fix(deps): bump the production-dependencies group with 3 updates

[dependabot]

Bumps the production-dependencies group with 3 updates: @opentelemetry/auto-instrumentations-node, @opentelemetry/instrumentation-kafkajs and @opentelemetry/resource-detector-container.

Updates @opentelemetry/auto-instrumentations-node from 0.56.0 to 0.56.1

Release notes

Sourced from @​opentelemetry/auto-instrumentations-node's releases.

auto-instrumentations-node: v0.56.1

0.56.1 (2025-02-19)

Bug Fixes

• deps: update otel core experimental to ^0.57.1 (#2687) (5e20fe2)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​opentelemetry/instrumentation-amqplib bumped from ^0.46.0 to ^0.46.1
    • @​opentelemetry/instrumentation-aws-lambda bumped from ^0.50.2 to ^0.50.3
    • @​opentelemetry/instrumentation-aws-sdk bumped from ^0.49.0 to ^0.49.1
    • @​opentelemetry/instrumentation-bunyan bumped from ^0.45.0 to ^0.45.1
    • @​opentelemetry/instrumentation-cassandra-driver bumped from ^0.45.0 to ^0.45.1
    • @​opentelemetry/instrumentation-connect bumped from ^0.43.0 to ^0.43.1
    • @​opentelemetry/instrumentation-cucumber bumped from ^0.14.0 to ^0.14.1
    • @​opentelemetry/instrumentation-dataloader bumped from ^0.16.0 to ^0.16.1
    • @​opentelemetry/instrumentation-dns bumped from ^0.43.0 to ^0.43.1
    • @​opentelemetry/instrumentation-express bumped from ^0.47.0 to ^0.47.1
    • @​opentelemetry/instrumentation-fastify bumped from ^0.44.1 to ^0.44.2
    • @​opentelemetry/instrumentation-fs bumped from ^0.19.0 to ^0.19.1
    • @​opentelemetry/instrumentation-generic-pool bumped from ^0.43.0 to ^0.43.1
    • @​opentelemetry/instrumentation-graphql bumped from ^0.47.0 to ^0.47.1
    • @​opentelemetry/instrumentation-hapi bumped from ^0.45.1 to ^0.45.2
    • @​opentelemetry/instrumentation-ioredis bumped from ^0.47.0 to ^0.47.1
    • @​opentelemetry/instrumentation-kafkajs bumped from ^0.7.0 to ^0.7.1
    • @​opentelemetry/instrumentation-knex bumped from ^0.44.0 to ^0.44.1
    • @​opentelemetry/instrumentation-koa bumped from ^0.47.0 to ^0.47.1
    • @​opentelemetry/instrumentation-lru-memoizer bumped from ^0.44.0 to ^0.44.1
    • @​opentelemetry/instrumentation-memcached bumped from ^0.43.0 to ^0.43.1
    • @​opentelemetry/instrumentation-mongodb bumped from ^0.51.0 to ^0.52.0
    • @​opentelemetry/instrumentation-mongoose bumped from ^0.46.0 to ^0.46.1
    • @​opentelemetry/instrumentation-mysql bumped from ^0.45.0 to ^0.45.1
    • @​opentelemetry/instrumentation-mysql2 bumped from ^0.45.1 to ^0.45.2
    • @​opentelemetry/instrumentation-nestjs-core bumped from ^0.44.0 to ^0.44.1
    • @​opentelemetry/instrumentation-net bumped from ^0.43.0 to ^0.43.1
    • @​opentelemetry/instrumentation-pg bumped from ^0.51.0 to ^0.51.1
    • @​opentelemetry/instrumentation-pino bumped from ^0.46.0 to ^0.46.1
    • @​opentelemetry/instrumentation-redis bumped from ^0.46.0 to ^0.46.1
    • @​opentelemetry/instrumentation-redis-4 bumped from ^0.46.0 to ^0.46.1
    • @​opentelemetry/instrumentation-restify bumped from ^0.45.0 to ^0.45.1
    • @​opentelemetry/instrumentation-router bumped from ^0.44.0 to ^0.44.1
    • @​opentelemetry/instrumentation-socket.io bumped from ^0.46.0 to ^0.46.1
    • @​opentelemetry/instrumentation-tedious bumped from ^0.18.0 to ^0.18.1
    • @​opentelemetry/instrumentation-undici bumped from ^0.10.0 to ^0.10.1
    • @​opentelemetry/instrumentation-winston bumped from ^0.44.0 to ^0.44.1

... (truncated)

Commits

• 1eb7700 chore: release main (#2688)
• 76a3117 ci: Add FOSSA scanning workflow (#2721)
• 8a5c214 feat(deps): lock file maintenance (#2719)
• e713796 chore: Add onurtemizkan as mongodb component owner. (#2720)
• bef920a feat(detector-aws): add more lambda semconv attributes (#2589)
• fd547c8 refactor(auto-instrumentations-node): migrate away from getEnv() (#2708)
• 8c56f8d feat(deps): lock file maintenance (#2702)
• 0b76336 chore: add raphael-theriault-swi to component owners for express and mysql2 (...
• c88dd84 fix(deps): update all patch versions (#2701)
• 5e20fe2 fix(deps): update otel core experimental to ^0.57.1 (#2687)
• Additional commits viewable in compare view

Updates @opentelemetry/instrumentation-kafkajs from 0.7.0 to 0.7.1

Release notes

Sourced from @​opentelemetry/instrumentation-kafkajs's releases.

instrumentation-kafkajs: v0.7.1

0.7.1 (2025-02-19)

Bug Fixes

• deps: update otel core experimental to ^0.57.1 (#2687) (5e20fe2)

Dependencies

• The following workspace dependencies were updated
  • devDependencies
    • @​opentelemetry/contrib-test-utils bumped from ^0.45.0 to ^0.45.1

Changelog

Sourced from @​opentelemetry/instrumentation-kafkajs's changelog.

CHANGELOG

As of v0.25.1 (2022-01-24) changelog content has moved to separate CHANGELOG.md files for each package. Use this search for a list of all CHANGELOG.md files in this repo.

Unreleased

0.25.0

🐛 Bug Fix

• #619 fix: GraphQL throws TypeError: Cannot read property 'startToken' of undefined (@​obecny)
• #643 fix(user-interaction): event listeners have wrong this when listening for bubbled events (@​t2t2)
• #562 fix(mysql): bind get connection callback to active context (@​sstone1)
• #589 fix(hapi-instrumentation): close spans on errors in instrumented functions (@​CptSchnitz)
• #580 fix: redis instrumentation loses context when using callbacks (@​aspectom)

🚀 Enhancement

• Other
  • #626 feat(mongodb): add db statement serializer config (@​nozik)
  • #622 docs: add missing fetch instrumentation (@​meteorlxy)
  • #553 feat: Add NestJS instrumentation (@​Rauno56)
  • #588 chore: adding instrumentation for connect (@​obecny)
• opentelemetry-test-utils
  • #593 feat: move aws/gcp detectors from opentelemetry-js repo (@​legendecas)

🏠 Internal

• opentelemetry-test-utils
  • #641 chore(mysql2): adding TAV script (@​YanivD)
  • #639 build(test-utils): marking test-utils as non private so it can be published (@​blumamir)
  • #596 docs(test-utils): add README.md for @​opentelemetry/test-utils (@​Rauno56)
• Other
  • #648 ci: speed up lint workflow with hoisting (@​YanivD)
  • #614 ci: speed up PR unit-test run time (@​blumamir)
  • #612 chore: ignore renovate-bot for component owners (@​dyladan)
  • #597 chore: add script to update core dependencies (@​dyladan)
  • #606 chore: add ownership for aws propagator (@​dyladan)
  • #601 chore: configure renovate to bump API (@​Flarna)

📝 Documentation

• opentelemetry-browser-extension-autoinjection
  • #615 docs: correct the build instructions (@​jessitron)

Committers: 16

• Amir Blum (@​blumamir)
• Bartlomiej Obecny (@​obecny)
• Daniel Dyla (@​dyladan)
• Gerhard Stöbich (@​Flarna)
• Herman (@​hermanbanken)
• Jessica Kerr (@​jessitron)
• Ofer Adelstein (@​CptSchnitz)

... (truncated)

Commits

• 32889bd chore: release main (#1396)
• 17c3bf1 ci: fix excessive memory usage by preventing source-map generation (#1419)
• 62a806f chore(deps): update dependency rimraf to v4 (#1402)
• f5f7ac6 feat(ioredis): Update instrumentation-ioredis to version 5.x.x (#1121)
• 7180353 chore(instrumentation-fs): remove node 14 promises check from tests (#1413)
• 40461ce test(koa): add test all versions to @​koa/router (#1398)
• 3ca874e fix(instrumentation-fs): fix instrumentation of fs/promises (#1375)
• e93a192 fix: remove component attribute from instrumentations (#1399)
• ee0a59a fix(instrumentation-fs): allow realpath.native and realpathSync.native (#1332)
• 3484b75 chore(deps): update dependency @​koa/router to v12 (#1240)
• Additional commits viewable in compare view

Updates @opentelemetry/resource-detector-container from 0.6.0 to 0.6.1

Release notes

Sourced from @​opentelemetry/resource-detector-container's releases.

resource-detector-container: v0.6.1

0.6.1 (2025-02-19)

Dependencies

• The following workspace dependencies were updated
  • devDependencies
    • @​opentelemetry/contrib-test-utils bumped from ^0.45.0 to ^0.45.1
    • @​opentelemetry/instrumentation-fs bumped from ^0.19.0 to ^0.19.1

resource-detector-azure: v0.6.1

0.6.1 (2025-02-19)

Bug Fixes

• deps: update otel core experimental to ^0.57.1 (#2687) (5e20fe2)

Dependencies

• The following workspace dependencies were updated
  • devDependencies
    • @​opentelemetry/contrib-test-utils bumped from ^0.45.0 to ^0.45.1

Changelog

Sourced from @​opentelemetry/resource-detector-container's changelog.

0.6.1

Released 2020-04-08

For details about this release and all previous releases, see https://github.com/open-telemetry/opentelemetry-js/blob/main/CHANGELOG.md

Commits

• c5ed47d chore: 0.6.1 release proposal (#951)
• d1c99ae chore: adding timestamp for prometheus metric Counter (#947)
• 7ab6aba chore: fixing wrong return type for metric observer callback (#949)
• 4a5717c [Jaeger-Exporter] host default env var (#924)
• c061699 Updating out of date @​types/mocha packages (#939)
• b43ac51 chore: remove bad null check (#946)
• 083b2d6 fix: do not clear other labelsets when updating metrics (#941)
• 1b62c51 feat(meter): allow custom batcher #932 (#933)
• 41509f0 fix: Jaeger propagator example of usage" (#937)
• de0e26e chore: replace @​opentelemetry/opentelemetry-context-base with @opentelemetry/...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[socket-security]

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@opentelemetry/[email protected] 🔁 npm/@opentelemetry/[email protected]	Transitive: filesystem, network, unsafe	+81	13.5 MB	dyladan
npm/@opentelemetry/[email protected] 🔁 npm/@opentelemetry/[email protected]	Transitive: unsafe	+8	7.19 MB	dyladan
npm/@opentelemetry/[email protected] 🔁 npm/@opentelemetry/[email protected]	Transitive: environment, unsafe	+2	7.23 MB	dyladan
npm/@types/[email protected]	None	+9	107 kB	types
npm/@types/[email protected]	None	+1	2.1 MB	types
npm/@types/[email protected]	None	0	2.09 MB	types
npm/[email protected]	environment, filesystem, network Transitive: eval, unsafe	+64	2.16 MB	jonchurch
npm/[email protected]	environment, network	0	732 kB	tulios
npm/[email protected]	environment, filesystem, unsafe	+19	2.74 MB	blakeembrey
npm/[email protected]	None	0	32.4 MB	typescript-bot
npm/[email protected]	None	0	21.9 MB	typescript-bot

🚮 Removed packages: npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

🎉 This PR is included in version 1.1.17 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀