From d8637aba0c83b1377ca2c260933552d145a003dd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Dec 2025 09:56:57 +0100 Subject: [PATCH 01/66] build(deps): bump docker/metadata-action (#2500) Bumps the github-actions group with 1 update in the / directory: [docker/metadata-action](https://github.com/docker/metadata-action). Updates `docker/metadata-action` from 5.9.0 to 5.10.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](https://github.com/docker/metadata-action/compare/318604b99e75e41977312d83839a89be02ca4893...c299e40c65443455700f0fdfc63efafe5b349051) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-version: 5.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bffedc695..82e39bb71 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -137,7 +137,7 @@ jobs: - name: Extract metadata (tags, labels) id: docker-meta - uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 with: images: ${{ env.DOCKER_IMAGE_NAME }} tags: | From 30c4075a7342efbe61c2f7085d93bfbceb75daf2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 4 Dec 2025 12:28:40 +0100 Subject: [PATCH 02/66] build(deps): bump alpine from `4b7ce07` to `51183f2` (#2503) Bumps alpine from `4b7ce07` to `51183f2`. --- updated-dependencies: - dependency-name: alpine dependency-version: 51183f2cfa6320055da30872f211093f9ff1d3cf06f39a0bdb212314c5dc7375 dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 3ae80cf1e..1798fa6e8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,3 @@ -FROM alpine@sha256:4b7ce07002c69e8f3d704a9c5d6fd3053be500b7f1c69fc0d80990c2ad8dd412 +FROM alpine@sha256:51183f2cfa6320055da30872f211093f9ff1d3cf06f39a0bdb212314c5dc7375 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 1750a1dcb9887965c8c85ed815ff7b86b5f62270 Mon Sep 17 00:00:00 2001 From: "elastic-observability-automation[bot]" <180520183+elastic-observability-automation[bot]@users.noreply.github.com> Date: Fri, 5 Dec 2025 08:50:33 +0100 Subject: [PATCH 03/66] chore: deps(updatecli): Bump updatecli version to v0.111.0 (#2505) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Made with ❤️️ by updatecli Co-authored-by: elastic-observability-automation[bot] <180520183+elastic-observability-automation[bot]@users.noreply.github.com> --- .tool-versions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tool-versions b/.tool-versions index c82f19a6d..b423ac5ee 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1 +1 @@ -updatecli v0.110.3 \ No newline at end of file +updatecli v0.111.0 \ No newline at end of file From 648084b779dbff43858e6d05aff10ca2c9afb9ae Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Dec 2025 15:05:05 +0100 Subject: [PATCH 04/66] build(deps): bump wolfi/chainguard-base from `2539782` to `1038c51` (#2507) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `2539782` to `1038c51`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index f9556980f..d9b675571 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:25397820ef168d951339e69cedb5460f354cea842e2af367e33b89e988c51615 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:1038c51d3e88154a59aea6476f19030ceca257cddcae66abe1d047de7a5ce578 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From bbaa3bbd5fd4ca1e10eb31cf997413c7bd4581c6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 10 Dec 2025 11:19:51 +0000 Subject: [PATCH 05/66] build(deps): bump wolfi/chainguard-base from `1038c51` to `2b179e1` (#2508) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `1038c51` to `2b179e1`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index d9b675571..199a2ddde 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:1038c51d3e88154a59aea6476f19030ceca257cddcae66abe1d047de7a5ce578 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:2b179e1fe69c672bd0844147c6ebb039adb44ddaa3f9b4695f4915a9447da438 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From f5a12f8f301360a8a50234be65bf5a588d643c0a Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Tue, 16 Dec 2025 09:41:09 +0100 Subject: [PATCH 06/66] tornado: handle behaviour change in request.headers protocol (#2512) In 6.5.3 tornado made the __in__ protocol for the request headers case sensitive. Problem is that the code extracting the traceparent header name is using a lowercase string for the header name. So start normalizing all the headers keys to lowercase so that we are able to get the traceparent again. --- elasticapm/instrumentation/packages/tornado.py | 4 +++- tests/contrib/asyncio/tornado/tornado_tests.py | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/elasticapm/instrumentation/packages/tornado.py b/elasticapm/instrumentation/packages/tornado.py index 2f0ed04a0..c1f829bc1 100644 --- a/elasticapm/instrumentation/packages/tornado.py +++ b/elasticapm/instrumentation/packages/tornado.py @@ -71,7 +71,9 @@ async def call(self, module, method, wrapped, instance, args, kwargs): client = instance.application.elasticapm_client should_ignore = client.should_ignore_url(request.path) if not should_ignore: - trace_parent = TraceParent.from_headers(request.headers) + # In tornado 6.5.3 the __in__ protocol for the headers is case-sensitive so we need to normalize them + normalized_headers = {k.lower(): v for k, v in request.headers.items()} + trace_parent = TraceParent.from_headers(normalized_headers) client.begin_transaction("request", trace_parent=trace_parent) elasticapm.set_context( lambda: get_data_from_request(instance, request, client.config, constants.TRANSACTION), "request" diff --git a/tests/contrib/asyncio/tornado/tornado_tests.py b/tests/contrib/asyncio/tornado/tornado_tests.py index 3ce3bafed..499a28550 100644 --- a/tests/contrib/asyncio/tornado/tornado_tests.py +++ b/tests/contrib/asyncio/tornado/tornado_tests.py @@ -177,7 +177,7 @@ async def test_traceparent_handling(app, base_url, http_client): assert transaction["trace_id"] == "0af7651916cd43dd8448eb211c80319c" assert transaction["parent_id"] == "b7ad6b7169203331" - assert "foo=bar,bar=baz,baz=bazzinga" == wrapped_from_string.call_args[0][0]["TraceState"] + assert "foo=bar,bar=baz,baz=bazzinga" == wrapped_from_string.call_args[0][0]["tracestate"] @pytest.mark.gen_test From f8425150306e56179b6a714c304b936f42768b91 Mon Sep 17 00:00:00 2001 From: "elastic-observability-automation[bot]" <180520183+elastic-observability-automation[bot]@users.noreply.github.com> Date: Tue, 16 Dec 2025 09:46:45 +0100 Subject: [PATCH 07/66] chore: deps(updatecli): Bump updatecli version to v0.112.0 (#2510) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Made with ❤️️ by updatecli Co-authored-by: elastic-observability-automation[bot] <180520183+elastic-observability-automation[bot]@users.noreply.github.com> Co-authored-by: Riccardo Magliocchetti --- .tool-versions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tool-versions b/.tool-versions index b423ac5ee..787346ef0 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1 +1 @@ -updatecli v0.111.0 \ No newline at end of file +updatecli v0.112.0 \ No newline at end of file From 43f4deb8aca228877480c9e8b62696aea7883dce Mon Sep 17 00:00:00 2001 From: Md Adil Date: Wed, 17 Dec 2025 16:16:23 +0530 Subject: [PATCH 08/66] =?UTF-8?q?updated=20the=20=5F=5Fall=5F=5F=20section?= =?UTF-8?q?=20to=20include=20all=20=2022=20publicly=20exposed=20varia?= =?UTF-8?q?=E2=80=A6=20(#2504)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * updated the __all__ section to include all 22 publicly exposed variables * Reorganized the __all__ tuple in alphabetical --------- Co-authored-by: Riccardo Magliocchetti --- elasticapm/__init__.py | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/elasticapm/__init__.py b/elasticapm/__init__.py index 4c19b0a17..b6c4499c4 100644 --- a/elasticapm/__init__.py +++ b/elasticapm/__init__.py @@ -49,7 +49,6 @@ ) from elasticapm.utils.disttracing import trace_parent_from_headers, trace_parent_from_string # noqa: F401 -__all__ = ("VERSION", "Client") _activation_method = None @@ -66,3 +65,28 @@ raise DeprecationWarning("The Elastic APM agent requires Python 3.6+") from elasticapm.contrib.asyncio.traces import async_capture_span # noqa: F401 E402 + +__all__ = ( + "Client", + "VERSION", + "async_capture_span", + "capture_serverless", + "capture_span", + "get_client", + "get_span_id", + "get_trace_id", + "get_trace_parent_header", + "get_transaction_id", + "instrument", + "label", + "set_context", + "set_custom_context", + "set_transaction_name", + "set_transaction_outcome", + "set_transaction_result", + "set_user_context", + "setup_logging", + "trace_parent_from_headers", + "trace_parent_from_string", + "uninstrument", +) From cf6fbf2ecbdd4ee3165413ce5a56d45eccffbe39 Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Mon, 22 Dec 2025 09:44:46 +0100 Subject: [PATCH 09/66] elasticapm: introduce ELASTIC_APM_SKIP_SERVER_INFO (#2516) Introduce this option in order to avoid fetch the apm server info to get its version, off by default. Calling that endpoint with the aws lambda extension incurs in a measurable latency on AWS Lambda. Enabling this issue requires the receiving APM server version to be greater than 8.7.0. Option is still in technical preview. --- docs/reference/configuration.md | 17 +++++++++++++++++ elasticapm/conf/__init__.py | 1 + elasticapm/transport/http.py | 6 +++++- tests/transports/test_urllib3.py | 17 +++++++++++++++++ 4 files changed, 40 insertions(+), 1 deletion(-) diff --git a/docs/reference/configuration.md b/docs/reference/configuration.md index 5934f3b6e..1841631c7 100644 --- a/docs/reference/configuration.md +++ b/docs/reference/configuration.md @@ -969,6 +969,23 @@ If set to `True`, the agent will intercept the default `sys.excepthook`, which a Whether each transaction should have the process arguments attached. Disabled by default to save disk space. +### `skip_server_info` [config-skip-server-info] + +| Environment | Django/Flask | Default | +| --- | --- | --- | +| `ELASTIC_APM_SKIP_SERVER_INFO` | `SKIP_SERVER_INFO` | `False` | + +Whether we should skip the server info check to save some latency on constrained environments like AWS Lambda. Disabled by default. + +::::{warning} +This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features. +:::: + +::::{warning} +This requires sending data to an APM Server newer than 8.7.0 in order to work properly. +:::: + + ## Django-specific configuration [config-django-specific] diff --git a/elasticapm/conf/__init__.py b/elasticapm/conf/__init__.py index 6d19eb96c..f00a2cda9 100644 --- a/elasticapm/conf/__init__.py +++ b/elasticapm/conf/__init__.py @@ -743,6 +743,7 @@ class Config(_ConfigBase): default=TRACE_CONTINUATION_STRATEGY.CONTINUE, ) include_process_args = _BoolConfigValue("INCLUDE_PROCESS_ARGS", default=False) + skip_server_info = _BoolConfigValue("SKIP_SERVER_INFO", default=False) @property def is_recording(self): diff --git a/elasticapm/transport/http.py b/elasticapm/transport/http.py index ed132068c..cd960e40f 100644 --- a/elasticapm/transport/http.py +++ b/elasticapm/transport/http.py @@ -203,7 +203,11 @@ def _get_cache_control_max_age(self, response_headers): def _process_queue(self) -> None: if not self.client.server_version: - self.fetch_server_info() + # this is useful on aws lambda environments where this call incurs in unwanted latency + if self.client.config.skip_server_info: + logger.debug("Skipping to fetch server info") + else: + self.fetch_server_info() super()._process_queue() def fetch_server_info(self) -> None: diff --git a/tests/transports/test_urllib3.py b/tests/transports/test_urllib3.py index 32a5b7384..78bc26200 100644 --- a/tests/transports/test_urllib3.py +++ b/tests/transports/test_urllib3.py @@ -520,6 +520,23 @@ def test_fetch_server_info_flat_string(waiting_httpserver, caplog, elasticapm_cl assert_any_record_contains(caplog.records, "No version key found in server response") +def test_skip_server_info(waiting_httpserver, elasticapm_client): + elasticapm_client.config.update(version="1", skip_server_info=True) + waiting_httpserver.serve_content(code=202, content="", headers={"Location": "http://example.com/foo"}) + transport = Transport( + waiting_httpserver.url, client=elasticapm_client, headers=elasticapm_client._transport._headers + ) + transport.start_thread() + try: + url = transport.send("x".encode("latin-1")) + assert url == "http://example.com/foo" + finally: + transport.close() + + assert elasticapm_client.server_version is None + assert elasticapm_client.check_server_version(gte=(8, 7, 1)) + + def test_close(waiting_httpserver, elasticapm_client): elasticapm_client.server_version = (8, 0, 0) # avoid making server_info request waiting_httpserver.serve_content(code=202, content="", headers={"Location": "http://example.com/foo"}) From d962042ee6e7a7f9892e9fdfd2190f12598e0c58 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Dec 2025 09:39:14 +0000 Subject: [PATCH 10/66] build(deps): bump alpine from `51183f2` to `865b95f` (#2514) Bumps alpine from `51183f2` to `865b95f`. --- updated-dependencies: - dependency-name: alpine dependency-version: 865b95f46d98cf867a156fe4a135ad3fe50d2056aa3f25ed31662dff6da4eb62 dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Riccardo Magliocchetti --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 1798fa6e8..0a8d60877 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,3 @@ -FROM alpine@sha256:51183f2cfa6320055da30872f211093f9ff1d3cf06f39a0bdb212314c5dc7375 +FROM alpine@sha256:865b95f46d98cf867a156fe4a135ad3fe50d2056aa3f25ed31662dff6da4eb62 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From f425c427ba226aa64a80d6582a43fd5ce175366f Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Tue, 23 Dec 2025 09:17:16 +0100 Subject: [PATCH 11/66] update CHANGELOG and bump version to 6.25.0 (#2518) --- CHANGELOG.asciidoc | 14 ++++++++++++++ docs/reference/configuration.md | 4 ++++ docs/release-notes/index.md | 12 ++++++++++++ elasticapm/version.py | 2 +- 4 files changed, 31 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.asciidoc b/CHANGELOG.asciidoc index d766ca483..5a6bed978 100644 --- a/CHANGELOG.asciidoc +++ b/CHANGELOG.asciidoc @@ -32,6 +32,20 @@ endif::[] [[release-notes-6.x]] === Python Agent version 6.x +[[release-notes-6.25.0]] +==== 6.25.0 - 2025-12-23 + +[float] +===== Features + +* Introduce `ELASTIC_APM_SKIP_SERVER_INFO` to reduce overhead on serverless with APM server 8.7.1+ {pull}2516[#2516] +* List all exported symbols in elasticapm module `__all__` {pull}2504[#2504] + +[float] +===== Bug fixes + +* Handle Tornado 6.5.3 `HttpHeaders` `in` operator behavior change {pull}2512[#2512] + [[release-notes-6.24.1]] ==== 6.24.1 - 2025-11-21 diff --git a/docs/reference/configuration.md b/docs/reference/configuration.md index 1841631c7..cdc0c744e 100644 --- a/docs/reference/configuration.md +++ b/docs/reference/configuration.md @@ -971,6 +971,10 @@ Whether each transaction should have the process arguments attached. Disabled by ### `skip_server_info` [config-skip-server-info] +```{applies_to} +apm_agent_python: preview 6.25.0 +``` + | Environment | Django/Flask | Default | | --- | --- | --- | | `ELASTIC_APM_SKIP_SERVER_INFO` | `SKIP_SERVER_INFO` | `False` | diff --git a/docs/release-notes/index.md b/docs/release-notes/index.md index dda90b393..d29cec09c 100644 --- a/docs/release-notes/index.md +++ b/docs/release-notes/index.md @@ -26,6 +26,18 @@ To check for security updates, go to [Security announcements for the Elastic sta % ### Fixes [elastic-apm-python-agent-versionext-fixes] +## 6.25.0 [elastic-apm-python-agent-6250-release-notes] +**Release date:** December 23, 2025 + +### Features and enhancements [elastic-apm-python-agent-6250-features-enhancements] + +* Introduce `ELASTIC_APM_SKIP_SERVER_INFO` to reduce overhead on serverless with APM server 8.7.1+ [#2516](https://github.com/elastic/apm-agent-python/pull/2516) +* List all exported symbols in elasticapm module `__all__` [#2504](https://github.com/elastic/apm-agent-python/pull/2504) + +### Fixes [elastic-apm-python-agent-6250-fixes] + +* Handle Tornado 6.5.3 `HttpHeaders` `in` operator behavior change [#2512](https://github.com/elastic/apm-agent-python/pull/2512) + ## 6.24.1 [elastic-apm-python-agent-6241-release-notes] **Release date:** November 21, 2025 diff --git a/elasticapm/version.py b/elasticapm/version.py index bea3b5f0d..c55a11c61 100644 --- a/elasticapm/version.py +++ b/elasticapm/version.py @@ -28,5 +28,5 @@ # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -__version__ = (6, 24, 1) +__version__ = (6, 25, 0) VERSION = ".".join(map(str, __version__)) From 564aae31e44e8926c2a6f1c35761e0dc19ae2b3d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Dec 2025 13:14:05 +0100 Subject: [PATCH 12/66] build(deps): bump the github-actions group across 3 directories with 3 updates (#2517) Bumps the github-actions group with 3 updates in the / directory: [actions/download-artifact](https://github.com/actions/download-artifact), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action). Bumps the github-actions group with 1 update in the /.github/actions/build-distribution directory: [actions/upload-artifact](https://github.com/actions/upload-artifact). Bumps the github-actions group with 1 update in the /.github/actions/packages directory: [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `actions/download-artifact` from 6 to 7 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v6...v7) Updates `actions/upload-artifact` from 5 to 6 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) Updates `docker/setup-buildx-action` from 3.11.1 to 3.12.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/e468171a9de216ec08956ac3ada2f0791b6bd435...8d2750c68a42422c14e847fe6c8ac0403b4cbd6f) Updates `actions/upload-artifact` from 5 to 6 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) Updates `actions/upload-artifact` from 5 to 6 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) Updates `actions/upload-artifact` from 5 to 6 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) Updates `actions/upload-artifact` from 5 to 6 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) Updates `actions/upload-artifact` from 5 to 6 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) Updates `actions/upload-artifact` from 5 to 6 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) Updates `actions/upload-artifact` from 5 to 6 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) Updates `actions/upload-artifact` from 5 to 6 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-version: 3.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/actions/build-distribution/action.yml | 2 +- .github/actions/packages/action.yml | 2 +- .github/workflows/release.yml | 12 ++++++------ .github/workflows/run-matrix.yml | 4 ++-- .github/workflows/test-docs.yml | 2 +- .github/workflows/test.yml | 8 ++++---- 6 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/actions/build-distribution/action.yml b/.github/actions/build-distribution/action.yml index 5f659b747..6835dbec2 100644 --- a/.github/actions/build-distribution/action.yml +++ b/.github/actions/build-distribution/action.yml @@ -14,7 +14,7 @@ runs: run: ./dev-utils/make-distribution.sh shell: bash - - uses: actions/upload-artifact@v5 + - uses: actions/upload-artifact@v6 with: name: build-distribution path: ./build/ diff --git a/.github/actions/packages/action.yml b/.github/actions/packages/action.yml index 6c3053f5d..45d71ecd5 100644 --- a/.github/actions/packages/action.yml +++ b/.github/actions/packages/action.yml @@ -19,7 +19,7 @@ runs: run: ./dev-utils/make-packages.sh shell: bash - name: Upload Packages - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: name: packages path: | diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 82e39bb71..ab32abca2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -57,7 +57,7 @@ jobs: id-token: write # IMPORTANT: this permission is mandatory for trusted publishing steps: - uses: actions/checkout@v6 - - uses: actions/download-artifact@v6 + - uses: actions/download-artifact@v7 with: name: packages path: dist @@ -81,7 +81,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - - uses: actions/download-artifact@v6 + - uses: actions/download-artifact@v7 with: name: build-distribution path: ./build @@ -96,7 +96,7 @@ jobs: VERSION=${VERSION//./-} ELASTIC_LAYER_NAME="elastic-apm-python-${VERSION}" .ci/publish-aws.sh - - uses: actions/upload-artifact@v5 + - uses: actions/upload-artifact@v6 if: startsWith(github.ref, 'refs/tags') with: name: arn-file @@ -121,7 +121,7 @@ jobs: - uses: actions/checkout@v6 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Log in to the Elastic Container registry uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 @@ -130,7 +130,7 @@ jobs: username: ${{ secrets.ELASTIC_DOCKER_USERNAME }} password: ${{ secrets.ELASTIC_DOCKER_PASSWORD }} - - uses: actions/download-artifact@v6 + - uses: actions/download-artifact@v7 with: name: build-distribution path: ./build @@ -175,7 +175,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - - uses: actions/download-artifact@v6 + - uses: actions/download-artifact@v7 with: name: arn-file - name: Create GitHub Draft Release diff --git a/.github/workflows/run-matrix.yml b/.github/workflows/run-matrix.yml index 118a898b5..e14b0e6ea 100644 --- a/.github/workflows/run-matrix.yml +++ b/.github/workflows/run-matrix.yml @@ -32,13 +32,13 @@ jobs: LOCALSTACK_VOLUME_DIR: localstack_data - if: success() || failure() name: Upload JUnit Test Results - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: name: test-results-${{ matrix.framework }}-${{ matrix.version }} path: "**/*-python-agent-junit.xml" - if: success() || failure() name: Upload Coverage Reports - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: name: coverage-reports-${{ matrix.framework }}-${{ matrix.version }} path: "**/.coverage*" diff --git a/.github/workflows/test-docs.yml b/.github/workflows/test-docs.yml index a99c13216..1f28a567c 100644 --- a/.github/workflows/test-docs.yml +++ b/.github/workflows/test-docs.yml @@ -36,7 +36,7 @@ jobs: ENDOFFILE - if: success() || failure() name: Upload JUnit Test Results - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: name: test-results-docs path: "docs-python-agent-junit.xml" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 980f011f2..d82f75b27 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -156,14 +156,14 @@ jobs: run: .\scripts\run-tests.bat - if: success() || failure() name: Upload JUnit Test Results - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: name: test-results-${{ matrix.framework }}-${{ matrix.version }}-asyncio-${{ matrix.asyncio }} path: "**/*-python-agent-junit.xml" retention-days: 1 - if: success() || failure() name: Upload Coverage Reports - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: name: coverage-reports-${{ matrix.framework }}-${{ matrix.version }}-asyncio-${{ matrix.asyncio }} path: "**/.coverage*" @@ -210,7 +210,7 @@ jobs: - run: python -Im pip install --upgrade coverage[toml] - - uses: actions/download-artifact@v6 + - uses: actions/download-artifact@v7 with: pattern: coverage-reports-* merge-multiple: true @@ -227,7 +227,7 @@ jobs: python -Im coverage report --fail-under=84 - name: Upload HTML report - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: name: html-coverage-report path: htmlcov From 7bbd56f1dfbead66562c0097abc99f509051599b Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Tue, 23 Dec 2025 16:00:42 +0100 Subject: [PATCH 13/66] docs: bump lambda layers version to 6.25.0:1 (#2519) --- docs/reference/lambda-support.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/lambda-support.md b/docs/reference/lambda-support.md index 839c4b8c2..12f9922e3 100644 --- a/docs/reference/lambda-support.md +++ b/docs/reference/lambda-support.md @@ -9,7 +9,7 @@ applies_to: apm_agent_python: ga sub: apm-lambda-ext-v: ver-1-6-0 - apm-python-v: ver-6-24-1 + apm-python-v: ver-6-25-0 apm-python-layer-v: 1 --- From 36a08035dcec62c1691cf4a04ae28287bdacd097 Mon Sep 17 00:00:00 2001 From: Francisco Ramon Date: Thu, 8 Jan 2026 11:25:23 +0100 Subject: [PATCH 14/66] Fix arn table file generation file path (#2525) * Ensure the arn table file is being generated in the github workspace * Use realpath instead changing directory --- .ci/create-arn-table.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.ci/create-arn-table.sh b/.ci/create-arn-table.sh index a03ead4c6..470d03c50 100755 --- a/.ci/create-arn-table.sh +++ b/.ci/create-arn-table.sh @@ -7,7 +7,9 @@ set -o pipefail # AWS_FOLDER - that's the location of the publish-layer-version output for each region AWS_FOLDER=${AWS_FOLDER?:No aws folder provided} -ARN_FILE=".arn-file.md" +# Get the repository root directory (where .git is located) +REPO_ROOT="$(realpath $(dirname "${BASH_SOURCE[0]}")/..)" +ARN_FILE="${REPO_ROOT}/.arn-file.md" { echo "
" @@ -28,3 +30,5 @@ done echo '
' echo '' } >> "${ARN_FILE}" + +echo "INFO: Created ARN table at ${ARN_FILE}" From 9ad228cfe2838f5e192b1026cdf9c1e3df668227 Mon Sep 17 00:00:00 2001 From: Paul McCann Date: Wed, 14 Jan 2026 11:56:40 +0000 Subject: [PATCH 15/66] chore: delete SECURITY.md to use organization-wide policy (#2528) --- SECURITY.md | 7 ------- 1 file changed, 7 deletions(-) delete mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md deleted file mode 100644 index 4ff826c5b..000000000 --- a/SECURITY.md +++ /dev/null @@ -1,7 +0,0 @@ -# Security Policy - -Thanks for your interest in the security of our products. -Our security policy can be found at [https://www.elastic.co/community/security](https://www.elastic.co/community/security). - -## Reporting a Vulnerability -Please send security vulnerability reports to security@elastic.co. From 5c9b064589e17540d5b24cd14c2327b02f3651ed Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Mon, 19 Jan 2026 11:19:33 +0100 Subject: [PATCH 16/66] Run tests in Python 3.14 in full matrix (#2531) * tests: use importlib instead of pkgutil.get_loader pkgutil.get_loader has been removed in 3.14 * tests: use plain open instead of codecs.open Since it has been deprecated * elasticapm/contrib/django: swallow exceptions explicitly In 3.14 after https://peps.python.org/pep-0765/ the pattern of using return in a finally block is considered harmful. I guess the intent here is to just swallow any exception raised in the try block and always return the response. * tests: drop unused import * Run tests against 3.14 in full matrix --- .ci/.matrix_exclude.yml | 78 ++++++++++++++++++- .ci/.matrix_python_full.yml | 1 + Makefile | 2 +- .../contrib/django/middleware/__init__.py | 10 ++- setup.py | 3 +- tests/contrib/asyncio/starlette_tests.py | 2 - tests/fixtures.py | 7 +- tests/utils/stacks/tests.py | 5 +- .../test_wildcard_matcher_cases/conftest.py | 3 +- 9 files changed, 93 insertions(+), 18 deletions(-) diff --git a/.ci/.matrix_exclude.yml b/.ci/.matrix_exclude.yml index 93d0fa4df..c7089061f 100644 --- a/.ci/.matrix_exclude.yml +++ b/.ci/.matrix_exclude.yml @@ -57,6 +57,8 @@ exclude: FRAMEWORK: flask-2.3 - VERSION: python-3.7 FRAMEWORK: flask-3.0 + - VERSION: python-3.14 + FRAMEWORK: flask-1.0 # Python 3.10 removed a bunch of classes from collections, now in collections.abc - VERSION: python-3.10 FRAMEWORK: django-1.11 @@ -80,6 +82,12 @@ exclude: FRAMEWORK: celery-5-django-3 - VERSION: python-3.13 # https://github.com/celery/billiard/issues/377 FRAMEWORK: celery-5-django-4 + - VERSION: python-3.14 # https://github.com/celery/billiard/issues/377 + FRAMEWORK: celery-5-flask-2 + - VERSION: python-3.14 # https://github.com/celery/billiard/issues/377 + FRAMEWORK: celery-5-django-3 + - VERSION: python-3.14 # https://github.com/celery/billiard/issues/377 + FRAMEWORK: celery-5-django-4 - VERSION: python-3.10 FRAMEWORK: graphene-2 - VERSION: python-3.10 @@ -146,7 +154,35 @@ exclude: FRAMEWORK: aiohttp-4.0 - VERSION: python-3.13 FRAMEWORK: cassandra-3.4 - - VERSION: python-3.13 + - VERSION: python-3.14 + FRAMEWORK: django-1.11 + - VERSION: python-3.14 + FRAMEWORK: django-2.0 + - VERSION: python-3.14 + FRAMEWORK: django-2.1 + - VERSION: python-3.14 + FRAMEWORK: django-2.2 + - VERSION: python-3.14 + FRAMEWORK: django-3.0 + - VERSION: python-3.14 + FRAMEWORK: django-3.1 + - VERSION: python-3.14 + FRAMEWORK: django-3.2 + - VERSION: python-3.14 + FRAMEWORK: django-4.0 + - VERSION: python-3.14 + FRAMEWORK: django-4.2 + - VERSION: python-3.14 + FRAMEWORK: django-5.0 + - VERSION: python-3.14 + FRAMEWORK: graphene-2 + - VERSION: python-3.14 + FRAMEWORK: aiohttp-3.0 + - VERSION: python-3.14 + FRAMEWORK: aiohttp-4.0 + - VERSION: python-3.14 + FRAMEWORK: cassandra-3.4 + - VERSION: python-3.14 FRAMEWORK: pymongo-3.5 # pymongo - VERSION: python-3.10 @@ -157,6 +193,8 @@ exclude: FRAMEWORK: pymongo-3.1 - VERSION: python-3.13 FRAMEWORK: pymongo-3.1 + - VERSION: python-3.14 + FRAMEWORK: pymongo-3.1 - VERSION: python-3.10 FRAMEWORK: pymongo-3.2 - VERSION: python-3.11 @@ -165,6 +203,8 @@ exclude: FRAMEWORK: pymongo-3.2 - VERSION: python-3.13 FRAMEWORK: pymongo-3.2 + - VERSION: python-3.14 + FRAMEWORK: pymongo-3.2 - VERSION: python-3.10 FRAMEWORK: pymongo-3.3 - VERSION: python-3.11 @@ -173,6 +213,8 @@ exclude: FRAMEWORK: pymongo-3.3 - VERSION: python-3.13 FRAMEWORK: pymongo-3.3 + - VERSION: python-3.14 + FRAMEWORK: pymongo-3.3 - VERSION: python-3.8 FRAMEWORK: pymongo-3.4 - VERSION: python-3.9 @@ -185,6 +227,12 @@ exclude: FRAMEWORK: pymongo-3.4 - VERSION: python-3.13 FRAMEWORK: pymongo-3.4 + - VERSION: python-3.13 + FRAMEWORK: pymongo-3.5 + - VERSION: python-3.14 + FRAMEWORK: pymongo-3.4 + - VERSION: python-3.14 + FRAMEWORK: pymongo-3.5 - VERSION: pypy-3 FRAMEWORK: pymongo-3.0 # pymssql @@ -212,6 +260,10 @@ exclude: FRAMEWORK: boto3-1.5 - VERSION: python-3.13 FRAMEWORK: boto3-1.6 + - VERSION: python-3.14 + FRAMEWORK: boto3-1.5 + - VERSION: python-3.14 + FRAMEWORK: boto3-1.6 # aiohttp client, only supported in Python 3.7+ - VERSION: pypy-3 FRAMEWORK: aiohttp-3.0 @@ -259,6 +311,8 @@ exclude: FRAMEWORK: asyncpg-0.28 - VERSION: python-3.13 FRAMEWORK: asyncpg-0.28 + - VERSION: python-3.14 + FRAMEWORK: asyncpg-0.28 # sanic - VERSION: pypy-3 FRAMEWORK: sanic-newest @@ -272,6 +326,8 @@ exclude: FRAMEWORK: sanic-newest - VERSION: python-3.13 FRAMEWORK: sanic-20.12 + - VERSION: python-3.14 + FRAMEWORK: sanic-20.12 # aioredis - VERSION: pypy-3 FRAMEWORK: aioredis-newest @@ -315,6 +371,14 @@ exclude: FRAMEWORK: twisted-16 - VERSION: python-3.13 FRAMEWORK: twisted-15 + - VERSION: python-3.14 + FRAMEWORK: twisted-18 + - VERSION: python-3.14 + FRAMEWORK: twisted-17 + - VERSION: python-3.14 + FRAMEWORK: twisted-16 + - VERSION: python-3.14 + FRAMEWORK: twisted-15 # pylibmc - VERSION: python-3.11 FRAMEWORK: pylibmc-1.4 @@ -322,6 +386,8 @@ exclude: FRAMEWORK: pylibmc-1.4 - VERSION: python-3.13 FRAMEWORK: pylibmc-1.4 + - VERSION: python-3.14 + FRAMEWORK: pylibmc-1.4 # grpc - VERSION: python-3.6 FRAMEWORK: grpc-newest @@ -339,6 +405,8 @@ exclude: FRAMEWORK: grpc-1.24 - VERSION: python-3.13 FRAMEWORK: grpc-1.24 + - VERSION: python-3.14 + FRAMEWORK: grpc-1.24 - VERSION: python-3.7 FRAMEWORK: flask-1.0 - VERSION: python-3.7 @@ -350,6 +418,8 @@ exclude: FRAMEWORK: sanic-20.12 # no wheels available yet - VERSION: python-3.13 FRAMEWORK: cassandra-newest # c extension issue + - VERSION: python-3.14 + FRAMEWORK: cassandra-newest # c extension issue # httpx - VERSION: python-3.13 FRAMEWORK: httpx-0.13 @@ -357,3 +427,9 @@ exclude: FRAMEWORK: httpx-0.14 - VERSION: python-3.13 FRAMEWORK: httpx-0.21 + - VERSION: python-3.14 + FRAMEWORK: httpx-0.13 + - VERSION: python-3.14 + FRAMEWORK: httpx-0.14 + - VERSION: python-3.14 + FRAMEWORK: httpx-0.21 diff --git a/.ci/.matrix_python_full.yml b/.ci/.matrix_python_full.yml index bb763b7ca..56b272fbc 100644 --- a/.ci/.matrix_python_full.yml +++ b/.ci/.matrix_python_full.yml @@ -7,4 +7,5 @@ VERSION: - python-3.11 - python-3.12 - python-3.13 + - python-3.14 # - pypy-3 # excluded due to build issues with SQLite/Django diff --git a/Makefile b/Makefile index b2d00f400..90dcd4744 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ test: # delete any __pycache__ folders to avoid hard-to-debug caching issues find . -type f -name '*.py[co]' -delete -o -type d -name __pycache__ -delete # pypy3 should be added to the first `if` once it supports py3.7 - if [[ "$$PYTHON_VERSION" =~ ^(3.7|3.8|3.9|3.10|3.11|3.12|3.13|nightly)$$ ]] ; then \ + if [[ "$$PYTHON_VERSION" =~ ^(3.7|3.8|3.9|3.10|3.11|3.12|3.13|3.14|nightly)$$ ]] ; then \ echo "Python 3.7+, with asyncio"; \ pytest -v $(PYTEST_ARGS) --showlocals $(PYTEST_MARKER) $(PYTEST_JUNIT); \ else \ diff --git a/elasticapm/contrib/django/middleware/__init__.py b/elasticapm/contrib/django/middleware/__init__.py index c4637d087..612bb5c96 100644 --- a/elasticapm/contrib/django/middleware/__init__.py +++ b/elasticapm/contrib/django/middleware/__init__.py @@ -110,8 +110,9 @@ def process_request_wrapper(wrapped, instance, args, kwargs): elasticapm.set_transaction_name( build_name_with_http_method_prefix(get_name_from_middleware(wrapped, instance), request) ) - finally: - return response + except Exception: + pass + return response def process_response_wrapper(wrapped, instance, args, kwargs): @@ -125,8 +126,9 @@ def process_response_wrapper(wrapped, instance, args, kwargs): elasticapm.set_transaction_name( build_name_with_http_method_prefix(get_name_from_middleware(wrapped, instance), request) ) - finally: - return response + except Exception: + pass + return response class TracingMiddleware(MiddlewareMixin, ElasticAPMClientMiddlewareMixin): diff --git a/setup.py b/setup.py index b41dcaca9..ffb038307 100644 --- a/setup.py +++ b/setup.py @@ -41,7 +41,6 @@ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. import ast -import codecs import os from setuptools import setup @@ -68,7 +67,7 @@ def get_version(): :return: a string, indicating the version """ - version_file = codecs.open(os.path.join("elasticapm", "version.py"), encoding="utf-8") + version_file = open(os.path.join("elasticapm", "version.py"), encoding="utf-8") for line in version_file: if line.startswith("__version__"): version_tuple = ast.literal_eval(line.split(" = ")[1]) diff --git a/tests/contrib/asyncio/starlette_tests.py b/tests/contrib/asyncio/starlette_tests.py index 38c51fa08..055cf01ad 100644 --- a/tests/contrib/asyncio/starlette_tests.py +++ b/tests/contrib/asyncio/starlette_tests.py @@ -28,8 +28,6 @@ # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -from shutil import ExecError - from tests.fixtures import TempStoreClient import pytest # isort:skip diff --git a/tests/fixtures.py b/tests/fixtures.py index a559791bf..25d21ee5d 100644 --- a/tests/fixtures.py +++ b/tests/fixtures.py @@ -28,7 +28,6 @@ # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -import codecs import gzip import io import itertools @@ -75,11 +74,11 @@ SPAN_TYPES = json.load(f) -with codecs.open(ERRORS_SCHEMA, encoding="utf8") as errors_json, codecs.open( +with open(ERRORS_SCHEMA, encoding="utf8") as errors_json, open( TRANSACTIONS_SCHEMA, encoding="utf8" -) as transactions_json, codecs.open(SPAN_SCHEMA, encoding="utf8") as span_json, codecs.open( +) as transactions_json, open(SPAN_SCHEMA, encoding="utf8") as span_json, open( METRICSET_SCHEMA, encoding="utf8" -) as metricset_json, codecs.open( +) as metricset_json, open( METADATA_SCHEMA, encoding="utf8" ) as metadata_json: VALIDATORS = { diff --git a/tests/utils/stacks/tests.py b/tests/utils/stacks/tests.py index c4be88ff2..6f4d4094a 100644 --- a/tests/utils/stacks/tests.py +++ b/tests/utils/stacks/tests.py @@ -32,8 +32,8 @@ from __future__ import absolute_import +import importlib import os -import pkgutil import pytest from mock import Mock @@ -240,7 +240,8 @@ def test_get_lines_from_file(lineno, context, expected): def test_get_lines_from_loader(lineno, context, expected): stacks.get_lines_from_file.cache_clear() module = "tests.utils.stacks.linenos" - loader = pkgutil.get_loader(module) + spec = importlib.util.find_spec(module) + loader = spec.loader if spec is not None else None fname = os.path.join(os.path.dirname(__file__), "linenos.py") result = stacks.get_lines_from_file(fname, lineno, context, loader=loader, module_name=module) assert result == expected diff --git a/tests/utils/test_wildcard_matcher_cases/conftest.py b/tests/utils/test_wildcard_matcher_cases/conftest.py index c672ff6f4..9d075dd24 100644 --- a/tests/utils/test_wildcard_matcher_cases/conftest.py +++ b/tests/utils/test_wildcard_matcher_cases/conftest.py @@ -27,7 +27,6 @@ # CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -import codecs import json import os @@ -40,7 +39,7 @@ def pytest_generate_tests(metafunc): json_cases = os.path.join( os.path.dirname(__file__), "..", "..", "upstream", "json-specs", "wildcard_matcher_tests.json" ) - with codecs.open(json_cases, encoding="utf8") as test_cases_file: + with open(json_cases, encoding="utf8") as test_cases_file: test_cases = json.load(test_cases_file) for test_case, pattern_sets in test_cases.items(): for pattern, texts in pattern_sets.items(): From 3ec1a6edbb4e47fa22fea798e4004fda5047b802 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 Jan 2026 11:21:50 +0100 Subject: [PATCH 17/66] build(deps): bump wolfi/chainguard-base from `2b179e1` to `9060788` (#2523) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `2b179e1` to `9060788`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index 199a2ddde..03a3b5856 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:2b179e1fe69c672bd0844147c6ebb039adb44ddaa3f9b4695f4915a9447da438 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:9060788fe55e611245d1b4a53ef705018a2703b4879a950a276fe113ef750cd6 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 3180fe3109a1e174e72aa8454e9314905265f6cb Mon Sep 17 00:00:00 2001 From: "elastic-observability-automation[bot]" <180520183+elastic-observability-automation[bot]@users.noreply.github.com> Date: Mon, 19 Jan 2026 11:22:15 +0100 Subject: [PATCH 18/66] chore: deps(updatecli): Bump updatecli version to v0.113.0 (#2529) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Made with ❤️️ by updatecli Co-authored-by: elastic-observability-automation[bot] <180520183+elastic-observability-automation[bot]@users.noreply.github.com> --- .tool-versions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tool-versions b/.tool-versions index 787346ef0..4e6189ddb 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1 +1 @@ -updatecli v0.112.0 \ No newline at end of file +updatecli v0.113.0 \ No newline at end of file From 406a4eafbf8fb3b884da690f5e4e1cb7fc0decb1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 Jan 2026 11:22:35 +0100 Subject: [PATCH 19/66] build(deps): bump certifi from 2025.11.12 to 2026.1.4 in /dev-utils (#2522) Bumps [certifi](https://github.com/certifi/python-certifi) from 2025.11.12 to 2026.1.4. - [Commits](https://github.com/certifi/python-certifi/compare/2025.11.12...2026.01.04) --- updated-dependencies: - dependency-name: certifi dependency-version: 2026.1.4 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- dev-utils/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dev-utils/requirements.txt b/dev-utils/requirements.txt index 55365dff2..8b112eafa 100644 --- a/dev-utils/requirements.txt +++ b/dev-utils/requirements.txt @@ -1,4 +1,4 @@ # These are the pinned requirements for the lambda layer/docker image -certifi==2025.11.12 +certifi==2026.1.4 urllib3==1.26.20 wrapt==1.14.1 From 841d226e3bd5f2afd67f832002d131dcaf2a515e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 Jan 2026 13:36:35 +0000 Subject: [PATCH 20/66] build(deps): bump wolfi/chainguard-base from `9060788` to `1235a5e` (#2533) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `9060788` to `1235a5e`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index 03a3b5856..2d9366192 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:9060788fe55e611245d1b4a53ef705018a2703b4879a950a276fe113ef750cd6 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:1235a5eee51eb21cd63b0dec7d65c439119c4a6020c0d2d86dc1bf3e41797568 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 8019ca4b58d6cc8f51d51b3da9abf50dba417d2c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 23 Jan 2026 10:58:49 +0100 Subject: [PATCH 21/66] build(deps): bump wolfi/chainguard-base from `1235a5e` to `a42fd0f` (#2535) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `1235a5e` to `a42fd0f`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index 2d9366192..b5d08985b 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:1235a5eee51eb21cd63b0dec7d65c439119c4a6020c0d2d86dc1bf3e41797568 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:a42fd0f8865a04b8ab4ff12e9ecbba681ebae4112b9e7e9e34ce9b08ebfa650d ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 43e5b7fc64f11fa59483b8f7f5a12377941b8b5d Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 26 Jan 2026 09:33:05 +0100 Subject: [PATCH 22/66] github-action: add artifact-metadata permission for attestations (#2538) --- .github/workflows/release.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ab32abca2..cb2af7778 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,9 +13,10 @@ permissions: jobs: build-distribution: permissions: + artifact-metadata: write attestations: write - id-token: write contents: write + id-token: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 @@ -35,9 +36,10 @@ jobs: packages: permissions: + artifact-metadata: write attestations: write - id-token: write contents: write + id-token: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 @@ -108,9 +110,10 @@ jobs: - build-distribution runs-on: ubuntu-latest permissions: + artifact-metadata: write attestations: write - id-token: write contents: write + id-token: write strategy: fail-fast: false matrix: From 02b5c411e7c0c5182892786da092c27e34af40d8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Jan 2026 14:22:16 +0100 Subject: [PATCH 23/66] build(deps): bump wolfi/chainguard-base from `a42fd0f` to `30f2097` (#2540) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `a42fd0f` to `30f2097`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index b5d08985b..5ff8b3c1e 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:a42fd0f8865a04b8ab4ff12e9ecbba681ebae4112b9e7e9e34ce9b08ebfa650d +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:30f2097053535867d06399fd08649e5ae834f4baab638803bc4fd0f1855de89d ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From cbe49ee64bf44f6f0ad1e9d0eb294fb9db3e86f9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 Jan 2026 14:02:31 +0100 Subject: [PATCH 24/66] build(deps): bump wolfi/chainguard-base from `30f2097` to `b5a03b6` (#2541) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `30f2097` to `b5a03b6`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index 5ff8b3c1e..0d91ff447 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:30f2097053535867d06399fd08649e5ae834f4baab638803bc4fd0f1855de89d +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:b5a03b6a754fa2f9a29e44e316a6c4df1f606cd8a3cd8810ce3d6a3a3134428b ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 9f3bdaebb71959c8d867a422a2129130b4b015c6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 28 Jan 2026 14:10:54 +0100 Subject: [PATCH 25/66] build(deps): bump alpine from `865b95f` to `2510918` (#2542) Bumps alpine from `865b95f` to `2510918`. --- updated-dependencies: - dependency-name: alpine dependency-version: 25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659 dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 0a8d60877..44dfeb72b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,3 @@ -FROM alpine@sha256:865b95f46d98cf867a156fe4a135ad3fe50d2056aa3f25ed31662dff6da4eb62 +FROM alpine@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 7613b7aa77d7f3b883754f2997403ada0d6e2376 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 28 Jan 2026 14:11:25 +0100 Subject: [PATCH 26/66] build(deps): bump wolfi/chainguard-base from `b5a03b6` to `17c8370` (#2543) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `b5a03b6` to `17c8370`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index 0d91ff447..be090b304 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:b5a03b6a754fa2f9a29e44e316a6c4df1f606cd8a3cd8810ce3d6a3a3134428b +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:17c8370b33443a247d2b60ca6b19c6f2fe81e4b90a2de3fa3e42665bcf7a346f ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From a7fec890e84b5563bac46b700e353d26e5a85113 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Feb 2026 09:20:44 +0100 Subject: [PATCH 27/66] build(deps): bump docker/login-action (#2545) Bumps the github-actions group with 1 update in the / directory: [docker/login-action](https://github.com/docker/login-action). Updates `docker/login-action` from 3.6.0 to 3.7.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/5e57cd118135c172c3672efd75eb46360885c0ef...c94ce9fb468520275223c153574b00df6fe4bcc9) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 3.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build-images.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/updatecli.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-images.yml b/.github/workflows/build-images.yml index 7683ef02e..acef1e165 100644 --- a/.github/workflows/build-images.yml +++ b/.github/workflows/build-images.yml @@ -22,7 +22,7 @@ jobs: - uses: actions/checkout@v6 - name: Login to ghcr.io - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index cb2af7778..1b39cddd9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -127,7 +127,7 @@ jobs: uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - name: Log in to the Elastic Container registry - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 with: registry: ${{ secrets.ELASTIC_DOCKER_REGISTRY }} username: ${{ secrets.ELASTIC_DOCKER_USERNAME }} diff --git a/.github/workflows/updatecli.yml b/.github/workflows/updatecli.yml index 8897f4c52..e7d6fedf7 100644 --- a/.github/workflows/updatecli.yml +++ b/.github/workflows/updatecli.yml @@ -26,7 +26,7 @@ jobs: permission-contents: write permission-pull-requests: write - - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 with: registry: ghcr.io username: ${{ github.actor }} From 84e45c9a3f1f52eb27538223bcdc8f47278d6604 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 4 Feb 2026 09:14:01 +0100 Subject: [PATCH 28/66] build(deps): bump wolfi/chainguard-base from `17c8370` to `fff708a` (#2546) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `17c8370` to `fff708a`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index be090b304..6026d6664 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:17c8370b33443a247d2b60ca6b19c6f2fe81e4b90a2de3fa3e42665bcf7a346f +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:fff708a5284df216b8949c309b404ed9e89a9c79855a1f5456a157e8d21288b4 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From c75886c7439121e0114a117c6a203d1d16c8933b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 6 Feb 2026 09:36:57 +0100 Subject: [PATCH 29/66] build(deps): bump wolfi/chainguard-base from `fff708a` to `6b24461` (#2548) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `fff708a` to `6b24461`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index 6026d6664..d56720216 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:fff708a5284df216b8949c309b404ed9e89a9c79855a1f5456a157e8d21288b4 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:6b2446102599dee9d17c472ccdb63b462def06028900fdcbf08d413074f8d131 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 79639f3db7e1579c1dcb1f9fe94827923ea416b7 Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Tue, 10 Feb 2026 15:41:39 +0100 Subject: [PATCH 30/66] Fix CI after setuptools 82.0.0 (#2550) * Stop testing against Twisted 15 Since it requires the now removed from setuptools pkg_resources and last release is more than 10 years old. * cassandra: stick with older setuptools 81.0.0 Since 82.0.0 removed pkg_resources that is used in current cassandra-driver. * tornado: stick with older setuptools 81.0.0 Since 82.0.0 removed pkg_resources that is used in pytest-tornado. * tests: don't install a setuptools newer than 81.x Some of the ancient package versions we are testing are depending on pkg_resources that got dropped in setuptools 82. * Bump tested cassandra-driver baseline to 3.24 That is the last cassandra-driver release of 2020 * Skip cassandra 3.24 on Python 3.9 * Apply suggestion from @xrmx --- .ci/.matrix_exclude.yml | 23 +++++++------------ .ci/.matrix_framework_full.yml | 3 +-- docs/reference/supported-technologies.md | 2 +- tests/requirements/reqs-cassandra-3.24.txt | 3 +++ tests/requirements/reqs-cassandra-3.4.txt | 2 -- tests/requirements/reqs-cassandra-newest.txt | 3 ++- tests/requirements/reqs-tornado-newest.txt | 1 + tests/requirements/reqs-twisted-15.txt | 2 -- .../{cassandra-3.4.sh => cassandra-3.24.sh} | 0 tests/scripts/run_tests.sh | 3 ++- 10 files changed, 18 insertions(+), 24 deletions(-) create mode 100644 tests/requirements/reqs-cassandra-3.24.txt delete mode 100644 tests/requirements/reqs-cassandra-3.4.txt delete mode 100644 tests/requirements/reqs-twisted-15.txt rename tests/scripts/envs/{cassandra-3.4.sh => cassandra-3.24.sh} (100%) diff --git a/.ci/.matrix_exclude.yml b/.ci/.matrix_exclude.yml index c7089061f..6d8878ab8 100644 --- a/.ci/.matrix_exclude.yml +++ b/.ci/.matrix_exclude.yml @@ -59,6 +59,9 @@ exclude: FRAMEWORK: flask-3.0 - VERSION: python-3.14 FRAMEWORK: flask-1.0 + # Python 3.9 + - VERSION: python-3.9 + FRAMEWORK: cassandra-3.24 # Python 3.10 removed a bunch of classes from collections, now in collections.abc - VERSION: python-3.10 FRAMEWORK: django-1.11 @@ -95,7 +98,7 @@ exclude: - VERSION: python-3.10 FRAMEWORK: aiohttp-4.0 - VERSION: python-3.10 - FRAMEWORK: cassandra-3.4 + FRAMEWORK: cassandra-3.24 - VERSION: python-3.10 FRAMEWORK: pymongo-3.5 - VERSION: python-3.11 @@ -111,7 +114,7 @@ exclude: - VERSION: python-3.11 FRAMEWORK: aiohttp-4.0 - VERSION: python-3.11 - FRAMEWORK: cassandra-3.4 + FRAMEWORK: cassandra-3.24 - VERSION: python-3.11 FRAMEWORK: pymongo-3.5 - VERSION: python-3.12 @@ -127,7 +130,7 @@ exclude: - VERSION: python-3.12 FRAMEWORK: aiohttp-4.0 - VERSION: python-3.12 - FRAMEWORK: cassandra-3.4 + FRAMEWORK: cassandra-3.24 - VERSION: python-3.12 FRAMEWORK: pymongo-3.5 - VERSION: python-3.13 @@ -153,7 +156,7 @@ exclude: - VERSION: python-3.13 FRAMEWORK: aiohttp-4.0 - VERSION: python-3.13 - FRAMEWORK: cassandra-3.4 + FRAMEWORK: cassandra-3.24 - VERSION: python-3.14 FRAMEWORK: django-1.11 - VERSION: python-3.14 @@ -181,7 +184,7 @@ exclude: - VERSION: python-3.14 FRAMEWORK: aiohttp-4.0 - VERSION: python-3.14 - FRAMEWORK: cassandra-3.4 + FRAMEWORK: cassandra-3.24 - VERSION: python-3.14 FRAMEWORK: pymongo-3.5 # pymongo @@ -353,32 +356,24 @@ exclude: FRAMEWORK: twisted-17 - VERSION: python-3.11 FRAMEWORK: twisted-16 - - VERSION: python-3.11 - FRAMEWORK: twisted-15 - VERSION: python-3.12 FRAMEWORK: twisted-18 - VERSION: python-3.12 FRAMEWORK: twisted-17 - VERSION: python-3.12 FRAMEWORK: twisted-16 - - VERSION: python-3.12 - FRAMEWORK: twisted-15 - VERSION: python-3.13 FRAMEWORK: twisted-18 - VERSION: python-3.13 FRAMEWORK: twisted-17 - VERSION: python-3.13 FRAMEWORK: twisted-16 - - VERSION: python-3.13 - FRAMEWORK: twisted-15 - VERSION: python-3.14 FRAMEWORK: twisted-18 - VERSION: python-3.14 FRAMEWORK: twisted-17 - VERSION: python-3.14 FRAMEWORK: twisted-16 - - VERSION: python-3.14 - FRAMEWORK: twisted-15 # pylibmc - VERSION: python-3.11 FRAMEWORK: pylibmc-1.4 @@ -416,8 +411,6 @@ exclude: # TODO py3.12 - VERSION: python-3.12 FRAMEWORK: sanic-20.12 # no wheels available yet - - VERSION: python-3.13 - FRAMEWORK: cassandra-newest # c extension issue - VERSION: python-3.14 FRAMEWORK: cassandra-newest # c extension issue # httpx diff --git a/.ci/.matrix_framework_full.yml b/.ci/.matrix_framework_full.yml index 6b3a6ea08..10c8cee73 100644 --- a/.ci/.matrix_framework_full.yml +++ b/.ci/.matrix_framework_full.yml @@ -36,7 +36,6 @@ FRAMEWORK: - twisted-18 - twisted-17 - twisted-16 - - twisted-15 - requests-newest - boto3-1.5 - boto3-1.6 @@ -57,7 +56,7 @@ FRAMEWORK: - memcached-newest - pylibmc-1.4 - pylibmc-newest - - cassandra-3.4 + - cassandra-3.24 - cassandra-newest - psutil-newest - psutil-5.0 diff --git a/docs/reference/supported-technologies.md b/docs/reference/supported-technologies.md index 47ee5c12b..28efb9438 100644 --- a/docs/reference/supported-technologies.md +++ b/docs/reference/supported-technologies.md @@ -397,7 +397,7 @@ Collected trace data: #### Cassandra [automatic-instrumentation-db-cassandra] -Library: `cassandra-driver` (`>=3.4,<4.0`) +Library: `cassandra-driver` (`>=3.24,<4.0`) Instrumented methods: diff --git a/tests/requirements/reqs-cassandra-3.24.txt b/tests/requirements/reqs-cassandra-3.24.txt new file mode 100644 index 000000000..5726719a1 --- /dev/null +++ b/tests/requirements/reqs-cassandra-3.24.txt @@ -0,0 +1,3 @@ +cassandra-driver==3.24.0 +setuptools<82.0.0 +-r reqs-base.txt diff --git a/tests/requirements/reqs-cassandra-3.4.txt b/tests/requirements/reqs-cassandra-3.4.txt deleted file mode 100644 index db098c483..000000000 --- a/tests/requirements/reqs-cassandra-3.4.txt +++ /dev/null @@ -1,2 +0,0 @@ -cassandra-driver>=3.4.0,<3.5.0 --r reqs-base.txt diff --git a/tests/requirements/reqs-cassandra-newest.txt b/tests/requirements/reqs-cassandra-newest.txt index e66c6177b..bdaf637a9 100644 --- a/tests/requirements/reqs-cassandra-newest.txt +++ b/tests/requirements/reqs-cassandra-newest.txt @@ -1,2 +1,3 @@ -cassandra-driver>=3.14.0 +cassandra-driver<4 +setuptools<82.0.0 -r reqs-base.txt diff --git a/tests/requirements/reqs-tornado-newest.txt b/tests/requirements/reqs-tornado-newest.txt index 800b85aee..6a5447d7d 100644 --- a/tests/requirements/reqs-tornado-newest.txt +++ b/tests/requirements/reqs-tornado-newest.txt @@ -1,3 +1,4 @@ tornado>=6.0 pytest-tornado +setuptools<82.0.0 -r reqs-base.txt diff --git a/tests/requirements/reqs-twisted-15.txt b/tests/requirements/reqs-twisted-15.txt deleted file mode 100644 index 084a05a3b..000000000 --- a/tests/requirements/reqs-twisted-15.txt +++ /dev/null @@ -1,2 +0,0 @@ -Twisted>=15,<16 --r reqs-base.txt diff --git a/tests/scripts/envs/cassandra-3.4.sh b/tests/scripts/envs/cassandra-3.24.sh similarity index 100% rename from tests/scripts/envs/cassandra-3.4.sh rename to tests/scripts/envs/cassandra-3.24.sh diff --git a/tests/scripts/run_tests.sh b/tests/scripts/run_tests.sh index 7fcc85010..134dc043f 100755 --- a/tests/scripts/run_tests.sh +++ b/tests/scripts/run_tests.sh @@ -3,7 +3,8 @@ set -e export PATH=${HOME}/.local/bin:${PATH} -python -m pip install --user -U pip setuptools --cache-dir "${PIP_CACHE}" +# setuptools 82 dropped pkg_resources but that is required by some old versions of packages we are testing +python -m pip install --user -U pip 'setuptools<82' --cache-dir "${PIP_CACHE}" python -m pip install --user -r "tests/requirements/reqs-${FRAMEWORK}.txt" --cache-dir "${PIP_CACHE}" export PYTHON_VERSION=$(python -c "import platform; pv=platform.python_version_tuple(); print('pypy' + ('' if pv[0] == 2 else str(pv[0])) if platform.python_implementation() == 'PyPy' else '.'.join(map(str, platform.python_version_tuple()[:2])))") From 76bafa995aaa3de28901e64bce4d261b4fdb271e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Feb 2026 14:45:59 +0000 Subject: [PATCH 31/66] build(deps): bump wolfi/chainguard-base from `6b24461` to `a71dfa7` (#2552) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `6b24461` to `a71dfa7`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Riccardo Magliocchetti --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index d56720216..763ced41f 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:6b2446102599dee9d17c472ccdb63b462def06028900fdcbf08d413074f8d131 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:a71dfa7c4cb17fb0f6814cda77e0bdf7b66dec9b6725fe61abd29c2263775af7 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From f799fe7284bff93327cae647feb8575dbdaafcf2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karsten=20Sch=C3=B6ke?= <1560809+schoekek@users.noreply.github.com> Date: Tue, 10 Feb 2026 17:59:00 +0100 Subject: [PATCH 32/66] Move conftest.py into tests/ for proper pytest fixture discovery (#2537) Co-authored-by: Riccardo Magliocchetti --- conftest.py => tests/conftest.py | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename conftest.py => tests/conftest.py (100%) diff --git a/conftest.py b/tests/conftest.py similarity index 100% rename from conftest.py rename to tests/conftest.py From 9c23de7ab6d992e54f97b5ee9627a22f900c0eee Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Feb 2026 14:35:38 +0100 Subject: [PATCH 33/66] build(deps): bump wolfi/chainguard-base from `a71dfa7` to `4a82c70` (#2555) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `a71dfa7` to `4a82c70`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index 763ced41f..311074603 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:a71dfa7c4cb17fb0f6814cda77e0bdf7b66dec9b6725fe61abd29c2263775af7 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:4a82c706003370964df94913adfc47aab9a55b4fb2490260e7f7ebcf27cc4240 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 53d1eae9dd7ac887204e6cabb90ebd57de140d00 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Feb 2026 19:39:41 +0100 Subject: [PATCH 34/66] build(deps): bump docker/build-push-action (#2554) Bumps the github-actions group with 1 update in the / directory: [docker/build-push-action](https://github.com/docker/build-push-action). Updates `docker/build-push-action` from 6.18.0 to 6.19.2 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/263435318d21b8e681c14492fe198d362a7d2c83...10e90e3645eae34f1e60eeb005ba3a3d33f178e8) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-version: 6.19.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1b39cddd9..2d7936e85 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -151,7 +151,7 @@ jobs: - name: Build and push image id: docker-push - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 + uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2 with: context: . platforms: linux/amd64,linux/arm64 From 4a5f4fcc3fd3ea9f7391525f1feef46bc637df63 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 18 Feb 2026 14:40:44 +0100 Subject: [PATCH 35/66] build(deps): bump wolfi/chainguard-base from `4a82c70` to `844d6d4` (#2557) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `4a82c70` to `844d6d4`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index 311074603..31d6a6d96 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:4a82c706003370964df94913adfc47aab9a55b4fb2490260e7f7ebcf27cc4240 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:844d6d4ac44e829e2fdb12e881d73c910867f932eca6b0892735d43e3d5235f8 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From fef3fb93426367f32135a79cb7ab91d7a008b4e2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 20 Feb 2026 09:23:03 +0100 Subject: [PATCH 36/66] build(deps): bump wolfi/chainguard-base from `844d6d4` to `568df5f` (#2558) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `844d6d4` to `568df5f`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index 31d6a6d96..b5ffec30a 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:844d6d4ac44e829e2fdb12e881d73c910867f932eca6b0892735d43e3d5235f8 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:568df5fb0e237c3a2139399d4bd8e80994f24321fa8469aec565b8566704e83a ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 29e6d712d62047e0b7ff63b94ced45bc5e0c02c3 Mon Sep 17 00:00:00 2001 From: Fabrizio Ferri-Benedetti Date: Tue, 24 Feb 2026 15:47:21 +0100 Subject: [PATCH 37/66] Add Vale docs linting support (#2562) --- .github/workflows/docs-build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/docs-build.yml b/.github/workflows/docs-build.yml index adf95da5d..2efad4a2d 100644 --- a/.github/workflows/docs-build.yml +++ b/.github/workflows/docs-build.yml @@ -11,6 +11,7 @@ jobs: docs-preview: uses: elastic/docs-builder/.github/workflows/preview-build.yml@main with: + enable-vale-linting: true path-pattern: docs/** permissions: deployments: write From d6620398cd0ebd08198bf51391a055b056c60710 Mon Sep 17 00:00:00 2001 From: "elastic-observability-automation[bot]" <180520183+elastic-observability-automation[bot]@users.noreply.github.com> Date: Wed, 25 Feb 2026 15:11:14 +0100 Subject: [PATCH 38/66] chore: deps(updatecli): Bump updatecli version to v0.114.0 (#2563) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Made with ❤️️ by updatecli Co-authored-by: elastic-observability-automation[bot] <180520183+elastic-observability-automation[bot]@users.noreply.github.com> --- .tool-versions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tool-versions b/.tool-versions index 4e6189ddb..203a6dea3 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1 +1 @@ -updatecli v0.113.0 \ No newline at end of file +updatecli v0.114.0 \ No newline at end of file From d8d335aa72e237f05f3ab60613f62d94a17a5238 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Mar 2026 09:52:49 +0100 Subject: [PATCH 39/66] build(deps): bump certifi from 2026.1.4 to 2026.2.25 in /dev-utils (#2565) Bumps [certifi](https://github.com/certifi/python-certifi) from 2026.1.4 to 2026.2.25. - [Commits](https://github.com/certifi/python-certifi/compare/2026.01.04...2026.02.25) --- updated-dependencies: - dependency-name: certifi dependency-version: 2026.2.25 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- dev-utils/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dev-utils/requirements.txt b/dev-utils/requirements.txt index 8b112eafa..ab6a2dd88 100644 --- a/dev-utils/requirements.txt +++ b/dev-utils/requirements.txt @@ -1,4 +1,4 @@ # These are the pinned requirements for the lambda layer/docker image -certifi==2026.1.4 +certifi==2026.2.25 urllib3==1.26.20 wrapt==1.14.1 From 7a94621fc8dc93a4af39cd73b77ef9dacd93b05a Mon Sep 17 00:00:00 2001 From: "elastic-vault-github-plugin-prod[bot]" <150874479+elastic-vault-github-plugin-prod[bot]@users.noreply.github.com> Date: Thu, 5 Mar 2026 12:38:38 +0100 Subject: [PATCH 40/66] github-action: use actions/attest (#2570) Co-authored-by: obltmachine --- .github/workflows/release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2d7936e85..25fd64918 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,7 +22,7 @@ jobs: - uses: actions/checkout@v6 - uses: ./.github/actions/build-distribution - name: generate build provenance - uses: actions/attest-build-provenance@v3 + uses: actions/attest@v4 with: subject-path: "${{ github.workspace }}/build/dist/elastic-apm-python-lambda-layer.zip" @@ -45,7 +45,7 @@ jobs: - uses: actions/checkout@v6 - uses: ./.github/actions/packages - name: generate build provenance - uses: actions/attest-build-provenance@v3 + uses: actions/attest@v4 with: subject-path: "${{ github.workspace }}/dist/*" @@ -163,7 +163,7 @@ jobs: AGENT_DIR=./build/dist/package/python - name: generate build provenance (containers) - uses: actions/attest-build-provenance@v3 + uses: actions/attest@v4 with: subject-name: "${{ env.DOCKER_IMAGE_NAME }}" subject-digest: ${{ steps.docker-push.outputs.digest }} From b876f5fb9251e73912575cedf56bbda4cf68b4ec Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 6 Mar 2026 14:44:37 +0100 Subject: [PATCH 41/66] build(deps): bump wolfi/chainguard-base from `568df5f` to `a7d1958` (#2568) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `568df5f` to `a7d1958`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index b5ffec30a..d222e9062 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:568df5fb0e237c3a2139399d4bd8e80994f24321fa8469aec565b8566704e83a +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:a7d19588b134b12a4599757b8f5041e0c578cf0229e1dd6ede712af52dd11c11 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 3c31333baf8c1261aae24a48d4397cd5bf3772bb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 13:38:58 +0100 Subject: [PATCH 42/66] build(deps): bump the github-actions group across 3 directories with 6 updates (#2574) Bumps the github-actions group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [docker/login-action](https://github.com/docker/login-action) | `3.7.0` | `4.0.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `7` | `8` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `6` | `7` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.12.0` | `4.0.0` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5.10.0` | `6.0.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.19.2` | `7.0.0` | Bumps the github-actions group with 1 update in the /.github/actions/build-distribution directory: [actions/upload-artifact](https://github.com/actions/upload-artifact). Bumps the github-actions group with 1 update in the /.github/actions/packages directory: [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `docker/login-action` from 3.7.0 to 4.0.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/c94ce9fb468520275223c153574b00df6fe4bcc9...b45d80f862d83dbcd57f89517bcf500b2ab88fb2) Updates `actions/download-artifact` from 7 to 8 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v7...v8) Updates `actions/upload-artifact` from 6 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/8d2750c68a42422c14e847fe6c8ac0403b4cbd6f...4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd) Updates `docker/metadata-action` from 5.10.0 to 6.0.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](https://github.com/docker/metadata-action/compare/c299e40c65443455700f0fdfc63efafe5b349051...030e881283bb7a6894de51c315a6bfe6a94e05cf) Updates `docker/build-push-action` from 6.19.2 to 7.0.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/10e90e3645eae34f1e60eeb005ba3a3d33f178e8...d08e5c354a6adb9ed34480a06d141179aa583294) Updates `actions/upload-artifact` from 6 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) Updates `actions/upload-artifact` from 6 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) Updates `actions/upload-artifact` from 6 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) Updates `actions/upload-artifact` from 6 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) Updates `actions/upload-artifact` from 6 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) Updates `actions/upload-artifact` from 6 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) Updates `actions/upload-artifact` from 6 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) Updates `actions/upload-artifact` from 6 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/metadata-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/build-push-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/actions/build-distribution/action.yml | 2 +- .github/actions/packages/action.yml | 2 +- .github/workflows/build-images.yml | 2 +- .github/workflows/release.yml | 18 +++++++++--------- .github/workflows/run-matrix.yml | 4 ++-- .github/workflows/test-docs.yml | 2 +- .github/workflows/test.yml | 8 ++++---- .github/workflows/updatecli.yml | 2 +- 8 files changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/actions/build-distribution/action.yml b/.github/actions/build-distribution/action.yml index 6835dbec2..54ea85697 100644 --- a/.github/actions/build-distribution/action.yml +++ b/.github/actions/build-distribution/action.yml @@ -14,7 +14,7 @@ runs: run: ./dev-utils/make-distribution.sh shell: bash - - uses: actions/upload-artifact@v6 + - uses: actions/upload-artifact@v7 with: name: build-distribution path: ./build/ diff --git a/.github/actions/packages/action.yml b/.github/actions/packages/action.yml index 45d71ecd5..5cfda63ec 100644 --- a/.github/actions/packages/action.yml +++ b/.github/actions/packages/action.yml @@ -19,7 +19,7 @@ runs: run: ./dev-utils/make-packages.sh shell: bash - name: Upload Packages - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: packages path: | diff --git a/.github/workflows/build-images.yml b/.github/workflows/build-images.yml index acef1e165..499a6a60a 100644 --- a/.github/workflows/build-images.yml +++ b/.github/workflows/build-images.yml @@ -22,7 +22,7 @@ jobs: - uses: actions/checkout@v6 - name: Login to ghcr.io - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 + uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 25fd64918..0ddee2c63 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -59,7 +59,7 @@ jobs: id-token: write # IMPORTANT: this permission is mandatory for trusted publishing steps: - uses: actions/checkout@v6 - - uses: actions/download-artifact@v7 + - uses: actions/download-artifact@v8 with: name: packages path: dist @@ -83,7 +83,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - - uses: actions/download-artifact@v7 + - uses: actions/download-artifact@v8 with: name: build-distribution path: ./build @@ -98,7 +98,7 @@ jobs: VERSION=${VERSION//./-} ELASTIC_LAYER_NAME="elastic-apm-python-${VERSION}" .ci/publish-aws.sh - - uses: actions/upload-artifact@v6 + - uses: actions/upload-artifact@v7 if: startsWith(github.ref, 'refs/tags') with: name: arn-file @@ -124,23 +124,23 @@ jobs: - uses: actions/checkout@v6 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Log in to the Elastic Container registry - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 + uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 with: registry: ${{ secrets.ELASTIC_DOCKER_REGISTRY }} username: ${{ secrets.ELASTIC_DOCKER_USERNAME }} password: ${{ secrets.ELASTIC_DOCKER_PASSWORD }} - - uses: actions/download-artifact@v7 + - uses: actions/download-artifact@v8 with: name: build-distribution path: ./build - name: Extract metadata (tags, labels) id: docker-meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0 with: images: ${{ env.DOCKER_IMAGE_NAME }} tags: | @@ -151,7 +151,7 @@ jobs: - name: Build and push image id: docker-push - uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2 + uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 with: context: . platforms: linux/amd64,linux/arm64 @@ -178,7 +178,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - - uses: actions/download-artifact@v7 + - uses: actions/download-artifact@v8 with: name: arn-file - name: Create GitHub Draft Release diff --git a/.github/workflows/run-matrix.yml b/.github/workflows/run-matrix.yml index e14b0e6ea..7a0d18040 100644 --- a/.github/workflows/run-matrix.yml +++ b/.github/workflows/run-matrix.yml @@ -32,13 +32,13 @@ jobs: LOCALSTACK_VOLUME_DIR: localstack_data - if: success() || failure() name: Upload JUnit Test Results - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: test-results-${{ matrix.framework }}-${{ matrix.version }} path: "**/*-python-agent-junit.xml" - if: success() || failure() name: Upload Coverage Reports - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: coverage-reports-${{ matrix.framework }}-${{ matrix.version }} path: "**/.coverage*" diff --git a/.github/workflows/test-docs.yml b/.github/workflows/test-docs.yml index 1f28a567c..6200ac233 100644 --- a/.github/workflows/test-docs.yml +++ b/.github/workflows/test-docs.yml @@ -36,7 +36,7 @@ jobs: ENDOFFILE - if: success() || failure() name: Upload JUnit Test Results - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: test-results-docs path: "docs-python-agent-junit.xml" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index d82f75b27..fe31c7917 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -156,14 +156,14 @@ jobs: run: .\scripts\run-tests.bat - if: success() || failure() name: Upload JUnit Test Results - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: test-results-${{ matrix.framework }}-${{ matrix.version }}-asyncio-${{ matrix.asyncio }} path: "**/*-python-agent-junit.xml" retention-days: 1 - if: success() || failure() name: Upload Coverage Reports - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: coverage-reports-${{ matrix.framework }}-${{ matrix.version }}-asyncio-${{ matrix.asyncio }} path: "**/.coverage*" @@ -210,7 +210,7 @@ jobs: - run: python -Im pip install --upgrade coverage[toml] - - uses: actions/download-artifact@v7 + - uses: actions/download-artifact@v8 with: pattern: coverage-reports-* merge-multiple: true @@ -227,7 +227,7 @@ jobs: python -Im coverage report --fail-under=84 - name: Upload HTML report - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: html-coverage-report path: htmlcov diff --git a/.github/workflows/updatecli.yml b/.github/workflows/updatecli.yml index e7d6fedf7..8a2a14fcd 100644 --- a/.github/workflows/updatecli.yml +++ b/.github/workflows/updatecli.yml @@ -26,7 +26,7 @@ jobs: permission-contents: write permission-pull-requests: write - - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 + - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 with: registry: ghcr.io username: ${{ github.actor }} From 03fb372157046cd92418c3f6dda781556bcf7579 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Mar 2026 08:11:33 +0100 Subject: [PATCH 43/66] build(deps): bump wolfi/chainguard-base from `a7d1958` to `52799bf` (#2575) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `a7d1958` to `52799bf`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index d222e9062..e279bab15 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:a7d19588b134b12a4599757b8f5041e0c578cf0229e1dd6ede712af52dd11c11 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:52799bf31ce800d69bfb0f0750e080b8dd6f8c5e54a6a4a124bad89c6768562f ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 60da68adffdbf268aa156d82e993c4d34483bb14 Mon Sep 17 00:00:00 2001 From: Miguel Allende <105422197+mallendem@users.noreply.github.com> Date: Tue, 10 Mar 2026 09:11:52 +0100 Subject: [PATCH 44/66] fix: disable buildx binary cache in release workflow to mitigate cache poisoning (#2572) Explicitly set `cache-binary: false` on docker/setup-buildx-action in the publish-docker job to prevent potential cache poisoning attacks where a compromised buildx binary could affect Docker image builds pushed to the Elastic container registry. Ref: https://github.com/elastic/observability-robots/issues/3264 Co-authored-by: Claude Opus 4.6 --- .github/workflows/release.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0ddee2c63..aae17b21b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -124,7 +124,9 @@ jobs: - uses: actions/checkout@v6 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 + uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 + with: + cache-binary: false - name: Log in to the Elastic Container registry uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 From b68323bda16e74492842f0e0852d7683369c0c01 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Mar 2026 15:44:15 +0100 Subject: [PATCH 45/66] build(deps): bump wolfi/chainguard-base from `52799bf` to `da434d8` (#2576) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `52799bf` to `da434d8`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index e279bab15..54757e305 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:52799bf31ce800d69bfb0f0750e080b8dd6f8c5e54a6a4a124bad89c6768562f +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:da434d810ab02bb0e864462f395120de182b49279bc3e68037e581ce28e11e20 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From c6bb9eea17ab235f977a3b6df405fae18f2fbb44 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Mar 2026 20:42:23 +0100 Subject: [PATCH 46/66] build(deps): bump the github-actions group across 1 directory with 3 updates (#2581) Bumps the github-actions group with 3 updates in the / directory: [actions/create-github-app-token](https://github.com/actions/create-github-app-token), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) and [geekyeggo/delete-artifact](https://github.com/geekyeggo/delete-artifact). Updates `actions/create-github-app-token` from 2 to 3 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](https://github.com/actions/create-github-app-token/compare/v2...v3) Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/8d2750c68a42422c14e847fe6c8ac0403b4cbd6f...4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd) Updates `geekyeggo/delete-artifact` from 5.1.0 to 6.0.0 - [Release notes](https://github.com/geekyeggo/delete-artifact/releases) - [Changelog](https://github.com/GeekyEggo/delete-artifact/blob/main/CHANGELOG.md) - [Commits](https://github.com/geekyeggo/delete-artifact/compare/f275313e70c08f6120db482d7a6b98377786765b...176a747ab7e287e3ff4787bf8a148716375ca118) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: geekyeggo/delete-artifact dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/labeler.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- .github/workflows/updatecli.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index f1a14d24f..6adcac6f9 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Get token id: get_token - uses: actions/create-github-app-token@v2 + uses: actions/create-github-app-token@v3 with: app-id: ${{ secrets.OBS_AUTOMATION_APP_ID }} private-key: ${{ secrets.OBS_AUTOMATION_APP_PEM }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index aae17b21b..031386383 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -124,7 +124,7 @@ jobs: - uses: actions/checkout@v6 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 with: cache-binary: false diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index fe31c7917..818d0199f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -231,6 +231,6 @@ jobs: with: name: html-coverage-report path: htmlcov - - uses: geekyeggo/delete-artifact@f275313e70c08f6120db482d7a6b98377786765b # 5.1.0 + - uses: geekyeggo/delete-artifact@176a747ab7e287e3ff4787bf8a148716375ca118 # 6.0.0 with: name: coverage-reports-* diff --git a/.github/workflows/updatecli.yml b/.github/workflows/updatecli.yml index 8a2a14fcd..731d9fee3 100644 --- a/.github/workflows/updatecli.yml +++ b/.github/workflows/updatecli.yml @@ -19,7 +19,7 @@ jobs: - name: Get token id: get_token - uses: actions/create-github-app-token@v2 + uses: actions/create-github-app-token@v3 with: app-id: ${{ secrets.OBS_AUTOMATION_APP_ID }} private-key: ${{ secrets.OBS_AUTOMATION_APP_PEM }} From d9566f7ba3678a701094d025cee4b02eb53bf6cd Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Mon, 23 Mar 2026 14:35:20 +0100 Subject: [PATCH 47/66] tests/requirements: limits starlette tests to <1 (#2585) --- tests/requirements/reqs-starlette-newest.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/requirements/reqs-starlette-newest.txt b/tests/requirements/reqs-starlette-newest.txt index 1d359f184..b81367f0a 100644 --- a/tests/requirements/reqs-starlette-newest.txt +++ b/tests/requirements/reqs-starlette-newest.txt @@ -1,4 +1,4 @@ -starlette>=0.15 +starlette>0.15,<1 aiofiles httpx flask From 52058ba6169a19b14c2bbefbee7f5b8d4c624e71 Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Mon, 23 Mar 2026 14:59:36 +0100 Subject: [PATCH 48/66] tests/docker-compose: limit localstack image to version 4 (#2587) 2026.3.0 made an auth or CI token mandatory. --- tests/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/docker-compose.yml b/tests/docker-compose.yml index 0629a045e..af3a179c3 100644 --- a/tests/docker-compose.yml +++ b/tests/docker-compose.yml @@ -123,7 +123,7 @@ services: - mysqldata:/var/lib/mysql localstack: - image: localstack/localstack + image: localstack/localstack:4 ports: - "4566:4566" - "4571:4571" From c7ee5f4e465c238305519c8bcb2c928463187534 Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Mon, 23 Mar 2026 15:15:18 +0100 Subject: [PATCH 49/66] tests/contrib/django: use a longer password (#2586) Some updates to the base FIPS image (I guess) started enforcing a required longer password: > return hashlib.pbkdf2_hmac(digest().name, password, salt, iterations, dklen) E ValueError: [Provider routines] invalid key length --- tests/contrib/django/django_tests.py | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/contrib/django/django_tests.py b/tests/contrib/django/django_tests.py index 72c791280..48649f8cc 100644 --- a/tests/contrib/django/django_tests.py +++ b/tests/contrib/django/django_tests.py @@ -172,7 +172,7 @@ def test_view_exception_elasticapm_debug(django_elasticapm_client, client): @pytest.mark.django_db def test_user_info(django_elasticapm_client, client): user = User(username="admin", email="admin@example.com") - user.set_password("admin") + user.set_password("longer_password_for_admin") user.save() with pytest.raises(Exception): @@ -187,7 +187,7 @@ def test_user_info(django_elasticapm_client, client): assert user_info["username"] == "" assert "email" not in user_info - assert client.login(username="admin", password="admin") + assert client.login(username="admin", password="longer_password_for_admin") with pytest.raises(Exception): client.get(reverse("elasticapm-raise-exc")) @@ -207,10 +207,10 @@ def test_user_info(django_elasticapm_client, client): @pytest.mark.django_db def test_user_info_raises_database_error(django_elasticapm_client, client): user = User(username="admin", email="admin@example.com") - user.set_password("admin") + user.set_password("longer_password_for_admin") user.save() - assert client.login(username="admin", password="admin") + assert client.login(username="admin", password="longer_password_for_admin") with mock.patch("django.contrib.auth.models.User.is_authenticated") as is_authenticated: is_authenticated.side_effect = DatabaseError("Test Exception") @@ -231,9 +231,9 @@ def test_user_info_with_custom_user(django_elasticapm_client, client): MyUser = get_user_model() user = MyUser(my_username="admin") - user.set_password("admin") + user.set_password("longer_password_for_admin") user.save() - assert client.login(username="admin", password="admin") + assert client.login(username="admin", password="longer_password_for_admin") with pytest.raises(Exception): client.get(reverse("elasticapm-raise-exc")) @@ -255,9 +255,9 @@ def test_user_info_with_custom_user_non_string_username(django_elasticapm_client MyIntUser = get_user_model() user = MyIntUser(my_username=1) - user.set_password("admin") + user.set_password("longer_password_for_admin") user.save() - assert client.login(username=1, password="admin") + assert client.login(username=1, password="longer_password_for_admin") with pytest.raises(Exception): client.get(reverse("elasticapm-raise-exc")) From 761607f04725ba651c460a1ddcc322c7a8a0ec16 Mon Sep 17 00:00:00 2001 From: Aleksandra Spilkowska <96738481+alexandra5000@users.noreply.github.com> Date: Wed, 25 Mar 2026 14:34:26 +0100 Subject: [PATCH 50/66] docs: add EDOT SDK encouragement to index and supported-technologies (#2578) * docs: add EDOT SDK encouragement to index and supported-technologies Encourage users to consider the EDOT Python SDK for observability data on the APM agent intro and supported-technologies pages, in line with OTel adoption. Made-with: Cursor * docs: use EDOT SDK repo links instead of docs-content URLs Made-with: Cursor * Fix build error --- docs/docset.yml | 1 + docs/reference/index.md | 3 +++ docs/reference/supported-technologies.md | 4 ++++ 3 files changed, 8 insertions(+) diff --git a/docs/docset.yml b/docs/docset.yml index c11f471c4..8c9e5278a 100644 --- a/docs/docset.yml +++ b/docs/docset.yml @@ -9,6 +9,7 @@ cross_links: - ecs - ecs-logging - ecs-logging-python + - elastic-otel-python - elasticsearch - logstash-docs-md toc: diff --git a/docs/reference/index.md b/docs/reference/index.md index df1c5bf30..cc4c89a99 100644 --- a/docs/reference/index.md +++ b/docs/reference/index.md @@ -14,6 +14,9 @@ applies_to: The Elastic APM Python agent sends performance metrics and error logs to the APM Server. It has built-in support for Django and Flask performance metrics and error logging, as well as generic support of other WSGI frameworks for error logging. +:::::{note} +Elastic supports OpenTelemetry, which allows logs, metrics, and trace signal collection for many of the [supported technologies](/reference/supported-technologies.md) below. Consider using the [EDOT Python SDK](elastic-otel-python://reference/edot-python/index.md) for observability data so you continue to get the full power of Elastic's platform. +::::: ## How does the Agent work? [how-it-works] diff --git a/docs/reference/supported-technologies.md b/docs/reference/supported-technologies.md index 28efb9438..d60291a0b 100644 --- a/docs/reference/supported-technologies.md +++ b/docs/reference/supported-technologies.md @@ -11,6 +11,10 @@ applies_to: # Supported technologies [supported-technologies] +The Elastic APM Python Agent supports the technologies listed below. + +Elastic supports OpenTelemetry, which allows logs, metrics, and trace signal collection for many of these technologies. Consider using the [EDOT Python SDK](elastic-otel-python://reference/edot-python/index.md) for observability data so you continue to get the full power of Elastic's platform. + $$$framework-support$$$ The Elastic APM Python Agent comes with support for the following frameworks: From 530b41b3894a72714902f2a2bfcd55ca1ee2fb6b Mon Sep 17 00:00:00 2001 From: Martijn Laarman Date: Mon, 30 Mar 2026 16:40:39 +0200 Subject: [PATCH 51/66] Migrate docs workflows from preview-build to docs-actions (#2592) Moves docs CI/CD from elastic/docs-builder to elastic/docs-actions. Part of elastic/docs-eng-team#474 --- .github/workflows/docs-build.yml | 21 ++++++++------------- .github/workflows/docs-cleanup.yml | 14 -------------- .github/workflows/docs-deploy.yml | 16 ++++++++++++++++ .github/workflows/docs-preview-cleanup.yml | 11 +++++++++++ 4 files changed, 35 insertions(+), 27 deletions(-) delete mode 100644 .github/workflows/docs-cleanup.yml create mode 100644 .github/workflows/docs-deploy.yml create mode 100644 .github/workflows/docs-preview-cleanup.yml diff --git a/.github/workflows/docs-build.yml b/.github/workflows/docs-build.yml index 2efad4a2d..cf37c3d80 100644 --- a/.github/workflows/docs-build.yml +++ b/.github/workflows/docs-build.yml @@ -1,20 +1,15 @@ name: docs-build - on: + pull_request: + types: [opened, synchronize, reopened] push: - branches: - - main - pull_request_target: ~ + branches: [main] merge_group: ~ - +permissions: + contents: read + pull-requests: read jobs: - docs-preview: - uses: elastic/docs-builder/.github/workflows/preview-build.yml@main + build: + uses: elastic/docs-actions/.github/workflows/docs-build.yml@v1 with: enable-vale-linting: true - path-pattern: docs/** - permissions: - deployments: write - id-token: write - contents: read - pull-requests: write diff --git a/.github/workflows/docs-cleanup.yml b/.github/workflows/docs-cleanup.yml deleted file mode 100644 index f83e017b5..000000000 --- a/.github/workflows/docs-cleanup.yml +++ /dev/null @@ -1,14 +0,0 @@ -name: docs-cleanup - -on: - pull_request_target: - types: - - closed - -jobs: - docs-preview: - uses: elastic/docs-builder/.github/workflows/preview-cleanup.yml@main - permissions: - contents: none - id-token: write - deployments: write diff --git a/.github/workflows/docs-deploy.yml b/.github/workflows/docs-deploy.yml new file mode 100644 index 000000000..3e44d1570 --- /dev/null +++ b/.github/workflows/docs-deploy.yml @@ -0,0 +1,16 @@ +name: docs-deploy +on: + workflow_run: + workflows: [docs-build] + types: [completed] +permissions: + contents: read + deployments: write + id-token: write + pull-requests: write + actions: read +jobs: + deploy: + uses: elastic/docs-actions/.github/workflows/docs-deploy.yml@v1 + with: + enable-vale-linting: true diff --git a/.github/workflows/docs-preview-cleanup.yml b/.github/workflows/docs-preview-cleanup.yml new file mode 100644 index 000000000..b234c2358 --- /dev/null +++ b/.github/workflows/docs-preview-cleanup.yml @@ -0,0 +1,11 @@ +name: docs-preview-cleanup +on: + pull_request_target: + types: [closed] +permissions: + contents: none + deployments: write + id-token: write +jobs: + cleanup: + uses: elastic/docs-actions/.github/workflows/docs-preview-cleanup.yml@v1 From 071203ea949de4c36c548fe7e07aa14fbd85285e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Apr 2026 13:38:30 +0200 Subject: [PATCH 52/66] build(deps): bump docker/login-action (#2595) Bumps the github-actions group with 1 update in the / directory: [docker/login-action](https://github.com/docker/login-action). Updates `docker/login-action` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/b45d80f862d83dbcd57f89517bcf500b2ab88fb2...4907a6ddec9925e35a0a9e82d7399ccc52663121) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build-images.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/updatecli.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-images.yml b/.github/workflows/build-images.yml index 499a6a60a..e8002f979 100644 --- a/.github/workflows/build-images.yml +++ b/.github/workflows/build-images.yml @@ -22,7 +22,7 @@ jobs: - uses: actions/checkout@v6 - name: Login to ghcr.io - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 031386383..b8a2b01ff 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -129,7 +129,7 @@ jobs: cache-binary: false - name: Log in to the Elastic Container registry - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: registry: ${{ secrets.ELASTIC_DOCKER_REGISTRY }} username: ${{ secrets.ELASTIC_DOCKER_USERNAME }} diff --git a/.github/workflows/updatecli.yml b/.github/workflows/updatecli.yml index 731d9fee3..283942376 100644 --- a/.github/workflows/updatecli.yml +++ b/.github/workflows/updatecli.yml @@ -26,7 +26,7 @@ jobs: permission-contents: write permission-pull-requests: write - - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + - uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: registry: ghcr.io username: ${{ github.actor }} From 6b1941af25dfc8519b66f168fb78912b4206b6ea Mon Sep 17 00:00:00 2001 From: "elastic-observability-automation[bot]" <180520183+elastic-observability-automation[bot]@users.noreply.github.com> Date: Wed, 8 Apr 2026 16:41:58 +0200 Subject: [PATCH 53/66] chore: deps(updatecli): Bump updatecli version to v0.115.0 (#2596) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Made with ❤️️ by updatecli Co-authored-by: elastic-observability-automation[bot] <180520183+elastic-observability-automation[bot]@users.noreply.github.com> --- .tool-versions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tool-versions b/.tool-versions index 203a6dea3..82ca587ca 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1 +1 @@ -updatecli v0.114.0 \ No newline at end of file +updatecli v0.115.0 \ No newline at end of file From f35364c3176bfb89adccd31acf602a8396e15397 Mon Sep 17 00:00:00 2001 From: Riccardo Magliocchetti Date: Wed, 8 Apr 2026 17:05:44 +0200 Subject: [PATCH 54/66] tests/contrib/django: use proper mock (#2599) The read mock should take at least an argument. Fixes: tests.contrib.django.fixtures.TempStoreClient:client.py:151 Can't capture request body: test_post_read_error_logging..read() takes 0 positional arguments but 1 was given Assisted-by: Cursor --- tests/contrib/django/django_tests.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/contrib/django/django_tests.py b/tests/contrib/django/django_tests.py index 48649f8cc..b9d16772a 100644 --- a/tests/contrib/django/django_tests.py +++ b/tests/contrib/django/django_tests.py @@ -572,7 +572,7 @@ def test_post_raw_data(django_elasticapm_client): def test_post_read_error_logging(django_elasticapm_client, caplog, rf): request = rf.post("/test", data="{}", content_type="application/json") - def read(): + def read(*args, **kwargs): raise IOError("foobar") request.read = read From 89fe364835bc960e87882fa3aa297056b309cd07 Mon Sep 17 00:00:00 2001 From: "elastic-vault-github-plugin-prod[bot]" <150874479+elastic-vault-github-plugin-prod[bot]@users.noreply.github.com> Date: Wed, 8 Apr 2026 17:31:22 +0200 Subject: [PATCH 55/66] github-action: include the dependabot section for pre-commit (#2577) * github-action: include the dependabot section for pre-commit * Apply suggestion from @v1v --------- Co-authored-by: obltmachine Co-authored-by: Victor Martinez --- .github/dependabot.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 9abbe4339..fa7523136 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -41,3 +41,13 @@ updates: registries: "*" schedule: interval: "daily" + + - package-ecosystem: pre-commit + directory: "/" + schedule: + interval: 'weekly' + day: 'sunday' + time: '22:00' + open-pull-requests-limit: 5 + labels: + - 'changelog:dependencies' From 3ef64a330d196e5283231dd1d1d7eaac751df0f4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Apr 2026 16:07:42 +0000 Subject: [PATCH 56/66] build(deps): bump wolfi/chainguard-base from `da434d8` to `4156e0c` (#2580) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `da434d8` to `4156e0c`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Riccardo Magliocchetti --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index 54757e305..ae4a4e518 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:da434d810ab02bb0e864462f395120de182b49279bc3e68037e581ce28e11e20 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:4156e0c07f13e14e4ee2387cfb65092df310f639aea9316be4574984807c31da ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 5f99446c4489b2b35f350b4948c8ad0e47d7dc15 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Apr 2026 14:43:25 +0200 Subject: [PATCH 57/66] build(deps): bump wolfi/chainguard-base from `4156e0c` to `e59b9c1` (#2604) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `4156e0c` to `e59b9c1`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index ae4a4e518..b2dc9bb3f 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:4156e0c07f13e14e4ee2387cfb65092df310f639aea9316be4574984807c31da +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:e59b9c13d32a840b2f3111d561470ce2902476fb2bad9e472e8092ac10f9c733 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 12d0e3b5896dffb78ad4bd97e35db034f2aa28bf Mon Sep 17 00:00:00 2001 From: "elastic-observability-automation[bot]" <180520183+elastic-observability-automation[bot]@users.noreply.github.com> Date: Tue, 14 Apr 2026 13:49:30 +0200 Subject: [PATCH 58/66] deps: Bump updatecli version to v0.116.1 (#2606) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * chore: deps(updatecli): Bump updatecli version to v0.116.0 Made with ❤️️ by updatecli * chore: deps(updatecli): Bump updatecli version to v0.116.1 Made with ❤️️ by updatecli --------- Co-authored-by: elastic-observability-automation[bot] <180520183+elastic-observability-automation[bot]@users.noreply.github.com> --- .tool-versions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tool-versions b/.tool-versions index 82ca587ca..8689eb66a 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1 +1 @@ -updatecli v0.115.0 \ No newline at end of file +updatecli v0.116.1 \ No newline at end of file From 4f2b857c9b5254ff93e46b0c1163dc7958a9800f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Apr 2026 14:48:31 +0200 Subject: [PATCH 59/66] build(deps): bump wolfi/chainguard-base from `e59b9c1` to `8a4e985` (#2616) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `e59b9c1` to `8a4e985`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index b2dc9bb3f..7b3f4d239 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:e59b9c13d32a840b2f3111d561470ce2902476fb2bad9e472e8092ac10f9c733 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:8a4e9858afb82538f746acdc53df211a677a3cbc329eb7a863c940f0cd4db8d1 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 047d2120f474201400633ad606e5b49d1f79aa67 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Apr 2026 14:48:55 +0200 Subject: [PATCH 60/66] build(deps): bump alpine from `2510918` to `5b10f43` (#2615) Bumps alpine from `2510918` to `5b10f43`. --- updated-dependencies: - dependency-name: alpine dependency-version: 5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11 dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 44dfeb72b..96b8bda6e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,3 @@ -FROM alpine@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659 +FROM alpine@sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From b0bf5d23efd0c020a5e8ffdbc81296b1f6805996 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Apr 2026 09:55:51 +0200 Subject: [PATCH 61/66] build(deps): bump the github-actions group across 1 directory with 3 updates (#2609) Bumps the github-actions group with 3 updates in the / directory: [actions/github-script](https://github.com/actions/github-script), [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) and [docker/build-push-action](https://github.com/docker/build-push-action). Updates `actions/github-script` from 8 to 9 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v8...v9) Updates `pypa/gh-action-pypi-publish` from 1.13.0 to 1.14.0 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e...cef221092ed1bacb1cc03d23a2d87d1d172e277b) Updates `docker/build-push-action` from 7.0.0 to 7.1.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/d08e5c354a6adb9ed34480a06d141179aa583294...bcafcacb16a39f128d818304e6c9c0c18556b85f) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: '9' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: pypa/gh-action-pypi-publish dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/build-push-action dependency-version: 7.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/matrix-command.yml | 2 +- .github/workflows/release.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/matrix-command.yml b/.github/workflows/matrix-command.yml index 9692b8cea..3e3426a2d 100644 --- a/.github/workflows/matrix-command.yml +++ b/.github/workflows/matrix-command.yml @@ -21,7 +21,7 @@ jobs: pull-requests: write steps: - name: Is comment allowed? - uses: actions/github-script@v8 + uses: actions/github-script@v9 with: script: | const actorPermission = (await github.rest.repos.getCollaboratorPermissionLevel({ diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b8a2b01ff..35cb02777 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -65,12 +65,12 @@ jobs: path: dist - name: Upload pypi.org if: startsWith(github.ref, 'refs/tags') - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 + uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0 with: repository-url: https://upload.pypi.org/legacy/ - name: Upload test.pypi.org if: ${{ ! startsWith(github.ref, 'refs/tags') }} - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 + uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0 with: repository-url: https://test.pypi.org/legacy/ @@ -153,7 +153,7 @@ jobs: - name: Build and push image id: docker-push - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: . platforms: linux/amd64,linux/arm64 From fbc74911c8c419cca5d70ad53591444b06dc287a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 21 Apr 2026 17:37:19 +0200 Subject: [PATCH 62/66] build(deps): bump wolfi/chainguard-base from `8a4e985` to `cd0d822` (#2620) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `8a4e985` to `cd0d822`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index 7b3f4d239..2724eac52 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:8a4e9858afb82538f746acdc53df211a677a3cbc329eb7a863c940f0cd4db8d1 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:cd0d822f7fd85fb7de9c29936cffb8e31b1d77e2470f2e76b7f4ab06777e0e03 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From 6a22dfadd5550485954278082cf341a0807a9478 Mon Sep 17 00:00:00 2001 From: "elastic-observability-automation[bot]" <180520183+elastic-observability-automation[bot]@users.noreply.github.com> Date: Tue, 21 Apr 2026 17:37:51 +0200 Subject: [PATCH 63/66] chore: deps(updatecli): Bump updatecli version to v0.116.3 (#2621) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Made with ❤️️ by updatecli Co-authored-by: elastic-observability-automation[bot] <180520183+elastic-observability-automation[bot]@users.noreply.github.com> --- .tool-versions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tool-versions b/.tool-versions index 8689eb66a..23e5cc57a 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1 +1 @@ -updatecli v0.116.1 \ No newline at end of file +updatecli v0.116.3 \ No newline at end of file From 1b79b46bb73596712f84f07e7e4e3e5e41f051b7 Mon Sep 17 00:00:00 2001 From: Copilot <198982749+Copilot@users.noreply.github.com> Date: Fri, 24 Apr 2026 10:31:34 +0200 Subject: [PATCH 64/66] Fix flaky kafka tests by flushing producer before ending sender transactions (#2619) * Initial plan * fix: add producer.flush() to kafka tests to prevent race conditions The producer.send() method in kafka-python is asynchronous - it queues messages to be sent by a background I/O thread. Without calling producer.flush(), messages may not be delivered to the Kafka broker before the consumer's consumer_timeout_ms=500 expires. This creates a race condition where the consumer loop exits with no items consumed, resulting in no spans being created. Added producer.flush() after producer.send() calls in all delayed_send functions to ensure messages are actually delivered to Kafka. Agent-Logs-Url: https://github.com/elastic/apm-agent-python/sessions/e5ad59a6-a44a-4dd2-978e-fe4844b5c198 Co-authored-by: xrmx <12932+xrmx@users.noreply.github.com> * fix: wait for kafka send futures in flaky consumer tests Agent-Logs-Url: https://github.com/elastic/apm-agent-python/sessions/c8da0228-9a66-4391-a204-fe0b99b1b85b Co-authored-by: xrmx <12932+xrmx@users.noreply.github.com> * fix: flush kafka producer before ending sender transaction Agent-Logs-Url: https://github.com/elastic/apm-agent-python/sessions/610642ed-3a8d-4371-bccb-485eaee1d69d Co-authored-by: xrmx <12932+xrmx@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: xrmx <12932+xrmx@users.noreply.github.com> Co-authored-by: Riccardo Magliocchetti --- tests/instrumentation/kafka_tests.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tests/instrumentation/kafka_tests.py b/tests/instrumentation/kafka_tests.py index 54be2ee8e..8339ceefb 100644 --- a/tests/instrumentation/kafka_tests.py +++ b/tests/instrumentation/kafka_tests.py @@ -113,6 +113,7 @@ def delayed_send(): elasticapm_client.begin_transaction("foo") producer.send("test", key=b"foo", value=b"bar") producer.send("test", key=b"baz", value=b"bazzinga") + producer.flush() elasticapm_client.end_transaction("foo") thread = threading.Thread(target=delayed_send) @@ -139,6 +140,7 @@ def delayed_send(): elasticapm_client.begin_transaction("foo") producer.send("test", key=b"foo", value=b"bar") producer.send("test", key=b"baz", value=b"bazzinga") + producer.flush() elasticapm_client.end_transaction("foo") thread = threading.Thread(target=delayed_send) @@ -166,6 +168,7 @@ def delayed_send(): producer.send(topic="foo", key=b"foo", value=b"bar") producer.send("bar", key=b"foo", value=b"bar") producer.send("test", key=b"foo", value=b"bar") + producer.flush() thread = threading.Thread(target=delayed_send) thread.start() @@ -186,6 +189,7 @@ def delayed_send(): producer.send(topic="foo", key=b"foo", value=b"bar") producer.send("bar", key=b"foo", value=b"bar") producer.send("test", key=b"foo", value=b"bar") + producer.flush() thread = threading.Thread(target=delayed_send) thread.start() @@ -205,6 +209,7 @@ def delayed_send(): time.sleep(0.2) producer.send("test", key=b"foo", value=b"bar") producer.send("test", key=b"baz", value=b"bazzinga") + producer.flush() thread = threading.Thread(target=delayed_send) thread.start() @@ -249,6 +254,7 @@ def test_kafka_consumer_unsampled_transaction_handles_stop_iteration( def delayed_send(): time.sleep(0.2) producer.send("test", key=b"foo", value=b"bar") + producer.flush() thread = threading.Thread(target=delayed_send) thread.start() From 132c1ea2c48ae363395e2f36275c7a13d1a3c04b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Apr 2026 16:25:38 +0200 Subject: [PATCH 65/66] build(deps): bump wolfi/chainguard-base from `cd0d822` to `6c2e5ac` (#2625) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `cd0d822` to `6c2e5ac`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index 2724eac52..f4b78632b 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:cd0d822f7fd85fb7de9c29936cffb8e31b1d77e2470f2e76b7f4ab06777e0e03 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:6c2e5acc670ecfc05a736e0bb7ce75a7e9cee0f0d931be67de8f6f99225ca5e4 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file From cd221144bded49f871e16e96b11f5c9d5e0553eb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 30 Apr 2026 12:51:20 +0000 Subject: [PATCH 66/66] build(deps): bump wolfi/chainguard-base from `6c2e5ac` to `d973572` (#2631) Bumps [wolfi/chainguard-base](https://github.com/chainguard-images/images-private) from `6c2e5ac` to `d973572`. - [Commits](https://github.com/chainguard-images/images-private/commits) --- updated-dependencies: - dependency-name: wolfi/chainguard-base dependency-version: latest dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Dockerfile.wolfi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.wolfi b/Dockerfile.wolfi index f4b78632b..cecebe837 100644 --- a/Dockerfile.wolfi +++ b/Dockerfile.wolfi @@ -1,3 +1,3 @@ -FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:6c2e5acc670ecfc05a736e0bb7ce75a7e9cee0f0d931be67de8f6f99225ca5e4 +FROM docker.elastic.co/wolfi/chainguard-base:latest@sha256:d9735729e7ba0bdef8af607d1742afe622652f61d31a9a5433b955dda05c6eb2 ARG AGENT_DIR COPY ${AGENT_DIR} /opt/python \ No newline at end of file