Fix(server): file capture error handling to log errors instead of crashing when SPOTLIGHT_CAPTURE is enabled #1142
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The latest updates on your projects. Learn more about Vercel for GitHub. 1 Skipped Deployment
|
![sentry[bot]](https://avatars.githubusercontent.com/u/1396951?s=60&v=4){kind=small}
BYK
approved these changes
Nov 27, 2025
Member
BYK
left a comment
BYK
left a comment
There was a problem hiding this comment.
Nice. Sidenote, the envelopes should probably have bin extension rather than txt
betegon
added a commit
that referenced
this pull request
Dec 1, 2025
This PR was opened by the [Changesets release](https://github.com/changesets/action) GitHub action. When you're ready to do a release, you can merge this and publish to npm yourself or [setup this action to publish automatically](https://github.com/changesets/action#with-publishing). If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated. # Releases ## @spotlightjs/[email protected] ### Minor Changes - Added spotlight sdk for helping others to build on top of it ([#1140](#1140)) - Support COMPOSE_FILE environment variable for Docker Compose projects ([#1131](#1131)) - Prompt user to choose between docker compose and package.json when both are present ([#1120](#1120)) ### Patch Changes - Refactor docker compose support ([#1121](#1121)) - disable sentry in development mode ([#1143](#1143)) - **Security:** Restrict CORS origins for Sidecar to prevent unauthorized access ([#1138](#1138)) The Sidecar now only accepts requests from trusted origins: - `localhost` with any port or protocol (http/https) - `https://spotlightjs.com` and `https://*.spotlightjs.com` (HTTPS only, default port)⚠️ **Potentially Breaking:** If you were accessing the Sidecar from other origins (e.g., custom domains, non-HTTPS spotlightjs.com), those connections will now be rejected. This change improves security by preventing malicious websites from connecting to your local Sidecar instance. - Fix file capture error handling to log errors instead of crashing when SPOTLIGHT_CAPTURE is enabled ([#1142](#1142)) --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Miguel Betegón <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
To avoid SPOTLIGHT-T