Skip to content

Sentry code triggering violation from Google manifest v3 during publication #14579

New issue
New issue
Closed as not planned
Bug
Closed as not planned
Sentry code triggering violation from Google manifest v3 during publication#14579
Bug
Labels
Package: browserIssues related to the Sentry Browser SDK
@rodolfoBee

Description

@rodolfoBee
rodolfoBee
opened on Dec 4, 2024

Is there an existing issue for this?

How do you use Sentry?

Sentry Saas (sentry.io)

Which SDK are you using?

@sentry/browser

SDK Version

8.9.1

Framework Version

No response

Link to Sentry event

No response

Reproduction Example/SDK Setup

No response

Steps to Reproduce

NA

Expected Result

No violation is to be triggered when using the NPM package as described here: https://docs.sentry.io/platforms/javascript/best-practices/shared-environments/

Actual Result

Violation report:

Technical Requirements - Additional Requirements for Manifest V3:
Violation:
Including remotely hosted code in a Manifest V3 item.
and
Having obfuscated code in the package.
Violating Content:
Code snippet:

 assets/index.html-wmZQQl7D.js: unction
getScriptURL(ar) { const rr = getClient(), cr = rr &&
rr.getOptions(), lr = cr && cr.cdnBaseUrl ||
"https://browser.sentry-cdn.com"; return new
URL(`/${SDK_VERSION}/${ar}.min.js`, lr).toString() } fr =
getScriptURL(cr), dr = WINDOW$4.document.
createElement("script"); dr.src = fr,"

It seems to be from this file: https://github.com/getsentry/sentry-javascript/blob/develop/packages/browser/src/utils/lazyLoadIntegration.ts

Metadata

Metadata

Assignees

No one assigned

    Labels

    Package: browserIssues related to the Sentry Browser SDK

    Type

    Projects

    GitHub Issues with 👀 3

    Status

    Waiting for: Product Owner

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions