Skip to content

blog: otel-js Node.js DOS Mitigation #8916

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tiffany76 merged 6 commits into from
Jan 15, 2026
Merged

blog: otel-js Node.js DOS Mitigation #8916

tiffany76 merged 6 commits into from
Jan 15, 2026
+46 −0

Conversation

@JamieDanielson
Copy link
Member

@JamieDanielson JamieDanielson commented Jan 15, 2026

Add blog post addressing the security advisory posted for Node.js that mentioned OTel and APM vendors.

(Mitigation is to upgrade Node.js to 20.20.0 or later.)

@github-actions github-actions bot added the blog label Jan 15, 2026
@otelbot-docs otelbot-docs bot requested a review from a team January 15, 2026 15:13
@JamieDanielson JamieDanielson requested a review from a team January 15, 2026 15:14
@JamieDanielson JamieDanielson force-pushed the jamie.oteljs-node-cve-mitigation branch from 087c883 to afe0ec3 Compare January 15, 2026 15:38
@JamieDanielson JamieDanielson changed the title blog: oteljs nodejs cve mitigation blog: oteljs nodejs dos vulnerability mitigation Jan 15, 2026
legendecas
legendecas reviewed Jan 15, 2026
View reviewed changes
dyladan
dyladan approved these changes Jan 15, 2026
View reviewed changes
@mcollina
Copy link

mcollina commented Jan 15, 2026

works for me

@dyladan
Copy link
Member

dyladan commented Jan 15, 2026

works for me

For otel GC/comms reviewers who aren't aware, @mcollina is a Node.js TSC member.

@JamieDanielson JamieDanielson changed the title blog: oteljs nodejs dos vulnerability mitigation blog: otel-js Node.js DOS Mitigation Jan 15, 2026
legendecas
legendecas approved these changes Jan 15, 2026
View reviewed changes
Copy link
Member

@legendecas legendecas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@JamieDanielson JamieDanielson marked this pull request as ready for review January 15, 2026 20:23
@JamieDanielson JamieDanielson requested a review from a team as a code owner January 15, 2026 20:23
maryliag
maryliag reviewed Jan 15, 2026
View reviewed changes
maryliag
maryliag reviewed Jan 15, 2026
View reviewed changes
@maryliag
Copy link
Contributor

maryliag commented Jan 15, 2026

/fix:refcache

@otelbot-docs
Copy link
Contributor

otelbot-docs bot commented Jan 15, 2026

fix:refcache applied successfully in run 21046169868.

@maryliag
Copy link
Contributor

maryliag commented Jan 15, 2026

/fix:format

@otelbot-docs
Copy link
Contributor

otelbot-docs bot commented Jan 15, 2026

fix:format applied successfully in run 21046763881.

@tiffany76 tiffany76 added this pull request to the merge queue Jan 15, 2026
Merged via the queue into open-telemetry:main with commit 9cebc46 Jan 15, 2026
22 checks passed
@tiffany76
Copy link
Member

tiffany76 commented Jan 15, 2026

The post has been published and social media has been updated.

https://opentelemetry.io/blog/2026/oteljs-nodejs-dos-mitigation/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@maryliag maryliag maryliag approved these changes

@tiffany76 tiffany76 tiffany76 approved these changes

+3 more reviewers

@joyeecheung joyeecheung joyeecheung left review comments

@dyladan dyladan dyladan approved these changes

@legendecas legendecas legendecas approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

blog

Projects

SIG Comms: PRs & Issues
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@JamieDanielson @mcollina @dyladan @maryliag @tiffany76 @joyeecheung @legendecas