Skip to content

chore(deps): bump @opentelemetry/sdk-node from 0.218.0 to 0.219.0 in /example/opentelemetry#437

Merged
SoulPancake merged 1 commit into
mainfrom
dependabot/npm_and_yarn/example/opentelemetry/opentelemetry/sdk-node-0.219.0
Jun 14, 2026
Merged

chore(deps): bump @opentelemetry/sdk-node from 0.218.0 to 0.219.0 in /example/opentelemetry#437
SoulPancake merged 1 commit into
mainfrom
dependabot/npm_and_yarn/example/opentelemetry/opentelemetry/sdk-node-0.219.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 12, 2026

Copy link
Copy Markdown
Contributor

Bumps @opentelemetry/sdk-node from 0.218.0 to 0.219.0.

Release notes

Sourced from @​opentelemetry/sdk-node's releases.

experimental/v0.219.0

0.219.0

💥 Breaking Changes

  • fix(configuration)!: stop removing null values from parsed config object #6679 @​trentm
    • It is now the responsibility of the user of a parsed declarative config object, typically just the sdk-node package, to handle null values.
  • fix(api-logs)!: Removed NOOP_LOGGER and NoopLogger exports from @opentelemetry/api-logs. Use createNoopLogger(): Logger instead. #6713 @​dyladan
  • feat(api-logs)!: rename scopeAttributes to attributes in LoggerOptions #6573 @​pichlermarc
  • fix(sdk-node)!: remove buildSamplerFromConfig export #6784 @​trentm

🚀 Features

🐛 Bug Fixes

  • fix(sdk-node): pass all config properties to log record exporters in declarative config #6708 @​MikeGoldsmith
  • fix(sdk-node): warn and ignore zero exporter timeout in declarative config #6711 @​MikeGoldsmith
  • fix(sdk-node): pass gRPC credentials and headers to span exporter in declarative config #6705 @​MikeGoldsmith
  • fix(otlp-transformer): do not attempt to skip groups #6704 @​pichlermarc
  • fix(otlp-grpc-exporter-base): recreate client after 5 consecutive DEADLINE_EXCEEDED to recover from connection dropped deadlock #6296 @​afharo
  • fix(browser-detector): use the right semantic convention for user agent resource attribute #6729 @​david-luna
  • fix(browser-detector): user agent resource attribute always #6754 @​david-luna
  • fix(opentelemetry-exporter-prometheus): handle additional edge cases in metric name conversion #6727 @​cjihrig
  • fix(sdk-logs): avoid null dereference in BatchLogRecordProcessor._flushAll when an in-flight export completes between awaits #6763 @​Janealter
  • fix(configuration): improve environment variable substitution to handle all the cases shown in the spec #6757 @​trentm

📚 Documentation

  • docs(otlp-exporter-base): index the package's public API in generated docs so types like OTLPExporterNodeConfigBase resolve and link from consumer exporter pages #6725 @​devareddy05

🏠 Internal

  • refactor(configuration): remove redundant env var parsing in EnvironmentConfigFactory #6710 @​MikeGoldsmith
Commits
  • 13a035b chore: prepare next release (#6756)
  • 4b13587 Merge commit from fork
  • 71d195c chore(renovate): set minimumReleaseAge to 3 days (#6792)
  • 555fca6 Update renovate.json to use matchManagers (#6141)
  • b711a81 docs(otlp-exporter-base): add typedoc entry points so public API is indexed a...
  • da70402 fix(ci): supply-chain sec: disable caching in release-related workflow (#6790)
  • 002267b chore: complete the move to the smaller SPDX license header (#6791)
  • 056ef9c feat(sdk-metrics): implement metric reader metrics (#6449)
  • 3bd69ce fix(configuration): improve environment variable substitution to handle all t...
  • bfbda7c docs(exporter-trace-otlp-grpc): import CompressionAlgorithm from otlp-exporte...
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 12, 2026
Copilot AI review requested due to automatic review settings June 12, 2026 05:44
@dependabot dependabot Bot requested a review from a team as a code owner June 12, 2026 05:44
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 12, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@socket-security

socket-security Bot commented Jun 12, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Added@​opentelemetry/​sdk-node@​0.219.09810010096100

View full report

@socket-security

socket-security Bot commented Jun 12, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @protobufjs/float is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: ?npm/@opentelemetry/sdk-node@0.219.0npm/@protobufjs/float@1.0.2

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@protobufjs/float@1.0.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/example/opentelemetry/opentelemetry/sdk-node-0.219.0 branch from fd12790 to 435d402 Compare June 12, 2026 13:07
Bumps [@opentelemetry/sdk-node](https://github.com/open-telemetry/opentelemetry-js) from 0.218.0 to 0.219.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-js/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-js/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-js@experimental/v0.218.0...experimental/v0.219.0)

---
updated-dependencies:
- dependency-name: "@opentelemetry/sdk-node"
  dependency-version: 0.219.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/example/opentelemetry/opentelemetry/sdk-node-0.219.0 branch from 435d402 to c77262a Compare June 14, 2026 05:49
@SoulPancake SoulPancake added this pull request to the merge queue Jun 14, 2026
Merged via the queue into main with commit 83d262d Jun 14, 2026
27 of 29 checks passed
@SoulPancake SoulPancake deleted the dependabot/npm_and_yarn/example/opentelemetry/opentelemetry/sdk-node-0.219.0 branch June 14, 2026 06:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants