Skip to content

build(deps): bump the dependencies group across 1 directory with 4 updates#123

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/dependencies-41406b2544
Closed

build(deps): bump the dependencies group across 1 directory with 4 updates#123
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/dependencies-41406b2544

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 1, 2026
edited
Loading

Bumps the dependencies group with 4 updates in the / directory: @sentry/node, @stellar/stellar-sdk, amqplib and knex.

Updates @sentry/node from 10.46.0 to 10.47.0

Release notes

Sourced from @​sentry/node's releases.

10.47.0

Important Changes

  • feat(node-core): Add OTLP integration for node-core/light (#19729)

    Added otlpIntegration at @sentry/node-core/light/otlp for users who manage their own OpenTelemetry setup and want to send trace data to Sentry without adopting the full @sentry/node SDK.

    import { NodeTracerProvider } from '@opentelemetry/sdk-trace-node';
import * as Sentry from '@sentry/node-core/light';
import { otlpIntegration } from '@sentry/node-core/light/otlp';
const provider = new NodeTracerProvider();
provider.register();
Sentry.init({
dsn: 'DSN',
integrations: [
otlpIntegration({
// Export OTel spans to Sentry via OTLP (default: true)
setupOtlpTracesExporter: true,
}),
],
});

    The integration links Sentry errors to OTel traces and exports spans to Sentry via OTLP.

  • feat(node, bun): Add runtime metrics integrations for Node.js and Bun (#19923, #19979)

    New nodeRuntimeMetricsIntegration and bunRuntimeMetricsIntegration automatically collect runtime health metrics and send them to Sentry on a configurable interval (default: 30s). Collected metrics include memory (RSS, heap used/total), CPU utilization, event loop utilization, and process uptime. Node additionally collects event loop delay percentiles (p50, p99). Extra metrics like CPU time and external memory are available as opt-in.

    // Node.js
import * as Sentry from '@sentry/node';
Sentry.init({
dsn: '...',
integrations: [Sentry.nodeRuntimeMetricsIntegration()],
});
// Bun
import * as Sentry from '@​sentry/bun';
Sentry.init({
dsn: '...',
integrations: [Sentry.bunRuntimeMetricsIntegration()],
});

... (truncated)

Changelog

Sourced from @​sentry/node's changelog.

10.47.0

Important Changes

  • feat(node-core): Add OTLP integration for node-core/light (#19729)

    Added otlpIntegration at @sentry/node-core/light/otlp for users who manage their own OpenTelemetry setup and want to send trace data to Sentry without adopting the full @sentry/node SDK.

    import { NodeTracerProvider } from '@opentelemetry/sdk-trace-node';
import * as Sentry from '@sentry/node-core/light';
import { otlpIntegration } from '@sentry/node-core/light/otlp';
const provider = new NodeTracerProvider();
provider.register();
Sentry.init({
dsn: 'DSN',
integrations: [
otlpIntegration({
// Export OTel spans to Sentry via OTLP (default: true)
setupOtlpTracesExporter: true,
}),
],
});

    The integration links Sentry errors to OTel traces and exports spans to Sentry via OTLP.

  • feat(node, bun): Add runtime metrics integrations for Node.js and Bun (#19923, #19979)

    New nodeRuntimeMetricsIntegration and bunRuntimeMetricsIntegration automatically collect runtime health metrics and send them to Sentry on a configurable interval (default: 30s). Collected metrics include memory (RSS, heap used/total), CPU utilization, event loop utilization, and process uptime. Node additionally collects event loop delay percentiles (p50, p99). Extra metrics like CPU time and external memory are available as opt-in.

    // Node.js
import * as Sentry from '@sentry/node';
Sentry.init({
dsn: '...',
integrations: [Sentry.nodeRuntimeMetricsIntegration()],
});
// Bun
import * as Sentry from '@​sentry/bun';
Sentry.init({
dsn: '...',
integrations: [Sentry.bunRuntimeMetricsIntegration()],

... (truncated)

Commits
  • a5a4e73 release: 10.47.0
  • c7477bb Merge pull request #20050 from getsentry/prepare-release/10.47.0
  • 3d4e38d meta(changelog): Update changelog for 10.47.0
  • 2c0ce6f feat(deps): Bump OpenTelemetry dependencies (#20046)
  • 8f08fcb fix(browser-tests): Pin axios to 1.13.5 to avoid compromised 1.14.1 (#20047)
  • 3815492 fix(profiling): Disable profiling in worker threads (#20040)
  • 61edc25 Merge pull request #19890 from getsentry/fix/react-router-debug-id-double-inj...
  • 28f94f3 fix(react-router): Disable debug ID injection in Vite plugin to prevent doubl...
  • 9bfc682 ref(browser-tests): Add waitForMetricRequest helper (#20002)
  • 08cab24 fix(node): Deduplicate sentry-trace and baggage headers on outgoing reque...
  • Additional commits viewable in compare view

Updates @stellar/stellar-sdk from 14.6.1 to 15.0.1

Release notes

Sourced from @​stellar/stellar-sdk's releases.

v15.0.1: Protocol 26

v15.0.1: Protocol 26

Breaking Changes

  • XDR has been upgraded to support Protocol 26, please refer to the @stellar/stellar-base release notes for details and other breaking changes.

Fixed

  • Sanitize identifiers and escape string literals in generated TypeScript bindings to prevent code injection via malicious contract spec names. sanitizeIdentifier now strips non-identifier characters, and a new escapeStringLiteral helper escapes quotes and newlines in string contexts (#1345).
  • AssembledTransaction.fromXDR() and fromJSON() now validate that the deserialized transaction targets the expected contract, rejecting mismatched contract IDs and non-invokeContract operations. (#1349).
  • Pin exact version on axios dependency (#1365)

Contributors

Full Changelog: stellar/js-stellar-sdk@v14.6.1...v15.0.1

Changelog

Sourced from @​stellar/stellar-sdk's changelog.

v15.0.1

Fixed

  • Pin axios to a specific version.

v15.0.0

Breaking Changes

  • XDR has been upgraded to support Protocol 26, please refer to the @stellar/stellar-base release notes for details and other breaking changes.

Fixed

  • Sanitize identifiers and escape string literals in generated TypeScript bindings to prevent code injection via malicious contract spec names. sanitizeIdentifier now strips non-identifier characters, and a new escapeStringLiteral helper escapes quotes and newlines in string contexts (#1345).
  • AssembledTransaction.fromXDR() and fromJSON() now validate that the deserialized transaction targets the expected contract, rejecting mismatched contract IDs and non-invokeContract operations. (#1349).
Commits

Updates amqplib from 1.0.2 to 1.0.3

Changelog

Sourced from amqplib's changelog.

v1.0.3

  • Fix AssertionError crash when backpressure occurs while draining newStreams in Mux (fixes #841)
Commits
  • 6a1e54f 1.0.3
  • c20957d Update changelog in preparation for v1.0.3
  • 45100f7 Fix AssertionError crash when backpressure empties newStreams in Mux
  • See full diff in compare view

Updates knex from 3.2.7 to 3.2.8

Release notes

Sourced from knex's releases.

3.2.8

What's Changed

Full Changelog: knex/knex@3.2.7...3.2.8

Changelog

Sourced from knex's changelog.

Master (Unreleased)

Bug fixes

  • Reverts the breaking changes added in #6227. This means that the ESM import of Knex is reverted to import { knex } from 'knex/knex.mjs #6422
  • fix(types): allow a QueryBuilder type as a value in an update #6419
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the dependencies group across 1 directory with 4 up…
5e5589d 
…dates

Bumps the dependencies group with 4 updates in the / directory: [@sentry/node](https://github.com/getsentry/sentry-javascript), [@stellar/stellar-sdk](https://github.com/stellar/js-stellar-sdk), [amqplib](https://github.com/amqp-node/amqplib) and [knex](https://github.com/knex/knex).


Updates `@sentry/node` from 10.46.0 to 10.47.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@10.46.0...10.47.0)

Updates `@stellar/stellar-sdk` from 14.6.1 to 15.0.1
- [Release notes](https://github.com/stellar/js-stellar-sdk/releases)
- [Changelog](https://github.com/stellar/js-stellar-sdk/blob/master/CHANGELOG.md)
- [Commits](stellar/js-stellar-sdk@v14.6.1...v15.0.1)

Updates `amqplib` from 1.0.2 to 1.0.3
- [Release notes](https://github.com/amqp-node/amqplib/releases)
- [Changelog](https://github.com/amqp-node/amqplib/blob/main/CHANGELOG.md)
- [Commits](amqp-node/amqplib@v1.0.2...v1.0.3)

Updates `knex` from 3.2.7 to 3.2.8
- [Release notes](https://github.com/knex/knex/releases)
- [Changelog](https://github.com/knex/knex/blob/master/CHANGELOG.md)
- [Commits](knex/knex@3.2.7...3.2.8)

---
updated-dependencies:
- dependency-name: "@sentry/node"
  dependency-version: 10.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: "@stellar/stellar-sdk"
  dependency-version: 15.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: amqplib
  dependency-version: 1.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: knex
  dependency-version: 3.2.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 1, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 2, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Apr 2, 2026
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/dependencies-41406b2544 branch April 2, 2026 07:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants