[Snyk] Upgrade @opentelemetry/exporter-metrics-otlp-grpc from 0.52.1 to 0.203.0

[BATUTO90]

Snyk has created this PR to upgrade @opentelemetry/exporter-metrics-otlp-grpc from 0.52.1 to 0.203.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 17 versions ahead of your current version.

• The recommended version was released a month ago.

Release notes

Package name: @opentelemetry/exporter-metrics-otlp-grpc

• 0.203.0 - 2025-07-09
  

  0.203.0

  💥 Breaking Changes

  • feat(sdk-logs)!: Removed deprecated LoggerProvider#addLogRecordProcessor() #5764 @ svetlanabrennan
  • feat(sdk-logs)!: Changed LogRecord class to be an interface #5749 @ svetlanabrennan
    • user-facing: LogRecord class is now not exported anymore. A newly exported interface SdkLogRecord is used in its place.
  • feat!: Removed api-events and sdk-events #5737 @ svetlanabrennan

  🏠 Internal

  • chore: Regenerated certs #5752 @ svetlanabrennan
  • refactor(otlp-exporter-base): remove compatibility code that was intended for now unsupported runtime Node.js v14 @ pichlermarc
• 0.202.0 - 2025-06-02
  

  0.202.0

  🚀 Features

  • feat(exporter-otlp-*): update proto to v1.7.0
  • feat(exporter-metrics-otlp-proto): Support to protobuf in browser metrics. #5710 @ YangJonghun

  🐛 Bug Fixes

  • fix(instrumentation): remove dependency on the shimmer module #5652 @ cjihrig
• 0.201.1 - 2025-05-19
  

  0.201.1

  🐛 Bug Fixes

  • fix(instrumentation): Change SemconvStability export from const enum to enum to allow single-file transpilation tooling to work with code that uses SemconvStability. #5691 @ trentm
• 0.201.0 - 2025-05-15
  

  0.201.0

  🚀 Features

  • feat(instrumentation-xml-http-request): support migration to stable HTTP semconv, v1.23.1 #5662 @ trentm
    • Configure the instrumentation with semconvStabilityOptIn: 'http' to use the new, stable semconv v1.23.1 semantics or 'http/dup' for both old (v1.7.0) and stable semantics. When semconvStabilityOptIn is not specified (or does not contain these values), it uses the old semconv v1.7.0. I.e. the default behavior is unchanged.
  • feat(instrumentation-fetch): support migration to stable HTTP semconv, v1.23.1 #5651 @ trentm
    • Configure the instrumentation with semconvStabilityOptIn: 'http' to use the new, stable semconv v1.23.1 semantics or 'http/dup' for both old (v1.7.0) and stable semantics. When semconvStabilityOptIn is not specified (or does not contain these values), it uses the old semconv v1.7.0. I.e. the default behavior is unchanged.
  • feat(instrumentation): New semconvStabilityFromStr() utility for semconv stability migration in instrumentations. #5684 @ trentm
    • See the utility comment.
  • feat(instrumentation-grpc): support migration to stable HTTP semconv #5653 @ JamieDanielson
  • feat(instrumentation-http): capture synthetic source type on requests #5488 @ JacksonWeber

  🐛 Bug Fixes

  • fix(otlp-transformer): do not throw when deserializing empty JSON response #5551 @ pichlermarc
  • fix(instrumentation-http): report stable client metrics response code #9586 @ jtescher
  • fix(sdk-node): instantiate baggage processor when env var is set #5634 @ pichlermarc

  🏠 Internal

  • refactor(instrumentation-http): Remove legacy http span attributes and metrics #5552 @ svetlanabrennan
  • refactor(instrumentation-http): Add back support for http semconv #5665 @ JamieDanielson
    • Note: We initially removed support for legacy http attributes and metrics, but then added back for an additional 6 months to ensure all instrumentations could be updated and kept consistent. There should be no net new change in this instrumentation related to these semantic conventions. See #5646 for details.
  • refactor(sdk-node): update semconv usage to ATTR_ exports #5668 @ trentm
  • chore(sdk-node): Refactored using get*FromEnv utility function instead of process.env for NodeSDK's resource detector setup. #5582 @ beeme1mr
  • chore(sdk-node): Refactored using get*FromEnv utility function instead of process.env for NodeSDK's logging setup. #5563 @ weyert
  • test: test Node.js 24 in CI #5661 @ cjihrig
• 0.200.0 - 2025-03-17
• 0.200.0-rc.1 - 2025-03-12
• 0.200.0-dev.1 - 2025-03-05
• 0.200.0-dev.0 - 2025-02-24
• 0.57.2 - 2025-02-13
• 0.57.1 - 2025-01-14
• 0.57.0 - 2024-12-18
• 0.56.0 - 2024-12-04
• 0.55.0 - 2024-11-18
• 0.54.2 - 2024-11-07
• 0.54.1 - 2024-11-05
• 0.54.0 - 2024-10-23
• 0.53.0 - 2024-08-28
• 0.52.1 - 2024-06-20

from @opentelemetry/exporter-metrics-otlp-grpc GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch snyk-upgrade-0ffe1f369df7c2a14374b5703869c4b6

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[snyk-io]

🎉 Snyk checks have passed. No issues have been found so far.

✅ security/snyk check is complete. No issues have been found. (View Details)

✅ code/snyk check is complete. No issues have been found. (View Details)