Skip to content

chore(deps): update dependency @opentelemetry/core to v2.9.0#73

Open
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/opentelemetry-js-monorepo
Open

chore(deps): update dependency @opentelemetry/core to v2.9.0#73
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/opentelemetry-js-monorepo

Conversation

@renovate

@renovate renovate Bot commented Jul 4, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence
@opentelemetry/core (source) 2.8.02.9.0 age confidence

Release Notes

open-telemetry/opentelemetry-js (@​opentelemetry/core)

v2.9.0

Compare Source

💥 Breaking Changes
  • docs(shim-opentracing): Notice: The @opentelemetry/shim-opentracing package will be removed in SDK 3.x, planned for approximately September 2026.
    • The OpenCensus and OpenTracing compatibility requirements in the OpenTelemetry specification have been deprecated.
🚀 Features
  • feat(sdk-metrics): add maxExportBatchSize option to PeriodicExportingMetricReader #​6655 @​psx95
    • Optimized PeriodicExportingMetricReader.forceFlush to prevent redundant concurrent export cycles. Concurrent calls to forceFlush will now await any ongoing export and reuse a fresh export cycle if one is started concurrently by another caller. This ensures the latest metrics are always exported efficiently without triggering duplicate collection and export cycles.
  • feat(sdk-trace): implement span processor metrics #​6504 @​anuraaga
  • feat(sdk-trace): add a new "sdk-trace" package to hold the Trace SDK, without environment variable configuration handling that belongs elsewhere #​6775 @​trentm
    • "sdk-trace" will eventually replace all of "sdk-trace-base", "sdk-trace-node", and "sdk-trace-web".
    • The BatchSpanProcessor constructor call signature has changed in "sdk-trace". For example, before new BatchSpanProcessor(exporter, { maxQueueSize: 1000 }), after new BatchSpanProcessor({ exporter, maxQueueSize: 1000 }). #​6817
    • The SimpleSpanProcessor constructor call signature has changed in "sdk-trace". For example, before new SimpleSpanProcessor(exporter), after new SimpleSpanProcessor({ exporter, selfObsMeterProvider: ... }). #​6504
  • feat(sdk-trace): add AlwaysRecordSampler #​6188 @​majanjua-amzn
🐛 Bug Fixes
  • fix(propagator-jaeger): do not throw on malformed percent-encoded uber-trace-id / uberctx-* headers during extract @​pichlermarc
🏠 Internal

Configuration

📅 Schedule: (in timezone America/Boise)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 4, 2026

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
❌ Deployment failed
View logs
aerealith e058a1e Jul 04 2026, 05:22 PM

@github-code-quality

Copy link
Copy Markdown

Code Coverage Overview

Languages: JavaScript

JavaScript / code-coverage/vitest

The overall coverage remains at 86%, unchanged from the branch.


Code Coverage is in Public Preview. Learn more and provide us with your feedback.

@github-actions

github-actions Bot commented Jul 4, 2026

Copy link
Copy Markdown

Coverage Report for Aerealith Vitest Coverage (.)

Status Category Percentage Covered / Total
🔵 Lines 85.61% 833 / 973
🔵 Statements 85.64% 835 / 975
🔵 Functions 73.46% 227 / 309
🔵 Branches 68.55% 316 / 461
File CoverageNo changed files found.
Generated in workflow #90 for commit e058a1e by the Vitest Coverage Report Action

@codecov

codecov Bot commented Jul 4, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ All tests successful. No failed tests found.

📢 Thoughts on this report? Let us know!

@github-actions github-actions Bot added type: build Build tooling, packaging, bundling, or release pipeline work. automated Created or updated by automation, bots, or repository workflows. dependencies Dependency update, package maintenance, or lockfile change. area: tooling Nx, pnpm, TypeScript, ESLint, Prettier, testing, or local development tooling. labels Jul 4, 2026
@github-actions

github-actions Bot commented Jul 4, 2026

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/@opentelemetry/core 2.9.0 🟢 7
Details
CheckScoreReason
Dependency-Update-Tool🟢 10update tool detected
Code-Review🟢 9Found 25/26 approved changesets -- score normalized to 9
Maintained🟢 1030 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies🟢 6dependency not pinned by hash detected -- score normalized to 6
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
SAST🟢 10SAST tool is run on all commits
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Security-Policy🟢 10security policy file detected
Branch-Protection🟢 4branch protection is not maximal on development and all release branches
Vulnerabilities⚠️ 021 existing vulnerabilities detected
CI-Tests🟢 1029 out of 29 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 40 contributing companies or organizations

Scanned Files

  • pnpm-lock.yaml

@codecov

codecov Bot commented Jul 4, 2026

Copy link
Copy Markdown

Bundle Report

Bundle size has no change ✅

@sonarqubecloud

sonarqubecloud Bot commented Jul 4, 2026

Copy link
Copy Markdown

@github-actions

github-actions Bot commented Jul 4, 2026

Copy link
Copy Markdown

Aerealith CI

Overall result: ❌ Failed
Run: #90

Check Result
Dependency install ✅ Passed
Nx installation ✅ Passed
Nx workspace reset ✅ Passed
Git comparison range ✅ Passed
Nx affected validation ❌ Failed
MegaLinter ✅ Passed

Cache

  • pnpm store: miss
  • Nx task cache: managed by Nx Cloud when configured for this workspace.
Run details
  • Base SHA: 255485f7eac3305483f1936f5df67656b686a63b
  • Head SHA: e058a1e19c5f1502bd893d00682ae314c991d598
  • Validation targets: lint, typecheck, test, build
  • Logs: download the ci-logs artifact from the workflow run.

Warning

Nx affected validation failed. Download the ci-logs artifact and inspect nx-affected-validation.log.
If the project graph reports Vite or Vitest plugin-worker failures, repair the affected Nx/Vite/Vitest configuration before rerunning CI.

@Sinless777 Sinless777 moved this to Inbox in Aerealith Delivery Jul 5, 2026
@Sinless777 Sinless777 moved this from Inbox to In Review in Aerealith Delivery Jul 5, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area: tooling Nx, pnpm, TypeScript, ESLint, Prettier, testing, or local development tooling. automated Created or updated by automation, bots, or repository workflows. dependencies Dependency update, package maintenance, or lockfile change. type: build Build tooling, packaging, bundling, or release pipeline work.

Projects

Status: In Review

Development

Successfully merging this pull request may close these issues.

1 participant