build(deps): bump newrelic_rpm from 10.3.0 to 10.4.0

[dependabot]

Bumps newrelic_rpm from 10.3.0 to 10.4.0.

Changelog

Sourced from newrelic_rpm's changelog.

v10.4.0

• Feature: Add Rails.event instrumentation for structured logging

  The agent now supports Rails.event as structured log events. When enabled, events published via Rails.event.notify are captured and forwarded to New Relic as log events. Event payloads, tags, context, timestamps, and source locations are automatically captured as log attributes.

  This instrumentation can be configured with the following options:

  • instrumentation.rails_event_logger - Controls whether Rails.event instrumentation is enabled. Defaults to use the value of application_logging.enabled.
  • instrumentation.rails_event_logger.event_names - An array of specific event names to capture. When empty (default), all Rails.event notifications are captured. Use this to filter events by name, for example: ['user.signup', 'payment.processed'].

  PR#3526

• Feature: Add instrumentation for Rails Active Job Continuations

  The agent now instruments Rails Active Job Continuations, providing visibility into individual step execution within long-running jobs. Step names are included in segment metrics (e.g., Ruby/ActiveJob/default/MyJob/step/process_records) and step-specific attributes like cursor position, resumed status, and interrupted status are captured. A new configuration option, disable_active_job_step_names, allows users to exclude step names from metric names to reduce metric cardinality if needed (defaults to false). PR#3493

• Feature: Add sidekiq.separate_transactions configuration option

  A new configuration option, sidekiq.separate_transactions, allows Sidekiq jobs executed during a web transaction to run in their own separate transaction. When enabled, this prevents Sidekiq job execution time from being included in web transaction metrics, providing more accurate performance data. The feature is opt-in (default: false) to maintain backward compatibility. This only affects jobs executed during active web transactions; jobs starting independently or nested within other background jobs are unaffected. Issue#3364 PR#3514

• Bugfix: Update regexes that may have been vulnerable to ReDOS attacks

  Previously, the agent had a few regexes identified as possible targets for polynomial time complexity (ReDOS) attacks. Those regexes are now updated to address the concerns. PR#3520

• Bugfix: Prevent crashes during HTTPX segment creation

  Previously, if start_external_request_segment encountered an error and returned nil, the agent would trigger a NoMethodError when attempting to add headers to the missing segment. We've added a guard check to ensure the instrumentation handles these cases gracefully.

  Bravo to @​thebravoman for the report! Issue#3509 PR#3510

• Bugfix: Make Transaction#finish idempotent

  Previously, if the Transaction#finish method was called multiple times, more than one transaction could be created for the same operation. Now, a mutex protects calls to Transaction#finish to make sure finish operations only run once. PR#3513

• Bugfix: Log deprecation warning for Datastores.wrap API once

  Previously, this warning was being logged on every call to Datastores.wrap. Now, it will be logged only on the first call. In addition, the documentation has been updated to note the deprecated status of the second and third callback arguments. Issue#3516 PR#3519

Commits

• 0f1fe8f Merge pull request #3532 from newrelic/prerelease_updates_10.4.0-pre
• f34a083 bump version
• 8299519 Merge pull request #3526 from newrelic/rails81_structured_events
• ae8a80c Merge pull request #3514 from newrelic/sidekiq-separate-transactions
• d906750 update wording
• 8e3bba9 Merge branch 'dev' into sidekiq-separate-transactions
• 813d972 Merge branch 'dev' into rails81_structured_events
• 08f1f5a Merge pull request #3493 from newrelic/rails_81_activejob_continuations
• 2f01487 add more tests
• cc22111 Merge branch 'dev' into rails_81_activejob_continuations
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)