This release focuses on making the Sentry monitoring tunnel more resilient to abuse and misconfiguration. The result is safer request handling and more predictable behavior when inputs are invalid.
Security and stability updates
The monitoring tunnel now enforces stricter request limits to help prevent oversized payloads from being accepted. Requests that exceed the size cap are rejected instead of being fully buffered.
Envelope header decoding is now capped to keep validation work bounded, even when headers are unusually large.
Anonymous rate limiting is more robust by using a request fingerprint fallback, rather than relying on a shared anonymous bucket. This helps reduce the chance that one noisy source impacts other anonymous traffic.
More reliable trace sampling defaults
Trace sampling values are now validated more strictly on both client and server. When the provided value is not a valid numeric rate, the app safely falls back to the default.