Update dependency io.sentry:sentry-android to v8.38.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
io.sentry:sentry-android	8.37.1 → 8.38.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

getsentry/sentry-java (io.sentry:sentry-android)

v8.38.0

Compare Source

Features

• Prevent cross-organization trace continuation (#​5136)
  • By default, the SDK now extracts the organization ID from the DSN (e.g. o123.ingest.sentry.io) and compares it with the sentry-org_id value in incoming baggage headers. When the two differ, the SDK starts a fresh trace instead of continuing the foreign one. This guards against accidentally linking traces across organizations.
  • New option enableStrictTraceContinuation (default false): when enabled, both the SDK's org ID and the incoming baggage org ID must be present and match for a trace to be continued. Traces with a missing org ID on either side are rejected. Configurable via code (setStrictTraceContinuation(true)), sentry.properties (enable-strict-trace-continuation=true), Android manifest (io.sentry.strict-trace-continuation.enabled), or Spring Boot (sentry.strict-trace-continuation=true).
  • New option orgId: allows explicitly setting the organization ID for self-hosted and Relay setups where it cannot be extracted from the DSN. Configurable via code (setOrgId("123")), sentry.properties (org-id=123), Android manifest (io.sentry.org-id), or Spring Boot (sentry.org-id=123).
• Android: Attachments on the scope will now be synced to native (#​5211)
• Add THIRD_PARTY_NOTICES.md for vendored third-party code, bundled as SENTRY_THIRD_PARTY_NOTICES.md in the sentry JAR under META-INF (#​5186)

Improvements

• Do not retrieve ActivityManager if API < 35 on SDK init (#​5275)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 81.14%. Comparing base (9699488) to head (34481b4).

Additional details and impacted files

@@           Coverage Diff            @@
##           develop    #6597   +/-   ##
========================================
  Coverage    81.14%   81.14%           
========================================
  Files         2623     2623           
  Lines        72804    72804           
  Branches      9418     9418           
========================================
  Hits         59078    59078           
  Misses       10254    10254           
  Partials      3472     3472           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

📱 Scan the QR code below to install the build (arm64 only) for this PR.

If you can't scan the QR code you can install the build via this link: https://i.diawi.com/qpUM1j

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[ElementBot]

	Warnings
⚠️	gradle/libs.versions.toml#L6 - A newer version of com.android.tools.build:gradle than 8.13.2 is available: 9.1.1
⚠️	gradle/libs.versions.toml#L21 - A newer version of androidx.camera:camera-view than 1.5.3 is available: 1.6.0
⚠️	gradle/libs.versions.toml#L39 - A newer version of org.jetbrains.kotlinx:kotlinx-serialization-json than 1.10.0 is available: 1.11.0
⚠️	gradle/libs.versions.toml#L54 - A newer version of com.autonomousapps:dependency-analysis-gradle-plugin than 3.6.1 is available: 3.7.0
⚠️	gradle/libs.versions.toml#L83 - A newer version of com.google.firebase:firebase-bom than 34.11.0 is available: 34.12.0
⚠️	gradle/libs.versions.toml#L92 - A newer version of androidx.annotation:annotation-jvm than 1.9.1 is available: 1.10.0
⚠️	gradle/libs.versions.toml#L123 - A newer version of androidx.compose.material3:material3 than 1.5.0-alpha15 is available: 1.5.0-alpha17
⚠️	gradle/libs.versions.toml#L181 - A newer version of org.matrix.rustcomponents:sdk-android than 26.04.13 is available: 26.04.15
⚠️	gradle/libs.versions.toml#L194 - A newer version of org.jsoup:jsoup than 1.21.2 is available: 1.22.1
⚠️	gradle/libs.versions.toml#L223 - A newer version of com.posthog:posthog-android than 3.39.0 is available: 3.41.0
⚠️	gradle/libs.versions.toml#L236 - A newer version of io.element.android:element-call-embedded than 0.19.0 is available: 0.19.1
⚠️	gradle/libs.versions.toml#L264 - A newer version of org.owasp.dependencycheck than 12.2.0 is available: 12.2.1

Generated by 🚫 dangerJS against 34481b4