docs: update 4.x branch for v4.7.1 release

.ci/docker/docker-compose.yml

@@ -31,7 +31,9 @@ services:
       retries: 30
 
   mssql:
-    image: mcr.microsoft.com/mssql/server
+    # Cumulative update 14 (CU14), released 2024-07-23, breaks the healthcheck.
+    # See https://github.com/elastic/apm-agent-nodejs/issues/4147
+    image: mcr.microsoft.com/mssql/server:2022-CU13-ubuntu-22.04
     platform: linux/amd64
     environment:
       - ACCEPT_EULA=Y

.ci/scripts/docker-test.sh

@@ -42,14 +42,8 @@ node --version
 npm --version
 npm_ci
 
-# Attempt to provide junit-formatted test results, for Jenkins' "Test Results"
-# and other features like flaky-test reporting.
 if [[ -n ${TAV} ]]; then
   npm run test:tav
-  # Currently the TAV tests do not support TAP or junit-formatted output.
 else
-  rm -rf ./test_output
-  mkdir ./test_output
-  nyc node test/test.js -o ./test_output
-  ls test_output/*.tap | while read f; do cat $f | ./node_modules/.bin/tap-junit > $f.junit.xml; done
+  node test/test.js
 fi

.ci/updatecli/values.d/apm-data-spec.yml

@@ -0,0 +1 @@
+apm_schema_specs_path: test/integration/api-schema/apm-server-schema

.ci/updatecli/values.d/apm-json-specs.yml

@@ -0,0 +1 @@
+apm_json_specs_path: test/fixtures/json-specs

.ci/updatecli/values.d/scm.yml

@@ -0,0 +1,7 @@
+scm:
+  enabled: true
+  owner: elastic
+  repository: apm-agent-nodejs
+  branch: main
+
+signedcommit: true

.github/dependabot.yml

@@ -20,6 +20,13 @@ updates:
         update-types: ["version-update:semver-patch"]
       - dependency-name: "@types/*"
         update-types: ["version-update:semver-patch"]
+      # Packages whose major versions have dropped support for Node.js versions
+      # that this package needs.
+      - dependency-name: "glob" # glob@10 min is 14.20, we need >=14.17; glob@11 dropped 14, 16, 18
+        update-types: ["version-update:semver-major"]
+      - dependency-name: "lru-cache" # later [email protected] toyed with dropping 14.x, we pin to a specific early 10.x; lru-cache@11 dropped 14, 16, 18
+      - dependency-name: "rimraf" # rimraf@5 min is 14.20, we need >=14.17; rimraf@6 dropped 14, 16, 18
+        update-types: ["version-update:semver-major"]
     groups:
       aws-sdk:
         dependency-type: "development"

.github/workflows/release.yml

@@ -18,9 +18,6 @@ jobs:
     runs-on: ubuntu-latest
     env:
       DOCKER_IMAGE_NAME: docker.elastic.co/observability/apm-agent-nodejs
-      # TODO: use keyless
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
     steps:
       - uses: actions/checkout@v4
         with:
@@ -47,7 +44,7 @@ jobs:
       - run: make -C .ci dist
 
       - name: Attest Lambda layer zip
-        uses: actions/attest-build-provenance@49df96e17e918a15956db358890b08e61c704919  # v1.2.0
+        uses: actions/attest-build-provenance@5e9cb68e95676991667494a6a4e59b8a2f13e1d0  # v1.3.3
         with:
           subject-path: "${{ github.workspace }}/build/aws/elastic-apm-node-lambda-layer-*.zip"
 
@@ -66,7 +63,7 @@ jobs:
 
       - name: Build and Push Docker Image
         id: docker-push
-        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0  # v5.3.0
+        uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12  # v6.4.1
         with:
           context: .
           platforms: linux/amd64,linux/arm64
@@ -78,7 +75,7 @@ jobs:
             AGENT_DIR=/build/dist/nodejs
 
       - name: Attest Docker image
-        uses: actions/attest-build-provenance@49df96e17e918a15956db358890b08e61c704919  # v1.2.0
+        uses: actions/attest-build-provenance@5e9cb68e95676991667494a6a4e59b8a2f13e1d0  # v1.3.3
         with:
           subject-name: "${{ env.DOCKER_IMAGE_NAME }}"
           subject-digest: ${{ steps.docker-push.outputs.digest }}
@@ -100,7 +97,7 @@ jobs:
 
       - name: Build and Push Docker Image (wolfi)
         id: docker-push-wolfi
-        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0  # v5.3.0
+        uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12  # v6.4.1
         with:
           context: .
           platforms: linux/amd64,linux/arm64
@@ -112,12 +109,16 @@ jobs:
             AGENT_DIR=/build/dist/nodejs
 
       - name: Attest Docker image (wolfi)
-        uses: actions/attest-build-provenance@49df96e17e918a15956db358890b08e61c704919  # v1.2.0
+        uses: actions/attest-build-provenance@5e9cb68e95676991667494a6a4e59b8a2f13e1d0  # v1.3.3
         with:
           subject-name: "${{ env.DOCKER_IMAGE_NAME }}"
           subject-digest: ${{ steps.docker-push-wolfi.outputs.digest }}
           push-to-registry: true
 
+      - uses: elastic/oblt-actions/aws/[email protected]
+        with:
+          aws-account-id: "267093732750"
+
       - name: Publish AWS lambda (only for tag release)
         if: startsWith(github.ref, 'refs/tags')
         run: make -C .ci publish-in-all-aws-regions create-arn-file

.github/workflows/test.yml

@@ -175,15 +175,6 @@ jobs:
     - run: npm ls --all || true
     - name: npm test
       run: npm test
-    - uses: inception-health/otel-upload-test-artifact-action@v1
-      if: always()
-      continue-on-error: true
-      with:
-        jobName: "test-vers (${{ matrix.node }})"
-        stepName: "npm test"
-        path: "test_output/*.junit.xml"
-        type: "junit"
-        githubToken: ${{ secrets.GITHUB_TOKEN }}
 
   test-windows:
     runs-on: windows-latest

.github/workflows/updatecli.yml

@@ -9,14 +9,29 @@ permissions:
   contents: read
 
 jobs:
-  bump:
+  compose:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: read
     steps:
       - uses: actions/checkout@v4
 
+      - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - uses: elastic/oblt-actions/updatecli/run@v1
+        with:
+          command: --experimental compose diff
+        env:
+          GITHUB_TOKEN: ${{ secrets.UPDATECLI_GH_TOKEN }}
+
       - uses: elastic/oblt-actions/updatecli/run@v1
         with:
-          command: "--experimental apply --config .ci/updatecli/updatecli.d --values .ci/updatecli/values.yml"
+          command: --experimental compose apply
         env:
           GITHUB_TOKEN: ${{ secrets.UPDATECLI_GH_TOKEN }}
 

.gitignore

@@ -7,8 +7,6 @@
 /test-suite-output.tap
 
 # Folders to ignore
-/.nyc_output
-/test_output
 /build
 node_modules
 /test/benchmarks/.tmp

.tav.yml

@@ -259,15 +259,19 @@ elasticsearch:
 #     "8.2.0" because they are stuck with stack version numbers. However,
 #     semver (and TAV) consider "-patch.N" to be a *prereleases*. This
 #     leads to some tortured "versions:" ranges below.
+# - Version 8.11.0 dropped node v14 and v16 support.
 '@elastic/elasticsearch':
   - versions: '>=7.0.0 <7.7.0 || >7.7.0 <7.12.0'
     commands: node test/instrumentation/modules/@elastic/elasticsearch.test.js
   - versions: '>=7.12.0 <8.2'
     node: '>=12.0.0'
     commands: node test/instrumentation/modules/@elastic/elasticsearch.test.js
-  - versions: '>=8.2.0-patch.1 <8.2.0 || >8.2.0'
+  - versions: '>=8.2.0-patch.1 <8.2.0 || >8.2.0 <8.11.0'
     node: '>=14.0.0'
     commands: node test/instrumentation/modules/@elastic/elasticsearch.test.js
+  - versions: '>=8.11.0'
+    node: '>=18.0.0'
+    commands: node test/instrumentation/modules/@elastic/elasticsearch.test.js
 
 handlebars:
   versions:

CHANGELOG.asciidoc

@@ -33,6 +33,18 @@ Notes:
 
 See the <<upgrade-to-v4>> guide.
 
+
+[[release-notes-4.7.1]]
+==== 4.7.1 - 2024/07/24
+
+[float]
+===== Bug fixes
+
+- Update import-in-the-middle internally-used library to v1.9.1. This can
+  fix usage with ESM code (see <<esm>>) in some cases, e.g. usage with
+  https://github.com/elastic/apm-agent-nodejs/issues/4143[Nuxt 3].
+
+
 [[release-notes-4.7.0]]
 ==== 4.7.0 - 2024/06/13