chore(deps): update opentelemetry

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@myrotvorets/opentelemetry-configurator	^7.10.0 -> ^7.11.0					dependencies	minor
otel/opentelemetry-collector-contrib	0.111.0 -> 0.114.0						minor

---

Release Notes

myrotvorets/opentelemetry-configurator (@​myrotvorets/opentelemetry-configurator)

v7.11.0

Compare Source

What's Changed

• chore(deps): lock file maintenance by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/790
• chore(deps): lock file maintenance by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/791
• chore(deps): update dependency typescript to v5.6.2 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/792
• chore(deps): update step-security/harden-runner action to v2.10.0 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/793
• chore(deps): update step-security/harden-runner action to v2.10.1 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/794
• chore(deps): update dependency @​types/mocha to v10.0.8 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/795
• chore(deps): update github/codeql-action action to v3.26.7 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/796
• chore(deps): lock file maintenance by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/797
• chore(deps): update github/codeql-action action to v3.26.8 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/798
• chore(deps): update actions/setup-node action to v4.0.4 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/799
• chore(deps): lock file maintenance by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/800
• chore(deps): update github/codeql-action action to v3.26.9 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/801
• chore(deps): update dependency @​types/chai to v4.3.20 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/802
• chore(deps): update dependency @​types/chai to v5 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/803
• chore(deps): update actions/checkout action to v4.2.0 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/804
• chore(deps): lock file maintenance by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/805
• chore(deps): update github/codeql-action action to v3.26.10 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/806
• chore(deps): update github/codeql-action action to v3.26.11 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/807
• chore(deps): lock file maintenance by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/808
• chore(deps): update actions/checkout action to v4.2.1 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/809
• chore(deps): update github/codeql-action action to v3.26.12 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/810
• chore(deps): update dependency @​types/mocha to v10.0.9 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/811
• chore(deps): update dependency typescript to v5.6.3 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/812
• chore(deps): lock file maintenance by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/814
• chore(deps): update github/codeql-action action to v3.26.13 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/815
• chore(deps): lock file maintenance by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/816
• chore(deps): update actions/dependency-review-action action to v4.3.5 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/818
• chore(deps): update github/codeql-action action to v3.27.0 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/819
• chore(deps): update dependency chai to v5.1.2 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/820
• chore(deps): update actions/checkout action to v4.2.2 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/821
• chore(deps): update actions/setup-node action to v4.1.0 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/822
• chore(deps): update actions/dependency-review-action action to v4.4.0 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/823
• chore(deps): update dependency @​types/chai to v5.0.1 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/824
• chore(deps): update dependency mocha to v10.8.0 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/825
• chore(deps): update dependency mocha to v10.8.1 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/826
• chore(deps): update dependency mocha to v10.8.2 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/827
• chore(deps): lock file maintenance by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/829
• chore(deps): update github/codeql-action action to v3.27.1 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/830
• chore(deps): lock file maintenance by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/831
• chore(deps): update github/codeql-action action to v3.27.2 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/832
• chore(deps): update github/codeql-action action to v3.27.3 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/833
• chore(deps): update softprops/action-gh-release action to v2.1.0 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/828
• chore(deps): update dependency typescript to v5.6.3 by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/817
• chore(deps): update opentelemetry by @​renovate in https://github.com/myrotvorets/opentelemetry-configurator/pull/813

Full Changelog: myrotvorets/opentelemetry-configurator@v7.10.0...v7.11.0

open-telemetry/opentelemetry-collector-releases (otel/opentelemetry-collector-contrib)

v0.114.0

Compare Source

Check the v0.114.0 contrib changelog and the v0.114.0 core changelog for changelogs on specific components.

Changelog

• dc1bada prepare v0.114.0 release (#​740)
• 1705981 [chore] fix renovate regex config (#​733)
• ee3ebeb chore(deps): update github-actions deps (#​732)
• 9c3ca38 Bump github.com/goreleaser/goreleaser-pro/v2 from 2.3.2-pro to 2.4.1-pro (#​724)
• 26c3dee Update GoReleaser templating to support all collector distros (#​708)
• 067599e Set up default renovate config with regex to handle goreleaser-pro updates (#​728)

v0.113.0

Compare Source

Check the v0.113.0 contrib changelog and the v0.113.0 core changelog for changelogs on specific components.

Changelog

• 703f46e Prepare v0.113.0 (#​729)
• ad9097b remove go flag from distribution build script (#​727)
• 2df84d1 Add ntpreceiver to contrib (#​723)
• 11530fd Remove otel-version usage, removed from builder (#​722)
• 4201470 revert removal of googlecloudspanner receiver (#​721)
• 3ba7931 chore(deps): update dependency ubuntu to v24 (#​719)
• 9a506ce chore(deps): update alpine docker tag to v3.20 (#​718)
• 7871272 chore: Configure Renovate (#​709)
• 6ebf4c2 Bump actions/checkout from 4.2.1 to 4.2.2 (#​711)
• d60d8cc Bump anchore/sbom-action from 0.17.4 to 0.17.6 (#​717)
• 3853563 Bump actions/setup-go from 5.0.2 to 5.1.0 (#​712)
• c106f40 Bump docker/setup-buildx-action from 3.6.1 to 3.7.1 (#​713)
• e2e1ec2 Add AWS S3 Receiver to contrib distribution (#​698)
• d69f1bf Bump sigstore/cosign-installer from 3.6.0 to 3.7.0 (#​714)

v0.112.0

Compare Source

Check the v0.112.0 contrib changelog and the v0.112.0 core changelog for changelogs on specific components.

Changelog

• e4e8f94 [chore] Prepare v0.112.0 release (#​705)
• 240fd27 Add Google Cloud Monitoring receiver to contrib distribution (#​699)
• ba44d42 Update manifest with new alpha components (#​704)
• 8bef0bf fix: add missing http ports to dockerfile expose statements (#​702)
• b07732c Bump anchore/sbom-action from 0.17.3 to 0.17.4 (#​700)
• 226dd5d [enhancement] Add OCB docker image release (#​671)
• 38ce901 Bump actions/upload-artifact from 4.4.0 to 4.4.3 (#​695)
• 60b1d38 Bump anchore/sbom-action from 0.17.2 to 0.17.3 (#​696)
• 13edbb7 Bump actions/checkout from 4.2.0 to 4.2.1 (#​694)
• 3b59b8c Added a step to tidy go.mod files (#​687)
• d745106 [chore] Update goreleaser used in CI to v2.3.2 (#​689)
• 1d10b81 Bump github.com/goreleaser/goreleaser-pro/v2 from 2.2.0-pro to 2.3.2-pro (#​672)
• 7a0e2c0 Bump docker/setup-buildx-action from 3.6.1 to 3.7.1 (#​690)
• adc2e29 Bump sigstore/cosign-installer from 3.6.0 to 3.7.0 (#​691)
• 7c1c3a9 remove unmaintained component (#​686)
• 16ccd56 [chore] refactor(contrib): remove replace directive for go-ieproxy package (#​678)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 2 package(s) with unknown licenses.

See the Details below.

License Issues

package-lock.json

Package	Version	License	Issue Type
@myrotvorets/opentelemetry-configurator	7.11.0	Null	Unknown License

package.json

Package	Version	License	Issue Type
@myrotvorets/opentelemetry-configurator	^7.11.0	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@myrotvorets/opentelemetry-configurator	7.11.0	Unknown	Unknown
npm/@opentelemetry/api-logs	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/context-async-hooks	1.27.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/core	1.27.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/exporter-logs-otlp-grpc	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/exporter-logs-otlp-http	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/exporter-logs-otlp-proto	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/exporter-metrics-otlp-grpc	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/exporter-metrics-otlp-http	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/exporter-metrics-otlp-proto	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/exporter-prometheus	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/exporter-trace-otlp-grpc	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/exporter-trace-otlp-http	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/exporter-trace-otlp-proto	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/exporter-zipkin	1.27.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/instrumentation	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/instrumentation-express	0.44.0	🟢 6.4	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 26 existing vulnerabilities detected
npm/@opentelemetry/instrumentation-fs	0.16.0	🟢 6.4	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 10 security policy file detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 26 existing vulnerabilities detected
npm/@opentelemetry/instrumentation-http	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/otlp-exporter-base	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/otlp-grpc-exporter-base	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/otlp-transformer	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/propagator-b3	1.27.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/propagator-jaeger	1.27.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/resources	1.27.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/sdk-logs	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/sdk-metrics	1.27.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/sdk-node	0.54.2	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/sdk-trace-base	1.27.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/@opentelemetry/sdk-trace-node	1.27.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 21 existing vulnerabilities detected
npm/forwarded-parse	2.1.2	🟢 3.4	Details Check Score Reason Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@myrotvorets/opentelemetry-configurator	^7.11.0	Unknown	Unknown

Scanned Files

• package-lock.json
• package.json

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 72.41%. Comparing base (8ba69be) to head (fb3650c).

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #658   +/-   ##
=======================================
  Coverage   72.41%   72.41%           
=======================================
  Files          14       14           
  Lines         765      765           
  Branches       46       46           
=======================================
  Hits          554      554           
  Misses        211      211           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud