chore: fix all vulnerabilities#4532
Conversation
BenchmarksBenchmark execution time: 2026-03-13 17:49:13 Comparing candidate commit 80f83a7 in PR branch Found 0 performance improvements and 0 performance regressions! Performance is the same for 155 metrics, 9 unstable metrics.
|
|
✅ Tests 🎉 All green!❄️ No new flaky tests detected 🎯 Code Coverage (details) 🔗 Commit SHA: 80f83a7 | Docs | Datadog PR Page | Was this helpful? React with 👍/👎 or give us feedback! |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files🚀 New features to boost your workflow:
|
<!-- * New contributors are highly encouraged to read our [CONTRIBUTING](/CONTRIBUTING.md) documentation. * Commit and PR titles should be prefixed with the general area of the pull request's change. --> Fix all outstanding vulnerabilities by upgrading: * github.com/modelcontextprotocol/go-sdk to v1.3.1 * go.opentelemetry.io/otel/sdk to v1.40.0 * github.com/gofiber/fiber/v2 to v2.52.12 * github.com/nats-io/nats-server/v2 to v2.12.3 <!-- * A brief description of the change being made with this pull request. * If the description here cannot be expressed in a succinct form, consider opening multiple pull requests instead of a single one. --> https://github.com/DataDog/dd-trace-go/security/dependabot/420 https://github.com/DataDog/dd-trace-go/security/dependabot/421 https://github.com/DataDog/dd-trace-go/security/dependabot/419 https://github.com/DataDog/dd-trace-go/security/dependabot/415 <!-- * What inspired you to submit this pull request? * Link any related GitHub issues or PRs here. * If this resolves a GitHub issue, include "Fixes #XXXX" to link the issue and auto-close it on merge. --> <!-- * Authors can use this list as a reference to ensure that there are no problems during the review but the signing off is to be done by the reviewer(s). --> - [ ] Changed code has unit tests for its functionality at or near 100% coverage. - [ ] [System-Tests](https://github.com/DataDog/system-tests/) covering this feature have been added and enabled with the va.b.c-dev version tag. - [ ] There is a benchmark for any new code, or changes to existing code. - [ ] If this interacts with the agent in a new way, a system test has been added. - [ ] New code is free of linting errors. You can check this by running `make lint` locally. - [ ] New code doesn't break existing tests. You can check this by running `make test` locally. - [ ] Add an appropriate team label so this PR gets put in the right place for the release notes. - [ ] All generated files are up to date. You can check this by running `make generate` locally. - [ ] Non-trivial go.mod changes, e.g. adding new modules, are reviewed by @DataDog/dd-trace-go-guild. Make sure all nested modules are up to date by running `make fix-modules` locally. Unsure? Have a question? Request a review! Co-authored-by: darccio <[email protected]>
What does this PR do?
Fix all outstanding vulnerabilities by upgrading:
Motivation
https://github.com/DataDog/dd-trace-go/security/dependabot/420
https://github.com/DataDog/dd-trace-go/security/dependabot/421
https://github.com/DataDog/dd-trace-go/security/dependabot/419
https://github.com/DataDog/dd-trace-go/security/dependabot/415
Reviewer's Checklist
make lintlocally.make testlocally.make generatelocally.make fix-moduleslocally.Unsure? Have a question? Request a review!