Migrate Sentry from @sentry/nextjs to @sentry/node + @sentry/react for VineXT

[eser]

Summary

• Replaced @sentry/nextjs with @sentry/node (server), @sentry/react (client), and @sentry/vite-plugin (build-time sourcemap upload)
• Installed VineXT core packages (vinext, @vitejs/plugin-rsc, @cloudflare/vite-plugin)
• Created vite.config.ts with VineXT, RSC, Cloudflare, and Sentry Vite plugins
• Simplified next.config.ts by removing withSentryConfig, withMDX, withNextIntl wrappers, output: "standalone", and reactCompiler options
• Updated sentry.server.config.ts to import from @sentry/node
• Removed sentry.edge.config.ts (VineXT has no edge runtime concept)
• Updated src/instrumentation.ts to use typeof window === "undefined" instead of NEXT_RUNTIME env var
• Updated src/instrumentation-client.ts to use @sentry/react and removed Next.js-specific onRouterTransitionStart export
• Updated src/app/global-error.tsx and src/pages/_error.tsx to use @sentry/react
• Updated package.json scripts to use vinext dev/build/start

Test plan

• Lint passes with zero errors (only pre-existing warnings)
• Existing test suite passes (4 pre-existing test failures unrelated to this change)
• No remaining @sentry/nextjs references in the codebase
• No remaining NEXT_RUNTIME or withSentryConfig references
• Verify vinext dev starts successfully
• Verify vinext build completes without Sentry-related errors
• Verify Sentry error reporting works in production

Summary by CodeRabbit

• Chores
  • Migrated build configuration and CLI scripts to use vinext-based tooling instead of Next.js
  • Refactored error tracking configuration with updated dependencies
  • Added Vite configuration with plugin support for cloudflare and source maps
  • Removed legacy Next.js configuration wrappers and edge-specific initialization code

[coderabbitai]

📝 Walkthrough

Walkthrough

The changes migrate from Next.js-based build tooling to Vite with vinext, replace the monolithic @sentry/nextjs package with modular Sentry packages (@sentry/node, @sentry/react, @sentry/vite-plugin), simplify Next.js configuration by removing wrapper plugins, and introduce a new Vite configuration file.

Changes

Cohort / File(s)	Summary
Build Tool Migration package.json, next.config.ts	Updated CLI scripts from next to vinext for dev/build/start. Removed Next.js wrapper plugins (withSentryConfig, withMDX, withNextIntl) and simplified default export. Replaced @sentry/nextjs with separate @sentry/node, @sentry/react, and @sentry/vite-plugin packages.
Vite Integration vite.config.ts	New Vite configuration file with plugins for vinext, RSC, Cloudflare, and Sentry Vite plugin integration.
Sentry Instrumentation sentry.server.config.ts, src/app/global-error.tsx, src/instrumentation-client.ts, src/pages/_error.tsx	Updated Sentry imports from @sentry/nextjs to @sentry/react or @sentry/node. Adjusted documentation references and error handling patterns.
Sentry Configuration Cleanup sentry.edge.config.ts, src/instrumentation.ts	Removed edge-specific Sentry initialization (sentry.edge.config.ts deleted). Removed onRequestError export from instrumentation.ts and simplified runtime environment detection to check typeof window === "undefined" instead of NEXT\_RUNTIME.
Client Instrumentation Update src/instrumentation-client.ts	Migrated from @sentry/nextjs to @sentry/react and removed the exported onRouterTransitionStart constant.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 From Next.js to Vite we bound,
With vinext's speed, a swifter ground,
Sentry split to modular parts,
Config wrappers torn apart,
Swift migrations warm our hearts! 🚀

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title directly and accurately describes the main change: migrating Sentry from a Next.js-specific package to platform-specific packages (@sentry/node and @sentry/react) in preparation for VineXT adoption.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@vite.config.ts`:
- Around line 1-29: Update and pin the vulnerable/experimental dev dependencies:
bump `@vitejs/plugin-rsc` to at least 0.5.8 (prefer latest stable >=0.5.8) and
lock the version in package.json to prevent automatic regresses, and either
replace or gate use of vinext (the vinext() plugin) for production—either remove
it from the production plugin list, add a runtime/build-time opt-in flag (e.g.,
only include vinext() when process.env.ENABLE_VINEXT === "true"), or replace it
with a supported alternative; also confirm sentryVitePlugin remains configured
to skip uploads when process.env.SENTRY_AUTH_TOKEN is unset (no change needed)
and run `npm audit`/`npm ci` to verify no transitive vulnerable versions remain.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d9370c8 and 2f4d462.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (9)

• next.config.ts
• package.json
• sentry.edge.config.ts
• sentry.server.config.ts
• src/app/global-error.tsx
• src/instrumentation-client.ts
• src/instrumentation.ts
• src/pages/_error.tsx
• vite.config.ts

💤 Files with no reviewable changes (1)

• sentry.edge.config.ts

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🌐 Web query:

vinext vite plugin stability documentation

💡 Result:

Vinext’s own docs currently describe its stability as experimental / use-at-your-own-risk:

• GitHub README (cloudflare/vinext): explicitly labels the project “Experimental — under heavy development” and warns that most code/docs were AI-written and not line-by-line reviewed, so expect bugs/rough edges. [1]
• Cloudflare announcement post: includes a “Status: experimental” section and notes it’s very new and not yet validated at large, meaningful traffic, advising caution for production evaluation. [2]

Related dependency note: vinext relies on Vite’s Environment API, which Vite documents as release-candidate with some parts still experimental until a future major release. [3]

Sources: [1] [2] [3]

---

🌐 Web query:

@vitejs/plugin-rsc react server components vite plugin

💡 Result:

@vitejs/plugin-rsc is the official Vite plugin that adds React Server Components (RSC) support, built on Vite’s Environment API and intended to provide low-level primitives that frameworks (and custom app code) can build on. It supports HMR and handles CSS splitting/injection for server components. [1][2]

Quick start

• Create a minimal RSC app from Vite’s template:
  npm create vite@latest -- --template rsc [1]

Typical Vite config shape (3 entries)

RSC apps commonly define separate entry points for:

• client (browser)
• rsc (RSC request handler / RSC stream)
• ssr (HTML rendering that can consume the RSC stream)

React Router’s RSC guide shows this pattern and a working vite.config.ts using @vitejs/plugin-rsc with entries: { client, rsc, ssr }. [3]

Notable plugin APIs (from the plugin docs/README)

• import.meta.viteRsc.loadModule("ssr" | "rsc", entryName) for cross-environment module loading (dev and build behavior differs). [2]
• Runtime re-exports for react-server-dom via:
  • @vitejs/plugin-rsc/rsc, @vitejs/plugin-rsc/ssr, @vitejs/plugin-rsc/browser. [2]

Security notes (important if you used older versions)

• GitHub advisory: versions <= 0.5.2 were affected by an RSC-related unauthenticated RCE issue; patched in 0.5.3. [4]
• CVE-2025-68155: an arbitrary file read issue in dev mode existed prior to 0.5.8; upgrade to 0.5.8+. [5]

Related ecosystem note

Cloudflare’s Vite plugin added improved integration guidance around @vitejs/plugin-rsc (multi-environment/child environments) in Feb 2026. [6]

Sources: Vite docs [1], plugin README on npm (mirrored snippet) [2], React Router RSC guide [3], GitHub security advisory [4], GitLab advisory database [5], Cloudflare changelog [6].

---

🏁 Script executed:

find . -name "package.json" -type f | head -5

Repository: f/prompts.chat

Length of output: 151

---

🏁 Script executed:

cat ./package.json | grep -A 10 '"dependencies"\|"devDependencies"' | head -50

Repository: f/prompts.chat

Length of output: 817

---

🏁 Script executed:

cat ./packages/prompts.chat/package.json | grep -E '"vinext"|"@vitejs/plugin-rsc"|"@sentry/vite-plugin"'

Repository: f/prompts.chat

Length of output: 40

---

🏁 Script executed:

# Also check for any environment variable handling or conditional Sentry setup
rg "SENTRY_AUTH_TOKEN" --type ts --type json

Repository: f/prompts.chat

Length of output: 120

---

🏁 Script executed:

cat ./packages/prompts.chat/package.json | grep -E "vinext|plugin-rsc|sentry/vite-plugin" -A 1 -B 1

Repository: f/prompts.chat

Length of output: 40

---

🏁 Script executed:

# Check the full devDependencies section to find the exact versions
jq '.devDependencies | to_entries[] | select(.key | test("vinext|plugin-rsc|sentry"))' ./packages/prompts.chat/package.json

Repository: f/prompts.chat

Length of output: 40

---

🏁 Script executed:

cat ./packages/prompts.chat/package.json

Repository: f/prompts.chat

Length of output: 2595

---

🏁 Script executed:

cat ./package.json

Repository: f/prompts.chat

Length of output: 4200

---

Verify security patches for @vitejs/plugin-rsc and address experimental package stability.

The configuration uses pre-1.0 experimental packages with known issues:

• @vitejs/plugin-rsc@^0.5.21: Versions before 0.5.8 contain a critical arbitrary file read vulnerability in dev mode (CVE-2025-68155). Ensure the installed version is >= 0.5.8. Also had an RCE issue in versions <= 0.5.2.
• vinext@^0.0.15: Cloudflare explicitly marks this as "Experimental — under heavy development" with AI-written, unreviewed code. The project depends on Vite's experimental Environment API and is not yet validated at meaningful traffic levels. Production use carries significant risk.

The process.env.SENTRY_AUTH_TOKEN being undefined in local development is acceptable; the Sentry Vite plugin (v5.1.1) handles missing tokens gracefully by skipping sourcemap upload.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@vite.config.ts` around lines 1 - 29, Update and pin the
vulnerable/experimental dev dependencies: bump `@vitejs/plugin-rsc` to at least
0.5.8 (prefer latest stable >=0.5.8) and lock the version in package.json to
prevent automatic regresses, and either replace or gate use of vinext (the
vinext() plugin) for production—either remove it from the production plugin
list, add a runtime/build-time opt-in flag (e.g., only include vinext() when
process.env.ENABLE_VINEXT === "true"), or replace it with a supported
alternative; also confirm sentryVitePlugin remains configured to skip uploads
when process.env.SENTRY_AUTH_TOKEN is unset (no change needed) and run `npm
audit`/`npm ci` to verify no transitive vulnerable versions remain.