[Snyk] Upgrade @opentelemetry/resources from 2.7.0 to 2.7.1

[nkammah]

Snyk has created this PR to upgrade @opentelemetry/resources from 2.7.0 to 2.7.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.

• The recommended version was released a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Uncontrolled Recursion SNYK-JS-PROTOBUFJS-16657755	416	No Known Exploit

Breaking Change Risk

Notice: This assessment is enhanced by AI.

Release notes

Package name: @opentelemetry/resources

• 2.7.1 - 2026-04-29
  

  2.7.1

  🐛 Bug Fixes

  • fix(core, api): defer trace state validation. Deprecate trace state implementation in api #6459 @ david-luna
    • important: this bug fix may be breaking for certain uses of TraceState
      • set now returns the same TraceState instance if key/value are invalid or makes the while trace state invalid.
      • unset now returns the same TraceState instance if key is not present.
      • best-effort parsing of invalid TraceStates has changed: when multiple keys with the same name are present, the most recent one will win.

  🏠 Internal

  • perf(sdk-trace-base): optimize TraceIdRatioBasedSampler performance #6284 @ AbhiPrasad
  • perf(sdk-metrics): reduce loop overhead in sdk hot paths #6593 @ mcollina
• 2.7.0 - 2026-04-17
  

  2.7.0

  🚀 Features

  • feat(sdk-logs): implement log creation metrics #6433 @ anuraaga
  • feat(sdk-metrics): add the cardinalitySelector argument to PeriodicExportingMetricReaders
    #6460 @ starzlocker
  • feat(opentelemetry-core): add extra checks on internal merge function for safety #6587 @ maryliag

  🐛 Bug Fixes

  • fix(opentelemetry-resources): do not discard OTEL_RESOURCE_ATTRIBUTES when it contains empty kv pairs

  🏠 Internal

  • test(exporter-zipkin): fix broken browser test assertions and add missing coverage #6566 @ overbalance
  • fix(sdk-metrics): repair ExponentialHistogram tests #6565 @ overbalance

from @opentelemetry/resources GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[nkammah]

This is a patch version upgrade. The changes included in the opentelemetry-js v2.7.1 release do not affect the @opentelemetry/resources package. The release contains a bug fix for TraceState validation within the @opentelemetry/core and @opentelemetry/api packages, which is not related to @opentelemetry/resources. No breaking changes are expected for this upgrade.

Source: Release notes

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.