chore(deps): Bump form-data to 4.0.4 #5015

antonis · 2025-07-24T13:51:22Z

📢 Type of change

Bugfix
New feature
Enhancement
Refactoring

📜 Description

Bump form-data to 4.0.4

💡 Motivation and Context

Security vulnerability in form-data that is being pulled in as a transitive dependency by axios, appium/support, jsdom (via jest-environment-jsdom). Note that it is used only in tests and the sample app.

├─ @appium/support@npm:4.5.0
│  └─ form-data@npm:4.0.0 (via npm:4.0.0)
│
├─ @appium/support@npm:5.1.3
│  └─ form-data@npm:4.0.0 (via npm:4.0.0)
│
├─ @appium/support@npm:6.1.1
│  └─ form-data@npm:4.0.2 (via npm:4.0.2)
│
├─ axios@npm:1.6.3
│  └─ form-data@npm:4.0.0 (via npm:^4.0.0)
│
├─ axios@npm:1.7.2
│  └─ form-data@npm:4.0.0 (via npm:^4.0.0)
│
├─ axios@npm:1.7.3
│  └─ form-data@npm:4.0.0 (via npm:^4.0.0)
│
├─ axios@npm:1.8.2
│  └─ form-data@npm:4.0.0 (via npm:^4.0.0)
│
├─ axios@npm:1.8.4
│  └─ form-data@npm:4.0.0 (via npm:^4.0.0)
│
├─ axios@npm:1.9.0
│  └─ form-data@npm:4.0.0 (via npm:^4.0.0)
│
├─ jsdom@npm:20.0.3
│  └─ form-data@npm:4.0.0 (via npm:^4.0.0)
│
└─ jsdom@npm:20.0.3 [51f69]
   └─ form-data@npm:4.0.0 (via npm:^4.0.0)

├─ jest-environment-jsdom@npm:29.7.0
│  └─ jsdom@npm:20.0.3 (via npm:^20.0.0)
│
└─ jest-environment-jsdom@npm:29.7.0 [400e1]
   └─ jsdom@npm:20.0.3 [51f69] (via npm:^20.0.0 [51f69])

💚 How did you test it?

CI

📝 Checklist

I added tests to verify changes
No new PII added or SDK only sends newly added PII if sendDefaultPII is enabled
I updated the docs if needed.
I updated the wizard if needed.
All tests passing
No breaking changes

🔮 Next steps

#skip-changelog

github-actions · 2025-07-24T14:21:57Z

iOS (new) Performance metrics 🚀

	Plain	With Sentry	Diff
Startup time	1228.88 ms	1221.49 ms	-7.39 ms
Size	3.19 MiB	4.38 MiB	1.19 MiB

Baseline results on branch: main

Startup times

Revision	Plain	With Sentry	Diff
`f25ae46`+dirty	1241.73 ms	1239.10 ms	-2.63 ms
`071ae5c`+dirty	1206.47 ms	1210.30 ms	3.84 ms
`368003b`+dirty	1240.27 ms	1245.12 ms	4.86 ms
`a3aad2b`+dirty	1213.89 ms	1224.52 ms	10.63 ms
`9f14d9d`+dirty	1212.42 ms	1211.50 ms	-0.92 ms
`ffab994`+dirty	1222.20 ms	1230.69 ms	8.49 ms
`37f7d2e`+dirty	1217.37 ms	1210.04 ms	-7.32 ms
`38a1af2`+dirty	1211.57 ms	1219.27 ms	7.70 ms
`e12044e`+dirty	1234.49 ms	1228.85 ms	-5.64 ms
`d18ddb1`+dirty	1200.88 ms	1214.57 ms	13.69 ms

App size

Revision	Plain	With Sentry	Diff
`f25ae46`+dirty	3.19 MiB	4.36 MiB	1.17 MiB
`071ae5c`+dirty	3.19 MiB	4.36 MiB	1.18 MiB
`368003b`+dirty	3.19 MiB	4.38 MiB	1.19 MiB
`a3aad2b`+dirty	3.19 MiB	4.36 MiB	1.17 MiB
`9f14d9d`+dirty	3.19 MiB	4.38 MiB	1.19 MiB
`ffab994`+dirty	3.19 MiB	4.36 MiB	1.18 MiB
`37f7d2e`+dirty	3.19 MiB	4.38 MiB	1.19 MiB
`38a1af2`+dirty	3.19 MiB	4.35 MiB	1.17 MiB
`e12044e`+dirty	3.19 MiB	4.35 MiB	1.17 MiB
`d18ddb1`+dirty	3.19 MiB	4.36 MiB	1.17 MiB

github-actions · 2025-07-24T14:23:54Z

iOS (legacy) Performance metrics 🚀

	Plain	With Sentry	Diff
Startup time	1217.33 ms	1226.96 ms	9.63 ms
Size	2.63 MiB	3.81 MiB	1.18 MiB

Baseline results on branch: main

Startup times

Revision	Plain	With Sentry	Diff
`f25ae46`+dirty	1230.92 ms	1228.98 ms	-1.94 ms
`071ae5c`+dirty	1224.22 ms	1227.83 ms	3.61 ms
`7d3c3cb`+dirty	1226.39 ms	1227.10 ms	0.71 ms
`368003b`+dirty	1220.63 ms	1231.55 ms	10.92 ms
`a3aad2b`+dirty	1196.88 ms	1205.52 ms	8.65 ms
`6e8a851`+dirty	1227.96 ms	1235.61 ms	7.65 ms
`9f14d9d`+dirty	1228.51 ms	1233.00 ms	4.49 ms
`ffab994`+dirty	1220.71 ms	1222.00 ms	1.29 ms
`37f7d2e`+dirty	1213.15 ms	1222.61 ms	9.46 ms
`38a1af2`+dirty	1210.07 ms	1212.75 ms	2.68 ms

App size

Revision	Plain	With Sentry	Diff
`f25ae46`+dirty	2.63 MiB	3.80 MiB	1.17 MiB
`071ae5c`+dirty	2.63 MiB	3.80 MiB	1.17 MiB
`7d3c3cb`+dirty	2.63 MiB	3.78 MiB	1.15 MiB
`368003b`+dirty	2.63 MiB	3.81 MiB	1.18 MiB
`a3aad2b`+dirty	2.63 MiB	3.80 MiB	1.17 MiB
`6e8a851`+dirty	2.63 MiB	3.78 MiB	1.15 MiB
`9f14d9d`+dirty	2.63 MiB	3.81 MiB	1.18 MiB
`ffab994`+dirty	2.63 MiB	3.80 MiB	1.17 MiB
`37f7d2e`+dirty	2.63 MiB	3.81 MiB	1.18 MiB
`38a1af2`+dirty	2.63 MiB	3.79 MiB	1.15 MiB

github-actions · 2025-07-24T14:25:33Z

Android (new) Performance metrics 🚀

	Plain	With Sentry	Diff
Startup time	379.64 ms	442.14 ms	62.51 ms
Size	7.15 MiB	8.42 MiB	1.27 MiB

Baseline results on branch: main

Startup times

Revision	Plain	With Sentry	Diff
`bd87539`+dirty	388.51 ms	370.56 ms	-17.95 ms
`866f143`+dirty	378.91 ms	368.73 ms	-10.19 ms
`38a1af2`+dirty	421.38 ms	431.35 ms	9.97 ms
`1a14c8b`+dirty	412.18 ms	413.04 ms	0.86 ms
`ffab994`+dirty	396.46 ms	440.75 ms	44.29 ms
`940bd65`+dirty	408.45 ms	419.75 ms	11.30 ms
`bdb324a`+dirty	401.10 ms	401.16 ms	0.06 ms
`ab18954`+dirty	376.65 ms	376.82 ms	0.17 ms
`4e2cbd2`+dirty	371.98 ms	392.00 ms	20.02 ms
`6e8a851`+dirty	403.44 ms	430.87 ms	27.43 ms

App size

Revision	Plain	With Sentry	Diff
`bd87539`+dirty	7.15 MiB	8.42 MiB	1.26 MiB
`866f143`+dirty	7.15 MiB	8.42 MiB	1.26 MiB
`38a1af2`+dirty	7.15 MiB	8.42 MiB	1.26 MiB
`1a14c8b`+dirty	7.15 MiB	8.42 MiB	1.26 MiB
`ffab994`+dirty	7.15 MiB	8.42 MiB	1.27 MiB
`940bd65`+dirty	7.15 MiB	8.42 MiB	1.26 MiB
`bdb324a`+dirty	7.15 MiB	8.42 MiB	1.26 MiB
`ab18954`+dirty	7.15 MiB	8.42 MiB	1.26 MiB
`4e2cbd2`+dirty	7.15 MiB	8.42 MiB	1.26 MiB
`6e8a851`+dirty	7.15 MiB	8.42 MiB	1.26 MiB

github-actions · 2025-07-24T15:54:15Z

Android (legacy) Performance metrics 🚀

	Plain	With Sentry	Diff
Startup time	467.98 ms	463.43 ms	-4.54 ms
Size	17.75 MiB	20.15 MiB	2.41 MiB

Baseline results on branch: main

Startup times

Revision	Plain	With Sentry	Diff
`38a1af2`	404.02 ms	419.89 ms	15.86 ms
`a8a0930`	397.23 ms	383.78 ms	-13.45 ms
`bd87539`	403.50 ms	395.47 ms	-8.03 ms
`69721ae`	424.85 ms	415.28 ms	-9.57 ms
`398e5d0`	432.76 ms	423.80 ms	-8.96 ms
`940bd65`	466.31 ms	458.52 ms	-7.79 ms
`1f1c420`	403.32 ms	411.98 ms	8.66 ms
`b4d6bde`	425.51 ms	417.37 ms	-8.14 ms
`6715c24`	419.21 ms	416.43 ms	-2.78 ms
`b13b9dd`	465.46 ms	470.83 ms	5.37 ms

App size

Revision	Plain	With Sentry	Diff
`38a1af2`	17.75 MiB	20.15 MiB	2.40 MiB
`a8a0930`	17.75 MiB	20.15 MiB	2.40 MiB
`bd87539`	17.75 MiB	20.15 MiB	2.40 MiB
`69721ae`	17.75 MiB	20.15 MiB	2.40 MiB
`398e5d0`	17.75 MiB	20.15 MiB	2.40 MiB
`940bd65`	17.75 MiB	20.15 MiB	2.40 MiB
`1f1c420`	17.75 MiB	20.15 MiB	2.40 MiB
`b4d6bde`	17.75 MiB	20.15 MiB	2.40 MiB
`6715c24`	17.75 MiB	20.15 MiB	2.40 MiB
`b13b9dd`	17.75 MiB	20.15 MiB	2.41 MiB

kahest

thanks for the quick fix!

chore(deps): Bump form-data to 4.0.4 due to a security vulnerability

e7bc8e1

antonis changed the title ~~chore(deps): Bump form-data to 4.0.4 due to a security vulnerability~~ chore(deps): Bump form-data to 4.0.4 Jul 24, 2025

antonis marked this pull request as ready for review July 24, 2025 15:11

antonis requested a review from lucas-zimerman as a code owner July 24, 2025 15:11

kahest approved these changes Jul 24, 2025

View reviewed changes

antonis merged commit 349ad5b into main Jul 25, 2025
113 of 115 checks passed

antonis deleted the antonis/bump-form-data-4.0.4 branch July 25, 2025 04:03

Uh oh!

chore(deps): Bump form-data to 4.0.4 #5015

chore(deps): Bump form-data to 4.0.4 #5015

Uh oh!

Conversation

antonis commented Jul 24, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

📢 Type of change

📜 Description

💡 Motivation and Context

💚 How did you test it?

📝 Checklist

🔮 Next steps

Uh oh!

github-actions bot commented Jul 24, 2025

iOS (new) Performance metrics 🚀

Baseline results on branch: main

Startup times

App size

Uh oh!

github-actions bot commented Jul 24, 2025

iOS (legacy) Performance metrics 🚀

Baseline results on branch: main

Startup times

App size

Uh oh!

github-actions bot commented Jul 24, 2025

Android (new) Performance metrics 🚀

Baseline results on branch: main

Startup times

App size

Uh oh!

github-actions bot commented Jul 24, 2025

Android (legacy) Performance metrics 🚀

Baseline results on branch: main

Startup times

App size

Uh oh!

kahest left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

antonis commented Jul 24, 2025 •

edited

Loading