into upload as part of sentry-cli build snapshots command (#3163).

3.3.0

New Features

Added sentry-cli proguard uuid <PATH> to compute and print the UUID for a ProGuard mapping file (#3176).

Improvements

Moved sentry-cli upload-proguard to sentry-cli proguard upload, aligning the API with similar upload commands like debug-files upload and sourcemaps upload (#3174). sentry-cli upload-proguard remains supported as an alias, so no migration is required.

Experimental Feature 🧑‍🔬 (internal-only)

Print snapshot URL after successful upload (#3167).

3.2.3

Experimental Feature 🧑‍🔬 (internal-only)

Added experimental sentry-cli build snapshots command to upload build snapshots to a project (#3110).
- This command uploads files from a specified directory to Sentry's Objectstore, associating them with a snapshot identifier.
- The command is experimental and subject to breaking changes or removal in future releases.

3.2.2

Fixes

Updated minimatch dependency to fix a vulnerability (#3153)

3.2.1

Fixes

The dart-symbol-map upload command now correctly resolves the organization from the auth token payload (#3065).
Retry DNS resolution failures for sentry.io requests to reduce intermittent failures for some users (#3085)

3.2.0

Features

Add sourceMaps.inject() for injecting debug IDs (#3088)
Add --install-group parameter to sentry-cli build upload for controlling update visibility between builds (#3094)

Fixes

Recognize *.ghe.com URLs as github_enterprise VCS provider (#3127).
Fixed a bug where the dart-symbol-map command did not accept the --url argument (#3108).
Add timeout to build upload polling loop to prevent infinite loop when server returns unexpected state (#3118).

3.1.0

New Features

In the JavaScript API, added multi-project support to releases.newDeploy() method. This method now accept a projects option (array of project slugs), aligning them with the Rust CLI's multi-project capabilities and matching the existing behavior of releases.new() and releases.uploadSourceMaps() (#3001).

Improvements

This release includes some changes to enable support for older self-hosted Sentry versions. With these changes, Sentry CLI now officially self-hosted Sentry versions 24.11.1 and above (#3070)

Fixes

Fixed a bug that prevented project IDs from being used with the sentry-cli releases new command for users with self-hosted Sentry instances on versions older than 25.12.1 (#3068).
Fixed a bug, introduced in version 3.0.0, where the sentry-cli releases list command ignored the --project option (#3048). The command now correctly can filter releases by a single project when supplied via --project. This change does not enable filtering by multiple projects, which has never been supported.

3.0.3

Fixes

Fixed a bug on Intel-based macOS systems that prevented Sentry CLI from respecting self-signed certificates trusted in the macOS keychain (#3059).

3.0.2

Fixes

Fixed a bug on ARM-based macOS systems that prevented Sentry CLI from respecting self-signed certificates trusted in the macOS keychain (#3057).

Versioning Policy Update

3.0.1

Performance Improvements

We switch to a faster compression algorithm (zstd) for uploading size analysis builds (sentry build upload) in preparation for this week's beta release! (#3038)

3.0.0

New Sentry Support Policy

New Versioning Policy

Breaking Changes

Removed all sentry-cli files ... and sentry-cli releases files ... subcommands (#2956). These commands provided functionality for managing release files, a feature that has been deprecated in Sentry. Users still using sentry-cli files upload to upload source maps should migrate to sentry-cli sourcemaps upload.
Removed the sentry-cli sourcemaps explain command (#2947). The command had been deprecated for some time, since Sentry now has a better in-product debugging flow for source map problems via the "Unminify Code" button, which is displayed on any JavaScript issues which could not be unminified.
Removed the sentry-cli send-metric ... subcommands (#3006). These commands have been deprecated, and the data they send is no longer accepted by Sentry.
Removed support for the legacy API key authentication method (#2935). Sentry CLI now only supports authenticating with Auth Tokens. If you are using API key authentication via any of the following methods, you need to generate and use an Auth Token, instead:
- --api-key CLI flag
- SENTRY_API_KEY environment variable
- api_key configuration file field
- apiKey option in the JavaScript API
Removed the upload-proguard subcommand's --app-id, --version, --version-code, --android-manifest, and --platform arguments (#2876, #2940, #2948). Users using these arguments should stop using them, as they are unnecessary. The information passed to these arguments is no longer visible in Sentry.
Removed the --started argument from the sentry-cli releases finalize command (#2972). This argument is a no-op, so any users using it should simply stop using it.
Removed the --use-artifact-bundle flag from sentry-cli sourcemaps upload (#3002). The flag was a no-op that only emitted a deprecation warning.

Node.js Wrapper Breakages

The following changes only apply when using sentry-cli via the npm package @sentry/cli:

The SentryCli.execute method's live parameter now only takes boolean values (#2971). Setting live to true now behaves like 'rejectOnError' did previously, with a zero exit status resolving the returned promise with "success (live mode)" and a non-zero status rejecting the promise with an error message.
The option parameter to Releases.uploadSourceMaps no longer takes a live property (#2971). We now always execute the command with live set to true.
Removed the apiKey option from SentryCliOptions (#2935). If you are using apiKey, you need to generate and use an Auth Token via the authToken option, instead.
Removed the useArtifactBundle option from SentryCliUploadSourceMapsOptions (#3002). This deprecated option was a no-op that users should simply stop passing.
Drop support for Node.js <18. The minimum required Node.js version is now 18.0.0 (#2985).
The type export SentryCliReleases has been removed.

The JavaScript wrapper now uses named exports instead of default exports (#2989). You need to update your imports:

// Old (default import)
const SentryCli = require('@sentry/cli');

// New (named import)
const { SentryCli } = require('@sentry/cli');

For ESM imports:

// Old
import SentryCli from '@sentry/cli';

// New
import { SentryCli } from '@sentry/cli';

Improvements

The sentry-cli upload-proguard command now uses chunked uploading by default (#2918). Users who previously set the SENTRY_EXPERIMENTAL_PROGUARD_CHUNK_UPLOAD environment variable to opt into this behavior no longer need to set the variable.
We now place source map debug IDs under the source map's debugId field, per the TC39 Debug ID proposal (#3005). This change affects the sentry-cli sourcemaps inject command and, unless --no-rewrite is passed, the sentry-cli sourcemaps upload command. Sentry CLI can still read the debug_id field, but whenever the CLI writes or rewrites a source map, we always use debugId.
The sentry-cli build upload command now automatically tracks Sentry plugin versions from the SENTRY_PIPELINE environment variable (#2994). When SENTRY_PIPELINE contains a recognized Sentry plugin (e.g., sentry-gradle-plugin/4.12.0 or sentry-fastlane-plugin/1.2.3), the plugin version is written to the .sentry-cli-metadata.txt file in uploaded build archives, enabling the backend to store metadata for size analysis and build distribution tracking.

Fixes

Fixed misleading error message claiming the server doesn't support chunk uploading when the actual error was a non-existent organization (#2930).

2.58.4

Fixes

Use node directly in the postinstall script, instead of using npm run (#3030). This change ensures the postinstall script remains compatible with package managers other than npm.

2.58.3

Improvements

For the sentry-cli build upload command, we now only auto-detect Git metadata when we detect we are running in a CI environment, unless the user manually overrides this behavior (#2974). This change prevents local development builds from triggiering GitHub status checks for size analysis.
- We can detect most common CI environments based on the environment variables these set.
- We introduced two new arguments, --force-git-metadata and --no-git-metadata, which force-enable and force-disable automatic Git data collection, respectively, overriding the default behavior.
The sentry-cli build upload command now automatically detects the correct branch or tag reference in non-PR GitHub Actions workflows (#2976). Previously, --head-ref was only auto-detected for pull request workflows. Now it works for push, release, and other workflow types by using the GITHUB_REF_NAME environment variable.

Fixes

Fixed a bug where the sentry-cli sourcemaps inject command could inject JavaScript code into certain incorrectly formatted source map files, corrupting their JSON structure (#3003).

2.58.2

Improvements

Added validation for the sentry-cli build upload command's --head-sha and --base-sha arguments (#2945). The CLI now validates that these are valid SHA1 sums. Passing an empty string is also allowed; this prevents the default values from being used, causing the values to instead be unset.

Fixes

Fixed a bug where providing empty-string values for the sentry-cli build upload command's --vcs-provider, --head-repo-name, --head-ref, --base-ref, and --base-repo-name arguments resulted in 400 errors (#2946). Now, setting these to empty strings instead explicitly clears the default value we would set otherwise, as expected.

2.58.1

Deprecations

Deprecated API key authentication (#2934, #2937). Users who are still using API keys to authenticate Sentry CLI should generate and use an Auth Token instead.

Improvements

The sentry-cli debug-files bundle-jvm no longer makes any HTTP requests to Sentry, meaning auth tokens are no longer needed, and the command can be run offline (#2926).

Fixes

Skip setting base_sha and base_ref when they equal head_sha during auto-inference, since comparing a commit to itself provides no meaningful baseline (#2924).
Improved error message when supplying a non-existent organization to sentry-cli sourcemaps upload. The error now correctly indicates the organization doesn't exist, rather than incorrectly suggesting the Sentry server lacks artifact bundle support (#2931).

2.58.0

New Features

Removed experimental status from the sentry-cli build upload commands (#2899, #2905). At the time of this release, build uploads are still in closed beta on the server side, so most customers cannot use this functionality quite yet.
Added CLI version metadata to build upload archives (#2890).

Deprecations

Deprecated the upload-proguard subcommand's --platform flag (#2863). This flag was a no-op for some time, so we will remove it in the next major.
Deprecated the upload-proguard subcommand's --android-manifest flag (#2891). This flag was a no-op for some time, so we will remove it in the next major.
Deprecated the sentry-cli sourcemaps upload command's --no-dedupe flag (#2913). The flag was no longer relevant for sourcemap uploads to modern Sentry servers and was made a no-op.

Fixes

Fixed autofilled git base metadata (--base-ref, --base-sha) when using the build upload subcommand in git repos. Previously this worked only in the context of GitHub workflows (#2897, #2898).

Performance

Slightly sped up the sentry-cli sourcemaps upload command by eliminating an HTTP request to the Sentry server, which was not required in most cases (#2913).

Internal changes

Migrated JavaScript wrapper to TypeScript for better type safety (#2910)

2.57.0

New Features

(JS API) Add projects field to SentryCliUploadSourceMapsOptions (#2856)

Deprecations

Deprecated the upload-proguard subcommand's --app-id, --version, and --version-code flags (#2852), as we plan to remove these flags in Sentry CLI 3.x. Users should simply stop using the flags; the values specified there have never had an effect on deobfuscation, and are no longer visible in Sentry.
Added a deprecation notice for release bundle uploads, a legacy method for uploading source maps (#2844). Release bundle uploads will be removed in Sentry CLI 3.x in favor of artifact bundles, the newer source map upload method introduced in Sentry version 23.6.2. Self-hosted users: You must upgrade to Sentry 23.6.2 or later before upgrading to Sentry CLI 3.x.

Fixes

Fixed a bug where some log messages would not show up in CI environments or when redirecting stderr to a file (#2830). Specifically, this bug was affecting any subcommand that uses a progress bar, such as sentry-cli debug-files bundle-jvm and sentry-cli sourcemaps upload. Any stderr output during the progress bar was lost if stderr was redirected.

2.56.1

Deprecations

Added a deprecation notice for legacy uploading methods (#2836, #2837)
- Support for these legacy uploading methods, required to upload to self-hosted Sentry servers below version 10.0.0, will be removed in the next major release (3.x). If you observe these new deprecation notices, we recommend upgrading your self-hosted Sentry server, or pinning Sentry CLI to a compatible version (2.x).
- You may encounter these deprecation notices when uploading debug files or sourcemaps.

Fixes & improvements

Fixed a bug with sourcemap injection (#2764) by @szokeasaurusrex
- This change ensures we do not attempt to associate multiple compiled sources with the same sourcemap. As there should be at most one sourcemap for each compiled source, associating multiple compiled sources with the same sourcemap would lead to an invalid state.
Updated some outdated dependencies (#2816, #2818, and #2819)

2.56.0

Various fixes & improvements

feat: auto-fetch head-ref from GitHub Actions in detached HEAD state (#2805) by @runningcode
feat: automatically fetch base SHA in GitHub Actions PR workflows (#2799) by @runningcode
feat(preprod): use deflated compression when creating the zip file (#2800) by @trevor-e
feat(preprod): make sure at least one app bundle is present for upload (#2795) by @trevor-e
feat(preprod): fail upload if app is missing Info.plist (#2793) by @trevor-e
feat: restore GitHub Actions base branch detection (#2792) by @runningcode
fix: lower log level for missing base ref detection (EME-369) (#2813) by @runningcode
fix: simplify debug logging for PR number detection (EME-362) (#2812) by @runningcode
fix: serialize VCS tests to prevent race conditions (EME-368) (#2811) by @runningcode
fix: Validate SENTRY_RELEASE environment variable (#2807) by @szokeasaurusrex
fix: use actual PR head SHA in GitHub Actions instead of merge commit (#2785) by @runningcode
fix: suppress warning messages in failing build upload tests (#2791) by @runningcode

2.55.0

Various fixes & improvements

feat(build): preserve repository name case for build upload (#2777) by @runningcode
fix(sourcemaps): Display injection errors (#2775) by @szokeasaurusrex
feat: Normalize VCS provider names to match backend (#2770) by @runningcode
feat: Improve upload error message to show cause (#2765) by @runningcode
fix: Safer asset catalog reader for liquid glass (#2771) by @noahsmartin
fix(releases): handle partial SHAs correctly in commit resolution (#2734) by @srest2021

2.54.0

Various fixes & improvements

Fix: symlinks in normalized upload (#2744) by @noahsmartin
feat(vcs): Prefer upstream remote over origin for base repo name (#2737) by @runningcode
feat(build): Add auto-detection of base_repo_name from git remote (#2735) by @runningcode
feat(build): Add auto-detection of PR number from GitHub Actions (#2722) by @runningcode
feat(build): Auto-detect base_ref from git merge-base (#2720) by @runningcode
feat(logs): support log streaming (#2666) by @vgrozdanic

2.53.0

Various fixes & improvements

feat(mobile-app): Add release notes option (#2712) by @noahsmartin

Changes from 2.53.0-alpha

2.53.0-alpha reintroduced the build (previously named mobile-app) commands. 2.53.0 is the first stable release to reintroduce them.

Please note, the build commands are still experimental, and are therefore subject to breaking changes, including removal, in any release, without notice.

feat(mobile-app): Add default vcs base_ref parsing for mobile-app subcommand (#2706) by @rbro112
chore(mobile-app): Rename mobile-app subcommand to build (#2719) by @rbro112
Revert "feat(mobile-app): Reintroduce mobile-app feature gating (#2643)" (#2670) by @noahsmartin
meta(cursor): Add rule to avoid explicit type annotations (#2717) by @szokeasaurusrex
retry on cloudflare timeout (#2695) by @manishrawat1992

2.53.0-alpha

This release reintroduces the build (previously named mobile-app) commands.

Various fixes & improvements

feat(mobile-app): Add default vcs base_ref parsing for mobile-app subcommand (#2706) by @rbro112
chore(mobile-app): Rename mobile-app subcommand to build (#2719) by @rbro112
Revert "feat(mobile-app): Reintroduce mobile-app feature gating (#2643)" (#2670) by @noahsmartin
meta(cursor): Add rule to avoid explicit type annotations (#2717) by @szokeasaurusrex
retry on cloudflare timeout (#2695) by @manishrawat1992

2.52.0

Various fixes & improvements

feat(dart): add dart-symbol-map upload command (#2691) by @buenaflor
Add default vcs head_repo_name and provider parsing for mobile-app subcommand (#2699) by @rbro112
ref(debug-files): Remove unnecessary collect (#2705) by @szokeasaurusrex
build(deps): bump github/codeql-action from 3.29.5 to 3.29.8 (#2700) by @dependabot
build(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#2701) by @dependabot
build(deps): bump actions/create-github-app-token from 2.0.6 to 2.1.1 (#2702) by @dependabot
build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 (#2703) by @dependabot
Use URL from backend (#2698) by @chromy
feat(mobile-app): Add new VCS params to mobile-app command (#2682) by @rbro112
feat(launchpad): Add asset catalog files to zip without adding to folder (#2667) by @noahsmartin
feat(preprod): Show analysis URL after mobile-app upload (#2675) by @chromy
feat(logs): allow project slugs in logs list (#2688) by @shellmayr
fix(debug-files): Run all processing steps with --no-upload (#2693) by @P1n3appl3

2.51.1

Various fixes & improvements

fix(logs): Mark logs command as beta (#2690) by @szokeasaurusrex

2.51.0

Logs command

This release introduces a new sentry-cli logs list command, which lists your Sentry logs. For more details, see sentry-cli logs list --help.

Various fixes & improvements

fix(js): Stop calling releases files upload-sourcemaps (#2676) by @szokeasaurusrex

2.50.2

This change removes the mobile-app upload experimental feature which was introduced in 2.50.1.

2.50.1

Various fixes & improvements

build(deps): bump form-data from 3.0.1 to 3.0.4 (#2638) by @dependabot

New experimental feature

2.50.0

Various fixes & improvements

feat(js): Expose rejectOnError in public execute type declarations (#2628) by @Lms24

2.49.0

Various fixes & improvements

feat(js): Export live option type for releases.uploadSourceMaps (#2627) by @Lms24

2.48.0

Various fixes & improvements

feat(js): Add live: 'rejectOnError' execution mode to execute method (#2605) by @Lms24

Build-time changes

feat: allow optionally disabling Swift sandbox (#2587) by @carlocab

2.47.1

No user-facing changes.

2.47.0

Various fixes & improvements

ref: Exclude mobile-app command from release builds (#2582) by @szokeasaurusrex
feat(login): Improve error output for login errors (#2581) by @szokeasaurusrex
test(monitors): pass empty options to grep (#2562) by @lcian
feat(login): Warn when overwriting existing auth token (#2554) by @szokeasaurusrex
meta: Add .sentryclirc to gitignore (#2547) by @rbro112
build: Bump MSRV to 1.86

2.46.0

Various fixes & improvements

feat: Mark react-native appcenter as deprecated (#2522) by @chromy
docs: Fix typo "the the" -> "the" (#2519) by @chromy
feat(npm): Add support for installing npm package on Android (#2524) by @szokeasaurusrex
feat: Retry all HTTP requests (#2523) by @szokeasaurusrex
ref: Only obtain max retry count once (#2521) by @szokeasaurusrex
fix: Don't error if invalid value supplied for max retries (#2520) by @szokeasaurusrex
fix: Explicitly deprecate --started flag (#2515) by @szokeasaurusrex
fix: Use orig_path for bundle sources output file name (#2514) by @szokeasaurusrex
feat: Mark all files subcommands as deprecated. (#2512) by @Swatinem
Support multiple files in SENTRY_DOTENV_PATH (#2454) by @Kinqdos
fix(sourcemaps): Avoid associating only sourcemap with all minified sources (#2447) by @szokeasaurusrex

2.45.0

New feature

feat(sourcemaps): Multi-project sourcemaps upload (#2497) by @szokeasaurusrex
- Sourcemaps can now be uploaded to multiple projects at once by passing each project to the sentry-cli sourcemaps upload command, like so:
```
sentry-cli sourcemaps upload -p project1 -p project2 /path/to/sourcemaps
```
- Note that users on old versions of self-hosted Sentry may need to upgrade their self-hosted server to a newer version to take advantage of multi-project uploads.

Various fixes & improvements

ref: Rename fixup_js_file_end (#2475) by @szokeasaurusrex
ref: Use slice instead of vec for assemble artifact request (#2498) by @szokeasaurusrex
ref: Separate LegacyUploadContext for legacy uploads (#2494) by @szokeasaurusrex
feat: Remove organization and project info log (#2490) by @szokeasaurusrex

2.44.0

Various fixes & improvements

feat(sourcemaps): Support injecting indexed sourcemaps (#2470) by @szokeasaurusrex
test(sourcemaps): Assert injection outputs (#2483) by @szokeasaurusrex

2.43.1

Various fixes & improvements

build: Bump tokio to 1.44.2 (#2474) by @szokeasaurusrex
chore: Fix nightly clippy lints (#2469) by @loewenheim

2.43.0

Various fixes & improvements

fix(debug_files): Don't call xcodebuild (#2443) by @szokeasaurusrex

2.42.5

This is a re-release of 2.45.5-alpha as a stable release. There are no code changes from 2.45.5-alpha, since the Windows ARM build for that version was published successfully.

2.42.5-alpha

This release adds a binary for Windows on ARM.

We are releasing this as an alpha to test that the new Windows ARM build is published to NPM correctly.

Various fixes & improvements

ci(npm): Release Windows ARM build to npm (#2436) by @szokeasaurusrex
ci: Run lint action on all target operating systems (#2360) by @szokeasaurusrex
ref: Simplify is_homebrew_install (#2434) by @szokeasaurusrex
build(deps): bump github/codeql-action from 3.28.12 to 3.28.13 (#2435) by @dependabot
ref: Simplify set_executable_mode (#2433) by @szokeasaurusrex
ci: Build for Windows ARM (#2429) by @szokeasaurusrex
build: Replace username with whoami (#2432) by @szokeasaurusrex
build: Remove direct winapi dependency (#2431) by @szokeasaurusrex
build(deps): bump actions/create-github-app-token from 1.11.0 to 1.11.7 (#2430) by @dependabot
ci: Auto-update GHA with Dependabot (#2428) by @szokeasaurusrex
ci: Update and securely pin all actions (#2427) by @szokeasaurusrex
ci: Remove unneeded -D warnings (#2425) by @szokeasaurusrex
ci: Stop using actions-rs (#2424) by @szokeasaurusrex
deps: Update zip to 2.4.2 (#2423) by @loewenheim
build: update zip dependency (#2421) by @szokeasaurusrex

2.42.4

Various fixes & improvements

build(macos): Sign macOS binaries (#2401) by @szokeasaurusrex
ci(docker): Fix GHCR releases so they are multiarch (#2418) by @szokeasaurusrex