Skip to content

chore(deps): snyk dependency upgrade#96

Open
snyk-io[bot] wants to merge 1 commit into
mainfrom
snyk-upgrade-0b5979db965724ccd6b87b9e6c24bbd6
Open

chore(deps): snyk dependency upgrade#96
snyk-io[bot] wants to merge 1 commit into
mainfrom
snyk-upgrade-0b5979db965724ccd6b87b9e6c24bbd6

Conversation

@snyk-io

@snyk-io snyk-io Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🛡️ Snyk Security Upgrade

This automated PR fixes security vulnerabilities found in @opentelemetry/sdk-logs.

📋 Changes

  • Package: @opentelemetry/sdk-logs
  • Upgrade: 0.215.0 → 0.219.0
  • Issues fixed: 0

Security Review

  • [] I have considered and reviewed security implications of this PR and included the summary below.

Security Impact Summary

The purpose of this PR is to update a dependency which meets the criteria set in snyk.

⚙️ Settings

@snyk-io snyk-io Bot requested a review from a team as a code owner July 3, 2026 01:54
@snyk-io

snyk-io Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

Merge Risk: High

This upgrade to an experimental package includes several breaking changes that require developer action, particularly for users with custom implementations.

Key Breaking Changes:

  • LogRecordExporter Interface Change: The LogRecordExporter interface now requires a forceFlush() method to be implemented. Custom log exporters must add this method to be compatible with the new version.
  • LoggerOptions Renaming: The scopeAttributes property in LoggerOptions has been renamed to attributes.
  • API Removals: In the related @opentelemetry/api-logs package, the NOOP_LOGGER and NoopLogger exports have been removed. Users should now use the createNoopLogger() function instead.

Recommendation:
Review any custom LogRecordExporter implementations to add the required forceFlush() method. Update any instantiations of Logger to use attributes instead of scopeAttributes in the options. Check for usage of the removed no-op logger exports and update to the new factory function.

Source: Release notes

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

@snyk-io

snyk-io Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant