Why this matters
Dependency bumps are the silent regression source. Each one is small — Renovate opens a PR, CI passes, someone clicks merge. Multiply by 30 deps a quarter and the combinatorics will eventually catch you: @stripe/stripe-node changes a default, your code didn’t notice, customers stop being able to check out.
Sentry doesn’t know your deploys had a package-lock.json change. Renovate doesn’t know you’re now throwing TypeErrors in prod. Neither half sees what the other half did.
Agentry’s deploy events carry the commit message, and the agent reads them. One prompt: “was the last deploy a deps bump, and did anything break?” The answer takes 30 seconds.
What you get
- The most recent deploy classified as
deps_bump | feature | fix | chore - New error fingerprints that started after that deploy
- For each: which dep is most likely the culprit (cross-referenced with the deploy diff)
Walk through it
Did our last deploy bump dependencies? If yes, what new error patterns appeared after it?
Let me pull the latest deploys and check what they touched.
agentry_list_deploys { project_id: "default", limit: 3 }{
"deploys": [
{ "sha": "9c3a210", "branch": "main", "received_at": 1747353600,
"message": "chore(deps): bump @stripe/stripe-node 14.5.0 -> 15.0.1, drizzle-orm 0.30 -> 0.31",
"environment": "production" },
{ "sha": "a3f29b1", "branch": "main", "received_at": 1747270000,
"message": "feat: workspace seat management", "environment": "production" }
]
}Latest deploy (9c3a210, ~3h ago) is a deps bump — Stripe SDK 14→15 (major) and drizzle-orm 0.30→0.31 (minor). Let me check what fingerprints started firing after it.
agentry_list_cases {
project_id: "default",
status: "open",
first_seen_after: 1747353600,
limit: 10
}{
"cases": [
{ "id": "c_88a1", "error_type": "TypeError",
"message": "Cannot read properties of undefined (reading 'data')",
"stack_top": "src/billing/stripe.ts:127",
"first_seen_at": 1747353900, "event_count": 64, "users_affected": 11 },
{ "id": "c_3f02", "error_type": "DrizzleQueryError",
"message": "syntax error at or near \"RETURNING\"",
"stack_top": "src/db/queries.ts:48",
"first_seen_at": 1747355100, "event_count": 19, "users_affected": 6 }
]
}Both new fingerprints map cleanly to the deps bump:
c_88a1fires insrc/billing/stripe.ts. Stripe SDK v15 removed the auto-unwrapping oflastResponse— code readingresult.datanow getsundefined. 64 events / 11 users since deploy.c_3f02fires in your Drizzle query layer. drizzle-orm 0.31 changedRETURNINGclause behavior for SQLite/libSQL. 19 events / 6 users.
Fix priority is #1 — that’s the checkout path. Want me to draft the rollback PR + Stripe SDK migration guide summary?
The output
Deploy: 9c3a210 — "chore(deps): bump @stripe/stripe-node 14.5 -> 15.0,
drizzle-orm 0.30 -> 0.31"
(3h ago, production)
NEW since this deploy:
64 events / 11 users · TypeError: Cannot read properties of undefined ('data')
src/billing/stripe.ts:127
↗ Likely cause: stripe-node 15.0 removed auto-unwrap
↗ Fix: replace `result.data` with `result` (or `result.body`)
19 events / 6 users · DrizzleQueryError: syntax error at "RETURNING"
src/db/queries.ts:48
↗ Likely cause: drizzle-orm 0.31 RETURNING behavior change
↗ Fix: pin to 0.30 OR migrate queries per 0.31 changelog
Recommended: revert deploy 9c3a210, ship pinned-version fix in next deploy.
Or, leave Stripe SDK upgrade and revert just drizzle.Setting it up
The agent needs two signals:
- Deploy events with the real commit message — so it can spot “chore(deps): bump” patterns.
- Errors tagged with
release: <sha>— so it can window cases by deploy.
Most teams already have these from deploy-regression. If not:
# .github/workflows/deploy.yml — after a successful production deploy
- name: Notify Agentry
if: success()
run: |
curl -X POST https://api.agentry.sh/v1/deploys/$AGENTRY_PROJECT_ID/ \
-H "Authorization: Bearer $AGENTRY_DSN" \
-H "Content-Type: application/json" \
-H "User-Agent: myapp-ci/1.0" \
-d "{
\"sha\": \"$GITHUB_SHA\",
\"branch\": \"$GITHUB_REF_NAME\",
\"environment\": \"production\",
\"message\": \"$(git log -1 --pretty=%s)\",
\"actor\": \"$GITHUB_ACTOR\"
}"And on the error side, set release so the agent can window:
await fetch(`https://api.agentry.sh/v1/logs/${PROJECT_ID}/`, {
method: "POST",
headers: {
"Authorization": `Bearer ${process.env.AGENTRY_DSN}`,
"Content-Type": "application/json",
"User-Agent": "myapp/1.0", // REQUIRED — Cloudflare 403s default UAs
},
body: JSON.stringify({
message: err.message,
stack: err.stack,
release: process.env.GIT_SHA, // ← THIS LINE
environment: process.env.NODE_ENV,
}),
});If you use Renovate / Dependabot, their commit messages already follow the chore(deps): bump X N.M -> N'.M' convention, so the agent’s classifier picks them up automatically.
Variations
- “Show me every Renovate merge in the last month and any errors that appeared within 24h of each.”
- “Did
@stripe/stripe-nodeupgrades historically cause regressions? Pattern check.” - “Which deps have been bumped 3+ times this quarter without an obvious reason? Probably auto-merged.”
- “After a deps-bump deploy, watch for new fingerprints in the next hour and post to #eng-deps.” (uses a Routine)