4.11.3

Bug Fixes 🐛

• (deps) Bump h3 and flatted overrides to fix security vulnerabilities by @BYK in #1281

4.11.2

Bug Fixes 🐛

• Install script bin location by @raulparada in #1280

4.11.1

Bug Fixes 🐛

• (security) Resolve 3 dependabot alerts and dismiss 2 svelte alerts by @BYK in #1279

Internal Changes 🔧

• (release) Use workflow-based artifact discovery, remove merge-artifacts job by @BYK in #1278

4.11.0

New Features ✨

• (telemetry) EmptyState component by @Shubhdeep12 in #1264
• (ui) Collapsible insights section by @Shubhdeep12 in #1263
• Added new codecov action by @MathurAditya724 in #1255

Bug Fixes 🐛

Deps

• Resolve security vulnerabilities via pnpm overrides by @BYK in #1276
• Address Dependabot security alerts by @BYK in #1261

Other

• (cli) Show options in command-specific help output by @BYK in #1260
• (ui) Update TelemetryView layout for better responsiveness by @Shubhdeep12 in #1262
• Add cleanup handlers for EventSource connection in cli tail by @Shubhdeep12 in #1258
• Updated the codecov action to point to getsentry by @MathurAditya724 in #1259

Internal Changes 🔧

Deps

• Bump @hono/node-server from 1.19.3 to 1.19.10 by @dependabot in #1274
• Bump hono from 4.11.7 to 4.12.4 by @dependabot in #1273
• Bump hono from 4.11.4 to 4.11.7 by @dependabot in #1267
• Bump hono from 4.10.3 to 4.11.4 by @dependabot in #1254

Other

• (ci) Fix workflow warnings for cache action and codecov by @BYK in #1251
• (release) Fix Docker Latest Target by @BYK in #1252
• Update release actions to latest versions by @BYK in #1277
• Use pull_request_target for changelog preview by @BYK in #1256

Other

• Update documentation link in README.md by @sergical in #1253

4.10.0

New Features ✨

• Added a dynamic header for dragbar by @MathurAditya724 in #1223
• Better error message display by @MathurAditya724 in #1222

Bug Fixes 🐛

Ui

• Add validation guards to WebVitalsDetail to prevent crashes by @BYK in #1243
• Handle null/undefined span.description safely by @BYK in #1239

Other

• (sentry) Upload and use source maps for all build targets by @BYK in #1241
• Improve EADDRINUSE error handling and UX by @BYK in #1240
• Updated react-router-dom version to latest by @MathurAditya724 in #1245
• Add error handling for base64 decode operations by @BYK in #1237
• Silence non-fixable Sentry errors by @BYK in #1242
• Add null safety to WebVitals comparators by @BYK in #1238
• Add null check for itemHeader in processEnvelope by @BYK in #1233
• Shiki theme in light mode by @MathurAditya724 in #1230

Documentation 📚

Website

• Add feedback note for Spotlight SDK in documentation by @MathurAditya724 in #1228
• Add NextJS guide by @betegon in #1129

Other

• Add section for the spotlight sdk by @MathurAditya724 in #1227

Build / dependencies / internal 🔧

Craft

• Fix Craft traget ids by @BYK in #1248
• Bump craft version to fix releases by @BYK in #1246

Release

• Add npm pack step for Craft npm publishing by @BYK in #1250
• Merge artifacts for Craft release discovery by @BYK in #1249
• Add pnpm and Node.js setup to release workflow by @BYK in #1247
• Migrate to Craft by @betegon in #1232

Other

• (deps) Bump @modelcontextprotocol/sdk from 1.24.3 to 1.25.2 by @dependabot in #1234
• Add workflow to notify issues on release by @betegon in #1236
• Using the param instead of calling a function by @MathurAditya724 in #1224

Other

• Node 24.x support by @BYK in #1235
• Vite windows deny bypass by @BYK in #1229
• Qs security vulnerability fix by @BYK in #1226
• Dependency security updates by @BYK in #1225
• Event origin badges ui by @BYK in #1221

@spotlightjs/spotlight@4.9.0

Minor Changes

• Add support for continuous profiling (Profiling V2) (#1202)

• Add self-documenting CLI commands with per-command help support (#1206)

  Each CLI command now provides its own metadata (short description, usage, detailed help, and examples). The main help output is generated dynamically from this metadata, and users can get detailed help for specific commands via spotlight help <command> or spotlight <command> --help.

Patch Changes

• Remove dead code (#1214)

• Fix profile visualization issues in trace views: (#1203)

  • Update frame colors to use vibrant, high-contrast colors for better visibility
  • Add custom nanovis palette for Spotlight's dark theme
  • Fix sunburst center text showing bytes instead of sample counts
  • Fix treemap visibility with proper color contrast

• added support for AI SDK v2 in AI Mode (#1216)

• updated the empty pages of traces and envelopes (#1213)

• open external links in default browser (#1212)

@spotlightjs/spotlight@4.8.0

Minor Changes

• Add --open / -o CLI flag to automatically open the Spotlight dashboard in your default browser when starting the sidecar (#1200)

Patch Changes

• Fixed flamechart tree building to iterate from root to leaf frames, resolving fragmented visualization (#1201)

• shifted electron dependencies to dev dependencies as there were getting installed with npx for spotlight run (#1184)

@spotlightjs/spotlight@4.7.2

Patch Changes

• Fix ANSI escape code rendering in log viewer. Logs containing ANSI escape sequences (colors, bold, italic, etc.) are now properly styled in the UI instead of showing raw escape characters. (#1187)

@spotlightjs/spotlight@4.7.1

Patch Changes

• Report github-ci environment to Sentry when running in GitHub Actions CI (#1178)

• Fix npx @spotlightjs/spotlight fail (#1181)

@spotlightjs/spotlight@4.7.0

Minor Changes

• Add --allowed-origin / -A CLI option and allowedOrigins API option for configuring additional CORS origins. Supports both full origins (e.g., https://ngrok.io:443) for strict matching and plain domains (e.g., myapp.local) for permissive matching. Fixes #1171. (#1176)

Patch Changes

• Restore draggable electron app and recover semaphore buttons (#1173)

• Allow any DNS pointing to localhost in CORS (#1175)