dd-trace-js icon indicating copy to clipboard operation
dd-trace-js copied to clipboard

Published 20 hours ago verified publisher icon DataDog

Activate weekly dependabot PRs for npm and switch actions to weekly

Open BridgeAR opened this issue 5 months ago • 3 comments

We should be up to date with dependencies in an automated way.

TODO: Exclude pinned versions.

BridgeAR avatar Jun 23 '25 14:06 BridgeAR

Overall package size

Self size: 9.75 MB Deduped: 106.26 MB No deduping: 106.78 MB

Dependency sizes | name | version | self size | total size | |------|---------|-----------|------------| | @datadog/libdatadog | 0.7.0 | 35.02 MB | 35.02 MB | | @datadog/native-appsec | 8.5.2 | 19.33 MB | 19.34 MB | | @datadog/native-iast-taint-tracking | 4.0.0 | 11.72 MB | 11.73 MB | | @datadog/pprof | 5.8.2 | 9.56 MB | 9.93 MB | | @opentelemetry/core | 1.30.1 | 908.66 kB | 7.16 MB | | protobufjs | 7.5.3 | 2.95 MB | 5.6 MB | | @datadog/wasm-js-rewriter | 4.0.1 | 2.85 MB | 3.58 MB | | @datadog/native-metrics | 3.1.1 | 1.02 MB | 1.43 MB | | @opentelemetry/api | 1.8.0 | 1.21 MB | 1.21 MB | | import-in-the-middle | 1.14.0 | 120.58 kB | 841.68 kB | | source-map | 0.7.4 | 226 kB | 226 kB | | opentracing | 0.14.7 | 194.81 kB | 194.81 kB | | lru-cache | 7.18.3 | 133.92 kB | 133.92 kB | | pprof-format | 2.1.0 | 111.69 kB | 111.69 kB | | @datadog/sketches-js | 2.1.1 | 109.9 kB | 109.9 kB | | lodash.sortby | 4.7.0 | 75.76 kB | 75.76 kB | | ignore | 5.3.2 | 53.63 kB | 53.63 kB | | istanbul-lib-coverage | 3.2.2 | 34.37 kB | 34.37 kB | | rfdc | 1.4.1 | 27.15 kB | 27.15 kB | | @isaacs/ttlcache | 1.4.1 | 25.2 kB | 25.2 kB | | dc-polyfill | 0.1.9 | 25.11 kB | 25.11 kB | | tlhunter-sorted-set | 0.1.0 | 24.94 kB | 24.94 kB | | shell-quote | 1.8.2 | 23.54 kB | 23.54 kB | | limiter | 1.1.5 | 23.17 kB | 23.17 kB | | retry | 0.13.1 | 18.85 kB | 18.85 kB | | semifies | 1.0.0 | 15.84 kB | 15.84 kB | | jest-docblock | 29.7.0 | 8.99 kB | 12.76 kB | | crypto-randomuuid | 1.0.0 | 11.18 kB | 11.18 kB | | ttl-set | 1.0.0 | 4.61 kB | 9.69 kB | | mutexify | 1.4.0 | 5.71 kB | 8.74 kB | | path-to-regexp | 0.1.12 | 6.6 kB | 6.6 kB | | koalas | 1.0.2 | 6.47 kB | 6.47 kB | | module-details-from-path | 1.0.4 | 3.96 kB | 3.96 kB |

🤖 This report was automatically generated by heaviest-objects-in-the-universe

github-actions[bot] avatar Jun 23 '25 14:06 github-actions[bot]

Datadog Report

Branch report: BridgeAR/2025-06-23-enable-more-dependabot Commit report: 838baaf Test service: dd-trace-js-integration-tests

:white_check_mark: 0 Failed, 1254 Passed, 0 Skipped, 16m 37.82s Total Time

datadog-datadog-prod-us1[bot] avatar Jun 23 '25 14:06 datadog-datadog-prod-us1[bot]

Benchmarks

Benchmark execution time: 2025-06-24 16:56:34

Comparing candidate commit 809aa5e0085c8c524402070d1f395e06ff7d7aa2 in PR branch BridgeAR/2025-06-23-enable-more-dependabot with baseline commit b269a7265f46955ab447a2b5a705cc08c4a959fb in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 1270 metrics, 53 unstable metrics.

pr-commenter[bot] avatar Jun 23 '25 14:06 pr-commenter[bot]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 79.60%. Comparing base (07785fd) to head (65012a0). Report is 15 commits behind head on master.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #5930   +/-   ##
=======================================
  Coverage   79.60%   79.60%           
=======================================
  Files         477      477           
  Lines       20387    20387           
=======================================
  Hits        16229    16229           
  Misses       4158     4158

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

:rocket: New features to boost your workflow:
  • :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • :package: JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

codecov[bot] avatar Jun 23 '25 22:06 codecov[bot]

@watson the concrete package.json entry was a mistake that I forgot to fix before pushing. I just changed it to the root directory. That will pick up the yarn lock file. The default is to detect if it's a library or an app and act on it accordingly. We can also specify the behavior as outlined here https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#versioning-strategy--. I thought we can still adjust it over time, if we feel that's necessary.

BridgeAR avatar Jun 24 '25 12:06 BridgeAR