chore(deps): update opentelemetry

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update	Pending
@myrotvorets/opentelemetry-configurator	^7.11.0 -> ^7.12.0					dependencies	patch	7.13.0
@opentelemetry/core (source)	^1.28.0 -> ^1.29.0					dependencies	minor
otel/opentelemetry-collector-contrib	0.114.0 -> 0.115.1						minor

---

Release Notes

open-telemetry/opentelemetry-js (@​opentelemetry/core)

v1.29.0

Compare Source

💥 Breaking Change

• feat(sdk-metrics): Add support for aggregation cardinality limit with a default limit of 2000. This limit can be customized via views #​5182

open-telemetry/opentelemetry-collector-releases (otel/opentelemetry-collector-contrib)

v0.115.1

Compare Source

Check the v0.115.1 contrib changelog and the v0.115.1 core changelog for changelogs on specific components.

Changelog

• a61f843 Revert "test: run linux package tests nightly against latest contrib main (#​666)" (#​761)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 2 package(s) with unknown licenses.

See the Details below.

License Issues

package-lock.json

Package	Version	License	Issue Type
@myrotvorets/opentelemetry-configurator	7.13.0	Null	Unknown License

package.json

Package	Version	License	Issue Type
@myrotvorets/opentelemetry-configurator	^7.12.0	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@myrotvorets/opentelemetry-configurator	7.13.0	Unknown	Unknown
npm/@opentelemetry/api-logs	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/context-async-hooks	1.29.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/core	1.29.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/exporter-logs-otlp-grpc	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/exporter-logs-otlp-http	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/exporter-logs-otlp-proto	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/exporter-metrics-otlp-grpc	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/exporter-metrics-otlp-http	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/exporter-metrics-otlp-proto	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/exporter-prometheus	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/exporter-trace-otlp-grpc	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/exporter-trace-otlp-http	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/exporter-trace-otlp-proto	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/exporter-zipkin	1.29.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/instrumentation	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/instrumentation-express	0.46.0	🟢 6.5	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 23 existing vulnerabilities detected
npm/@opentelemetry/instrumentation-fs	0.18.0	🟢 6.5	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 23 existing vulnerabilities detected
npm/@opentelemetry/instrumentation-http	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/otlp-exporter-base	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/otlp-grpc-exporter-base	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/otlp-transformer	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/propagator-b3	1.29.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/propagator-jaeger	1.29.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/resources	1.29.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/sdk-logs	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/sdk-metrics	1.29.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/sdk-node	0.56.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/sdk-trace-base	1.29.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/sdk-trace-node	1.29.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@opentelemetry/semantic-conventions	1.28.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected
npm/@myrotvorets/opentelemetry-configurator	^7.12.0	Unknown	Unknown
npm/@opentelemetry/core	^1.29.0	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 18 existing vulnerabilities detected

Scanned Files

• package-lock.json
• package.json

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (c82ed5f) to head (8732f44).
Report is 3 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff            @@
##            master     #1577   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           10        10           
  Lines          460       460           
  Branches        25        25           
=========================================
  Hits           460       460           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud