From c524086a7623c9129e18fbcb8fc82b1c8ce86cfb Mon Sep 17 00:00:00 2001 From: jmartin4563 Date: Wed, 19 Apr 2023 17:57:11 +0000 Subject: [PATCH 1/3] Setting version to v0.5.0. --- package-lock.json | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index bf7a119..c45cc53 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@newrelic/next", - "version": "0.4.0", + "version": "0.5.0", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "@newrelic/next", - "version": "0.4.0", + "version": "0.5.0", "license": "Apache-2.0", "dependencies": { "semver": "^7.3.7" diff --git a/package.json b/package.json index 670b689..037b93d 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@newrelic/next", - "version": "0.4.0", + "version": "0.5.0", "description": "Next.js instrumentation for the New Relic Node.js agent. ", "main": "index.js", "scripts": { From 87e98a906b33211943103e7a48a0494589520443 Mon Sep 17 00:00:00 2001 From: jmartin4563 Date: Wed, 19 Apr 2023 17:57:15 +0000 Subject: [PATCH 2/3] Adds auto-generated release notes. --- CHANGELOG.md | 102 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 102 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ce1b3b9..d439222 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,105 @@ +### v0.5.0 (2023-04-19) + +* **BREAKING** - Route (URL) parameters are now stored as request.parameters.route.* attributes on Transactions + +* Update README header image to latest OSS office required images + +* Removed accidentally-committed `package-lock.json` in versioned tests. + +* Fixed dead links in the docs. + +--- NOTES NEEDS REVIEW --- +Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.3. +
+Release notes +

Sourced from json5's releases.

+
+

v2.2.3

+
    +
  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)
    • +
+

v2.2.2

+
    +
  • Fix: Properties with the name __proto__ are added to objects and arrays. +(#199) This also fixes a prototype pollution vulnerability reported by +Jonathan Gregson! (#295).
    • +
+
+
+
+Changelog +

Sourced from json5's changelog.

+
+

v2.2.3 [code, diff]

+
    +
  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of +v1.0.2. (#299)
    • +
+

v2.2.2 [code, diff]

+
    +
  • Fix: Properties with the name __proto__ are added to objects and arrays. +(#199) This also fixes a prototype pollution vulnerability reported by +Jonathan Gregson! (#295).
    • +
+
+
+
+Commits +
    +
  • c3a7524 2.2.3
    • +
  • 94fd06d docs: update CHANGELOG for v2.2.3
    • +
  • 3b8cebf docs(security): use GitHub security advisories
    • +
  • f0fd9e1 docs: publish a security policy
    • +
  • 6a91a05 docs(template): bug -> bug report
    • +
  • 14f8cb1 2.2.2
    • +
  • 10cc7ca docs: update CHANGELOG for v2.2.2
    • +
  • 7774c10 fix: add proto to objects and arrays
    • +
  • edde30a Readme: slight tweak to intro
    • +
  • 97286f8 Improve example in readme
    • +
  • Additional commits viewable in compare view
    • +
+
+
+ + +[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json5&package-manager=npm_and_yarn&previous-version=2.2.1&new-version=2.2.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) + +Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. + +[//]: # (dependabot-automerge-start) +[//]: # (dependabot-automerge-end) + +--- + +
+Dependabot commands and options +
+ +You can trigger Dependabot actions by commenting on this PR: +- `@dependabot rebase` will rebase this PR +- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it +- `@dependabot merge` will merge this PR after your CI passes on it +- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it +- `@dependabot cancel merge` will cancel a previously requested merge and block automerging +- `@dependabot reopen` will reopen this PR if it is closed +- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually +- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) +- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) +- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language +- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language +- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language +- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language + +You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/newrelic/newrelic-node-nextjs/network/alerts). + +
+-------------------------- + +* Added lockfile checks to CI workflow to prevent malicious changes + +* Change custom assertion name to avoid clash with test-utils + ### v0.4.0 (2022-12-15) * Added ability to capture code level metrics attributes for middleware, `getServerSideProps` functions, and API handlers. From f9939a9b2a0f586a769f636af5861ae92f28bdec Mon Sep 17 00:00:00 2001 From: Jessica Lopatta Date: Wed, 19 Apr 2023 14:00:25 -0400 Subject: [PATCH 3/3] clean up 0.5.0 release notes --- CHANGELOG.md | 168 ++++++++++++--------------------------------------- 1 file changed, 38 insertions(+), 130 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d439222..3ccaae7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,104 +1,12 @@ ### v0.5.0 (2023-04-19) -* **BREAKING** - Route (URL) parameters are now stored as request.parameters.route.* attributes on Transactions - -* Update README header image to latest OSS office required images - -* Removed accidentally-committed `package-lock.json` in versioned tests. - -* Fixed dead links in the docs. - ---- NOTES NEEDS REVIEW --- -Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.3. -
-Release notes -

Sourced from json5's releases.

-
-

v2.2.3

-
    -
  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)
    • -
-

v2.2.2

-
    -
  • Fix: Properties with the name __proto__ are added to objects and arrays. -(#199) This also fixes a prototype pollution vulnerability reported by -Jonathan Gregson! (#295).
    • -
-
-
-
-Changelog -

Sourced from json5's changelog.

-
-

v2.2.3 [code, diff]

-
    -
  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of -v1.0.2. (#299)
    • -
-

v2.2.2 [code, diff]

-
    -
  • Fix: Properties with the name __proto__ are added to objects and arrays. -(#199) This also fixes a prototype pollution vulnerability reported by -Jonathan Gregson! (#295).
    • -
-
-
-
-Commits -
    -
  • c3a7524 2.2.3
    • -
  • 94fd06d docs: update CHANGELOG for v2.2.3
    • -
  • 3b8cebf docs(security): use GitHub security advisories
    • -
  • f0fd9e1 docs: publish a security policy
    • -
  • 6a91a05 docs(template): bug -> bug report
    • -
  • 14f8cb1 2.2.2
    • -
  • 10cc7ca docs: update CHANGELOG for v2.2.2
    • -
  • 7774c10 fix: add proto to objects and arrays
    • -
  • edde30a Readme: slight tweak to intro
    • -
  • 97286f8 Improve example in readme
    • -
  • Additional commits viewable in compare view
    • -
-
-
- - -[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json5&package-manager=npm_and_yarn&previous-version=2.2.1&new-version=2.2.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) - -Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. - -[//]: # (dependabot-automerge-start) -[//]: # (dependabot-automerge-end) - ---- - -
-Dependabot commands and options -
- -You can trigger Dependabot actions by commenting on this PR: -- `@dependabot rebase` will rebase this PR -- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it -- `@dependabot merge` will merge this PR after your CI passes on it -- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it -- `@dependabot cancel merge` will cancel a previously requested merge and block automerging -- `@dependabot reopen` will reopen this PR if it is closed -- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language -- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language -- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language -- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - -You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/newrelic/newrelic-node-nextjs/network/alerts). - -
--------------------------- +* **BREAKING** - Route (URL) parameters are now stored as `request.parameters.route.*` attributes on Transactions -* Added lockfile checks to CI workflow to prevent malicious changes +* Updated README header image to latest OSS office required images + +* Bumped [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.3. -* Change custom assertion name to avoid clash with test-utils +* Added lockfile checks to CI workflow to prevent malicious changes ### v0.4.0 (2022-12-15) @@ -114,40 +22,40 @@ You can disable automated security fix PRs for this repo from the [Security Aler Thanks for your contribution @siuvdlec! -* Updated injecting browser agent snippet in both README and docs. +* Updated injecting browser agent snippet in both README and docs. * Updated example application to include the browser agent snippet and README to using example project. * Removed browser agent injection test from versioned tests -### v0.3.0 (2022-07-27) - -* **BREAKING** Removed support for Node 12. - -The minimum supported version is now Node v14. For further information on our support policy, see: https://docs.newrelic.com/docs/agents/nodejs-agent/getting-started/compatibility-requirements-nodejs-agent. - -* Added support for Node 18.x - -* Updated sample app to use `http.get` instead of `fetch` to make subrequests to API to avoid async context propagation breakage in Node 18. - -### v0.2.0 (2022-07-05) - -* **BREAKING**: Fixed instrumentation to only support middleware in `>=12.2.0` of Next.js - * Next.js has made middleware [stable](https://nextjs.org/docs/advanced-features/middleware). - * All attempts in `@newrelic/next` to track middleware before 12.2.0 have been removed. - -* Added an additional path to register `next-server` when running a Next.js app with a standalone server. - -* Updated dev-dependencies to clear security audit warnings. - -### v0.1.1 (2022-04-04) - -* Added support for middleware in > 12.1.1 of Next.js. The return of `getModuleContext` is now an async function. - -* Fixed a few small documentation items. - -### v0.1.0 (2022-03-01) - * Initial release of the Node.js Next.js instrumentation. - * Transaction naming based on Next.js page or API route. - * Segment/Span capture for middleware, and getServerSideProps. - * Documentation around manually injecting the New Relic browser agent. - * Verified support on Next.js >= 12.0.9 +### v0.3.0 (2022-07-27) + +* **BREAKING** Removed support for Node 12. + +The minimum supported version is now Node v14. For further information on our support policy, see: https://docs.newrelic.com/docs/agents/nodejs-agent/getting-started/compatibility-requirements-nodejs-agent. + +* Added support for Node 18.x + +* Updated sample app to use `http.get` instead of `fetch` to make subrequests to API to avoid async context propagation breakage in Node 18. + +### v0.2.0 (2022-07-05) + +* **BREAKING**: Fixed instrumentation to only support middleware in `>=12.2.0` of Next.js + * Next.js has made middleware [stable](https://nextjs.org/docs/advanced-features/middleware). + * All attempts in `@newrelic/next` to track middleware before 12.2.0 have been removed. + +* Added an additional path to register `next-server` when running a Next.js app with a standalone server. + +* Updated dev-dependencies to clear security audit warnings. + +### v0.1.1 (2022-04-04) + +* Added support for middleware in > 12.1.1 of Next.js. The return of `getModuleContext` is now an async function. + +* Fixed a few small documentation items. + +### v0.1.0 (2022-03-01) + * Initial release of the Node.js Next.js instrumentation. + * Transaction naming based on Next.js page or API route. + * Segment/Span capture for middleware, and getServerSideProps. + * Documentation around manually injecting the New Relic browser agent. + * Verified support on Next.js >= 12.0.9