[Snyk] Fix for 1 vulnerabilities

[vinks]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • examples/nestjs-fastify-prom-grafana-tempo/package.json
  • examples/nestjs-fastify-prom-grafana-tempo/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @opentelemetry/sdk-node

The new version differs by 21 commits.

• 0ef1fc2 chore: release proposal 0.25.0 (#2415)
• f129138 chore: hoist dependencies to speed up ci (#2416)
• 40d0423 chore(deps): update all non-major dependencies (#2414)
• bdb12da chore: Fix lint warnings in propagator-jaeger, propagator-b3, resources, and sdk-metrics-base packages (#2406)
• 33e6f71 docs: fix examples in website_docs/instrumentation.md (#2412)
• 5b4ca1c fix(instrumentation-fetch): `fetch(string, Request)` silently drops request body (#2411)
• 90ea0fe fix(@ opentelemetry/exporter-collector): remove fulfilled promises cor… (#1775)
• 4553b29 chore: Fix lint warnings in core package (#2405)
• 3fc8bc9 feat: use Blob in sendBeacon to add application/json type (#2336)
• eb3cd50 Website docs update 0821 (#2400)
• 9790070 refactor: move detectors to opentelemetry-js-contrib repo (#2392)
• 3eb5386 chore(deps): update commitlint monorepo to v13 (major) (#2384)
• 46a42a1 fix: respect sampled flag in Span Processors, fix associated tests (#2396)
• f180870 chore: sort entries in tsconfig (#2402)
• 365d502 chore: update doc identifier names in readme (#2399)
• 08828b4 chore: fix Lint warnings in api-metrics and context-zone-peer-dep (#2390)
• b69ff35 chore(deps): update all non-major dependencies (#2401)
• a8d3931 chore: rename sdks to better represent what they are [#2146] (#2340)
• 4e78e4b chore: change codeowners to point to team (#2397)
• e1b3e98 chore: move api into dependencies in integration tests (#2385)
• 3b9cd16 chore(deps): update all non-major dependencies (#2383)

See the full diff

Package name: nestjs-otel

The new version differs by 49 commits.

• 037fe28 Merge pull request chore: release 2.5.0 pragmaticivan/nestjs-otel#105 from pragmaticivan/release-v2.5.0
• 5ccc978 chore: release 2.5.0
• 6efb0a5 feat: add defaultLabels support
• 28a9310 build: update packages
• 1734328 Merge pull request build(deps-dev): bump eslint-plugin-import from 2.23.4 to 2.24.2 pragmaticivan/nestjs-otel#99 from pragmaticivan/dependabot-npm_and_yarn-main-eslint-plugin-import-2.24.2
• f9753d0 Merge pull request build(deps-dev): bump husky from 7.0.1 to 7.0.2 pragmaticivan/nestjs-otel#98 from pragmaticivan/dependabot-npm_and_yarn-main-husky-7.0.2
• 9c13918 Merge pull request build(deps-dev): bump supertest from 6.1.5 to 6.1.6 pragmaticivan/nestjs-otel#92 from pragmaticivan/dependabot-npm_and_yarn-main-supertest-6.1.6
• 25fce62 Merge pull request build(deps-dev): bump ts-jest from 27.0.4 to 27.0.5 pragmaticivan/nestjs-otel#90 from pragmaticivan/dependabot-npm_and_yarn-main-ts-jest-27.0.5
• 574fea7 build(deps-dev): bump ts-jest from 27.0.4 to 27.0.5
• 7b7ea35 build(deps-dev): bump supertest from 6.1.5 to 6.1.6
• 6c9581e Merge pull request build(deps-dev): bump @types/jest from 26.0.24 to 27.0.1 pragmaticivan/nestjs-otel#94 from pragmaticivan/dependabot-npm_and_yarn-main-types-jest-27.0.1
• 23534ec Merge pull request build(deps-dev): bump jest from 27.0.6 to 27.1.0 pragmaticivan/nestjs-otel#95 from pragmaticivan/dependabot-npm_and_yarn-main-jest-27.1.0
• 0717a69 Merge pull request build(deps-dev): bump @types/node from 16.6.1 to 16.7.10 pragmaticivan/nestjs-otel#91 from pragmaticivan/dependabot-npm_and_yarn-main-types-node-16.7.10
• 780c1d5 Merge pull request build(deps-dev): bump typescript from 4.3.5 to 4.4.2 pragmaticivan/nestjs-otel#93 from pragmaticivan/dependabot-npm_and_yarn-main-typescript-4.4.2
• fbab5b7 chore: update discord invite
• c544512 build(deps-dev): bump eslint-plugin-import from 2.23.4 to 2.24.2
• a3a3301 build(deps-dev): bump husky from 7.0.1 to 7.0.2
• b56e1f8 build(deps-dev): bump jest from 27.0.6 to 27.1.0
• b1f858c build(deps-dev): bump @ types/jest from 26.0.24 to 27.0.1
• d7b0639 build(deps-dev): bump typescript from 4.3.5 to 4.4.2
• fdf7951 build(deps-dev): bump @ types/node from 16.6.1 to 16.7.10
• 4e8b20a chore: add Stargazers on readme
• 061c0e4 chore: add codeql-analysis workflow
• cc84b4d Merge pull request chore: release 2.4.0 pragmaticivan/nestjs-otel#86 from pragmaticivan/release-v2.4.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)