search

ThoughtWorksInc / transervicos

33 stars 14 forks source link

Bump newrelic_rpm from 6.13.1 to 7.1.0 #259

Closed dependabot-preview[bot] closed 3 years ago

dependabot-preview[bot] commented 3 years ago

Bumps newrelic_rpm from 6.13.1 to 7.1.0.

Release notes

Sourced from newrelic_rpm's releases.

prerelease 7.1.0

No release notes provided.

pre-release 7.0.0

This is a pre-release of the upcoming 7.0.0 release and is intended for early access and validation for those wanting to try out the new release directly from GitHub prior to finalized release being published to rubygems.org.

pre-release 6.15.0

No release notes provided.

Changelog

Sourced from newrelic_rpm's changelog.

New Relic Ruby Agent Release Notes

v7.1.0

  • Add support for CSP nonces when using our API to insert the browser agent

    We now support passing in a nonce to our API method browser_timing_header to allow the browser agent to run on applications using CSP nonces. This allows users to inject the browser agent themselves and use the nonce required for the script to run. In order to utilize this new feature, you must disable auto instrumentation for the browser agent, and use the API method browser_timing_header to pass the nonce in and inject the script manually.

  • Removed MD5 use in the SQL sampler

    In order to allow the agent to run in FIPS compliant environments, the usage of MD5 for aggregating slow sql traces has been replaced with SHA1.

  • Enable server-side configuration of distributed tracing

    distributed_tracing.enabled may now be set in server-side application configuration.

  • Bugfix: Fix for missing part of a previous bugfix

    Our previous fix of "nil Middlewares injection now prevented and gracefully handled in Sinatra" released in 7.0.0 was partially overwritten by some of the other changes in that release. This release adds back those missing sections of the bugfix, and should resolve the issue for sinatra users.

  • Update known conflicts with use of Module#Prepend

    With our release of v7.0.0, we updated our instrumentation to use Module#Prepend by default, instead of method chaining. We have received reports of conflicts and added a check for these known conflicts. If a known conflict with prepend is detected while using the default value of 'auto' for gem instrumentation, the agent will instead install method chaining instrumentation in order to avoid this conflict. This check can be bypassed by setting the instrumentation method for the gem to 'prepend'.

  • Bugfix: Updated support for ActiveRecord 6.1+ instrumentation

    Previously, the agent depended on connection_id to be present in the Active Support instrumentation for sql.active_record to get the current ActiveRecord connection. As of Rails 6.1, connection_id has been dropped in favor of providing the connection object through the connection value exclusively. This resulted in datastore spans displaying fallback behavior, including showing "ActiveRecord" as the database vendor.

  • Bugfix: Updated support for Resque's FORK_PER_JOB option

    Support for Resque's FORK_PER_JOB flag within the Ruby agent was incomplete and nonfunctional. The agent should now behave correctly when running in a non-forking Resque worker process.

  • Bugfix: Added check for ruby2_keywords in add_transaction_tracer

    Thanks @​beauraF for the contribution! Previously, the add_transaction_tracer was not updated when we added support for ruby 3. In order to correctly support **kwargs, ruby2_keywords was added to correctly update the method signature to use **kwargs in ruby versions that support that.

  • Confirmed support for yajl 1.4.0

    Thanks to @​creaturenex for the contribution! yajl-ruby 1.4.0 was added to our test suite and confirmed all tests pass, showing the agent supports this version as well.

v7.0.0

  • Ruby Agent 6.x to 7.x Migration Guide Available

    Please see our Ruby Agent 6.x to 7.x migration guide for helpful strategies and tips for migrating from earlier versions of the Ruby agent to 7.0.0. We cover new configuration settings, diagnosiing and installing SSL CA certificates and deprecated items and their replacements in this guide.

... (truncated)

Commits
  • c1049d7 Merge pull request #695 from newrelic/dev
  • c689265 use https in debian mirror url
  • 466523d Merge pull request #696 from newrelic/update_mysql_5.5_mirror
  • c164921 update debian-security mirror link in GHA
  • 6deb5f6 Merge pull request #689 from newrelic/update_version_710
  • 1ef4082 Merge pull request #666 from ChaelCodes/update-contrib-guide
  • 7909dca Updated contributing guide to fix broken link and add setup instructions
  • 3f5fa49 Merge pull request #690 from newrelic/update_puma_test_matrix
  • 95908fa update rack and puma versions in multiverse
  • 88e4b4f update version to 7.1.0
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
dependabot-preview[bot] commented 3 years ago

Superseded by #262.