[Snyk] Security upgrade @opentelemetry/auto-instrumentations-node from 0.37.1 to 0.38.0

[mattcobb]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	691/1000 Why? Recently disclosed, Has a fix available, CVSS 8.1	Arbitrary Code Execution SNYK-JS-IMPORTINTHEMIDDLE-5826054	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @opentelemetry/auto-instrumentations-node

The new version differs by 24 commits.

• f81f8a7 chore: release main (#1539)
• 8d9687d feat(fastify): Skip update HTTP's span name and update RpcMetadata's route instead (#1569)
• bf25eb1 chore(renovate): change strategy for @ opentelemetry/api, run experimental update every weekday (#1578)
• 3139dbf chore: update renovate.json (#1575)
• 273993b chore: re-enable instrumentation-fastify unit test on node@18 (#1568)
• 84a2377 fix(deps): update otel core experimental to ^0.41.0 (#1566)
• ffb45fe chore(renovate): split patch and minor rules (#1572)
• 8e2f518 feat(express): Skip update HTTP's span name and update RpcMetadata's route instead (#1557)
• 774d254 fix(document-load): compatibility issue with @ opentelemetry/[email protected] (#1565)
• a18b074 docs: document merge reqiurements (#1553)
• 784a422 fix(instrumentation-fastify): fix fastify typescript compilation issue (#1556)
• 05c4e9e feat(mongodb): support v5 (#1451)
• 8777cbd feat(lambda): add OTEL_LAMBDA_DISABLE_AWS_CONTEXT_PROPAGATION environment variable (#1227)
• 7c7294c feat(opentelemetry-instrumentation-document-load): Add access to performance resource timing object for custom attributes (#1529)
• 8499b16 fix(connect): Skip update HTTP's span name and update RpcMetadata's route instead (#1534)
• f7c4324 feat(opentelemetry-instrumentation-aws-sdk): add missing spec-defined DynamoDB attributes (#1524)
• de17f77 feat(aws-ecs): add cloud resource attributes for fargate (#1543)
• 65f612e feat(minification): Add importHelpers and tslib as a dependency (#1545)
• 32fde65 chore: Update component owners for the Document Load web instrumentation (#1550)
• 4514522 fix(ci): use npx to run lerna (#1546)
• 856c252 feat: add sqlcommenter comment to mysql2 queries (#1523)
• 476f3ce chore(ci): pin lerna in github workflows (#1541)
• 86d38fb chore(deps): update dependency cross-env to v7 (#1540)
• fec1799 fix(nestjs): update dependency @ nestjs/x to v9 (#1538)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Arbitrary Code Execution

[codecov-commenter]

Codecov Report

Merging #75 (1fbf6eb) into main (41a2446) will not change coverage.
Report is 1 commits behind head on main.
The diff coverage is n/a.

❗ Current head 1fbf6eb differs from pull request most recent head bae0d8a. Consider uploading reports for the commit bae0d8a to get more accurate results

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #75   +/-   ##
=======================================
  Coverage   93.12%   93.12%           
=======================================
  Files           2        2           
  Lines         131      131           
  Branches       31       31           
=======================================
  Hits          122      122           
  Misses          9        9