[Snyk] Security upgrade newrelic from 11.6.0 to 11.8.0

[MaxMood96]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • shared/agent/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-AXIOS-6144788	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: newrelic

The new version differs by 26 commits.

• 9b7003a chore: release v11.8.0 (#1930)
• 4e09927 chore(deps): Updated @ newrelic/security-agent to v0.6.0 (#1929)
• 1ce371e refactor: Updated webframework-shim to reduce the cognitive complexity (#1927)
• 7ea31a3 fix: Ensure opts.headers is defined in http instrumentation (#1926)
• bd0a5dc refactor: Updated lib/shim/promise-shim.js to reduce the cognitive complexity (#1924)
• 0ec2f66 test: removed access to deprecated req._headers and instead use req.headers (#1923)
• 4c30d97 refactor: Updated instrumentation/core/http.js to reduce the cognitive complexity to an allowable value (#1922)
• 9003791 refactor: updated how we get a random int in helper.randomPort by using crypto lib (#1921)
• 957529e test: Refactored tests that were still using the tap mocha shim + chai to now use tap. (#1919)
• cc4a975 feat: removed api.setLlmMetadata(#1918)
• 2d666b6 test: updated the cross agent tests, made updates to tests based on fixture changes (#1917)
• f49fd43 chore: release v11.7.0 (#1916)
• 1a3f87f feat: Added instrumentation for Restify async handlers (#1910)
• 7ed64bd feat: Added deserialized X-NewRelic-Synthetics-Info header to transaction and transaction trace intrinsic attributes (#1912)
• 91019b0 chore: Add AWS Bedrock feature flag (#1913)
• ee81429 refactor: change dynamic import to work with bundlers (#1905)
• 2080b1f ci: removed step in post release process to update an internal system with the latest agent version (#1909)
• e9c3748 fix: Update import-in-the-middle to fix ESM on Node 18.19.0 (#1906)
• 7682cd7 chore: release v11.6.1 (#1903)
• bf22ae5 fix(deps): Updated @ newrelic/aws-sdk to 7.0.3 (#1902)
• b7a644d refactor: Updated span names of openai actions to allow AI O11y team to locate relevant spans (#1896)
• 9973b24 test: pin undici versioned to <6.0.0 on Node 16 (#1900)
• 6e02e57 test: Fix winston-esm versioned tests (#1898)
• 9f7979c fix: Updated shimmer to handle instrumenting named and default exports of CommonJS modules in ESM (#1894)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution