fix(bundler-plugins): Integration with monorepo build

[isaacs]

Update the bundler-plugins so that integration tests run in CI, and the module follows the same patterns as the rest of sentry-javascript.

[isaacs]

If CI passes, this can be landed after the feat/merge-in-sentry-javascript-bundler-plugins lands.

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit d665aad. Configure here.}

[semgrep-code-getsentry]

Medium severity vulnerability may affect your project—review required:
Line 30753 lists a dependency (webpack) with a known Medium severity vulnerability.

ℹ️ Why this matters

Affected versions of webpack are vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). webpack's AutoPublicPathRuntimeModule emits runtime code that derives the asset public path from document.currentScript. Because document.currentScript can be DOM-clobbered by an injected scriptless element (e.g. ), an attacker who can inject markup into the page can redirect dynamic chunk/asset loading to an attacker-controlled origin, resulting in cross-site scripting (XSS).

References: GHSA, CVE

To resolve this comment:
Check if you build with output.publicPath unset.

• If you're affected, upgrade this dependency to at least version 5.94.0 at yarn.lock.
• If you're not affected, comment /fp we don't use this [condition]

💬 Ignore this finding

To ignore this, reply with:

• /fp <comment> for false positive
• /ar <comment> for acceptable risk
• /other <comment> for all other reasons

_{You can view more details on this finding in the Semgrep AppSec Platform here.}

[github-actions]

size-limit report 📦

Path	Size	% Change	Change
@sentry/browser	27.39 kB	added	added
@sentry/browser - with treeshaking flags	25.82 kB	added	added
@sentry/browser (incl. Tracing)	45.68 kB	added	added
@sentry/browser (incl. Tracing + Span Streaming)	47.92 kB	added	added
@sentry/browser (incl. Tracing, Profiling)	50.48 kB	added	added
@sentry/browser (incl. Tracing, Replay)	84.9 kB	added	added
@sentry/browser (incl. Tracing, Replay) - with treeshaking flags	74.51 kB	added	added
@sentry/browser (incl. Tracing, Replay with Canvas)	89.6 kB	added	added
@sentry/browser (incl. Tracing, Replay, Feedback)	102.28 kB	added	added
@sentry/browser (incl. Feedback)	44.55 kB	added	added
@sentry/browser (incl. sendFeedback)	32.19 kB	added	added
@sentry/browser (incl. FeedbackAsync)	37.3 kB	added	added
@sentry/browser (incl. Metrics)	28.46 kB	added	added
@sentry/browser (incl. Logs)	28.69 kB	added	added
@sentry/browser (incl. Metrics & Logs)	29.39 kB	added	added
@sentry/react	29.18 kB	added	added
@sentry/react (incl. Tracing)	47.98 kB	added	added
@sentry/vue	32.4 kB	added	added
@sentry/vue (incl. Tracing)	47.57 kB	added	added
@sentry/svelte	27.41 kB	added	added
CDN Bundle	29.78 kB	added	added
CDN Bundle (incl. Tracing)	48.16 kB	added	added
CDN Bundle (incl. Logs, Metrics)	31.32 kB	added	added
CDN Bundle (incl. Tracing, Logs, Metrics)	49.48 kB	added	added
CDN Bundle (incl. Replay, Logs, Metrics)	70.61 kB	added	added
CDN Bundle (incl. Tracing, Replay)	85.51 kB	added	added
CDN Bundle (incl. Tracing, Replay, Logs, Metrics)	86.75 kB	added	added
CDN Bundle (incl. Tracing, Replay, Feedback)	91.34 kB	added	added
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics)	92.6 kB	added	added
CDN Bundle - uncompressed	88.46 kB	added	added
CDN Bundle (incl. Tracing) - uncompressed	145.67 kB	added	added
CDN Bundle (incl. Logs, Metrics) - uncompressed	93.17 kB	added	added
CDN Bundle (incl. Tracing, Logs, Metrics) - uncompressed	149.65 kB	added	added
CDN Bundle (incl. Replay, Logs, Metrics) - uncompressed	217.99 kB	added	added
CDN Bundle (incl. Tracing, Replay) - uncompressed	264.54 kB	added	added
CDN Bundle (incl. Tracing, Replay, Logs, Metrics) - uncompressed	268.5 kB	added	added
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	278.24 kB	added	added
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics) - uncompressed	282.19 kB	added	added
@sentry/nextjs (client)	50.43 kB	added	added
@sentry/sveltekit (client)	46.1 kB	added	added
@sentry/core/server	76.05 kB	added	added
@sentry/core/browser	63.19 kB	added	added
@sentry/node-core	61.72 kB	added	added
@sentry/node	130.5 kB	added	added
@sentry/node - without tracing	74.11 kB	added	added
@sentry/aws-serverless	86.29 kB	added	added
@sentry/cloudflare (withSentry) - minified	173.69 kB	added	added
@sentry/cloudflare (withSentry)	433.85 kB	added	added