build(deps): bump newrelic_rpm from 9.9.0 to 9.10.2

[dependabot[bot]]

Bumps newrelic_rpm from 9.9.0 to 9.10.2.

Changelog

Sourced from newrelic_rpm's changelog.

v9.10.2

Version 9.10.2 fixes a bug related to the new DynamoDB instrumentation and removes Rails::Command::RakeCommand from the default list of denylisted constants.

• Bugfix: DynamoDB instrumentation logging errors when trying to get account_id

  When trying to access data needed to add the account_id to the DynamoDB span, the agent encountered an error when certain credentials classes were used. This has been fixed. Thanks to @​kichik for bringing this to our attention. PR#2864

• Bugfix: Remove Rails::Command::RakeCommand from the default list of autostart.denylisted_constants

  The default value for the autostart.denylisted_constants configuration was changed in 9.10.0 to include Rails::Command::RunnerCommand and Rails::Command::RakeCommand. The inclusion of Rails::Command::RakeCommand prevented the agent from starting automatically when Solid Queue was started using bin/rails solid_queue:start. We recognize there are many commands nested within Rails::Command::RakeCommand and have decided to remove it from the default list. We encourage users who do not want the agent to run on Rails::Command::RakeCommand to add the constant to their configuration. This can be accomplished by adding the following to your newrelic.yml file:

    autostart.denylisted_constants: "Rails::Command::ConsoleCommand,Rails::Command::CredentialsCommand,Rails::Command::Db::System::ChangeCommand,Rails::Command::DbConsoleCommand,Rails::Command::DestroyCommand,Rails::Command::DevCommand,Rails::Command::EncryptedCommand,Rails::Command::GenerateCommand,Rails::Command::InitializersCommand,Rails::Command::NotesCommand,Rails::Command::RakeCommand,Rails::Command::RoutesCommand,Rails::Command::RunnerCommand,Rails::Command::SecretsCommand,Rails::Console,Rails::DBConsole"
  

  Thank you, @​edariedl, for reporting this issue. Issue#2677 PR#2694

v9.10.1

• Bugfix: Incompatibility with Bootstrap

Version 9.10.1 fixes an incompatibility between the agent and the Bootstrap gem caused by agent v9.10.0's introduction of a lib/bootstrap.rb file. Thank you to @​dorner for reporting the bug and identifying the 'bootstrap' name collision as the root cause. BUG#2675 PR#2676

v9.10.0

Version 9.10.0 introduces instrumentation for DynamoDB, adds a new feature to automatically apply nonces from the Rails content security policy, fixes a bug that would cause an expected error to negatively impact a transaction's Apdex, and fixes the agent's autostart logic so that by default rails runner and rails db commands will not cause the agent to start.

• Feature: Add instrumentation for DynamoDB

  The agent has added instrumentation for the aws-sdk-dynamodb gem. The agent will now record datastore spans for DynamoDB client calls made with the aws-sdk-dynamodb gem. PR#2642

• Feature: Automatically apply nonces from the Rails content security policy

  To auto-inject browser monitoring with the New Relic Ruby agent, you either need to set your content security policy to 'unsafe-inline' or provide a nonce. Previously, the only way to provide a nonce was by using the NewRelic::Agent.browser_timing_header API. Now, when a Rails application uses the content security policy configuration to add a nonce, the nonce will be automatically applied to the browser agent. A new configuration option, browser_monitoring.content_security_policy_nonce, toggles this feature. It is on by default. Thank you @​baldarn for submitting this feature! PR#2544

• Bugfix: Expected errors related to HTTP status code, class, and message won't impact Apdex

  The agent is supposed to prevent observed application errors from negatively impacting Apdex if the errors are either ignored or expected. There are two ways for the agent to expect an error: via the notice_error API receiving an expected: true argument or via matches made against user-configured lists for expected HTTP status codes (:'error_collector.expected_status_codes'), expected error classes (:'error_collector.expected_classes'), or expected error messages (:'error_collector.expected_messages'). Previously, only errors expected via the notice_error API were correctly prevented from impacting Apdex. Expected errors set by configuration incorrectly impacted Apdex. This behavior has been fixed and now both types of expected errors will correctly not impact Apdex. Thanks very much to @​florianpilz for bringing this issue to our attention. PR#2619

• Bugfix: Do not start the agent automatically when rails runner or rails db commands are ran

  PR#2239 taught the agent how to recognize bin/rails based contexts that it should not automatically start up in. But bin/rails runner and bin/rails db commands would still see the agent start automatically. Those 2 contexts will now no longer see the agent start automatically. Thank you to @​jdelStrother for both bringing the bin/rails context to our attention and for letting us know about the bin/rails runner and bin/rails db outliers that still needed fixing. PR#2623

  Older agent versions that are still supported by New Relic can update to the new list of denylisted constants by having the following line added to the newrelic.yml configuration file:

    autostart.denylisted_constants: "Rails::Command::ConsoleCommand,Rails::Command::CredentialsCommand,Rails::Command::Db::System::ChangeCommand,Rails::Command::DbConsoleCommand,Rails::Command::DestroyCommand,Rails::Command::DevCommand,Rails::Command::EncryptedCommand,Rails::Command::GenerateCommand,Rails::Command::InitializersCommand,Rails::Command::NotesCommand,Rails::Command::RakeCommand,Rails::Command::RoutesCommand,Rails::Command::RunnerCommand,Rails::Command::SecretsCommand,Rails::Console,Rails::DBConsole"
  

Commits

• 7db0713 Merge pull request #2698 from newrelic/prerelease_updates_9.10.2-pre
• 1e801c1 bump version
• 88ad928 Merge pull request #2694 from newrelic/update-denylisted-constants
• 8b7a5f0 Merge branch 'dev' into update-denylisted-constants
• 0a8244b Merge pull request #2684 from newrelic/bugfix_aws_dynamodb_credentials_error
• f8add64 Update CHANGELOG.md
• 916256f Remove only RakeCommand from the default
• ca4b4d8 add changelog entry
• 8589546 Merge branch 'dev' into bugfix_aws_dynamodb_credentials_error
• 0e5bc38 Merge pull request #2696 from newrelic/remove_branch_coverage_check
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)