Hi,
I am using the latest @traceloop/node-server-sdk version (0.26.0, updated to 0.27.0 now) and NPM audit is reporting a bunch of vulnerabilities in third party @opentelemetry dependencies. I can see there are multiple dependabot PRs opened in this repo that bump @opentelemetry dependencies from the vulnerable 0.203.0 version to a more recent one (0.218.0). I suppose there are some breaking changes that prevent merging them right away, but I hope that the update happens soon.
Hi,
I am using the latest @traceloop/node-server-sdk version (0.26.0, updated to 0.27.0 now) and NPM audit is reporting a bunch of vulnerabilities in third party @opentelemetry dependencies. I can see there are multiple dependabot PRs opened in this repo that bump @opentelemetry dependencies from the vulnerable 0.203.0 version to a more recent one (0.218.0). I suppose there are some breaking changes that prevent merging them right away, but I hope that the update happens soon.