From cc058b82060bdd2a38f848b2b3cd7c368ad1d54e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 9 May 2026 00:14:30 +0000 Subject: [PATCH 1/2] fix: upgrade @opentelemetry/exporter-prometheus from 0.57.2 to 0.215.0 Snyk has created this PR to upgrade @opentelemetry/exporter-prometheus from 0.57.2 to 0.215.0. See this package in yarn: @opentelemetry/exporter-prometheus See this project in Snyk: https://app.snyk.io/org/cloudinaryltd/project/49b18dd8-4139-4a46-8963-719d2e981418?utm_source=github&utm_medium=referral&page=upgrade-pr --- package.json | 2 +- yarn.lock | 30 ++++++++++++++++++++++++++++-- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/package.json b/package.json index d0a235b..f7a40fd 100644 --- a/package.json +++ b/package.json @@ -9,7 +9,7 @@ }, "dependencies": { "@opentelemetry/api": "^1.9.1", - "@opentelemetry/exporter-prometheus": "^0.57.2", + "@opentelemetry/exporter-prometheus": "^0.215.0", "@opentelemetry/instrumentation-express": "^0.49.0", "@opentelemetry/instrumentation-http": "^0.57.2", "@opentelemetry/resources": "^1.30.1", diff --git a/yarn.lock b/yarn.lock index 1dc26c0..623f205 100644 --- a/yarn.lock +++ b/yarn.lock @@ -122,7 +122,7 @@ dependencies: "@opentelemetry/semantic-conventions" "1.28.0" -"@opentelemetry/core@^2.0.0": +"@opentelemetry/core@2.7.0", "@opentelemetry/core@^2.0.0": version "2.7.0" resolved "https://registry.yarnpkg.com/@opentelemetry/core/-/core-2.7.0.tgz#41ebcd3033f69e48e719266524877f8fef75bc03" integrity sha512-DT12SXVwV2eoJrGf4nnsvZojxxeQo+LlNAsoYGRRObPWTeN6APiqZ2+nqDCQDvQX40eLi1AePONS0onoASp3yQ== @@ -202,7 +202,7 @@ "@opentelemetry/resources" "1.30.1" "@opentelemetry/sdk-metrics" "1.30.1" -"@opentelemetry/exporter-prometheus@0.57.2", "@opentelemetry/exporter-prometheus@^0.57.2": +"@opentelemetry/exporter-prometheus@0.57.2": version "0.57.2" resolved "https://registry.yarnpkg.com/@opentelemetry/exporter-prometheus/-/exporter-prometheus-0.57.2.tgz#b9dadca23e75c0adf9cfbecf20986f89fc24189a" integrity sha512-VqIqXnuxWMWE/1NatAGtB1PvsQipwxDcdG4RwA/umdBcW3/iOHp0uejvFHTRN2O78ZPged87ErJajyUBPUhlDQ== @@ -211,6 +211,16 @@ "@opentelemetry/resources" "1.30.1" "@opentelemetry/sdk-metrics" "1.30.1" +"@opentelemetry/exporter-prometheus@^0.215.0": + version "0.215.0" + resolved "https://registry.yarnpkg.com/@opentelemetry/exporter-prometheus/-/exporter-prometheus-0.215.0.tgz#aecf7f0052a2fdb59829dc37e999744582de7a84" + integrity sha512-7ghCl1G84jccmxG3B8UwUMZ1OlequBzB1jt5tZ4DDiAyVKeA4Roz5D6VK8SQ0ZyBQffVyX/rtXrpVXKVzRCGfg== + dependencies: + "@opentelemetry/core" "2.7.0" + "@opentelemetry/resources" "2.7.0" + "@opentelemetry/sdk-metrics" "2.7.0" + "@opentelemetry/semantic-conventions" "^1.29.0" + "@opentelemetry/exporter-trace-otlp-grpc@0.57.2": version "0.57.2" resolved "https://registry.yarnpkg.com/@opentelemetry/exporter-trace-otlp-grpc/-/exporter-trace-otlp-grpc-0.57.2.tgz#1c1e593a987c211a0e9134037b7a2a7f3836f8ba" @@ -352,6 +362,14 @@ "@opentelemetry/core" "1.30.1" "@opentelemetry/semantic-conventions" "1.28.0" +"@opentelemetry/resources@2.7.0": + version "2.7.0" + resolved "https://registry.yarnpkg.com/@opentelemetry/resources/-/resources-2.7.0.tgz#82abff22253c06a73bd392e218645d1ccf197c91" + integrity sha512-K+oi0hNMv94EpZbnW3eyu2X6SGVpD3O5DhG2NIp65Hc7lhAj9brRXTAVzh3wB82+q3ThakEf7Zd7RsFUqcTc7A== + dependencies: + "@opentelemetry/core" "2.7.0" + "@opentelemetry/semantic-conventions" "^1.29.0" + "@opentelemetry/sdk-logs@0.57.2": version "0.57.2" resolved "https://registry.yarnpkg.com/@opentelemetry/sdk-logs/-/sdk-logs-0.57.2.tgz#ddc9d1e2b86052b4b6bb954dd90fa3878bed8a23" @@ -369,6 +387,14 @@ "@opentelemetry/core" "1.30.1" "@opentelemetry/resources" "1.30.1" +"@opentelemetry/sdk-metrics@2.7.0": + version "2.7.0" + resolved "https://registry.yarnpkg.com/@opentelemetry/sdk-metrics/-/sdk-metrics-2.7.0.tgz#0bcfa214e85eb78c882d109fda3c2f09eb9e051c" + integrity sha512-Vd7h95av/LYRsAVN7wbprvvJnHkq7swMXAo7Uad0Uxf9jl6NSReLa0JNivrcc5BVIx/vl2t+cgdVQQbnVhsR9w== + dependencies: + "@opentelemetry/core" "2.7.0" + "@opentelemetry/resources" "2.7.0" + "@opentelemetry/sdk-node@^0.57.2": version "0.57.2" resolved "https://registry.yarnpkg.com/@opentelemetry/sdk-node/-/sdk-node-0.57.2.tgz#27597c99d3062a3be7c02ace3cc596a02fd31996" From 1284beb39909316e06d81d5cdd9e09a446aaf0c9 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 10 May 2026 22:30:15 +0000 Subject: [PATCH 2/2] fix: upgrade @opentelemetry/exporter-prometheus from 0.57.2 to 0.215.0 Snyk has created this PR to upgrade @opentelemetry/exporter-prometheus from 0.57.2 to 0.215.0. See this package in yarn: @opentelemetry/exporter-prometheus See this project in Snyk: https://app.snyk.io/org/cloudinaryltd/project/49b18dd8-4139-4a46-8963-719d2e981418?utm_source=github&utm_medium=referral&page=upgrade-pr