[Snyk] Upgrade @opentelemetry/context-zone from 2.6.0 to 2.6.1

[nkammah]

Snyk has created this PR to upgrade @opentelemetry/context-zone from 2.6.0 to 2.6.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.

• The recommended version was released a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Arbitrary Code Injection SNYK-JS-PROTOBUFJS-16094665	868	Proof of Concept
	Arbitrary Code Injection SNYK-JS-PROTOBUFJS-16094665	868	Proof of Concept

Breaking Change Risk

Notice: This assessment is enhanced by AI.

Release notes

Package name: @opentelemetry/context-zone

• 2.6.1 - 2026-03-25
  

  2.6.1

  🐛 Bug Fixes

  • fix(opentelemetry-instrumentation): improve _warnOnPreloadedModules function not to show warning logs when the module is not marked as loaded #6095 @ rlj1202
  • fix(sdk-trace-base): derive internal SpanOptions from API type to prevent drift #6478 @ overbalance
  • fix(span): enforce attributePerEventCountLimit, attributePerLinkCountLimit, linkCountLimit, and attributeValueLengthLimit for event/link attributes #6479 @ overbalance

  🏠 Internal

  • chore: enforce import type for type-only imports via ESLint #6467 @ overbalance
  • perf(sdk-trace-base): avoid Object.entries in Span.setAttributes #6514 @ daniellockyer
  • perf(sdk-trace-base): optimize Span.{addEvent,addLink} performance #6516 @ daniellockyer
  • test(bundlers): broaden bundler test coverage and assert known protobuf dynamic-require failures #6482 @ overbalance
• 2.6.0 - 2026-03-03
  

  2.6.0

  💥 Breaking Changes

  • fix(resources): update OTEL_RESOURCE_ATTRIBUTES parsing to match spec changes (open-telemetry/opentelemetry-specification#4856) #6261 @ JacksonWeber
    • Important: This fix is included in the "breaking changes" section because it can be breaking for some edge case usage of OTEL_RESOURCE_ATTRIBUTES:
      • export OTEL_RESOURCE_ATTRIBUTES=foo=bar,spam will now be fully ignored, because the spam entry is invalid (missing =). Per spec, any parsing error results in ignoring the entire environment variable.
      • export OTEL_RESOURCE_ATTRIBUTES='wat=" spaces "' will now result in {"wat": "\" spaces \""} with the double-quotes included in the value. Before this change the implementation included brittle double-quoting to allow leading and trailing whitespace in the value. To support leading or trailing whitespace now, you must percent-encode the whitespace. Internal whitespace still works without encoding, e.g. export OTEL_RESOURCE_ATTRIBUTES='green=eggs and ham'.

  🚀 Features

  • feat(sdk-trace): implement span start/end metrics #6213 @ anuraaga

  🐛 Bug Fixes

  • fix(sdk-trace-web): propagate optimised flag in getElementXPath recursion #6335 @ akkupratap323

from @opentelemetry/context-zone GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[nkammah]

This is a patch version upgrade that includes a bug fix for the @opentelemetry/context-zone package.

Change Details:

• The update guards the onCancelTask function to prevent a potential infinite loop when used with rc-align (an Ant Design component) in React 16 development mode. [8]

This change is a targeted bug fix and does not introduce any breaking API changes.

Source: OpenTelemetry-JS Changelog

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[cotti]

@opentelemetry-context-zone was updated to ^2.7.0 in another PR; Closing this one.