chore(deps): bump the test-versions group across 1 directory with 86 updates

[dependabot]

Bumps the test-versions group with 86 updates in the /packages/dd-trace/test/plugins/versions directory:

Package	From	To
@ai-sdk/openai	3.0.12	3.0.30
@anthropic-ai/sdk	0.73.0	0.78.0
@apollo/gateway	2.12.2	2.13.1
@apollo/server	5.2.0	5.4.0
@apollo/subgraph	2.12.2	2.13.1
@aws-sdk/client-bedrock-runtime	3.971.0	3.995.0
@aws-sdk/client-dynamodb	3.971.0	3.995.0
@aws-sdk/client-kinesis	3.971.0	3.995.0
@aws-sdk/client-lambda	3.971.0	3.995.0
@aws-sdk/client-s3	3.971.0	3.995.0
@aws-sdk/client-sfn	3.971.0	3.995.0
@aws-sdk/client-sns	3.971.0	3.995.0
@aws-sdk/client-sqs	3.971.0	3.995.0
@azure/event-hubs	6.0.2	6.0.3
@azure/functions	4.11.0	4.11.2
@cucumber/cucumber	12.5.0	12.6.0
@datadog/openfeature-node-server	0.3.1	0.3.3
@elastic/elasticsearch	9.2.0	9.3.2
@elastic/transport	9.3.0	9.3.3
@google-cloud/pubsub	5.2.2	5.3.0
@google/genai	1.37.0	1.42.0
@hapi/hapi	21.4.4	21.4.6
@happy-dom/jest-environment	20.3.1	20.7.0
@langchain/anthropic	1.3.10	1.3.19
@langchain/classic	1.0.9	1.0.19
@langchain/cohere	1.0.1	1.0.3
@langchain/core	1.1.15	1.1.27
@langchain/google-genai	2.1.10	2.1.20
@langchain/openai	1.2.2	1.2.9
@openai/agents	0.3.9	0.4.15
@openai/agents-core	0.4.5	0.4.15
@opentelemetry/exporter-jaeger	2.4.0	2.5.1
@opentelemetry/instrumentation	0.210.0	0.212.0
@opentelemetry/instrumentation-express	0.58.0	0.60.0
@opentelemetry/instrumentation-http	0.210.0	0.212.0
@opentelemetry/sdk-node	0.210.0	0.212.0
@playwright/test	1.57.0	1.58.2
@prisma/client	7.2.0	7.4.1
@prisma/adapter-pg	7.2.0	7.4.1
@prisma/adapter-mariadb	7.2.0	7.4.1
@prisma/adapter-mssql	7.2.0	7.4.1
@redis/client	5.10.0	5.11.0
@smithy/smithy-client	4.10.9	4.11.5
@types/node	25.0.9	25.3.0
@vitest/coverage-istanbul	4.0.17	4.0.18
@vitest/coverage-v8	4.0.17	4.0.18
@vitest/runner	4.0.17	4.0.18
aerospike	6.5.2	6.6.0
ai	6.0.39	6.0.97
axios	1.13.2	1.13.5
azure-functions-core-tools	4.6.0	4.7.0
bson	7.1.1	7.2.0
bullmq	5.66.5	5.69.4
couchbase	4.6.0	4.6.1
cypress	15.9.0	15.10.0
esbuild	0.27.2	0.27.3
express-session	1.18.2	1.19.0
fastify	5.7.1	5.7.4
hono	4.11.7	4.12.0
ioredis	5.9.2	5.9.3
langchain	1.2.10	1.2.25
lodash	4.17.21	4.17.23
mariadb	3.4.5	3.5.1
mongodb	7.0.0	7.1.0
mongoose	9.1.4	9.2.1
mysql2	3.16.1	3.17.4
next	16.1.3	16.1.6
nock	14.0.10	14.0.11
npm	11.7.0	11.10.1
openai	6.18.0	6.22.0
pg	8.17.1	8.18.0
pg-cursor	2.16.1	2.17.0
pg-query-stream	4.11.1	4.12.0
pino	10.2.0	10.3.1
playwright	1.57.0	1.58.2
playwright-core	1.57.0	1.58.2
pnpm	10.28.0	10.30.1
prisma	7.2.0	7.4.1
react	19.2.3	19.2.4
react-dom	19.2.3	19.2.4
redis	5.10.0	5.11.0
selenium-webdriver	4.39.0	4.41.0
stripe	20.1.0	20.3.1
tedious	19.2.0	19.2.1
undici	7.18.2	7.22.0
vitest	4.0.17	4.0.18

Updates @ai-sdk/openai from 3.0.12 to 3.0.30

Release notes

Sourced from @​ai-sdk/openai's releases.

@​ai-sdk/openai@​3.0.30

Patch Changes

• ff12133: feat(provider/openai): support native skills and hosted shell

Commits

• 65d4a36 Version Packages (#12678)
• ff12133 feat(provider/openai): support native skills and hosted shell (#12581)
• 8e7be73 Version Packages (#12675)
• 0db8866 docs: update vertex provider to use correct providerOptions key (#12521)
• a433cd3 chore(provider/gateway): update gateway model settings files (#12673)
• ab62790 docs: add guide for setting up AI SDK with coding agents (#12669)
• c94ce6f Version Packages (#12665)
• 15a9e21 feat (provider/bytedance): initial bytedance provider (#12188)
• a9c331e Version Packages (#12663)
• 3b19702 feat (provider/klingai): add kling v3.0 t2v and i2v support (#12662)
• Additional commits viewable in compare view

Updates @anthropic-ai/sdk from 0.73.0 to 0.78.0

Release notes

Sourced from @​anthropic-ai/sdk's releases.

sdk: v0.78.0

0.78.0 (2026-02-19)

Full Changelog: sdk-v0.77.0...sdk-v0.78.0

Features

• api: Add top-level cache control (automatic caching) (1e2f83d)

Bug Fixes

• bedrock: eliminate race condition in AWS credential resolution (#901) (e5a101d)
• client: format batches test file (821e9bf)
• tests: fix issue in batches test (5f4ccf8)

Chores

• update mock server docs (25d337f)

sdk: v0.77.0

0.77.0 (2026-02-18)

Full Changelog: sdk-v0.76.0...sdk-v0.77.0

Features

• api: fix shared UserLocation and error code types (c84038f)

sdk: v0.76.0

0.76.0 (2026-02-18)

Full Changelog: sdk-v0.75.0...sdk-v0.76.0

Features

• api: Make new tool versions available as top level tool types (25fe41c)

sdk: v0.75.0

0.75.0 (2026-02-17)

Full Changelog: sdk-v0.74.0...sdk-v0.75.0

Features

• api: Releasing claude-sonnet-4-6 (d75e1c0)

Bug Fixes

... (truncated)

Changelog

Sourced from @​anthropic-ai/sdk's changelog.

0.78.0 (2026-02-19)

Full Changelog: sdk-v0.77.0...sdk-v0.78.0

Features

• api: Add top-level cache control (automatic caching) (1e2f83d)

Bug Fixes

• bedrock: eliminate race condition in AWS credential resolution (#901) (e5a101d)
• client: format batches test file (821e9bf)
• tests: fix issue in batches test (5f4ccf8)

Chores

• update mock server docs (25d337f)

0.77.0 (2026-02-18)

Full Changelog: sdk-v0.76.0...sdk-v0.77.0

Features

• api: fix shared UserLocation and error code types (c84038f)

Bug Fixes

• add backward-compat namespace re-exports for UserLocation (#706) (b88834f)

0.76.0 (2026-02-18)

Full Changelog: sdk-v0.75.0...sdk-v0.76.0

Features

• api: manual updates (25fe41c)

0.75.0 (2026-02-17)

Full Changelog: sdk-v0.74.0...sdk-v0.75.0

Features

• api: Releasing claude-sonnet-4-6 (d75e1c0)

... (truncated)

Commits

• fdaa72b chore: release main (#917)
• e34f3a2 release: 0.77.0 (#916)
• 1d2868f chore: release main (#915)
• bcdf5b2 chore: release main
• 2a5d0ad fix(tests): fix erroneous speed tests (#699)
• 21ad14f fix(api): fix spec errors
• f1c6b27 feat(api): Releasing claude-sonnet-4-6
• 03ec73e chore(internal/client): fix form-urlencoded requests
• a549b38 codegen metadata
• a823147 codegen metadata
• Additional commits viewable in compare view

Updates @apollo/gateway from 2.12.2 to 2.13.1

Release notes

Sourced from @​apollo/gateway's releases.

@​apollo/gateway@​2.13.1

Patch Changes

• Allow bumping make-fetch-happen dependency to v15. (#3374)

  This change allows users to upgrade make-fetch-happen to v15, which in turn will allow updating the cacache dependency from v17 to v20, dropping the tar v6 dependency that is marked as vulnerable.

  The only breaking changes in make-fetch-happen from v11 to v15 are removals of support for old end-of-life Node.js versions.

  There is only one note from the 12.0.0 release of make-fetch-happen that might be of interest when considering the upgrade:

  this changes the underlying http agents to those provided by @​npmcli/agent. Backwards compatibility should be fully implemented but due to the scope of this change it was made a breaking change out of an abundance of caution.

  As a result, it should be possible for most users to upgrade from v11 to v15 without any issues.

  We still keep the dependency to v11 as an alternative for people that cannot upgrade to v15 for some reason. This will be removed in a future version of @apollo/gateway.

  Even for users that stay on v11, there should not be any immediate danger. While cacache had tar v6 as a dependency, it actually never used it. It seems that that dependency had become unused at some point but was never removed. So users on make-fetch-happen v11 are not actually affected by the vulnerability in tar v6.

  The dependency might hold the tar package required by other packages back, though. In case an update from v11 to v15 is not possible, users should consider to use the resolution override feature of their package manager to force the dependency from cacache to tar to either be removed or updated to a newer version. As cacache does not actually use tar, this should not cause any issues.

• Updated dependencies []:

  • @​apollo/composition@​2.13.1
  • @​apollo/federation-internals@​2.13.1
  • @​apollo/query-planner@​2.13.1

@​apollo/gateway@​2.13.0

Minor Changes

• Drop Node.js 14/16 support, require Node.js 18+ (#3364)

Patch Changes

• Updated dependencies [f4d2f4a1f50a92be37ea7179eddb3681f36d9d15, 523b13b715e75033f0bdbc176416e59ac01de8f0, ecbe182423313b3a94c185dee6b659573435b141, 4c64006b1604471940e20aa1aa46a0f75a6396df, 873577a2b7ae8ce507e0ca4377aed049e1a15075]:
  • @​apollo/query-planner@​2.13.0
  • @​apollo/composition@​2.13.0
  • @​apollo/federation-internals@​2.13.0

@​apollo/gateway@​2.13.0-preview.2

Minor Changes

• • Drop Node.js 14/16 support, require Node.js 18+ (#3364)

Patch Changes

• Updated dependencies [f4d2f4a1f50a92be37ea7179eddb3681f36d9d15, ecbe182423313b3a94c185dee6b659573435b141]:
  • @​apollo/query-planner@​2.13.0-preview.2
  • @​apollo/composition@​2.13.0-preview.2
  • @​apollo/federation-internals@​2.13.0-preview.2

... (truncated)

Changelog

Sourced from @​apollo/gateway's changelog.

2.13.1

Patch Changes

• Allow bumping make-fetch-happen dependency to v15. (#3374)

  This change allows users to upgrade make-fetch-happen to v15, which in turn will allow updating the cacache dependency from v17 to v20, dropping the tar v6 dependency that is marked as vulnerable.

  The only breaking changes in make-fetch-happen from v11 to v15 are removals of support for old end-of-life Node.js versions.

  There is only one note from the 12.0.0 release of make-fetch-happen that might be of interest when considering the upgrade:

  this changes the underlying http agents to those provided by @​npmcli/agent. Backwards compatibility should be fully implemented but due to the scope of this change it was made a breaking change out of an abundance of caution.

  As a result, it should be possible for most users to upgrade from v11 to v15 without any issues.

  We still keep the dependency to v11 as an alternative for people that cannot upgrade to v15 for some reason. This will be removed in a future version of @apollo/gateway.

  Even for users that stay on v11, there should not be any immediate danger. While cacache had tar v6 as a dependency, it actually never used it. It seems that that dependency had become unused at some point but was never removed. So users on make-fetch-happen v11 are not actually affected by the vulnerability in tar v6.

  The dependency might hold the tar package required by other packages back, though. In case an update from v11 to v15 is not possible, users should consider to use the resolution override feature of their package manager to force the dependency from cacache to tar to either be removed or updated to a newer version. As cacache does not actually use tar, this should not cause any issues.

• Updated dependencies []:

  • @​apollo/composition@​2.13.1
  • @​apollo/federation-internals@​2.13.1
  • @​apollo/query-planner@​2.13.1

2.13.0

Minor Changes

• Drop Node.js 14/16 support, require Node.js 18+ (#3364)

Patch Changes

• Updated dependencies [f4d2f4a1f50a92be37ea7179eddb3681f36d9d15, 523b13b715e75033f0bdbc176416e59ac01de8f0, ecbe182423313b3a94c185dee6b659573435b141, 4c64006b1604471940e20aa1aa46a0f75a6396df, 873577a2b7ae8ce507e0ca4377aed049e1a15075]:
  • @​apollo/query-planner@​2.13.0
  • @​apollo/composition@​2.13.0
  • @​apollo/federation-internals@​2.13.0

Commits

• 5ccf15a release: on branch main (#3380)
• 2c0e462 allow bumping make-fetch-happen dependency to v15 (#3374)
• 9ef306d release: on branch main (#3373)
• 0e3a65a release: on branch next (preview) (#3367)
• 7ed1768 release: on branch next (preview) (#3361)
• e22869f Merge branch 'main' into 'next'
• bda422b release: on branch next (preview) (#3351)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​apollo/gateway since your current version.

Updates @apollo/server from 5.2.0 to 5.4.0

Release notes

Sourced from @​apollo/server's releases.

@​apollo/server-integration-testsuite@​5.4.0

Patch Changes

• Updated dependencies [d25a5bd]:
  • @​apollo/server@​5.4.0

@​apollo/server@​5.4.0

Minor Changes

• d25a5bd Thanks @​phryneas! - ⚠️ SECURITY @apollo/server/standalone:

  The default configuration of startStandaloneServer was vulnerable to denial of service (DoS) attacks through specially crafted request bodies with exotic character set encodings.

  In accordance with RFC 7159, we now only accept request bodies encoded in UTF-8, UTF-16 (LE or BE), or UTF-32 (LE or BE). Any other character set will be rejected with a 415 Unsupported Media Type error. Note that the more recent JSON RFC, RFC 8259, is more strict and will only allow UTF-8. Since this is a minor release, we have chosen to remain compatible with the more permissive RFC 7159 for now. In a future major release, we may tighten this restriction further to only allow UTF-8.

  If you were not using startStandaloneServer, you were not affected by this vulnerability.

  Generally, please note that we provide startStandaloneServer as a convenience tool for quickly getting started with Apollo Server. For production deployments, we recommend using Apollo Server with a more fully-featured web server framework such as Express, Koa, or Fastify, where you have more control over security-related configuration options.

@​apollo/server-integration-testsuite@​5.3.0

Patch Changes

• Updated dependencies [8e54e58, 26320bc]:
  • @​apollo/server@​5.3.0

@​apollo/server@​5.3.0

Minor Changes

• #8062 8e54e58 Thanks @​cristunaranjo! - Allow configuration of graphql execution options (maxCoercionErrors)

  const server = new ApolloServer({
    typeDefs,
    resolvers,
    executionOptions: {
      maxCoercionErrors: 50,
    },
  });

• #8014 26320bc Thanks @​mo4islona! - Expose graphql validation options.

  const server = new ApolloServer({
    typeDefs,

... (truncated)

Changelog

Sourced from @​apollo/server's changelog.

5.4.0

Minor Changes

• d25a5bd Thanks @​phryneas! - ⚠️ SECURITY @apollo/server/standalone:

  The default configuration of startStandaloneServer was vulnerable to denial of service (DoS) attacks through specially crafted request bodies with exotic character set encodings.

  In accordance with RFC 7159, we now only accept request bodies encoded in UTF-8, UTF-16 (LE or BE), or UTF-32 (LE or BE). Any other character set will be rejected with a 415 Unsupported Media Type error. Note that the more recent JSON RFC, RFC 8259, is more strict and will only allow UTF-8. Since this is a minor release, we have chosen to remain compatible with the more permissive RFC 7159 for now. In a future major release, we may tighten this restriction further to only allow UTF-8.

  If you were not using startStandaloneServer, you were not affected by this vulnerability.

  Generally, please note that we provide startStandaloneServer as a convenience tool for quickly getting started with Apollo Server. For production deployments, we recommend using Apollo Server with a more fully-featured web server framework such as Express, Koa, or Fastify, where you have more control over security-related configuration options.

5.3.0

Minor Changes

• #8062 8e54e58 Thanks @​cristunaranjo! - Allow configuration of graphql execution options (maxCoercionErrors)

  const server = new ApolloServer({
    typeDefs,
    resolvers,
    executionOptions: {
      maxCoercionErrors: 50,
    },
  });

• #8014 26320bc Thanks @​mo4islona! - Expose graphql validation options.

  const server = new ApolloServer({
    typeDefs,
    resolvers,
    validationOptions: {
      maxErrors: 10,
    },
  });

Commits

• ad45d15 Version Packages (#8179)
• d25a5bd Merge commit from fork
• 443e547 fix repository urls
• 28d6d47 Version Packages (#8172)
• 26320bc feat: Allow configuration of graphql validation options #8014
• f2c16a7 bump dependency
• 8e54e58 feat: Allow configuration of graphql execution options(maxCoercionErrors)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​apollo/server since your current version.

Updates @apollo/subgraph from 2.12.2 to 2.13.1

Release notes

Sourced from @​apollo/subgraph's releases.

@​apollo/subgraph@​2.13.1

Patch Changes

• Updated dependencies []:
  • @​apollo/federation-internals@​2.13.1

@​apollo/subgraph@​2.13.0

Minor Changes

• Drop Node.js 14/16 support, require Node.js 18+ (#3364)

Patch Changes

• Updated dependencies [f4d2f4a1f50a92be37ea7179eddb3681f36d9d15, 523b13b715e75033f0bdbc176416e59ac01de8f0, ecbe182423313b3a94c185dee6b659573435b141, 4c64006b1604471940e20aa1aa46a0f75a6396df, 873577a2b7ae8ce507e0ca4377aed049e1a15075]:
  • @​apollo/federation-internals@​2.13.0

@​apollo/subgraph@​2.13.0-preview.2

Minor Changes

• • Drop Node.js 14/16 support, require Node.js 18+ (#3364)

Patch Changes

• Updated dependencies [f4d2f4a1f50a92be37ea7179eddb3681f36d9d15, ecbe182423313b3a94c185dee6b659573435b141]:
  • @​apollo/federation-internals@​2.13.0-preview.2

@​apollo/subgraph@​2.13.0-preview.0

Patch Changes

• Updated dependencies [4c64006b1604471940e20aa1aa46a0f75a6396df]:
  • @​apollo/federation-internals@​2.13.0-preview.0

Changelog

Sourced from @​apollo/subgraph's changelog.

2.13.1

Patch Changes

• Updated dependencies []:
  • @​apollo/federation-internals@​2.13.1

2.13.0

Minor Changes

• Drop Node.js 14/16 support, require Node.js 18+ (#3364)

Patch Changes

• Updated dependencies [f4d2f4a1f50a92be37ea7179eddb3681f36d9d15, 523b13b715e75033f0bdbc176416e59ac01de8f0, ecbe182423313b3a94c185dee6b659573435b141, 4c64006b1604471940e20aa1aa46a0f75a6396df, 873577a2b7ae8ce507e0ca4377aed049e1a15075]:
  • @​apollo/federation-internals@​2.13.0

Commits

• 5ccf15a release: on branch main (#3380)
• 9ef306d release: on branch main (#3373)
• 0e3a65a release: on branch next (preview) (#3367)
• 7ed1768 release: on branch next (preview) (#3361)
• e22869f Merge branch 'main' into 'next'
• bda422b release: on branch next (preview) (#3351)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​apollo/subgraph since your current version.

Updates @aws-sdk/client-bedrock-runtime from 3.971.0 to 3.995.0

Release notes

Sourced from @​aws-sdk/client-bedrock-runtime's releases.

v3.995.0

3.995.0(2026-02-20)

Chores

• codegen: bump codegen version to 0.45.0 (#7752) (3c93f8ab)
• util-user-agent-node: populate metadata of alternative JavaScript runtimes (#7754) (79d2c235)
• make PR template checklist easier to edit (#7753) (be25ea35)

New Features

• clients: update client endpoints as of 2026-02-20 (aa23f1e0)
• client-appstream: Adding new attribute to disable IMDS v1 APIs for fleet, Image Builder and AppBlockBuilder instances. (72021889)
• client-sagemaker-runtime: Added support for S3OutputPathExtension and Filename parameters to the InvokeEndpointAsync API to allow users to customize the S3 output path and file name for async inference response payloads. (edac3d73)
• client-trustedadvisor: Adding a new enum attribute(statusReason) to TrustedAdvisorAPI response. This attribute explains reasoning behind check status for certain specific scenarios. (2d4a1eb4)
• client-ecs: Migrated to Smithy. No functional changes (20258a5f)
• client-ssm: Add support for AssociationDispatchAssumeRole in AWS SSM State Manager. (83535fc8)
• client-signer-data: This release introduces AWS Signer Data Plane SDK client supporting GetRevocationStatus API. The new client enables AWS PrivateLink connectivity with both private DNS and VPC endpoint URLs. (b03b059d)

---

For list of updated packages, view updated-packages.md in assets-3.995.0.zip

v3.994.0

3.994.0(2026-02-19)

Chores

• codegen: bump Gradle to 9.3.1 (#7750) (9db72de8)

New Features

• client-pca-connector-scep: AWS Private CA Connector for SCEP now supports AWS PrivateLink, allowing your clients to request certificates from within your Amazon Virtual Private Cloud (VPC) without traversing the public internet. With this launch, you can create VPC endpoints to connect to your SCEP connector privately. (6ffd8f08)
• client-bcm-dashboards: The Billing and Cost Management GetDashboard API now returns identifier for each widget, enabling users to uniquely identify widgets within their dashboards. (4d6e1de7)
• client-ecr: Adds multiple artifact types filter support in ListImageReferrers API. (9335ea37)

---

For list of updated packages, view updated-packages.md in assets-3.994.0.zip

v3.993.0

3.993.0(2026-02-18)

Chores

• bump fast-xml-parser to 5.3.6 (#7747) (74d03faf)
• codegen: fix undefined http binding top level members (#7741) (4b026420)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-bedrock-runtime's changelog.

3.995.0 (2026-02-20)

Note: Version bump only for package @​aws-sdk/client-bedrock-runtime

3.994.0 (2026-02-19)

Note: Version bump only for package @​aws-sdk/client-bedrock-runtime

3.993.0 (2026-02-18)

Note: Version bump only for package @​aws-sdk/client-bedrock-runtime

3.992.0 (2026-02-17)

Note: Version bump only for package @​aws-sdk/client-bedrock-runtime

3.991.0 (2026-02-16)

Note: Version bump only for package @​aws-sdk/client-bedrock-runtime

3.990.0 (2026-02-13)

Note: Version bump only for package @​aws-sdk/client-bedrock-runtime

3.989.0 (2026-02-12)

... (truncated)

Commits

• e8dc4f2 Publish v3.995.0
• 62005a2 Publish v3.994.0
• 1d8d818 Publish v3.993.0
• 4b02642 chore(codegen): fix undefined http binding top level members (#7741)
• c4fdbdb Publish v3.992.0
• d504da4 Publish v3.991.0
• b037203 Publish v3.990.0
• 92253a3 Publish v3.989.0
• 223d2fb Publish v3.988.0
• d20ea16 chore(codegen): update for compositeErrorRegistries (#7728)
• Additional commits viewable in compare view

Updates @aws-sdk/client-dynamodb from 3.971.0 to 3.995.0

Release notes

Sourced from @​aws-sdk/client-dynamodb's releases.

v3.995.0

3.995.0(2026-02-20)

Chores

• codegen: bump codegen version to 0.45.0 (#7752) (3c93f8ab)
• util-user-agent-node: populate metadata of alternative JavaScript runtimes (#7754) (79d2c235)
• make PR template checklist easier to edit (#7753) (be25ea35)

New Features

• clients: update client endpoints as of 2026-02-20 (aa23f1e0)
• client-appstream: Adding new attribute to disable IMDS v1 APIs for fleet, Image Builder and AppBlockBuilder instances. (72021889)
• client-sagemaker-runtime: Added support for S3OutputPathExtension and Filename parameters to the InvokeEndpointAsync API to allow users to customize the S3 output path and file name for async inference response payloads. (edac3d73)
• client-trustedadvisor: Adding a new enum attribute(statusReason) to TrustedAdvisorAPI response. This attribute explains reasoning behind check status for certain specific scenarios. (2d4a1eb4)
• client-ecs: Migrated to Smithy. No functional changes (20258a5f)
• client-ssm: Add support for AssociationDispatchAssumeRole in AWS SSM State Manager. (83535fc8)
• client-signer-data: This release introduces AWS Signer Data Plane SDK client supporting GetRevocationStatus API. The new client enables AWS PrivateLink connectivity with both private DNS and VPC endpoint URLs. (b03b059d)

---

For list of updated packages, view updated-packages.md in assets-3.995.0.zip

v3.994.0

3.994.0(2026-02-19)

Chores

• codegen: bump Gradle to 9.3.1 (#7750) (9db72de8)

New Features

• client-pca-connector-scep: AWS Private CA Connector for SCEP now supports AWS PrivateLink, allowing your clients to request certificates from within your Amazon Virtual Private Cloud (VPC) without traversing the public internet. With this launch, you can create VPC endpoints to connect to your SCEP connector privately. (6ffd8f08)
• client-bcm-dashboards: The Billing and Cost Management GetDashboard API now returns identifier for each widget, enabling users to uniquely identify widgets within their dashboards. (4d6e1de7)
• client-ecr: Adds multiple artifact types filter support in ListImageReferrers API. (9335ea37)

---

For list of updated packages, view updated-packages.md in assets-3.994.0.zip

v3.993.0

3.993.0(2026-02-18)

Chores

• bump fast-xml-parser to 5.3.6 (#7747) (74d03faf)
• codegen: fix undefined http binding top level members (#7741) (4b026420)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-dynamodb's changelog.

3.995.0 (2026-02-20)

Note: Version bump only for package @​aws-sdk/client-dynamodb

3.994.0 (2026-02-19)

Note: Version bump only for package @​aws-sdk/client-dynamodb

3.993.0 (2026-02-18)

Note: Version bump only for package @​aws-sdk/client-dynamodb

3.992.0 (2026-02-17)

Note: Version bump only for package @​aws-sdk/client-dynamodb

3.991.0 (2026-02-16)

Note: Version bump only for package @​aws-sdk/client-dynamodb

3.990.0 (2026-02-13)

Note: Version bump only for package @​aws-sdk/client-dynamodb

3.989.0 (2026-02-12)

... (truncated)

Commits

• e8dc4f2 Publish v3.995.0
• 62005a2 Publish v3.994.0
• 1d8d818 Publish v3.993.0
• 4b02642 chore(codegen): fix undefined http binding top level members (#7741)
• c4fdbdb Publish v3.992.0
• d504da4 Publish v3.991.0
• b037203 Publish v3.990.0
• 92253a3 Publish v3.989.0
• 223d2fb Publish v3.988.0
• d20ea16 chore(codegen): update for compositeErrorRegistries (#7728)
• Additional commits viewable in compare viewDescription has been truncated

[github-actions]

Overall package size

Self size: 4.78 MB
Deduped: 5.63 MB
No deduping: 5.63 MB

Dependency sizes

| name | version | self size | total size | |------|---------|-----------|------------| | import-in-the-middle | 2.0.6 | 81.92 kB | 816.75 kB | | dc-polyfill | 0.1.10 | 26.73 kB | 26.73 kB |

_{🤖 This report was automatically generated by heaviest-objects-in-the-universe}

[pr-commenter]

Benchmarks

Benchmark execution time: 2026-02-24 01:32:26

Comparing candidate commit 147a57e in PR branch dependabot/npm_and_yarn/packages/dd-trace/test/plugins/versions/test-versions-39ec633dc1 with baseline commit f370fb3 in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 235 metrics, 25 unstable metrics.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 78.96%. Comparing base (f370fb3) to head (147a57e).

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #7605      +/-   ##
==========================================
- Coverage   80.17%   78.96%   -1.21%     
==========================================
  Files         732      731       -1     
  Lines       31440    31468      +28     
==========================================
- Hits        25207    24850     -357     
- Misses       6233     6618     +385     

Flag	Coverage Δ
aiguard-macos	?
aiguard-ubuntu	39.06% <ø> (-0.11%)	⬇️
aiguard-windows	38.79% <ø> (-0.11%)	⬇️
apm-capabilities-tracing-macos	48.60% <ø> (ø)
apm-capabilities-tracing-ubuntu	48.64% <ø> (ø)
apm-capabilities-tracing-windows	48.33% <ø> (+0.04%)	⬆️
apm-integrations-child-process	38.51% <ø> (-0.10%)	⬇️
apm-integrations-couchbase-18	37.28% <ø> (-0.25%)	⬇️
apm-integrations-couchbase-eol	37.76% <ø> (-0.10%)	⬇️
apm-integrations-oracledb	37.73% <ø> (-0.10%)	⬇️
appsec-express	55.53% <ø> (-0.08%)	⬇️
appsec-fastify	51.84% <ø> (-0.07%)	⬇️
appsec-graphql	52.03% <ø> (-0.07%)	⬇️
appsec-kafka	44.46% <ø> (?)
appsec-ldapjs	44.09% <ø> (-0.09%)	⬇️
appsec-lodash	43.78% <ø> (-0.08%)	⬇️
appsec-macos	58.61% <ø> (-0.07%)	⬇️
appsec-mongodb-core	48.84% <ø> (-0.08%)	⬇️
appsec-mongoose	49.64% <ø> (-0.08%)	⬇️
appsec-mysql	51.02% <ø> (-0.07%)	⬇️
appsec-node-serialize	43.29% <ø> (-0.09%)	⬇️
appsec-passport	47.78% <ø> (-0.09%)	⬇️
appsec-postgres	50.77% <ø> (-0.08%)	⬇️
appsec-sourcing	42.64% <ø> (-0.09%)	⬇️
appsec-template	43.46% <ø> (-0.09%)	⬇️
appsec-ubuntu	58.69% <ø> (-0.07%)	⬇️
appsec-windows	58.47% <ø> (-0.07%)	⬇️
instrumentations-instrumentation-bluebird	32.21% <ø> (-0.11%)	⬇️
instrumentations-instrumentation-body-parser	40.52% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-child_process	37.82% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-cookie-parser	34.25% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-express	34.58% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-express-mongo-sanitize	34.38% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-express-session	40.14% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-fs	31.81% <ø> (-0.11%)	⬇️
instrumentations-instrumentation-generic-pool	29.76% <ø> (ø)
instrumentations-instrumentation-http	39.86% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-knex	32.21% <ø> (-0.11%)	⬇️
instrumentations-instrumentation-mongoose	33.37% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-multer	40.26% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-mysql2	?
instrumentations-instrumentation-passport	44.09% <ø> (-0.09%)	⬇️
instrumentations-instrumentation-passport-http	43.76% <ø> (-0.09%)	⬇️
instrumentations-instrumentation-passport-local	44.31% <ø> (-0.09%)	⬇️
instrumentations-instrumentation-pg	37.72% <ø> (-0.10%)	⬇️
instrumentations-instrumentation-promise	32.13% <ø> (-0.11%)	⬇️
instrumentations-instrumentation-promise-js	32.14% <ø> (-0.11%)	⬇️
instrumentations-instrumentation-q	32.18% <ø> (-0.11%)	⬇️
instrumentations-instrumentation-url	32.10% <ø> (-0.11%)	⬇️
instrumentations-instrumentation-when	32.15% <ø> (-0.11%)	⬇️
llmobs-ai	41.33% <ø> (-0.10%)	⬇️
llmobs-anthropic	40.33% <ø> (-0.10%)	⬇️
llmobs-bedrock	39.26% <ø> (-0.09%)	⬇️
llmobs-google-genai	39.85% <ø> (-0.09%)	⬇️
llmobs-langchain	?
llmobs-openai	44.14% <ø> (-0.09%)	⬇️
llmobs-vertex-ai	40.04% <ø> (-0.09%)	⬇️
platform-core	29.71% <ø> (ø)
platform-esbuild	32.89% <ø> (ø)
platform-instrumentations-misc	40.53% <ø> (ø)
platform-shimmer	36.14% <ø> (ø)
platform-unit-guardrails	31.27% <ø> (ø)
plugins-azure-event-hubs	24.02% <ø> (ø)
plugins-azure-service-bus	23.42% <ø> (ø)
plugins-bullmq	43.71% <ø> (-0.15%)	⬇️
plugins-cassandra	37.77% <ø> (-0.10%)	⬇️
plugins-cookie	25.08% <ø> (ø)
plugins-cookie-parser	24.87% <ø> (ø)
plugins-crypto	24.72% <ø> (ø)
plugins-dd-trace-api	38.37% <ø> (-0.11%)	⬇️
plugins-express-mongo-sanitize	25.04% <ø> (ø)
plugins-express-session	24.83% <ø> (ø)
plugins-fastify	42.28% <ø> (-0.10%)	⬇️
plugins-fetch	38.32% <ø> (-0.10%)	⬇️
plugins-fs	38.61% <ø> (-0.11%)	⬇️
plugins-generic-pool	24.06% <ø> (ø)
plugins-google-cloud-pubsub	45.44% <ø> (-0.12%)	⬇️
plugins-grpc	40.97% <ø> (-0.10%)	⬇️
plugins-handlebars	25.08% <ø> (ø)
plugins-hapi	40.15% <ø> (-0.24%)	⬇️
plugins-hono	40.41% <ø> (-0.10%)	⬇️
plugins-ioredis	38.42% <ø> (-0.10%)	⬇️
plugins-knex	24.80% <ø> (ø)
plugins-ldapjs	22.61% <ø> (ø)
plugins-light-my-request	24.48% <ø> (ø)
plugins-limitd-client	32.50% <ø> (-0.11%)	⬇️
plugins-lodash	24.13% <ø> (ø)
plugins-mariadb	?
plugins-memcached	38.15% <ø> (-0.11%)	⬇️
plugins-microgateway-core	39.18% <ø> (-0.10%)	⬇️
plugins-moleculer	40.53% <ø> (-0.10%)	⬇️
plugins-mongodb	39.20% <ø> (-0.10%)	⬇️
plugins-mongodb-core	39.04% <ø> (-0.10%)	⬇️
plugins-mongoose	38.86% <ø> (-0.10%)	⬇️
plugins-multer	24.83% <ø> (ø)
plugins-mysql	39.17% <ø> (-0.07%)	⬇️
plugins-mysql2	39.27% <ø> (-0.10%)	⬇️
plugins-node-serialize	25.12% <ø> (ø)
plugins-opensearch	37.60% <ø> (-0.10%)	⬇️
plugins-passport-http	24.91% <ø> (ø)
plugins-postgres	35.70% <ø> (-0.09%)	⬇️
plugins-process	24.72% <ø> (ø)
plugins-pug	25.08% <ø> (ø)
plugins-redis	38.89% <ø> (-0.10%)	⬇️
plugins-router	43.03% <ø> (-0.10%)	⬇️
plugins-sequelize	23.66% <ø> (ø)
plugins-test-and-upstream-amqp10	38.34% <ø> (-0.25%)	⬇️
plugins-test-and-upstream-amqplib	43.76% <ø> (-0.25%)	⬇️
plugins-test-and-upstream-apollo	39.04% <ø> (-0.08%)	⬇️
plugins-test-and-upstream-avsc	38.70% <ø> (-0.11%)	⬇️
plugins-test-and-upstream-bunyan	33.80% <ø> (-0.11%)	⬇️
plugins-test-and-upstream-connect	40.82% <ø> (-0.10%)	⬇️
plugins-test-and-upstream-graphql	40.16% <ø> (-0.10%)	⬇️
plugins-test-and-upstream-koa	40.39% <ø> (-0.10%)	⬇️
plugins-test-and-upstream-protobufjs	38.94% <ø> (-0.11%)	⬇️
plugins-test-and-upstream-rhea	44.10% <ø> (-0.10%)	⬇️
plugins-undici	39.12% <ø> (-0.09%)	⬇️
plugins-url	24.72% <ø> (ø)
plugins-valkey	38.07% <ø> (-0.10%)	⬇️
plugins-vm	24.72% <ø> (ø)
plugins-winston	34.00% <ø> (-0.10%)	⬇️
plugins-ws	41.92% <ø> (-0.10%)	⬇️
profiling-macos	39.85% <ø> (-0.10%)	⬇️
profiling-ubuntu	39.98% <ø> (-0.10%)	⬇️
profiling-windows	41.20% <ø> (-0.10%)	⬇️
serverless-azure-functions-client	23.75% <ø> (ø)
serverless-azure-functions-eventhubs	23.75% <ø> (ø)
serverless-azure-functions-servicebus	23.75% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.