[Snyk] Upgrade @opentelemetry/sdk-logs from 0.215.0 to 0.216.0

[nkammah]

Snyk has created this PR to upgrade @opentelemetry/sdk-logs from 0.215.0 to 0.216.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.

• The recommended version was released a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Uncontrolled Recursion SNYK-JS-PROTOBUFJS-16657755	416	No Known Exploit

Breaking Change Risk

Notice: This assessment is enhanced by AI.

Release notes

Package name: @opentelemetry/sdk-logs

• 0.216.0 - 2026-04-29
  

  0.216.0

  🚀 Features

  • feat(sdk-node): wire attribute_keys from declarative configuration to ViewOptions.attributesProcessors #6427 @ ravitheja4531-cell
  • feat(sdk-node): set TracerProvider in startNodeSDK() #6607 @ maryliag

  🐛 Bug Fixes

  • fix(instrumentation-xml-http-request): avoid unwrapping XMLHttpRequest API when disabling #6611 @ david-luna
  • fix(instrumentation-fetch): tolerate non-writable globalThis.fetch and fix premature _isEnabled / _isFetchPatched flips in enable() @ brunorodmoreira
  • fix(instrumentation-xhr): resolve relative URLs before matching ignoreUrls #6551 @ Maximiliano-Zeballos
  • fix(sdk-node): fix setting of ViewOption#name from ConfigurationModel #6620 @ trentm
  • fix(web-common): add limit for timeout #6601 @ maryliag
  • fix(otlp-transformer): pin protobufjs@8.0.1 as protobufjs@8.0.3 is broken for browser use #6646

  🏠 Internal

  • test(otlp-transformer): add metrics transform benchmark #6628 @ pichlermarc
  • refactor(opentelemetry-exporter-prometheus): do not call enforcePrometheusNamingConvention() multiple times per metric #6636 @ cjihrig
• 0.215.0 - 2026-04-17
  

  0.215.0

  💥 Breaking Changes

  • feat(sdk-logs)!: add required forceFlush() to LogRecordExporter interface #6356 @ pichlermarc
    • (user-facing): LogRecordExporter interface now requires a forceFlush() method to be implemented. Custom exporters will need to implement this method to continue working with the Logs SDK.
  • feat(api-logs, sdk-logs)!: add Logger#enabled() #6371 @ david-luna

  🚀 Features

  • feat(otlp-transformer): add custom protobuf logs serializer #6228 @ pichlermarc
  • feat(otlp-transformer): add custom protobuf logs export response deserializer #6530 @ pichlermarc

  🐛 Bug Fixes

  • fix(instrumentation-fetch): preserve init overrides when input is a Request object #6421 @ akandic47
  • fix(otlp-exporter-base): limit Node.js HTTP transport response body to 4 MiB #6552 @ kartikgola
  • fix(instrumentation-fetch): avoid unwrapping fetch API when disabling #6575 @ david-luna
  • fix(web-common): add check for possible unsafe json parse #6589 @ maryliag
  • fix(otlp-transformer): add check for possible unsafe json parse #6588 @ maryliag

from @opentelemetry/sdk-logs GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[nkammah]

This is a minor version upgrade for an experimental OpenTelemetry module. Specific release notes for version 0.216.0 were not found in the official repositories. While minor upgrades in this project are typically for features and bug fixes, the lack of a detailed changelog for this exact version introduces uncertainty.

Recommendation: Given that this is an experimental package and the precise changes are unknown, it is advisable to test the integration thoroughly in a development environment before merging.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.