Conversation
Bumps [@opentelemetry/sdk-trace-base](https://github.com/open-telemetry/opentelemetry-js) from 2.5.1 to 2.6.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-js/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-js/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-js@v2.5.1...v2.6.0) --- updated-dependencies: - dependency-name: "@opentelemetry/sdk-trace-base" dependency-version: 2.6.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
Contributor
✅ UI Smoke Test Review —
|
| Total | Passed | Failed | Flaky | Skipped |
|---|---|---|---|---|
| 11 | 11 | 0 | 0 | 0 |
Individual test results
| Status | Test | Duration |
|---|---|---|
| ✅ | onboarding user reaches the connect entrypoint from the welcome screen | 612ms |
| ✅ | add data entrypoint exposes the technology picker and step 2 | 1633ms |
| ✅ | metrics user connects, picks a metric, and gets a line chart-ready result | 1863ms |
| ✅ | traces user opens a trace and pivots from service map context into Query Lab | 2184ms |
| ✅ | security-focused user validates auth tab switching before submitting credentials | 665ms |
| ✅ | ops user confirms connection guardrails and can reset back to the landing state | 2424ms |
| ✅ | query lab preserves query text and results after navigating to Console and back | 2390ms |
| ✅ | logs explorer route is available and runs a logs query | 1847ms |
| ✅ | logs landing page dimension drill-down opens query lab with selected filter | 1689ms |
| ✅ | task manager, ILM, and templates pages render with headings | 1614ms |
| ✅ | pages have no axe accessibility violations | 14954ms |
📸 Screenshot Preflight
Result: ✅ Clean — no errors detected
No console errors, page errors, or UI alerts detected.
💡 Recommendations
- ✨ All smoke tests pass and no UI errors detected. Ready for review.
📎 Full diagnostics and screenshots: workflow run
Contributor
|
Contributor
Dependency Update AnalysisSummary:
|
| Check | Result |
|---|---|
| Breaking changes | |
| Testable in PR | ✅ Yes — pull_request workflows run for peek/package*.json changes |
Changelog highlights (v2.5.1 → v2.6.0)
- Upstream release
open-telemetry/opentelemetry-jsv2.6.0includes a breaking-change note for stricterOTEL_RESOURCE_ATTRIBUTESparsing (invalid entries now invalidate the whole env var). - Feature: span start/end metrics in sdk-trace.
- Bug fixes include
sdk-trace-basestatus precedence behavior and sdk-trace-web XPath recursion fix.
Usage in this repository
- Dependency declaration updated in
peek/package.json:62. - Runtime import usage is in
peek/src/services/telemetry/browserTracing.ts:1, whereBatchSpanProcessoris constructed (peek/src/services/telemetry/browserTracing.ts:160) withOTLPTraceExporter. - No direct
OTEL_RESOURCE_ATTRIBUTESusage found inpeek/source. - Lockfile shows top-level
sdk-trace-baseat2.6.0(peek/package-lock.json:3878) and also nested2.5.1copies under other packages (peek/package-lock.json:3460,peek/package-lock.json:3942), which is expected deduping behavior with mixed constraints.
Compatibility assessment
- This is a minor semver update (
2.5.1→2.6.0), not a major bump. - Peer dependency remains compatible: lockfile has
@opentelemetry/api1.9.0(peek/package-lock.json:3405-3407), satisfyingsdk-trace-basepeer range>=1.3.0 <1.10.0(peek/package-lock.json:3891-3893). - The upstream breaking note targets env-var parsing semantics; current browser tracing integration here does not reference that env var directly, so practical impact is low from observed code paths.
- PR testability is good: both
CIandUI Smoke Test PR Revieware triggered onpull_requestwithpeek/package*.jsonpath filters (.github/workflows/ci.yml:4-10,.github/workflows/ui-smoke-test-pr-review.yml:4-12).
Labels Applied
No labels applied.
What is this? | From workflow: Dependency Review
Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not.
…dk-trace-base-2.6.0
Closed
Contributor
Dependency Update AnalysisSummary: This PR updates one npm runtime dependency (
|
| Check | Result |
|---|---|
| Breaking changes | OTEL_RESOURCE_ATTRIBUTES parsing behavior change) |
| Testable in PR | ✅ Yes — PR workflows run on pull_request for peek/package*.json changes (.github/workflows/ci.yml L4-10, .github/workflows/ui-smoke-test-pr-review.yml L4-12) |
Changelog highlights (v2.5.1 → v2.6.0)
- Upstream release
v2.6.0includes a breaking resource-env parsing behavior fix forOTEL_RESOURCE_ATTRIBUTES(invalid entries now invalidate the whole variable; quote/whitespace handling aligned to spec). - New feature: span start/end metrics in sdk-trace.
- Bug fixes include status precedence handling and trace-web XPath recursion behavior.
- This is a minor bump within major
2.x(not a semver major).
Usage in this repository
- Manifest update in runtime dependencies:
peek/package.jsonL48-64. - Direct code usage found in one module:
peek/src/services/telemetry/browserTracing.tsL1 importsBatchSpanProcessorfrom@opentelemetry/sdk-trace-base.peek/src/services/telemetry/browserTracing.tsL153-166 constructsWebTracerProviderwithBatchSpanProcessor(new OTLPTraceExporter(...)).
- No repository references to
OTEL_RESOURCE_ATTRIBUTESwere found.
Compatibility assessment
- The upstream breaking note is tied to parsing
OTEL_RESOURCE_ATTRIBUTES; this repo’s browser tracing setup uses explicitresourceFromAttributes(...)in code (browserTracing.tsL154-158), not env-var parsing. - The consumed API surface (
BatchSpanProcessorconstruction/usage) remains present and unchanged by this bump. - Lockfile changes show expected transitive alignment (
@opentelemetry/coreand@opentelemetry/resourcesto2.6.0) under the updated top-level package. - Net: low-to-moderate risk, primarily because upstream flags a breaking behavior class, but no direct usage of that behavior is present here.
Labels Applied
No labels applied.
What is this? | From workflow: Dependency Review
Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not.
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
strawgate
added a commit
that referenced
this pull request
Mar 9, 2026
Dependabot's synchronize events are almost always rebases that don't change the version being bumped. Running the full analysis on every synchronize produces duplicate, redundant comments on the PR (as seen on PR #2114 which received two identical Dependency Update Analysis comments). When dependabot finds a newer version it opens a new PR, so opened/reopened is sufficient coverage. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
|
Checked the PR branch against the current What is this? | From workflow: Address Merge Conflict Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not. |
Contributor
|
Checked this PR branch against the current What is this? | From workflow: Address Merge Conflict Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not. |
…-trace-base-2.6.0 to resolve conflicts Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
|
No merge-conflict action was needed for this run: the PR branch already contains What is this? | From workflow: Address Merge Conflict Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not. |
strawgate
deleted the
dependabot/npm_and_yarn/peek/opentelemetry/sdk-trace-base-2.6.0
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps
@opentelemetry/sdk-trace-basefrom 2.5.1 to 2.6.0.Release notes
Sourced from (a href="https://github.com/open-telemetry/opentelemetry-js/releases" rel="nofollow noreferrer noopener" target="_blank")
`@opentelemetry/sdk-trace-base`'s releases(/a).Changelog
Sourced from (a href="https://github.com/open-telemetry/opentelemetry-js/blob/main/CHANGELOG.md" rel="nofollow noreferrer noopener" target="_blank")
`@opentelemetry/sdk-trace-base`'s changelog(/a).Commits
541e1b4(/a) chore: prepare next release ((a href="https://github.com/chore: prepare next release open-telemetry/opentelemetry-js#6464" rel="nofollow noreferrer noopener" target="_blank")#6464(/a))30f94fe(/a) feat(instrumentation-http): providehttp.request.header.\(key)at server spa...2ac44ad(/a) refactor(context-zone-peer-dep): remove unnecessary helper methods and use me...600e51d(/a) chore(deps): update github/codeql-action digest to c793b71 ((a href="https://github.com/chore(deps): update github/codeql-action digest to c793b71 open-telemetry/opentelemetry-js#6458" rel="nofollow noreferrer noopener" target="_blank")#6458(/a))ae30abf(/a) chore(deps): update dependency`@types/jquery`to v4 ((a href="https://github.com/chore(deps): update dependency @types/jquery to v4 open-telemetry/opentelemetry-js#6456" rel="nofollow noreferrer noopener" target="_blank")#6456(/a))6387d3c(/a) chore(release): use the HEAD commit as the target for draft GH release creati...4cd3644(/a) fix(deps): update dependency import-in-the-middle to v3 ((a href="https://github.com/fix(deps): update dependency import-in-the-middle to v3 open-telemetry/opentelemetry-js#6403" rel="nofollow noreferrer noopener" target="_blank")#6403(/a))65c9d9f(/a) docs: fix changelog PR number typo ((a href="https://github.com/docs: fix changelog PR number typo open-telemetry/opentelemetry-js#6453" rel="nofollow noreferrer noopener" target="_blank")#6453(/a))3db56ba(/a) fix(api-logs)!: drop lingering includeTraceContext from LoggerOptions type (#...dcbead5(/a) fix(instrumentation-fetch): handle HeadersInit tuple arrays in _addHeaders (#...[https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)The body of this PR is automatically managed by the workflow runtime.
The body of this PR is automatically managed by the Update PR Body workflow.