[Snyk] Upgrade newrelic from 11.14.0 to 11.23.2

[Abhi9705]

Snyk has created this PR to upgrade newrelic from 11.14.0 to 11.23.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 11 versions ahead of your current version.

• The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-7361793	619	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	619	Proof of Concept

Release notes

Package name: newrelic

• 11.23.2 - 2024-07-22
  

  Features

  • Added support for fs.glob in Node 22+ (#2369) (1791a4e)

  Bug fixes

  • Updated aws-sdk v3 instrumentation to load custom middleware last to properly get the external http span to add aws.* attributes (#2382) (751801b)
  • Updated cassandra-driver instrumentation to properly trace promise based executions (#2351) (bab9a8b)

  Documentation

  • Removed examples/api/ (#2381) (fb964de)
  • Removed out of date ROADMAP_Node.md from root of project (#2367) (4be870c)
  • Updated compatibility report (#2345) (f08adc3)

  Miscellaneous chores

  • Always upload status logs in compatibility report CI (#2341) (b3f1ee3)

  Tests

  • Removed server.start in grpc tests as it is deprecated and no longer needed (#2372) (d212b15)
  • Updated benchmark test results to output result files (#2350) (1b51a68)

  Continuous integration

  • Added benchmark test GitHub Action (#2366) (afd3ab4)
  • Increased the limit of installs from 2 to a bigger number for versioned tests (#2346) (f85a385)
  • Updated bin/create-docs-pr to create an empty array if changelog.json is missing security (#2348) (7d5368c)

  Support statement:

  We recommend updating to the latest agent version as soon as it's available. If you can't upgrade to the latest version, update your agents to a version no more than 90 days old. Read more about keeping agents up to date. (https://docs.newrelic.com/docs/new-relic-solutions/new-relic-one/install-configure/update-new-relic-agent/)

  See the New Relic Node.js agent EOL policy for information about agent releases and support dates. (https://docs.newrelic.com/docs/apm/agents/nodejs-agent/getting-started/nodejs-agent-eol-policy/)

• 11.23.1 - 2024-07-11
  

  Bug fixes

  • Updated redis v4 instrumentation to work with transactions(multi/exec) (#2343) (39eb842)

  Documentation

  • Updated compatibility report (#2342) (5c9e3e6)

  Support statement:

  We recommend updating to the latest agent version as soon as it's available. If you can't upgrade to the latest version, update your agents to a version no more than 90 days old. Read more about keeping agents up to date. (https://docs.newrelic.com/docs/new-relic-solutions/new-relic-one/install-configure/update-new-relic-agent/)

  See the New Relic Node.js agent EOL policy for information about agent releases and support dates. (https://docs.newrelic.com/docs/apm/agents/nodejs-agent/getting-started/nodejs-agent-eol-policy/)

• 11.23.0 - 2024-07-10
  

  v11.23.0 (2024-07-10)

  Features

  • Added support for account level governance of AI Monitoring (#2326) (7069335)

  Code refactoring

  • Removed redundant isExpected in the Exception class (#2328) (38f9825)
  • Reduced duplication in the error-collector (#2323) (10581bf)
  • Refactored benchmark tests to complete async functions (#2334) (57a4dfb)

  Documentation

  • Included commands and links for Mac setup (#2327) (6eddb72)
  • Updated compatibility report (#2318) (3a910ef)

  Miscellaneous chores

  • Fixed copy paste error in post release workflow (#2329) (6f2da7a)
  • Implemented split jobs for post release docs publishing (#2319) (c14ec3b)

  Tests

  • Fixed recordMiddlewawre benchmark test (#2338) (fb55ac7)

  Support statement:

  We recommend updating to the latest agent version as soon as it's available. If you can't upgrade to the latest version, update your agents to a version no more than 90 days old. Read more about keeping agents up to date. (https://docs.newrelic.com/docs/new-relic-solutions/new-relic-one/install-configure/update-new-relic-agent/)

  See the New Relic Node.js agent EOL policy for information about agent releases and support dates. (https://docs.newrelic.com/docs/apm/agents/nodejs-agent/getting-started/nodejs-agent-eol-policy/)

• 11.22.0 - 2024-06-28
  

  v11.22.0 (2024-06-28)

  Features

  • Added support for Node 22(#2305) (0bf8908)
  • Added AIM support for Meta Llama3 models in AWS Bedrock (#2306) (ff2e509)

  Documentation

  • Updated compatibility report (#2309) (7bf77c6)

  Miscellaneous chores

  • Added @ amychisholm03 to list of contributors 🎉 (#2310) (8a890f1)
  • Forced re-creation of API docs on gh-pages (#2307) (917110a)

  Tests

  • Updated undici versioned tests to assert an error is present and not the actual message (#2299) (4e38ed4)

  Continuous integration

  • Added Node 22 to CI (#2164) (4b12d9e)
  • Added Node 22 to smoke tests and nightly versioned test runs (#2316) (af00666)
  • Moved the docs PR job to before api docs publish (#2300) (2e7252e)

  Support statement:

  We recommend updating to the latest agent version as soon as it's available. If you can't upgrade to the latest version, update your agents to a version no more than 90 days old. Read more about keeping agents up to date. (https://docs.newrelic.com/docs/new-relic-solutions/new-relic-one/install-configure/update-new-relic-agent/)

  See the New Relic Node.js agent EOL policy for information about agent releases and support dates. (https://docs.newrelic.com/docs/apm/agents/nodejs-agent/getting-started/nodejs-agent-eol-policy/)

• 11.21.0 - 2024-06-25
  

  v11.21.0 (2024-06-25)

  Features

  • Added support for getting container ids from ECS metadata API (#2292) (dbca830)

  Bug fixes

  • Handled assigning headers in LambdaProxyWebRequest when there are no headers present (#2293) (e4d22f3)

  Documentation

  • Updated compatibility report (#2290) (b5fc893)

  Tests

  • Fixed log error stack message truncating and failing equality test (#2294) (8e06f0f)
  • Updated shimmer method in benchmark tests (#2281) (1528d68)

  Support statement:

  We recommend updating to the latest agent version as soon as it's available. If you can't upgrade to the latest version, update your agents to a version no more than 90 days old. Read more about keeping agents up to date. (https://docs.newrelic.com/docs/new-relic-solutions/new-relic-one/install-configure/update-new-relic-agent/)

  See the New Relic Node.js agent EOL policy for information about agent releases and support dates. (https://docs.newrelic.com/docs/apm/agents/nodejs-agent/getting-started/nodejs-agent-eol-policy/)

• 11.20.0 - 2024-06-24
  

  v11.20.0 (2024-06-24)

  Features

  • Added support for Anthropic Claude 3 messages API (#2278) (7e3cab9)

  Code refactoring

  • Replaced instances of substr() with substring() (#2274) (8f96c73)

  Documentation

  • Fixed typos in API jsdoc (#2287) (7b3c8d1)
  • Updated compatibility report (#2285) (b1b5e3e)

  Miscellaneous chores

  • Added a missing library we instrument to be picked up by the compatibility report (#2261) (6c964b2)
  • Added a script that generates Dashboard json for reporting on libraries by version (#2267) (d2877c1)
  • Added AI support docs for automation (#2249) (e2efc1f)
  • Fixed comment about transaction_tracer.transaction_threshold (#2258) (7cd6aef)
  • Made elastic versioned tests work on Node 16 (#2284) (143b475)
  • Updated docker compose configuration (#2268) (eb1cce9)
  • Updated GitHub Actions versions (#2272) (07a841b)
  • Updated mysql tests to use MySQL 8.3 (#2280) (11e0f8c)
  • Updated mysql2 tests to fix CI issue (#2282) (5a37971)
  • Updated versioned security agent workflow with simpler setup (#2259) (a886187)

  Continuous integration

  • Added ability to run a build step in create release (#2273) (4c2f24c)
  • Updated security agent workflow to use large runners when available (#2271) (181ec1b)
  • Updated security agent workflow to use large runners when available (#2270) (761fcd5)

  Support statement:

  We recommend updating to the latest agent version as soon as it's available. If you can't upgrade to the latest version, update your agents to a version no more than 90 days old. Read more about keeping agents up to date. (https://docs.newrelic.com/docs/new-relic-solutions/new-relic-one/install-configure/update-new-relic-agent/)

  See the New Relic Node.js agent EOL policy for information about agent releases and support dates. (https://docs.newrelic.com/docs/apm/agents/nodejs-agent/getting-started/nodejs-agent-eol-policy/)

• 11.19.0 - 2024-06-06
  

  v11.19.0 (2024-06-06)

  Features

  • Added instrumentation for kafkajs (enabled through a feature flag) (#2237) (#2244) (#2236) (#2236) (#2251)

  Miscellaneous chores

  • Added kafkajs instrumentation and versioned tests skeleton (#2224) (fc13916)
  • Added kafkajs to compatibility list (#2254) (f003ee7)
  • Implemented DT header injection for message specs (#2250) (3e6bc6d)
  • Removed targets for kafka versioned tests (#2235) (838bab2)
  • Updated flaky when test (#2241) (4079a0a)
  • Updated readme to remove no longer relevant information (#2240) (01fb53c)
  • Updated versioned tests due to update in @ newrelic/security-agent V1.3.0 (#2239) (982276c)

  Tests

  • Migrated memcached tests to versioned tests (#2231) (0b3a928)
  • Ported when and q integration tests to versioned tests (#2233) (9a4dddc)
  • Updated ioredis tests to assert the host metric getting created on ioredis calls (#2230) (89df06a)
  • Updated unit tests that were missing constructing specs at instrumentation source (#2252) (54ab238)

  Support statement:

  We recommend updating to the latest agent version as soon as it's available. If you can't upgrade to the latest version, update your agents to a version no more than 90 days old. Read more about keeping agents up to date. (https://docs.newrelic.com/docs/new-relic-solutions/new-relic-one/install-configure/update-new-relic-agent/)

  See the New Relic Node.js agent EOL policy for information about agent releases and support dates. (https://docs.newrelic.com/docs/apm/agents/nodejs-agent/getting-started/nodejs-agent-eol-policy/)

• 11.18.0 - 2024-05-29
  

  Features

  • Added support for redis v4 legacyMode client.v4.<command> (#2200) (b2284c5)

  Code refactoring

  • Updated shim.recordConsume to use shim.record and added ability to invoke an after hook with callback args (#2207) (4f48fc3)

  Documentation

  • Updated compatibility report (#2223) (a256ca0)

  Miscellaneous chores

  • Removed outdated Slack reference (#2198) (8110d42)
  • Removed package-lock.json (#2208) (b267695)
  • Removed unused express5 feature flag (#2197) (366504b)

  Tests

  • Updated langchain versioned tests to separate the vectorstore and other tests. This is to avoid peer resolution of @ langchain/community package that is being used to test the elasticsearch vectorstore (#2216) (e768955)
  • Fixed aws-sdk-v3 bedrock tests (#2211) (050469e)
  • Fixed aws-sdk-v3 bedrock tests (again) (#2212) (330cc4b)

  Continuous integration

  • Updated the langchain vectorstore test to reference the correct version of @ langchain/core getting tested (#2202) (ed81852)
  • Added updating of docs site with compatibility table (#2205) (c28a938)
  • Fixed CI jobs (#2215) (8b030fb)
  • Fixed should-run CI step (#2214) (d0a481d)

  Support statement:

  We recommend updating to the latest agent version as soon as it's available. If you can't upgrade to the latest version, update your agents to a version no more than 90 days old. Read more about keeping agents up to date. (https://docs.newrelic.com/docs/new-relic-solutions/new-relic-one/install-configure/update-new-relic-agent/)

  See the New Relic Node.js agent EOL policy for information about agent releases and support dates. (https://docs.newrelic.com/docs/apm/agents/nodejs-agent/getting-started/nodejs-agent-eol-policy/)

• 11.17.0 - 2024-05-15
  

  v11.17.0 (2024-05-15)

  Features

  • Added otel compliant server.address, server.port, and http.request.method to external http spans (#2169) (b0a3e6d)
  • Added otel compliant db.system, server.address, and server.port attributes to database spans (#2173) (3fdcab4)

  Bug fixes

  • Added support for AWS API Gateway v2 payloads (#2191) (0ccdc6a)

  Code refactoring

  • Updated instrumentation for http, undici, grpc to use a new segment.captureExternalAttributes to centralize the necessary data needed to create segment and span attributes (#2179) (ddb6356)

  Documentation

  • Updated compatibility report (#2185) (eb986c9)

  Miscellaneous chores

  • Added workflow for generating compatibility doc (#2183) (9b1d5cb)
  • Fixed conditionals in CI workflow (#2188) (6b733c0)
  • Fixed superagent versioned tests (#2190) (297bc01)
  • Made pre-commit hook require dependency changes (#2172) (e7bd356)
  • Updated CI to skip expensive actions when not needed (#2184) (8639fb9)
  • Updated validate-pr workflow (#2186) (6ff4497)

  Continuous integration

  • Updated minimum version of lib-dynamo to work around peer dependency resolution (#2174) (7ddf2c9)

  Support statement:

  We recommend updating to the latest agent version as soon as it's available. If you can't upgrade to the latest version, update your agents to a version no more than 90 days old. Read more about keeping agents up to date. (https://docs.newrelic.com/docs/new-relic-solutions/new-relic-one/install-configure/update-new-relic-agent/)

  See the New Relic Node.js agent EOL policy for information about agent releases and support dates. (https://docs.newrelic.com/docs/apm/agents/nodejs-agent/getting-started/nodejs-agent-eol-policy/)

• 11.16.0 - 2024-04-29
  

  v11.16.0 (2024-04-29)

  Features

  • Added API ignoreApdex to ignore calculating apdex for the active transaction (#2166) (cb21d2c)

  Bug fixes

  • Fixed issue with CJS being imported as ESM (#2168) (9a14cb0)

  Security improvements

  • deps: bump formidable and superagent (#2162) (260f16b)

  Documentation

  • Fixed images in markdown tutorials (#2153) (ef14948)
  • Includes api.js in jsdoc generation (#2139) (3883348)

  Miscellaneous chores

  • Migrated @ newrelic/superagent into agent repo (#2141)
  • Migrated @ newrelic/aws-sdk into agent repo (#2161) (a9eb593)
  • Migrated @ newrelic/koa into mainline agent repo (#2148) (33af646)
  • Removed repetitive cache busting (#2160) (5ac870e)
  • Updated instrumentation to use type constants instead of raw strings (#2165) (c5b42cd)
  • Updated versioned tests readme (#2159) (a957304)
  • Updated versioned tests to support upcoming tooling (#2147) (38e47d9)
  • Updated versioned tests to use quiet output mode (#2145) (63a5ddc)

  Support statement:

  We recommend updating to the latest agent version as soon as it's available. If you can't upgrade to the latest version, update your agents to a version no more than 90 days old. Read more about keeping agents up to date. (https://docs.newrelic.com/docs/new-relic-solutions/new-relic-one/install-configure/update-new-relic-agent/)

  See the New Relic Node.js agent EOL policy for information about agent releases and support dates. (https://docs.newrelic.com/docs/apm/agents/nodejs-agent/getting-started/nodejs-agent-eol-policy/)

• 11.15.0 - 2024-04-09
• 11.14.0 - 2024-03-20

from newrelic GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs