Bump the all-patch-minor group across 2 directories with 20 updates

[dependabot]

Bumps the all-patch-minor group with 15 updates in the / directory:

Package	From	To
@js-temporal/polyfill	0.4.4	0.5.1
axe-core	4.10.2	4.10.3
@opentelemetry/exporter-metrics-otlp-grpc	0.57.2	0.200.0
@opentelemetry/exporter-trace-otlp-grpc	0.57.2	0.200.0
@opentelemetry/exporter-trace-otlp-http	0.57.2	0.200.0
@opentelemetry/instrumentation	0.57.2	0.200.0
@opentelemetry/instrumentation-aws-sdk	0.49.1	0.50.0
@opentelemetry/instrumentation-connect	0.43.1	0.44.0
@opentelemetry/instrumentation-dns	0.43.1	0.44.0
@opentelemetry/instrumentation-express	0.47.1	0.48.0
@opentelemetry/instrumentation-http	0.57.2	0.200.0
@opentelemetry/instrumentation-ioredis	0.47.1	0.48.0
@opentelemetry/instrumentation-pg	0.51.1	0.52.0
@opentelemetry/instrumentation-redis	0.46.1	0.47.0
@opentelemetry/sdk-node	0.57.2	0.200.0

Bumps the all-patch-minor group with 3 updates in the /workspaces/desktop/server directory: express, cookie-signature and command-line-args.

Updates @js-temporal/polyfill from 0.4.4 to 0.5.1

Release notes

Sourced from @​js-temporal/polyfill's releases.

v0.5.1

Please see CHANGELOG.md for a summary of changes in this release.

Thanks to everyone who contributed!

• Justin Grant @​justingrant
• Philip Chimento @​ptomato

Version 0.5.0

Please see CHANGELOG.md for a summary of changes in this release.

Thanks to everyone who contributed!

• Adam Shaw @​arshaw
• Aditi Singh @​Aditi-1400
• Al-Khawarizmi @​khawarizmus
• fabon @​fabon-f
• Federico Carboni @​federicocarboni
• Guillaume Emont @​guijemont
• James Wright @​12wrigja
• Jesse Jackson @​jsejcksn
• Josh Soref @​jsoref
• Justin Grant @​justingrant
• Kenichi Kamiya @​kachick
• Max Rashes @​Mrashes
• Ms2ger @​Ms2ger
• Philip Chimento @​ptomato
• Richard Gibson @​gibson042
• sleonia @​sleonia

Changelog

Sourced from @​js-temporal/polyfill's changelog.

0.5.1

Bug fixes:

• Fix infinite recursion in Node 23.x with Intl.DurationFormat (fixes #329).
• Include correct package-lock.json (fixes #328).
• Don't override TIMEOUT when running npm run test262.

Non-breaking changes:

• Support Node 22.x and 23.x and test them in CI (fixes #323).
• The polyfilled Intl.DateTimeFormat object now supports offset time zone identifiers (e.g., -02:30) in Node 23.x. Note that the native Intl.DateTimeFormat in Node 23.x also supports them, but in a nonstandard way, so you should use the polyfilled Intl.DateTimeFormat in your code.
• Add migration guide for 0.4.x → 0.5.0.
• Reduce production bundle size by deleting assertions and minifying function names.

0.5.0

Breaking changes:

This major update reflects all changes to the Temporal proposal adopted by TC39 between May 2023 and March 2025.

The majority of these changes were made in the June 2024 TC39 meeting (slides here) where the scope of Temporal was reduced at the request of JS engine implementers who were concerned about the size impact of adding Temporal to distributions on limited-capacity devices like low-end Android phones and Apple Watch.

• User-defined calendars have been removed. Calendars are now represented by strings representing built-in calendars. Without custom calendars, the huge surface area of Temporal.Calendar was not necessary, and that type was removed from the proposal.
• User-defined time zones have been removed. Time zones are now only represented by string identifiers representing built-in time zones: either a Zone or Link name from the IANA Time Zone Database, or a time zone offset with minutes precision. Temporal.TimeZone has also been removed, and its methods replaced by the following:
  • getPreviousTransition/getNextTransition - use the new getTimeZoneTransition method of Temporal.ZoneDateTime.
  • equals - use ZonedDateTime.prototype.equals using the same instant and calendar.
  • Other Temporal.TimeZone methods can use the corresponding methods on Temporal.ZonedDateTime.
• Many convenience methods have been removed. In all cases, the same functionality is available using other Temporal methods:
  • Removed getISOFields() methods. Instead use withCalendar('iso8601') and the individual property getters.
  • Removed withPlainDate() methods. Instead use with({ year, monthCode, day }).
  • Removed toPlainDateTime() and toZonedDateTime() methods of Temporal.PlainTime. Instead use the same-named methods on Temporal.PlainDate to combine a date and a time.
  • Removed epochSeconds and epochMicroseconds properties. Instead calculate epoch seconds with Math.floor(epochMilliseconds / 1000) and epoch microseconds with epochNanoseconds / 1000n + ((epochNanoseconds % 1000n) < 0n ? -1n : 0n).
  • Removed toPlainYearMonth() and toPlainMonthDay() methods of Temporal.PlainDateTime and Temporal.ZonedDateTime. Instead use toPlainDate() and then the methods on Temporal.PlainDate.
  • Removed Temporal.Instant.prototype.toZonedDateTime and Temporal.Now.zonedDateTime. Instead use toZonedDateTimeISO()/zonedDateTimeISO() to create a Temporal.ZonedDateTime object using the ISO8601 calendar, and then use withCalendar() if a non-ISO calendar is desired.
• The relativeTo parameter is no longer accepted in Temporal.Duration.prototype.add and subtract. Instead take the relativeTo object, add the two durations to it, and difference it with the original using until().
• Throw if there are multiple calendar annotations in a string and one has the critical flag (Proposal PR)
• Changed the way calculations are done with Temporal.Duration, and placed limits on each of the units. Years, months, and weeks are each limited to 2³²−1. The other units (days through nanoseconds) are collectively limited: taken together, they must be less than Number.MAX_SAFE_INTEGER seconds plus 999,999,999 nanoseconds. This has few user-visible changes, but it does mean that some durations are no longer allowed (for example, Temporal.Duration.from({ seconds: Number.MAX_VALUE }).) (Proposal PR 1, PR 2, PR 3)
• Offset time zones are now limited to minutes precision. That is, you can have [+01:01] but not [+01:00:01] or [+01:00:00.000000001] (Proposal PR)
• For APIs that take a string, other primitives are no longer coerced to strings. Technically, you could previously do Temporal.PlainDate.from(20230711) and it would be treated as Temporal.PlainDate.from("20230711"). This is no longer the case. (Proposal PR)
• Temporal.PlainYearMonth.prototype.toPlainDate and Temporal.PlainMonthDay.prototype.toPlainDate now have clamping behaviour instead of throwing if the resulting PlainDate would be invalid. For example, birthday.toPlainDate({ year: 2025 }) will now return February 28, 2025 if the birthday in question if February 29. (Proposal PR)
  • If you still want the throwing behaviour, you can get it more verbosely:

  const { monthCode, day } = birthday;
  Temporal.PlainDate.from({ year: 2025, monthCode, day }, { overflow: 'reject' });

... (truncated)

Commits

• f3c07e5 Rephrase package.json description
• 45ca8dc Release 0.5.1 version bump and changelog
• c29428c Support offset time zones in Intl.DTF polyfill
• b8df3ae Save initial DurationFormat methods
• b0c5124 Support Node 22 & 23
• d28772f Fix ESLint in VS Code for package*.json
• ba8d45a Fix timeouts for running Test262 in a debugger
• bc4e4c1 Update package-lock.json
• 2971710 Minify function names
• c346a81 Delete assertions using rollup strip plugin
• Additional commits viewable in compare view

Updates axe-core from 4.10.2 to 4.10.3

Release notes

Sourced from axe-core's releases.

Release 4.10.3

This release addresses a few performance issues, corrects a few typos, and addresses a few inconsistencies between axe and the latest web standards. This may, but is unlikely to reduce the total number of issues found.

Bug Fixes

• aria-allowed-role: Add math to allowed roles for img element (#4658) (f6dddd9), closes #4657
• captions: fix grammar in captions check incomplete message (#4661) (3ef7058)
• consistently parse tabindex, following HTML 5 spec (#4637) (3b0a361), closes #4632
• core: measure perf for async checks (#4609) (e7dc26e)
• locale: fixed typos in german (DE) locale (#4631) (0740980)
• locale: proofread and updated de.json (#4643) (910cdb2)
• no-autoplay-audio: don't timeout for preload=none media elements (#4684) (b7f1ad1)
• target-size: do not treat focusable tabpanels as targets (#4702) (67d4e4f), closes #4421 #4701

Changelog

Sourced from axe-core's changelog.

4.10.3 (2025-03-04)

Bug Fixes

• aria-allowed-role: Add math to allowed roles for img element (#4658) (f6dddd9), closes #4657
• captions: fix grammar in captions check incomplete message (#4661) (3ef7058)
• consistently parse tabindex, following HTML 5 spec (#4637) (3b0a361), closes #4632
• core: measure perf for async checks (#4609) (e7dc26e)
• locale: fixed typos in german (DE) locale (#4631) (0740980)
• locale: proofread and updated de.json (#4643) (910cdb2)
• no-autoplay-audio: don't timeout for preload=none media elements (#4684) (b7f1ad1)
• target-size: do not treat focusable tabpanels as targets (#4702) (67d4e4f), closes #4421 #4701

Commits

• f49c1c4 chore(release): 4.10.3 (#4718)
• 53a36ea chore(release): 4.10.3
• b7f1ad1 fix(no-autoplay-audio): don't timeout for preload=none media elements (#4684)
• 67d4e4f fix(target-size): do not treat focusable tabpanels as targets (#4702)
• 46ca544 test: resolve nightly failure installing firefox 135 (#4698)
• defcb39 chore: sync generated files (#4674)
• 09320b3 docs: Update rule-descriptions.md to include link to ACT (#4633)
• b13c6c8 chore: fix missing period in ko locales (#4671)
• ef33820 chore: bump chromedriver from 127.0.1 to 131.0.5 (#4667)
• 7bdbf46 chore: bump the npm-low-risk group across 1 directory with 17 updates (#4669)
• Additional commits viewable in compare view

Updates @opentelemetry/exporter-metrics-otlp-grpc from 0.57.2 to 0.200.0

Release notes

Sourced from @​opentelemetry/exporter-metrics-otlp-grpc's releases.

experimental/v0.200.0

0.200.0

Summary

• The minimum supported Node.js has been raised to ^18.19.0 || >=20.6.0. This means that support for Node.js 14 and 16 has been dropped.
• The minimum supported TypeScript version has been raised to 5.0.4.
• The compilation target for transpiled TypeScript has been raised to ES2022 (from ES2017).
• The public interface has changed
  • for notes on migrating to 2.x / 0.200.x see the upgrade guide
• Only stable versions 2.0.0 are compatible with this release

💥 Breaking Change

• feat(exporter-prometheus)!: stop the using type field to enforce naming conventions #5291 @​chancancode
  • Any non-monotonic sums will now be treated as counters and will therefore include the _total suffix.
• feat(shim-opencenus)!: stop mapping removed Instrument type to OpenTelemetry metrics #5291 @​chancancode
  • The internal OpenTelemetry data model dropped the concept of instrument type on exported metrics, therefore mapping it is not necessary anymore.
• feat(instrumentation-fetch)!: passthrough original response to applyCustomAttributes hook #5281 @​chancancode
  • Previously, the fetch instrumentation code unconditionally clones every fetch() response in order to preserve the ability for the applyCustomAttributes hook to consume the response body. This is fundamentally unsound, as it forces the browser to buffer and retain the response body until it is fully received and read, which crates unnecessary memory pressure on large or long-running response streams. In extreme cases, this is effectively a memory leak and can cause the browser tab to crash. If your use case for applyCustomAttributes requires access to the response body, please chime in on #5293.
• chore!: Raise the minimum supported Node.js version to ^18.19.0 || >=20.6.0. Support for Node.js 14, 16, and early minor versions of 18 and 20 have been dropped. This applies to all packages except the 'api' and 'semantic-conventions' packages. #5395 @​trentm
• feat(sdk-node)!: use IMetricReader over MetricReader #5311
  • (user-facing): NodeSDKConfiguration now provides the more general IMetricReader type over MetricReader
• feat(exporter-metrics-otlp-http)!: do not read environment variables from window in browsers #5473 @​pichlermarc
  • (user-facing): all configuration previously possible via window.OTEL_* is now not supported anymore, please pass configuration options to constructors instead.
  • Note: Node.js environment variable configuration continues to work as-is.
• feat(sdk-logs)!: do not read environment variables from window in browsers #5472 @​pichlermarc
  • (user-facing): all configuration previously possible via window.OTEL_* is now not supported anymore, please pass configuration options to constructors instead.
    • Note: Node.js environment variable configuration continues to work as-is.

🚀 (Enhancement)

• feat(instrumentation-fetch): add a requestHook option #5380
• feat(instrumentation): re-export initialize function from import-in-the-middle #5123
• feat(sdk-node): lower diagnostic level #5360 @​cjihrig
• feat(exporter-prometheus): add additional attributes option #5317 @​marius-a-mueller
  • Add withResourceConstantLabels option to ExporterConfig. It can be used to define a regex pattern to choose which resource attributes will be used as static labels on the metrics. The default is to not set any static labels.

🐛 (Bug Fix)

• fix(instrumentation-grpc): monitor error events with events.errorMonitor #5369 @​cjihrig
• fix(exporter-metrics-otlp-http): browser OTLPMetricExporter was not passing config to OTLPMetricExporterBase super class #5331 @​trentm
• fix(instrumentation-fetch, instrumentation-xhr): Ignore network events with zero-timings #5332 @​chancancode
• fix(exporter-logs/trace-otlp-grpc): fix error for missing dependency otlp-exporter-base #5412 @​JamieDanielson

🏠 (Internal)

• chore(instrumentation-grpc): remove unused findIndex() function #5372 @​cjihrig
• refactor(otlp-exporter-base): remove unnecessary isNaN() checks #5374 @​cjihrig
• refactor(exporter-prometheus): remove unnecessary isNaN() check #5377 @​cjihrig

... (truncated)

Changelog

Sourced from @​opentelemetry/exporter-metrics-otlp-grpc's changelog.

CHANGELOG

All notable changes to this project will be documented in this file.

For API changes, see the API CHANGELOG. For experimental package changes, see the experimental CHANGELOG. For semantic convention package changes, see the semconv CHANGELOG. For notes on migrating to 2.x / 0.200.x see the upgrade guide.

Unreleased

💥 Breaking Changes

🚀 Features

🐛 Bug Fixes

• fix(resources): guard asynchronous resource attribute rejections from causing unhandled promise rejection #5544 @​dyladan
• fix(resource): do not trigger Accessing resource attributes before async attributes settled warning when detecting resources #5546 @​dyladan
  • verbose logging of detected resource removed

📚 Documentation

🏠 Internal

2.0.0

Summary

• The minimum supported Node.js has been raised to ^18.19.0 || >=20.6.0. This means that support for Node.js 14 and 16 has been dropped.
• The minimum supported TypeScript version has been raised to 5.0.4.
• The compilation target for transpiled TypeScript has been raised to ES2022 (from ES2017).
• The public interface has changed
  • for notes on migrating to 2.x / 0.200.x see the upgrade guide
• Only experimental versions 0.200.0 are compatible with this release

💥 Breaking Change

• feat(sdk-trace-base)!: Add parentSpanContext and remove parentSpanId from Span and ReadableSpan #5450 @​JacksonWeber
  • (user-facing): the SDK's Spans parentSpanId was replaced by parentSpanContext, to migrate to the new property, please replace span.parentSpanId -> span.parentSpanContext?.spanId
• feat(sdk-metrics)!: drop deprecated type field on MetricDescriptor #5291 @​chancancode
• feat(sdk-metrics)!: drop deprecated InstrumentDescriptor type; use MetricDescriptor instead #5277 @​chancancode
• feat(sdk-metrics)!: bump minimum version of @opentelemetry/api peer dependency to 1.9.0 #5254 @​chancancode
• chore(shim-opentracing): replace deprecated SpanAttributes #4430 @​JamieDanielson
• chore(otel-core): replace deprecated SpanAttributes #4408 @​JamieDanielson
• feat(sdk-metrics)!: remove MeterProvider.addMetricReader() in favor of constructor option #4419 @​pichlermarc
• chore(otel-resources): replace deprecated SpanAttributes #4428 @​JamieDanielson
• feat(sdk-metrics)!: remove MeterProvider.addMetricReader() in favor of constructor option #4419 @​pichlermarc
• feat(sdk-metrics)!: replace attributeKeys with custom processors option #4532 @​pichlermarc

... (truncated)

Commits

• 7fde940 chore: prepare release 2.0.0/0.200.0 (#5521)
• ecd67de doc: add section to SDK 2.x migration guide for implementors of resource dete...
• eaebf76 chore: prepare release 2.0.0-rc.1/0.200.0-rc.1 (#5534)
• e947bd9 chore(deps): update dependency babel-loader to v10 (#5518)
• 5e20647 fix(deps): update dependency axios to v1.8.2 [security] (#5532)
• 78fc472 chore(deps): lock file maintenance (#5531)
• 693b09d fix(core): avoid using util in configuration.ts for browser compatibility (#5...
• 92fde6a chore: prepare 2.0.0-dev.1/0.200.0-dev.1 pre-release (#5512)
• 04b3210 doc: upgrade/migration guide for SDK 2.0 (#5513)
• cb48266 fix(deps): update dependency import-in-the-middle to v1.13.1 (#5517)
• Additional commits viewable in compare view

Updates @opentelemetry/exporter-trace-otlp-grpc from 0.57.2 to 0.200.0

Release notes

Sourced from @​opentelemetry/exporter-trace-otlp-grpc's releases.

experimental/v0.200.0

0.200.0

Summary

• The minimum supported Node.js has been raised to ^18.19.0 || >=20.6.0. This means that support for Node.js 14 and 16 has been dropped.
• The minimum supported TypeScript version has been raised to 5.0.4.
• The compilation target for transpiled TypeScript has been raised to ES2022 (from ES2017).
• The public interface has changed
  • for notes on migrating to 2.x / 0.200.x see the upgrade guide
• Only stable versions 2.0.0 are compatible with this release

💥 Breaking Change

• feat(exporter-prometheus)!: stop the using type field to enforce naming conventions #5291 @​chancancode
  • Any non-monotonic sums will now be treated as counters and will therefore include the _total suffix.
• feat(shim-opencenus)!: stop mapping removed Instrument type to OpenTelemetry metrics #5291 @​chancancode
  • The internal OpenTelemetry data model dropped the concept of instrument type on exported metrics, therefore mapping it is not necessary anymore.
• feat(instrumentation-fetch)!: passthrough original response to applyCustomAttributes hook #5281 @​chancancode
  • Previously, the fetch instrumentation code unconditionally clones every fetch() response in order to preserve the ability for the applyCustomAttributes hook to consume the response body. This is fundamentally unsound, as it forces the browser to buffer and retain the response body until it is fully received and read, which crates unnecessary memory pressure on large or long-running response streams. In extreme cases, this is effectively a memory leak and can cause the browser tab to crash. If your use case for applyCustomAttributes requires access to the response body, please chime in on #5293.
• chore!: Raise the minimum supported Node.js version to ^18.19.0 || >=20.6.0. Support for Node.js 14, 16, and early minor versions of 18 and 20 have been dropped. This applies to all packages except the 'api' and 'semantic-conventions' packages. #5395 @​trentm
• feat(sdk-node)!: use IMetricReader over MetricReader #5311
  • (user-facing): NodeSDKConfiguration now provides the more general IMetricReader type over MetricReader
• feat(exporter-metrics-otlp-http)!: do not read environment variables from window in browsers #5473 @​pichlermarc
  • (user-facing): all configuration previously possible via window.OTEL_* is now not supported anymore, please pass configuration options to constructors instead.
  • Note: Node.js environment variable configuration continues to work as-is.
• feat(sdk-logs)!: do not read environment variables from window in browsers #5472 @​pichlermarc
  • (user-facing): all configuration previously possible via window.OTEL_* is now not supported anymore, please pass configuration options to constructors instead.
    • Note: Node.js environment variable configuration continues to work as-is.

🚀 (Enhancement)

• feat(instrumentation-fetch): add a requestHook option #5380
• feat(instrumentation): re-export initialize function from import-in-the-middle #5123
• feat(sdk-node): lower diagnostic level #5360 @​cjihrig
• feat(exporter-prometheus): add additional attributes option #5317 @​marius-a-mueller
  • Add withResourceConstantLabels option to ExporterConfig. It can be used to define a regex pattern to choose which resource attributes will be used as static labels on the metrics. The default is to not set any static labels.

🐛 (Bug Fix)

• fix(instrumentation-grpc): monitor error events with events.errorMonitor #5369 @​cjihrig
• fix(exporter-metrics-otlp-http): browser OTLPMetricExporter was not passing config to OTLPMetricExporterBase super class #5331 @​trentm
• fix(instrumentation-fetch, instrumentation-xhr): Ignore network events with zero-timings #5332 @​chancancode
• fix(exporter-logs/trace-otlp-grpc): fix error for missing dependency otlp-exporter-base #5412 @​JamieDanielson

🏠 (Internal)

• chore(instrumentation-grpc): remove unused findIndex() function #5372 @​cjihrig
• refactor(otlp-exporter-base): remove unnecessary isNaN() checks #5374 @​cjihrig
• refactor(exporter-prometheus): remove unnecessary isNaN() check #5377 @​cjihrig

... (truncated)

Changelog

Sourced from @​opentelemetry/exporter-trace-otlp-grpc's changelog.

CHANGELOG

All notable changes to this project will be documented in this file.

For API changes, see the API CHANGELOG. For experimental package changes, see the experimental CHANGELOG. For semantic convention package changes, see the semconv CHANGELOG. For notes on migrating to 2.x / 0.200.x see the upgrade guide.

Unreleased

💥 Breaking Changes

🚀 Features

🐛 Bug Fixes

• fix(resources): guard asynchronous resource attribute rejections from causing unhandled promise rejection #5544 @​dyladan
• fix(resource): do not trigger Accessing resource attributes before async attributes settled warning when detecting resources #5546 @​dyladan
  • verbose logging of detected resource removed

📚 Documentation

🏠 Internal

2.0.0

Summary

• The minimum supported Node.js has been raised to ^18.19.0 || >=20.6.0. This means that support for Node.js 14 and 16 has been dropped.
• The minimum supported TypeScript version has been raised to 5.0.4.
• The compilation target for transpiled TypeScript has been raised to ES2022 (from ES2017).
• The public interface has changed
  • for notes on migrating to 2.x / 0.200.x see the upgrade guide
• Only experimental versions 0.200.0 are compatible with this release

💥 Breaking Change

• feat(sdk-trace-base)!: Add parentSpanContext and remove parentSpanId from Span and ReadableSpan #5450 @​JacksonWeber
  • (user-facing): the SDK's Spans parentSpanId was replaced by parentSpanContext, to migrate to the new property, please replace span.parentSpanId -> span.parentSpanContext?.spanId
• feat(sdk-metrics)!: drop deprecated type field on MetricDescriptor #5291 @​chancancode
• feat(sdk-metrics)!: drop deprecated InstrumentDescriptor type; use MetricDescriptor instead #5277 @​chancancode
• feat(sdk-metrics)!: bump minimum version of @opentelemetry/api peer dependency to 1.9.0 #5254 @​chancancode
• chore(shim-opentracing): replace deprecated SpanAttributes #4430 @​JamieDanielson
• chore(otel-core): replace deprecated SpanAttributes #4408 @​JamieDanielson
• feat(sdk-metrics)!: remove MeterProvider.addMetricReader() in favor of constructor option #4419 @​pichlermarc
• chore(otel-resources): replace deprecated SpanAttributes #4428 @​JamieDanielson
• feat(sdk-metrics)!: remove MeterProvider.addMetricReader() in favor of constructor option #4419 @​pichlermarc
• feat(sdk-metrics)!: replace attributeKeys with custom processors option #4532 @​pichlermarc

... (truncated)

Commits

• 7fde940 chore: prepare release 2.0.0/0.200.0 (#5521)
• ecd67de doc: add section to SDK 2.x migration guide for implementors of resource dete...
• eaebf76 chore: prepare release 2.0.0-rc.1/0.200.0-rc.1 (#5534)
• e947bd9 chore(deps): update dependency babel-loader to v10 (#5518)
• 5e20647 fix(deps): update dependency axios to v1.8.2 [security] (#5532)
• 78fc472 chore(deps): lock file maintenance (#5531)
• 693b09d fix(core): avoid using util in configuration.ts for browser compatibility (#5...
• 92fde6a chore: prepare 2.0.0-dev.1/0.200.0-dev.1 pre-release (#5512)
• 04b3210 doc: upgrade/migration guide for SDK 2.0 (#5513)
• cb48266 fix(deps): update dependency import-in-the-middle to v1.13.1 (#5517)
• Additional commits viewable in compare view

Updates @opentelemetry/exporter-trace-otlp-http from 0.57.2 to 0.200.0

Release notes

Sourced from @​opentelemetry/exporter-trace-otlp-http's releases.

experimental/v0.200.0

0.200.0

Summary

• The minimum supported Node.js has been raised to ^18.19.0 || >=20.6.0. This means that support for Node.js 14 and 16 has been dropped.
• The minimum supported TypeScript version has been raised to 5.0.4.
• The compilation target for transpiled TypeScript has been raised to ES2022 (from ES2017).
• The public interface has changed
  • for notes on migrating to 2.x / 0.200.x see the upgrade guide
• Only stable versions 2.0.0 are compatible with this release

💥 Breaking Change

• feat(exporter-prometheus)!: stop the using type field to enforce naming conventions #5291 @​chancancode
  • Any non-monotonic sums will now be treated as counters and will therefore include the _total suffix.
• feat(shim-opencenus)!: stop mapping removed Instrument type to OpenTelemetry metrics #5291 @​chancancode
  • The internal OpenTelemetry data model dropped the concept of instrument type on exported metrics, therefore mapping it is not necessary anymore.
• feat(instrumentation-fetch)!: passthrough original response to applyCustomAttributes hook #5281 @​chancancode
  • Previously, the fetch instrumentation code unconditionally clones every fetch() response in order to preserve the ability for the applyCustomAttributes hook to consume the response body. This is fundamentally unsound, as it forces the browser to buffer and retain the response body until it is fully received and read, which crates unnecessary memory pressure on large or long-running response streams. In extreme cases, this is effectively a memory leak and can cause the browser tab to crash. If your use case for applyCustomAttributes requires access to the response body, please chime in on #5293.
• chore!: Raise the minimum supported Node.js version to ^18.19.0 || >=20.6.0. Support for Node.js 14, 16, and early minor versions of 18 and 20 have been dropped. This applies to all packages except the 'api' and 'semantic-conventions' packages. #5395 @​trentm
• feat(sdk-node)!: use IMetricReader over MetricReader #5311
  • (user-facing): NodeSDKConfiguration now provides the more general IMetricReader type over MetricReader
• feat(exporter-metrics-otlp-http)!: do not read environment variables from window in browsers #5473 @​pichlermarc
  • (user-facing): all configuration previously possible via window.OTEL_* is now not supported anymore, please pass configuration options to constructors instead.
  • Note: Node.js environment variable configuration continues to work as-is.
• feat(sdk-logs)!: do not read environment variables from window in browsers #5472 @​pichlermarc
  • (user-facing): all configuration previously possible via window.OTEL_* is now not supported anymore, please pass configuration options to constructors instead.
    • Note: Node.js environment variable configuration continues to work as-is.

🚀 (Enhancement)

• feat(instrumentation-fetch): add a requestHook option #5380
• feat(instrumentation): re-export initialize function from import-in-the-middle #5123
• feat(sdk-node): lower diagnostic level #5360 @​cjihrig
• feat(exporter-prometheus): add additional attributes option #5317 @​marius-a-mueller
  • Add withResourceConstantLabels option to ExporterConfig. It can be used to define a regex pattern to choose which resource attributes will be used as static labels on the metrics. The default is to not set any static labels.

🐛 (Bug Fix)

• fix(instrumentation-grpc): monitor error events with events.errorMonitor #5369 @​cjihrig
• fix(exporter-metrics-otlp-http): browser OTLPMetricExporter was not passing config to OTLPMetricExporterBase super class #5331 @​trentm
• fix(instrumentation-fetch, instrumentation-xhr): Ignore network events with zero-timings #5332 @​chancancode
• fix(exporter-logs/trace-otlp-grpc): fix error for missing dependency otlp-exporter-base #5412 @​JamieDanielson

🏠 (Internal)

• chore(instrumentation-grpc): remove unused findIndex() function #5372 @​cjihrig
• refactor(otlp-exporter-base): remove unnecessary isNaN() checks #5374 @​cjihrig
• refactor(exporter-prometheus): remove unnecessary isNaN() check #5377 @​cjihrig

... (truncated)

Changelog

Sourced from @​opentelemetry/exporter-trace-otlp-http's changelog.

CHANGELOG

All notable changes to this project will be documented in this file.

For API changes, see the API CHANGELOG. For experimental package changes, see the experimental CHANGELOG. For semantic convention package changes, see the semconv CHANGELOG. For notes on migrating to 2.x / 0.200.x see the upgrade guide.

Unreleased

💥 Breaking Changes

🚀 Features

🐛 Bug Fixes

• fix(resources): guard asynchronous resource attribute rejections from causing unhandled promise rejection #5544 @​dyladan
• fix(resource): do not trigger Accessing resource attributes before async attributes settled warning when detecting resources #5546 @​dyladan
  • verbose logging of detected resource removed

📚 Documentation

🏠 Internal

2.0.0

Summary

• The minimum supported Node.js has been raised to ^18.19.0 || >=20.6.0. This means that support for Node.js 14 and 16 has been dropped.
• The minimum supported TypeScript version has been raised to 5.0.4.
• The compilation target for transpiled TypeScript has been raised to ES2022 (from ES2017).
• The public interface has changed
  • for notes on migrating to 2.x / 0.200.x see the upgrade guide
• Only experimental versions 0.200.0 are compatible with this release<...

  Description has been truncated

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai plan to trigger planning for file edits and PR creation.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[nwalters512]

Upgrading OTEL deps is blocked on Sentry: getsentry/sentry-javascript#15737

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml