@newrelic/browser-agent 1.312.1 → 1.313.0

package/dist/cjs/features/generic_events/aggregate/index.js

@@ -16,7 +16,7 @@ var _traverse = require("../../../common/util/traverse");
 var _userActionsAggregator = require("./user-actions/user-actions-aggregator");
 var _iframe = require("../../../common/dom/iframe");
 var _typeCheck = require("../../../common/util/type-check");
-var _v = require("../../../common/util/v2");
+var _utils = require("../../../common/v2/utils");
 /**
  * Copyright 2020-2026 New Relic, Inc. All rights reserved.
  * SPDX-License-Identifier: Apache-2.0
@@ -270,6 +270,25 @@ class Aggregate extends _aggregateBase.AggregateBase {
           this.addEvent(event);
         }, this.featureName, this.ee);
       }
+      if (!agentRef.init.feature_flags.includes('no_spv')) {
+        (0, _registerHandler.registerHandler)('spv', evt => {
+          this.addEvent({
+            eventType: 'SecurityPolicyViolation',
+            timestamp: this.#toEpoch(evt.timeStamp),
+            blockedUri: evt.blockedURI,
+            documentUri: evt.documentURI,
+            effectiveDirective: evt.effectiveDirective,
+            originalPolicy: evt.originalPolicy,
+            sourceFile: evt.sourceFile,
+            statusCode: evt.statusCode,
+            lineNumber: evt.lineNumber,
+            columnNumber: evt.columnNumber,
+            disposition: evt.disposition,
+            sample: evt.sample,
+            referrer: evt.referrer
+          });
+        }, this.featureName, this.ee);
+      }
       this.drain();
     });
   }
@@ -305,7 +324,7 @@ class Aggregate extends _aggregateBase.AggregateBase {
       pageUrl: (0, _cleanUrl.cleanURL)('' + _runtime.initialLocation),
       currentUrl: (0, _cleanUrl.cleanURL)('' + location),
       /** Specific attributes only supplied if harvesting to endpoint version 2 */
-      ...(0, _v.getVersion2Attributes)(target, this)
+      ...(0, _utils.getVersion2Attributes)(target, this)
     };
     const eventAttributes = {
       /** Agent-level custom attributes */

package/dist/cjs/features/generic_events/instrument/index.js

@@ -31,9 +31,10 @@ class Instrument extends _instrumentBase.InstrumentBase {
   constructor(agentRef) {
     super(agentRef, _constants.FEATURE_NAME);
     const websocketsEnabled = agentRef.init.feature_flags.includes('websockets');
+    const securityPolicyViolationEnabled = !agentRef.init.feature_flags.includes('no_spv');
 
     /** config values that gate whether the generic events aggregator should be imported at all */
-    const genericEventSourceConfigs = [agentRef.init.page_action.enabled, agentRef.init.performance.capture_marks, agentRef.init.performance.capture_measures, agentRef.init.performance.resources.enabled, agentRef.init.user_actions.enabled, websocketsEnabled];
+    const genericEventSourceConfigs = [agentRef.init.page_action.enabled, agentRef.init.performance.capture_marks, agentRef.init.performance.capture_measures, agentRef.init.performance.resources.enabled, agentRef.init.user_actions.enabled, websocketsEnabled, securityPolicyViolationEnabled];
 
     /** feature specific APIs */
     (0, _addPageAction.setupAddPageActionAPI)(agentRef);
@@ -41,8 +42,24 @@ class Instrument extends _instrumentBase.InstrumentBase {
     (0, _finished.setupFinishedAPI)(agentRef);
     (0, _register.setupRegisterAPI)(agentRef);
     (0, _measure.setupMeasureAPI)(agentRef);
-    let historyEE, websocketsEE;
-    if (websocketsEnabled) websocketsEE = (0, _wrapWebsocket.wrapWebSocket)(this.ee);
+    this.removeOnAbort = new AbortController();
+    this.abortHandler = () => {
+      this.removeOnAbort.abort();
+      this.abortHandler = undefined; // weakly allow this abort op to run only once
+    };
+    let historyEE;
+    if (websocketsEnabled) {
+      // this can apply outside browser scope such as in worker
+      const websocketsEE = (0, _wrapWebsocket.wrapWebSocket)(this.ee);
+      websocketsEE.on('ws', nrData => {
+        (0, _handle.handle)('ws-complete', [nrData], undefined, this.featureName, this.ee);
+      });
+    }
+    if (securityPolicyViolationEnabled) {
+      _runtime.globalScope.addEventListener('securitypolicyviolation', evt => {
+        (0, _handle.handle)('spv', [evt], undefined, _features.FEATURE_NAMES.genericEvents, this.ee);
+      }, (0, _eventListenerOpts.eventListenerOpts)(false, this.removeOnAbort.signal));
+    }
     if (_runtime.isBrowserScope) {
       (0, _wrapFetch.wrapFetch)(this.ee, agentRef);
       (0, _wrapXhr.wrapXhr)(this.ee, agentRef);
@@ -61,7 +78,7 @@ class Instrument extends _instrumentBase.InstrumentBase {
         );
         _runtime.globalScope.addEventListener('error', () => {
           (0, _handle.handle)('uaErr', [], undefined, _features.FEATURE_NAMES.genericEvents, this.ee);
-        }, (0, _eventListenerOpts.eventListenerOpts)(false, this.removeOnAbort?.signal));
+        }, (0, _eventListenerOpts.eventListenerOpts)(false, this.removeOnAbort.signal));
         this.ee.on('open-xhr-start', (args, xhr) => {
           if (!isInternalTraffic(args[1])) {
             xhr.addEventListener('readystatechange', () => {
@@ -69,7 +86,7 @@ class Instrument extends _instrumentBase.InstrumentBase {
                 // HEADERS_RECEIVED
                 (0, _handle.handle)('uaXhr', [], undefined, _features.FEATURE_NAMES.genericEvents, this.ee);
               }
-            });
+            }, (0, _eventListenerOpts.eventListenerOpts)(undefined, this.removeOnAbort.signal));
           }
         });
         this.ee.on('fetch-start', fetchArguments => {
@@ -83,8 +100,8 @@ class Instrument extends _instrumentBase.InstrumentBase {
         }
         historyEE.on('pushState-end', navigationChange);
         historyEE.on('replaceState-end', navigationChange);
-        window.addEventListener('hashchange', navigationChange, (0, _eventListenerOpts.eventListenerOpts)(true, this.removeOnAbort?.signal));
-        window.addEventListener('popstate', navigationChange, (0, _eventListenerOpts.eventListenerOpts)(true, this.removeOnAbort?.signal));
+        window.addEventListener('hashchange', navigationChange, (0, _eventListenerOpts.eventListenerOpts)(true, this.removeOnAbort.signal));
+        window.addEventListener('popstate', navigationChange, (0, _eventListenerOpts.eventListenerOpts)(true, this.removeOnAbort.signal));
         function navigationChange() {
           historyEE.emit('navChange');
         }
@@ -101,20 +118,6 @@ class Instrument extends _instrumentBase.InstrumentBase {
         });
       }
     }
-    if (websocketsEnabled) {
-      // this can apply outside browser scope such as in worker
-      websocketsEE.on('ws', nrData => {
-        (0, _handle.handle)('ws-complete', [nrData], undefined, this.featureName, this.ee);
-      });
-    }
-    try {
-      this.removeOnAbort = new AbortController();
-    } catch (e) {}
-    this.abortHandler = () => {
-      this.removeOnAbort?.abort();
-      this.abortHandler = undefined; // weakly allow this abort op to run only once
-    };
-
     /** If any of the sources are active, import the aggregator. otherwise deregister */
     if (genericEventSourceConfigs.some(x => x)) this.importAggregator(agentRef, () => Promise.resolve().then(() => _interopRequireWildcard(require(/* webpackChunkName: "generic_events-aggregate" */'../aggregate'))));else this.deregisterDrain();
   }

package/dist/cjs/features/jserrors/aggregate/index.js

@@ -18,8 +18,9 @@ var _aggregateBase = require("../../utils/aggregate-base");
 var _now = require("../../../common/timing/now");
 var _traverse = require("../../../common/util/traverse");
 var _internalErrors = require("./internal-errors");
-var _v = require("../../../common/util/v2");
+var _utils = require("../../../common/v2/utils");
 var _causeString = require("./cause-string");
+var _shortCircuit = require("../../../common/util/short-circuit");
 /**
  * Copyright 2020-2026 New Relic, Inc. All rights reserved.
  * SPDX-License-Identifier: Apache-2.0
@@ -40,8 +41,8 @@ class Aggregate extends _aggregateBase.AggregateBase {
     this.observedAt = {};
     this.pageviewReported = {};
     this.errorOnPage = false;
-    (0, _registerHandler.registerHandler)('err', (...args) => this.storeError(...args), this.featureName, this.ee);
-    (0, _registerHandler.registerHandler)('ierr', (...args) => this.storeError(...args), this.featureName, this.ee);
+    (0, _registerHandler.registerHandler)('err', this.processError.bind(this), this.featureName, this.ee);
+    (0, _registerHandler.registerHandler)('ierr', this.processError.bind(this), this.featureName, this.ee);
     (0, _registerHandler.registerHandler)('returnJserror', (jsErrorEvent, softNavAttrs) => this.#storeJserrorForHarvest(jsErrorEvent, softNavAttrs), this.featureName, this.ee);
 
     // 0 == off, 1 == on
@@ -73,60 +74,162 @@ class Aggregate extends _aggregateBase.AggregateBase {
   }
 
   /**
-   * Builds a standardized stack trace string from the frames in the given `stackInfo` object, with each frame separated
-   * by a newline character. Lines take the form `<functionName>@<url>:<lineNumber>`.
+   * Main entry point for processing JavaScript errors. This method orchestrates the complete error processing pipeline.
    *
-   * @param {StackInfo} stackInfo - An object specifying a stack string and individual frames.
-   * @returns {string} A canonical stack string built from the URLs and function names in the given `stackInfo` object.
+   * Processing Flow:
+   * 1. Filter the error through the customer's onerror handler (if configured and not internal)
+   * 2. Compute the stack trace from the error object
+   * 3. Evaluate if the error should be swallowed (internal errors, known issues, etc.)
+   * 4. Derive target(s) for the error (MFE detection for v2 endpoints, or default target) - Note: "undefined" indicates the default target will be used
+   * 5. Store the error for each derived target. During storage (#storeJserrorForHarvest), duplication for MFE <-> container will be handled
+   *
+   * Important: "ShortCircuit" Pattern:
+   * Several steps in the pipeline can throw a ShortCircuit error to halt processing without
+   * treating it as a reportable error. This pattern is used when:
+   * - The customer's onerror handler returns a truthy value (excluding fingerprinting objects)
+   * - The error is identified as an internal error that shouldn't be reported
+   *
+   * When a ShortCircuit is thrown, processing stops immediately and the error is not stored.
+   * Any other thrown error is re-thrown as it represents an actual problem in the agent code.
+   *
+   * @param {Error|UncaughtError} err - The error instance to be processed
+   * @param {number} [time] - The relative ms (to origin) timestamp of occurrence. Defaults to now()
+   * @param {boolean} [internal=false] - If the error was "caught" and deemed "internal" before reporting to the jserrors feature
+   * @param {object} [customAttributes] - Any custom attributes to be included in the error payload
+   * @param {boolean} [hasReplay=false] - A flag indicating if the error occurred during a replay session
+   * @param {string} [swallowReason] - A string indicating pre-defined reason if swallowing the error. Mainly used by internal error supportability metrics
+   * @param {object} [target] - The target to buffer and harvest to. If undefined, the default configuration target is used
+   * @returns {void}
    */
-  buildCanonicalStackString(stackInfo) {
-    var canonicalStackString = '';
-    for (var i = 0; i < stackInfo.frames.length; i++) {
-      var frame = stackInfo.frames[i];
-      var func = (0, _canonicalFunctionName.canonicalFunctionName)(frame.func);
-      if (canonicalStackString) canonicalStackString += '\n';
-      if (func) canonicalStackString += func + '@';
-      if (typeof frame.url === 'string') canonicalStackString += frame.url;
-      if (frame.line) canonicalStackString += ':' + frame.line;
+  processError(err, time, internal, customAttributes, hasReplay, swallowReason, target) {
+    if (!err) return;
+    time = time || (0, _now.now)();
+    try {
+      const filterOutput = this.#filterError(err, internal);
+      const stackInfo = (0, _computeStackTrace.computeStackTrace)(err);
+      this.#swallowError(stackInfo, internal, swallowReason);
+      this.#deriveTargets(stackInfo, target).forEach(target => {
+        this.#storeError(err, time, stackInfo, filterOutput, customAttributes, hasReplay, target);
+      });
+    } catch (e) {
+      if (!(e instanceof _shortCircuit.ShortCircuit)) {
+        throw e;
+      }
     }
-    return canonicalStackString;
   }
 
   /**
+   * Filters an error through the customer's configured onerror handler.
    *
-   * @param {Error|UncaughtError} err The error instance to be processed
-   * @param {number} time the relative ms (to origin) timestamp of occurrence
-   * @param {boolean=} internal if the error was "caught" and deemed "internal" before reporting to the jserrors feature
-   * @param {object=} customAttributes  any custom attributes to be included in the error payload
-   * @param {boolean=} hasReplay a flag indicating if the error occurred during a replay session
-   * @param {string=} swallowReason a string indicating pre-defined reason if swallowing the error.  Mainly used by the internal error SMs.
-   * @param {object=} target the target to buffer and harvest to, if undefined the default configuration target is used
-   * @returns
+   * If the customer has configured a custom onerror handler and the error is not internal,
+   * this method invokes that handler. The handler's return value determines whether the error
+   * should be reported:
+   * - Falsey values (false, null, undefined, etc.) → Report the error normally
+   * - Truthy non-object values → Don't report (throws ShortCircuit)
+   * - Object with 'group' property (non-empty string) → Report with fingerprinting label
+   * - Any other truthy value → Don't report (throws ShortCircuit)
+   *
+   * @param {Error|UncaughtError} err - The error to filter
+   * @param {boolean} internal - Whether this is an internal error (internal errors skip filtering)
+   * @returns {undefined|object} The filter output. If an object with 'group' property, contains fingerprinting data
+   * @throws {ShortCircuit} When the error should not be reported based on the filter output
    */
-  storeError(err, time, internal, customAttributes, hasReplay, swallowReason, target) {
-    if (!err) return;
-    // are we in an interaction
-    time = time || (0, _now.now)();
+  #filterError(err, internal) {
     let filterOutput;
     if (!internal && this.agentRef.runtime.onerror) {
       filterOutput = this.agentRef.runtime.onerror(err);
       if (filterOutput && !(typeof filterOutput.group === 'string' && filterOutput.group.length)) {
         // All truthy values mean don't report (store) the error, per backwards-compatible usage,
         // - EXCEPT if a fingerprinting label is returned, via an object with key of 'group' and value of non-empty string
-        return;
+        throw new _shortCircuit.ShortCircuit();
       }
       // Again as with previous usage, all falsey values would include the error.
     }
-    var stackInfo = (0, _computeStackTrace.computeStackTrace)(err);
+    return filterOutput;
+  }
+
+  /**
+   * Evaluates whether an error should be swallowed (not reported) based on internal error criteria.
+   *
+   * This method uses the evaluateInternalError function to determine if the error matches known
+   * internal error patterns (e.g., errors from the agent itself, known browser issues, etc.).
+   * If the error should be swallowed, a supportability metric is recorded and processing is halted.
+   *
+   * @param {StackInfo} stackInfo - The computed stack trace information
+   * @param {boolean} internal - Whether the error was marked as internal
+   * @param {string} [swallowReason] - Optional pre-determined reason for swallowing
+   * @returns {void}
+   * @throws {ShortCircuit} When the error should be swallowed and not reported
+   */
+  #swallowError(stackInfo, internal, swallowReason) {
     const {
       shouldSwallow,
       reason
     } = (0, _internalErrors.evaluateInternalError)(stackInfo, internal, swallowReason);
     if (shouldSwallow) {
       this.reportSupportabilityMetric('Internal/Error/' + reason);
-      return;
+      throw new _shortCircuit.ShortCircuit();
     }
-    var canonicalStackString = this.buildCanonicalStackString(stackInfo);
+  }
+
+  /**
+   * Derives the appropriate targets for reporting the given stack information.
+   *
+   * Targets represent the entities that should receive the error data. This is particularly
+   * important for Micro Frontend (MFE) scenarios where errors may need to be reported to
+   * different applications.
+   *
+   * Logic:
+   * - If a target is explicitly provided (e.g., from the register API), use it
+   * - For v2 endpoints without an explicit target, scan stack frames to detect MFE sources
+   * - If no MFE is detected or v2 is not enabled, use undefined (default target)
+   *
+   * @param {StackInfo} stackInfo - The computed stack trace information containing frames
+   * @param {object} [target] - Explicitly provided target, typically from the register API
+   * @returns {Array<object|undefined>} Array of targets to report the error to. Always contains at least one element.
+   */
+  #deriveTargets(stackInfo, target) {
+    const targets = [];
+    if (target) {
+      // reported by the register API directly
+      targets.push(target);
+    } else {
+      // we dont know if this is MFE yet, we need to figure it out.
+      if (this.harvestEndpointVersion === 2) {
+        for (const frame of stackInfo.frames) {
+          targets.push(...(0, _utils.getRegisteredTargetsFromFilename)(frame.url, this.agentRef));
+          if (targets.length) break;
+        }
+      }
+      if (!targets.length) targets.push(undefined);
+    }
+    return targets;
+  }
+
+  /**
+   * Stores error data for eventual harvesting and transmission to the backend.
+   *
+   * This method processes the error through several stages:
+   * 1. Build canonical stack string for cross-browser error grouping
+   * 2. Build cause chain string if the error has a cause property
+   * 3. Create params object with error metadata (stack hash, class, message, etc.)
+   * 4. Create bucket hash for internal deduplication
+   * 5. Store stack trace on first occurrence of this error
+   * 6. Add custom attributes and send to other features (trace, replay)
+   * 7. Route through soft nav if enabled, or directly to harvest storage
+   * 8. Handle MFE duplication for v2 endpoints if needed
+   *
+   * @param {Error|UncaughtError} err - The error instance to be processed
+   * @param {number} time - The relative ms (to origin) timestamp of occurrence
+   * @param {StackInfo} stackInfo - The computed stack trace information
+   * @param {object} [filterOutput] - Output from the customer's onerror handler, may contain fingerprinting group
+   * @param {object} [customAttributes] - Any custom attributes to be included in the error payload
+   * @param {boolean} [hasReplay=false] - A flag indicating if the error occurred during a replay session
+   * @param {object} [target] - The target to buffer and harvest to. If undefined, the default configuration target is used
+   * @returns {void}
+   */
+  #storeError(err, time, stackInfo, filterOutput, customAttributes, hasReplay, target) {
+    var canonicalStackString = this.#buildCanonicalStackString(stackInfo);
     const causeStackString = (0, _causeString.buildCauseString)(err);
     const params = {
       stackHash: (0, _stringHashCode.stringHashCode)(canonicalStackString),
@@ -149,7 +252,7 @@ class Aggregate extends _aggregateBase.AggregateBase {
      * the canonical stack trace excludes items like the column number increasing the hit-rate of different errors potentially
      * bucketing and ultimately resulting in the loss of data in NR1.
      */
-    var bucketHash = (0, _stringHashCode.stringHashCode)("".concat(stackInfo.name, "_").concat(stackInfo.message, "_").concat(stackInfo.stackString, "_").concat(params.hasReplay ? 1 : 0, "_").concat(target?.id || 'container'));
+    var bucketHash = (0, _stringHashCode.stringHashCode)("".concat(stackInfo.name, "_").concat(stackInfo.message, "_").concat(stackInfo.stackString, "_").concat(params.hasReplay ? 1 : 0, "_").concat(target?.id || 'container', "_").concat(target?.instance || ''));
     if (!this.stackReported[bucketHash]) {
       this.stackReported[bucketHash] = true;
       params.stack_trace = (0, _formatStackTrace.truncateSize)(stackInfo.stackString);
@@ -189,27 +292,90 @@ class Aggregate extends _aggregateBase.AggregateBase {
         // pass the error to soft nav for evaluation - it will return it via 'returnJserror' when interaction is resolved
         (0, _handle.handle)('jserror', [jsErrorEvent], undefined, _features.FEATURE_NAMES.softNav, this.ee);
       } else {
-        this.#storeJserrorForHarvest(jsErrorEvent, false);
+        this.#storeJserrorForHarvest(jsErrorEvent);
       }
     }
 
     // always add directly if scoped to a sub-entity, the other pathways above will be deterministic if the main agent should procede
-    if (target) this.#storeJserrorForHarvest([...jsErrorEvent, target], false, params._softNavAttributes);
+    if (target) this.#storeJserrorForHarvest(jsErrorEvent, {}, target);
+  }
+
+  /**
+   * Builds a standardized (canonical) stack trace string from the frames in the given `stackInfo` object.
+   *
+   * The canonical format is used for cross-browser error grouping in NR1, as different browsers
+   * format stack traces differently. Each frame is separated by a newline character and takes
+   * the form: `<functionName>@<url>:<lineNumber>`
+   *
+   * Note: Column numbers are intentionally excluded from the canonical format to improve
+   * grouping accuracy, as the same error across different minified builds might have different
+   * column numbers but should still be grouped together.
+   *
+   * Example output:
+   * ```
+   * handleClick@https://example.com/app.js:42
+   * EventEmitter.emit@https://example.com/vendor.js:1337
+   * ```
+   *
+   * @param {StackInfo} stackInfo - An object containing parsed stack frames from computeStackTrace
+   * @returns {string} A canonical stack string built from the URLs and function names in the given `stackInfo` object
+   */
+  #buildCanonicalStackString(stackInfo) {
+    var canonicalStackString = '';
+    for (var i = 0; i < stackInfo.frames.length; i++) {
+      var frame = stackInfo.frames[i];
+      var func = (0, _canonicalFunctionName.canonicalFunctionName)(frame.func);
+      if (canonicalStackString) canonicalStackString += '\n';
+      if (func) canonicalStackString += func + '@';
+      if (typeof frame.url === 'string') canonicalStackString += frame.url;
+      if (frame.line) canonicalStackString += ':' + frame.line;
+    }
+    return canonicalStackString;
   }
-  #storeJserrorForHarvest(errorInfoArr, softNavCustomAttrs = {}) {
-    let [type, bucketHash, params, newMetrics, localAttrs, target] = errorInfoArr;
+
+  /**
+   * Adds a processed error to the harvest buffer with all custom attributes merged.
+   *
+   * This is the final step before an error is stored to be sent to the backend. It handles:
+   * - Merging all custom attributes (global, soft nav, MFE, and local)
+   * - Creating a unique aggregate hash for deduplication
+   * - Adding the error to the events buffer for harvest
+   * - Duplicating the error for MFE scenarios when needed (v2 endpoints)
+   *
+   * Custom Attribute Precedence (lowest to highest):
+   * 1. Global jsAttributes from agent config
+   * 2. Soft navigation attributes (if from a soft nav interaction)
+   * 3. MFE v2 attributes (source/parent metadata)
+   * 4. Local custom attributes passed with the specific error
+   *
+   * @param {Array} errorInfoArr - Array containing [type, bucketHash, params, metrics, customAttributes, target]
+   * @param {object} [attrs={}] - Additional attributes to merge (e.g., from soft nav interactions)
+   * @returns {void}
+   */
+  #storeJserrorForHarvest(errorInfoArr, attrs = {}, target) {
+    let [type, bucketHash, params, newMetrics, localAttrs] = errorInfoArr;
     const allCustomAttrs = {
       /** MFE specific attributes if in "multiple" mode (ie consumer version 2) */
-      ...(0, _v.getVersion2Attributes)(target, this)
+      ...(0, _utils.getVersion2Attributes)(target, this)
     };
     Object.entries(this.agentRef.info.jsAttributes).forEach(([k, v]) => setCustom(k, v));
-    Object.entries(softNavCustomAttrs).forEach(([k, v]) => setCustom(k, v)); // when an ixn finishes, it'll pass attrs specific to the ixn; if no associated ixn, this defaults to empty
+    Object.entries(attrs).forEach(([k, v]) => setCustom(k, v)); // when an ixn finishes, it'll pass attrs specific to the ixn; if no associated ixn, this defaults to empty
     if (params.browserInteractionId) bucketHash += params.browserInteractionId;
     if (localAttrs) Object.entries(localAttrs).forEach(([k, v]) => setCustom(k, v)); // local custom attrs are applied in either case with the highest precedence
 
     const jsAttributesHash = (0, _stringHashCode.stringHashCode)((0, _stringify.stringify)(allCustomAttrs));
     const aggregateHash = bucketHash + ':' + jsAttributesHash;
     this.events.add([type, aggregateHash, params, newMetrics, allCustomAttrs]);
+    if ((0, _utils.shouldDuplicate)(target, this)) {
+      // Clone the array with new object references to prevent deduplication in the shared aggregator
+      this.#storeJserrorForHarvest([type, bucketHash, {
+        ...params
+      }, {
+        ...newMetrics
+      }, localAttrs && {
+        ...localAttrs
+      }], (0, _utils.getVersion2DuplicationAttributes)(target, this));
+    }
     function setCustom(key, val) {
       allCustomAttrs[key] = val && typeof val === 'object' ? (0, _stringify.stringify)(val) : val;
     }

package/dist/cjs/features/logging/aggregate/index.js

@@ -15,7 +15,7 @@ var _traverse = require("../../../common/util/traverse");
 var _constants2 = require("../../../common/session/constants");
 var _constants3 = require("../../session_replay/constants");
 var _featureGates = require("../../utils/feature-gates");
-var _v = require("../../../common/util/v2");
+var _utils2 = require("../../../common/v2/utils");
 /**
  * Copyright 2020-2026 New Relic, Inc. All rights reserved.
  * SPDX-License-Identifier: Apache-2.0
@@ -106,11 +106,11 @@ class Aggregate extends _aggregateBase.AggregateBase {
     };
     addEvent({
       ...attributes,
-      ...(0, _v.getVersion2Attributes)(target, this)
+      ...(0, _utils2.getVersion2Attributes)(target, this)
     });
-    if ((0, _v.shouldDuplicate)(target, this)) addEvent({
+    if ((0, _utils2.shouldDuplicate)(target, this)) addEvent({
       ...attributes,
-      ...(0, _v.getVersion2DuplicationAttributes)(target, this)
+      ...(0, _utils2.getVersion2DuplicationAttributes)(target, this)
     });
   }
   serializer(eventBuffer) {

package/dist/cjs/features/metrics/instrument/index.js

@@ -4,23 +4,16 @@ Object.defineProperty(exports, "__esModule", {
   value: true
 });
 exports.Metrics = exports.Instrument = void 0;
-var _runtime = require("../../../common/constants/runtime");
-var _handle = require("../../../common/event-emitter/handle");
 var _instrumentBase = require("../../utils/instrument-base");
 var _constants = require("../constants");
 function _interopRequireWildcard(e, t) { if ("function" == typeof WeakMap) var r = new WeakMap(), n = new WeakMap(); return (_interopRequireWildcard = function (e, t) { if (!t && e && e.__esModule) return e; var o, i, f = { __proto__: null, default: e }; if (null === e || "object" != typeof e && "function" != typeof e) return f; if (o = t ? n : r) { if (o.has(e)) return o.get(e); o.set(e, f); } for (const t in e) "default" !== t && {}.hasOwnProperty.call(e, t) && ((i = (o = Object.defineProperty) && Object.getOwnPropertyDescriptor(e, t)) && (i.get || i.set) ? o(f, t, i) : f[t] = e[t]); return f; })(e, t); } /**
- * Copyright 2020-2025 New Relic, Inc. All rights reserved.
+ * Copyright 2020-2026 New Relic, Inc. All rights reserved.
  * SPDX-License-Identifier: Apache-2.0
  */
 class Instrument extends _instrumentBase.InstrumentBase {
   static featureName = _constants.FEATURE_NAME;
   constructor(agentRef) {
     super(agentRef, _constants.FEATURE_NAME);
-    if (_runtime.isBrowserScope) {
-      document.addEventListener('securitypolicyviolation', e => {
-        (0, _handle.handle)(_constants.SUPPORTABILITY_METRIC_CHANNEL, ['Generic/CSPViolation/Detected'], undefined, this.featureName, this.ee);
-      });
-    }
     this.importAggregator(agentRef, () => Promise.resolve().then(() => _interopRequireWildcard(require(/* webpackChunkName: "metrics-aggregate" */'../aggregate'))));
   }
 }

package/dist/cjs/features/session_trace/aggregate/index.js

@@ -45,6 +45,7 @@ class Aggregate extends _aggregateBase.AggregateBase {
     this.entitled ??= stEntitled;
     if (!this.entitled) this.blocked = true;
     if (this.blocked) return this.deregisterDrain();
+    this.timeKeeper ??= this.agentRef.runtime.timeKeeper;
     if (!this.initialized) {
       this.initialized = true;
       /** Store session identifiers at initialization time to be cross-checked later at harvest time for session changes that are subject to race conditions */
@@ -64,9 +65,8 @@ class Aggregate extends _aggregateBase.AggregateBase {
         // if another page's session entity has expired, or another page has transitioned to off and this one hasn't... we can just abort straight away here
         if (this.sessionId !== sessionState.value || eventType === 'cross-tab' && sessionState.sessionTraceMode === _constants2.MODE.OFF) this.abort(2);
       });
-      const navEntry = (0, _runtime.getNavigationEntry)();
-      if (navEntry) {
-        this.traceStorage.storeTiming(navEntry);
+      if (typeof PerformanceNavigationTiming !== 'undefined' && _runtime.globalScope.performance?.getEntriesByType('navigation')?.length > 0) {
+        this.traceStorage.storeTiming(_runtime.globalScope.performance.getEntriesByType('navigation')[0]);
       } else {
         this.traceStorage.storeTiming(_runtime.globalScope.performance?.timing, true);
       }
@@ -79,7 +79,6 @@ class Aggregate extends _aggregateBase.AggregateBase {
     /** If the mode is off, we do not want to hold up draining for other features, so we deregister the feature for now.
      * If it drains later (due to a mode change), data and handlers will instantly drain instead of waiting for the registry. */
     if (this.mode === _constants2.MODE.OFF) return this.deregisterDrain();
-    this.timeKeeper ??= this.agentRef.runtime.timeKeeper;
 
     /** The handlers set up by the Inst file */
     (0, _registerHandler.registerHandler)('bst', (...args) => this.traceStorage.storeEvent(...args), this.featureName, this.ee);

package/dist/cjs/features/session_trace/aggregate/trace/storage.js

@@ -12,7 +12,7 @@ var _constants2 = require("../../constants");
 var _node = require("./node");
 var _utils = require("./utils");
 /**
- * Copyright 2020-2025 New Relic, Inc. All rights reserved.
+ * Copyright 2020-2026 New Relic, Inc. All rights reserved.
  * SPDX-License-Identifier: Apache-2.0
  */
 
@@ -185,7 +185,7 @@ class TraceStorage {
       // that are in the future (Microsoft Edge seems to sometimes produce these)
       if (!(typeof val === 'number' && val >= 0)) continue;
       val = Math.round(val);
-      if (this.parent.timeKeeper && this.parent.timeKeeper.ready && isAbsoluteTimestamp) {
+      if (isAbsoluteTimestamp && this.parent.timeKeeper?.ready) {
         val = this.parent.timeKeeper.convertAbsoluteTimestamp(Math.floor(this.parent.timeKeeper.correctAbsoluteTimestamp(val)));
       }
       if (!this.#storeSTN(new _node.TraceNode(key, val, val, 'document', 'timing'))) allStored = false;

package/dist/cjs/interfaces/registered-entity.js

@@ -24,18 +24,18 @@ var _console = require("../common/util/console");
  * An interface for registering an external caller to report through the base agent to a different target than the base agent.
  */
 class RegisteredEntity {
-  /** @type {RegisterAPIMetadata} */
-  metadata = {
-    target: {},
-    timings: {},
-    customAttributes: {}
-  };
-
   /**
    *
    * @param {RegisterAPIConstructor} opts The options for setting up the registered entity.
    */
   constructor(opts) {
+    // Initialize metadata as an own property to ensure it exists even when agent is missing
+    /** @type {RegisterAPIMetadata} */
+    this.metadata = {
+      target: (/** @type {import('../loaders/api/register-api-types').RegisterAPITarget} */{}),
+      timings: (/** @type {import('../loaders/api/register-api-types').RegisterAPITimings} */{}),
+      customAttributes: {}
+    };
     try {
       if (!window?.newrelic) return (0, _console.warn)(51);
       Object.assign(this, window?.newrelic?.register(opts) || {});
@@ -55,19 +55,6 @@ class RegisteredEntity {
     (0, _console.warn)(35, 'addPageAction');
   }
 
-  /**
-   * @experimental
-   * IMPORTANT: This feature is being developed for use internally and is not in a public-facing production-ready state.
-   * It is not recommended for use in production environments and will not receive support for issues.
-   *
-   * Registers an external caller to report through the base agent to a different target than the base agent. Will be related to this registered entity when called through this access point.
-   * @param {import('../loaders/api/register-api-types').RegisterAPIConstructor} target the target object to report data to
-    @returns {import('../loaders/api/register-api-types').RegisterAPI} Returns an object that contains the available API methods and configurations to use with the external caller. See loaders/api/api.js for more information.
-   */
-  register(target) {
-    (0, _console.warn)(35, 'register');
-  }
-
   /**
    * @experimental
    * IMPORTANT: This feature is being developed for use internally and is not in a public-facing production-ready state.