feat(elysia): Elysia SDK (#19509)

### Key Decisions:

- Built on `@sentry/bun` since Elysia is Bun-first.
- We uses Elysia's first-party OTel plugin for lifecycle instrumentation
instead of rolling our own.
- We had to filter out `bunServerIntegration` to avoid competing root
spans, as Elysia creates its own.
- Error handling: Captures `5xx` and <= `299`, skips `3xx/4xx`. Aligned
with Fastify. Overridable via `shouldHandleError`.
- Client hooks registered once via module-level guard, safe to call
withElysia() multiple times.
- Elysia produces empty child spans for arrow function handlers. We
collect their IDs in `spanEnd` (still empty at that point) and strip
them in `beforeSendEvent`. Unless the user provides a named function, we
will strip them, check the trace below as an example of a named function
`logRequest` vs the stripped event handlers in other life cycle hooks.

<img width="2784" height="650" alt="CleanShot 2026-03-05 at 15 19 34@2x"
src="https://github.com/user-attachments/assets/38382794-1cdc-465f-8c8b-bbe80e4b8635"
/>

<img width="2094" height="908" alt="CleanShot 2026-03-05 at 15 02 12@2x"
src="https://github.com/user-attachments/assets/8e449c67-d08a-4945-8da7-d6ca249d1056"
/>

TODOs:

- [x] Plugin API to address registration order.
- [x] Figure out a way to drop the root span or parameterize it.
- [x] Transform into an SDK 

Closes #18956

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: logaretm

.craft.yml

@@ -95,6 +95,9 @@ targets:
   - name: npm
     id: '@sentry/bun'
     includeNames: /^sentry-bun-\d.*\.tgz$/
+  - name: npm
+    id: '@sentry/elysia'
+    includeNames: /^sentry-elysia-\d.*\.tgz$/
   - name: npm
     id: '@sentry/hono'
     includeNames: /^sentry-hono-\d.*\.tgz$/
@@ -247,3 +250,9 @@ targets:
         packageUrl: 'https://www.npmjs.com/package/@sentry/effect'
         mainDocsUrl: 'https://docs.sentry.io/platforms/javascript/guides/effect/'
         onlyIfPresent: /^sentry-effect-\d.*\.tgz$/
+      'npm:@sentry/elysia':
+        name: 'Sentry Elysia SDK'
+        sdkName: 'sentry.javascript.elysia'
+        packageUrl: 'https://www.npmjs.com/package/@sentry/elysia'
+        mainDocsUrl: 'https://docs.sentry.io/platforms/javascript/guides/elysia/'
+        onlyIfPresent: /^sentry-elysia-\d.*\.tgz$/

.github/ISSUE_TEMPLATE/bug.yml

@@ -46,6 +46,7 @@ body:
         - '@sentry/cloudflare - hono'
         - '@sentry/deno'
         - '@sentry/effect'
+        - '@sentry/elysia'
         - '@sentry/ember'
         - '@sentry/gatsby'
         - '@sentry/google-cloud-serverless'

.github/workflows/build.yml

@@ -961,7 +961,7 @@ jobs:
         with:
           node-version-file: 'dev-packages/e2e-tests/test-applications/${{ matrix.test-application }}/package.json'
       - name: Set up Bun
-        if: contains(fromJSON('["node-exports-test-app","nextjs-16-bun"]'), matrix.test-application)
+        if: contains(fromJSON('["node-exports-test-app","nextjs-16-bun", "elysia-bun"]'), matrix.test-application)
         uses: oven-sh/setup-bun@v2
       - name: Set up AWS SAM
         if: matrix.test-application == 'aws-serverless'

.size-limit.js

@@ -184,7 +184,7 @@ module.exports = [
     name: 'CDN Bundle (incl. Tracing)',
     path: createCDNPath('bundle.tracing.min.js'),
     gzip: true,
-    limit: '44 KB',
+    limit: '45 KB',
   },
   {
     name: 'CDN Bundle (incl. Logs, Metrics)',
@@ -196,37 +196,37 @@ module.exports = [
     name: 'CDN Bundle (incl. Tracing, Logs, Metrics)',
     path: createCDNPath('bundle.tracing.logs.metrics.min.js'),
     gzip: true,
-    limit: '45 KB',
+    limit: '46 KB',
   },
   {
     name: 'CDN Bundle (incl. Replay, Logs, Metrics)',
     path: createCDNPath('bundle.replay.logs.metrics.min.js'),
     gzip: true,
-    limit: '69 KB',
+    limit: '70 KB',
   },
   {
     name: 'CDN Bundle (incl. Tracing, Replay)',
     path: createCDNPath('bundle.tracing.replay.min.js'),
     gzip: true,
-    limit: '81 KB',
+    limit: '82 KB',
   },
   {
     name: 'CDN Bundle (incl. Tracing, Replay, Logs, Metrics)',
     path: createCDNPath('bundle.tracing.replay.logs.metrics.min.js'),
     gzip: true,
-    limit: '82 KB',
+    limit: '83 KB',
   },
   {
     name: 'CDN Bundle (incl. Tracing, Replay, Feedback)',
     path: createCDNPath('bundle.tracing.replay.feedback.min.js'),
     gzip: true,
-    limit: '86 KB',
+    limit: '88 KB',
   },
   {
     name: 'CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics)',
     path: createCDNPath('bundle.tracing.replay.feedback.logs.metrics.min.js'),
     gzip: true,
-    limit: '87 KB',
+    limit: '88 KB',
   },
   // browser CDN bundles (non-gzipped)
   {
@@ -241,7 +241,7 @@ module.exports = [
     path: createCDNPath('bundle.tracing.min.js'),
     gzip: false,
     brotli: false,
-    limit: '129 KB',
+    limit: '133 KB',
   },
   {
     name: 'CDN Bundle (incl. Logs, Metrics) - uncompressed',
@@ -255,28 +255,28 @@ module.exports = [
     path: createCDNPath('bundle.tracing.logs.metrics.min.js'),
     gzip: false,
     brotli: false,
-    limit: '132 KB',
+    limit: '136 KB',
   },
   {
     name: 'CDN Bundle (incl. Replay, Logs, Metrics) - uncompressed',
     path: createCDNPath('bundle.replay.logs.metrics.min.js'),
     gzip: false,
     brotli: false,
-    limit: '210 KB',
+    limit: '212 KB',
   },
   {
     name: 'CDN Bundle (incl. Tracing, Replay) - uncompressed',
     path: createCDNPath('bundle.tracing.replay.min.js'),
     gzip: false,
     brotli: false,
-    limit: '246 KB',
+    limit: '250 KB',
   },
   {
     name: 'CDN Bundle (incl. Tracing, Replay, Logs, Metrics) - uncompressed',
     path: createCDNPath('bundle.tracing.replay.logs.metrics.min.js'),
     gzip: false,
     brotli: false,
-    limit: '250 KB',
+    limit: '253 KB',
   },
   {
     name: 'CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed',
@@ -290,7 +290,7 @@ module.exports = [
     path: createCDNPath('bundle.tracing.replay.feedback.logs.metrics.min.js'),
     gzip: false,
     brotli: false,
-    limit: '264 KB',
+    limit: '266 KB',
   },
   // Next.js SDK (ESM)
   {

README.md

@@ -71,6 +71,7 @@ package. Please refer to the README and instructions of those SDKs for more deta
   for native crashes
 - [`@sentry/effect`](https://github.com/getsentry/sentry-javascript/tree/master/packages/effect): SDK for Effect (Alpha)
 - [`@sentry/bun`](https://github.com/getsentry/sentry-javascript/tree/master/packages/bun): SDK for Bun
+- [`@sentry/elysia`](https://github.com/getsentry/sentry-javascript/tree/master/packages/elysia): SDK for Elysia
 - [`@sentry/deno`](https://github.com/getsentry/sentry-javascript/tree/master/packages/deno): SDK for Deno
 - [`@sentry/cloudflare`](https://github.com/getsentry/sentry-javascript/tree/master/packages/cloudflare): SDK for
   Cloudflare

dev-packages/e2e-tests/test-applications/elysia-bun/.gitignore

@@ -0,0 +1 @@
+dist

dev-packages/e2e-tests/test-applications/elysia-bun/.npmrc

@@ -0,0 +1,2 @@
+@sentry:registry=http://127.0.0.1:4873
+@sentry-internal:registry=http://127.0.0.1:4873

dev-packages/e2e-tests/test-applications/elysia-bun/package.json

@@ -0,0 +1,26 @@
+{
+  "name": "elysia-bun-app",
+  "version": "1.0.0",
+  "private": true,
+  "type": "module",
+  "scripts": {
+    "start": "bun src/app.ts",
+    "test": "playwright test",
+    "clean": "npx rimraf node_modules pnpm-lock.yaml",
+    "test:build": "pnpm install",
+    "test:assert": "pnpm test"
+  },
+  "dependencies": {
+    "@elysiajs/opentelemetry": "^1.4.0",
+    "@sentry/elysia": "latest || *",
+    "elysia": "^1.4.0"
+  },
+  "devDependencies": {
+    "@playwright/test": "~1.56.0",
+    "@sentry-internal/test-utils": "link:../../../test-utils",
+    "bun-types": "^1.2.9"
+  },
+  "volta": {
+    "extends": "../../package.json"
+  }
+}

dev-packages/e2e-tests/test-applications/elysia-bun/playwright.config.mjs

@@ -0,0 +1,7 @@
+import { getPlaywrightConfig } from '@sentry-internal/test-utils';
+
+const config = getPlaywrightConfig({
+  startCommand: 'bun src/app.ts',
+});
+
+export default config;

dev-packages/e2e-tests/test-applications/elysia-bun/src/app.ts

@@ -0,0 +1,142 @@
+import * as Sentry from '@sentry/elysia';
+import { Elysia } from 'elysia';
+
+Sentry.init({
+  environment: 'qa', // dynamic sampling bias to keep transactions
+  dsn: process.env.E2E_TEST_DSN,
+  tunnel: `http://localhost:3031/`, // proxy server
+  tracesSampleRate: 1,
+  tracePropagationTargets: ['http://localhost:3030', '/external-allowed'],
+});
+
+const app = Sentry.withElysia(new Elysia());
+
+// Simple success route
+app.get('/test-success', () => ({ version: 'v1' }));
+
+// Parameterized route
+app.get('/test-param/:param', ({ params }) => ({ paramWas: params.param }));
+
+// Multiple params
+app.get('/test-multi-param/:param1/:param2', ({ params }) => ({
+  param1: params.param1,
+  param2: params.param2,
+}));
+
+// Route that throws an error (will be caught by onError)
+app.get('/test-exception/:id', ({ params }) => {
+  throw new Error(`This is an exception with id ${params.id}`);
+});
+
+// Route with a custom span
+app.get('/test-transaction', () => {
+  Sentry.startSpan({ name: 'test-span' }, () => {
+    Sentry.startSpan({ name: 'child-span' }, () => {});
+  });
+  return { status: 'ok' };
+});
+
+// Route with specific middleware via .guard or .use
+app.group('/with-middleware', app =>
+  app
+    .onBeforeHandle(() => {
+      // This is a route-specific middleware
+    })
+    .get('/test', () => ({ middleware: true })),
+);
+
+// Error with specific status code
+app.post('/test-post-error', () => {
+  throw new Error('Post error');
+});
+
+// Route that returns a non-500 error
+app.get('/test-4xx', ({ set }) => {
+  set.status = 400;
+  return { error: 'Bad Request' };
+});
+
+// Error that reaches the error handler with status still set to 200 (unusual, should still be captured)
+app.get('/test-error-with-200-status', ({ set }) => {
+  set.status = 200;
+  throw new Error('Error with 200 status');
+});
+
+// POST route that echoes body
+app.post('/test-post', ({ body }) => ({ status: 'ok', body }));
+
+// Route that returns inbound headers (for propagation tests)
+app.get('/test-inbound-headers/:id', ({ params, request }) => {
+  const headers = Object.fromEntries(request.headers.entries());
+  return { headers, id: params.id };
+});
+
+// Outgoing fetch propagation
+app.get('/test-outgoing-fetch/:id', async ({ params }) => {
+  const id = params.id;
+  const response = await fetch(`http://localhost:3030/test-inbound-headers/${id}`);
+  const data = await response.json();
+  return data;
+});
+
+// Outgoing fetch to external (allowed by tracePropagationTargets)
+app.get('/test-outgoing-fetch-external-allowed', async () => {
+  const response = await fetch(`http://localhost:3040/external-allowed`);
+  const data = await response.json();
+  return data;
+});
+
+// Outgoing fetch to external (disallowed by tracePropagationTargets)
+app.get('/test-outgoing-fetch-external-disallowed', async () => {
+  const response = await fetch(`http://localhost:3040/external-disallowed`);
+  const data = await response.json();
+  return data;
+});
+
+// Route that throws a string (not an Error object)
+app.get('/test-string-error', () => {
+  // eslint-disable-next-line no-throw-literal
+  throw 'String error message';
+});
+
+// Route for concurrent isolation tests — returns scope data in response
+app.get('/test-isolation/:userId', async ({ params }) => {
+  Sentry.setUser({ id: params.userId });
+  Sentry.setTag('user_id', params.userId);
+
+  // Simulate async work to increase overlap between concurrent requests
+  await new Promise(resolve => setTimeout(resolve, 200));
+
+  return {
+    userId: params.userId,
+    isolationScopeUserId: Sentry.getIsolationScope().getUser()?.id,
+    isolationScopeTag: Sentry.getIsolationScope().getScopeData().tags?.user_id,
+  };
+});
+
+// Flush route for waiting on events
+app.get('/flush', async () => {
+  await Sentry.flush();
+  return { ok: true };
+});
+
+app.listen(3030, () => {
+  console.log('Elysia app listening on port 3030');
+});
+
+// Second app for external propagation tests
+const app2 = new Elysia();
+
+app2.get('/external-allowed', ({ request }) => {
+  const headers = Object.fromEntries(request.headers.entries());
+  return { headers, route: '/external-allowed' };
+});
+
+app2.get('/external-disallowed', ({ request }) => {
+  const headers = Object.fromEntries(request.headers.entries());
+  return { headers, route: '/external-disallowed' };
+});
+
+app2.listen(3040, () => {
+  console.log('External app listening on port 3040');
+});