chore(deps): upgrade ruby and deps to latest versions

[galkleinman]

Important

Upgrade Ruby to 4.0.1 and update dependencies in sample-app and traceloop-sdk, adding Dependabot configuration for automated updates.

• Ruby Version:
  • Updates Ruby version to 4.0.1 in .ruby-version.
• Dependabot Configuration:
  • Adds .github/dependabot.yml to automate dependency updates for bundler in /traceloop-sdk, /semantic_conventions_ai, and /sample-app with a weekly schedule and a limit of 10 open pull requests.
  • Configures github-actions updates with a weekly schedule and a limit of 5 open pull requests.
• Gemfile Updates:
  • Updates gemini-ai to ~> 4.3 and aws-sdk-bedrockruntime to ~> 1.71 in sample-app/Gemfile.
• Gemspec Updates:
  • Updates opentelemetry-sdk to ~> 1.10 and opentelemetry-exporter-otlp to ~> 0.31 in traceloop-sdk.gemspec.

^{This description was created by for 29c9b53. You can customize this summary. It will automatically update as commits are pushed.}

Summary by CodeRabbit

• Chores
  • Configured Dependabot to automate dependency updates for bundler packages and GitHub Actions across multiple project directories.
  • Updated Ruby version specification to 4.0.1.
  • Upgraded AI service client libraries and OpenTelemetry SDK dependencies to latest compatible versions.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to 29c9b53 in 34 seconds. Click for details.

• Reviewed 66 lines of code in 4 files
• Skipped 2 files when reviewing.
• Skipped posting 4 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. .github/dependabot.yml:1

• Draft comment:
  Dependabot config added looks good. Verify that the listed directories match your repo structure.
• Reason this comment was not posted:
  Confidence changes required: 0% <= threshold 50% None

2. .ruby-version:1

• Draft comment:
  Ruby version updated to 4.0.1. Ensure all code is compatible.
• Reason this comment was not posted:
  Confidence changes required: 0% <= threshold 50% None

3. sample-app/Gemfile:8

• Draft comment:
  Updated gem versions for gemini-ai and aws-sdk-bedrockruntime. Confirm these changes suit your compatibility needs.
• Reason this comment was not posted:
  Confidence changes required: 0% <= threshold 50% None

4. traceloop-sdk/traceloop-sdk.gemspec:20

• Draft comment:
  Opentelemetry dependency versions updated. Ensure these new versions are fully compatible with your integration.
• Reason this comment was not posted:
  Confidence changes required: 0% <= threshold 50% None

Workflow ID: wflow_hDHNnAFwROBD1hdX

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

[coderabbitai]

📝 Walkthrough

Walkthrough

Configuration and dependency management updates across the repository. Adds Dependabot automation for weekly dependency checks, specifies Ruby version 4.0.1, and updates multiple gem version constraints in Gemfile and gemspec files.

Changes

Cohort / File(s)	Summary
Dependabot & Ruby Configuration .github/dependabot.yml, .ruby-version	Adds Dependabot configuration with four weekly update rules: three Bundler checks (traceloop-sdk, semantic_conventions_ai, sample-app directories) with max 10 open PRs; one GitHub Actions check at root with max 5 open PRs. Specifies Ruby version 4.0.1.
Sample App Dependencies sample-app/Gemfile	Updates gem versions: gemini-ai from ~> 4.1 to ~> 4.3; aws-sdk-bedrockruntime from ~> 1.14 to ~> 1.71.
Traceloop SDK Dependencies traceloop-sdk/traceloop-sdk.gemspec	Updates gem version constraints: opentelemetry-sdk from ~> 1.3.1 to ~> 1.10; opentelemetry-exporter-otlp from ~> 0.26.1 to ~> 0.31.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 Dependabot hops into the scene,
Ruby and gems now pristine,
Weekly updates, smooth and keen,
Dependencies dance in between! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main changes: upgrading Ruby version and multiple dependencies across the project.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In `@sample-app/Gemfile`:
- Around line 8-10: Update the Gemfile entry for aws-sdk-bedrockruntime
(currently gem "aws-sdk-bedrockruntime", "~> 1.71") to use a published version
(for example change to "~> 1.68" or to a concrete released version) or remove
the nonexistent prerelease constraint, then run bundle install to verify
resolution; confirm the chosen version exists on RubyGems before committing and
leave gem "gemini-ai", "~> 4.3" unchanged.

In `@traceloop-sdk/traceloop-sdk.gemspec`:
- Around line 20-21: The gemspec dependency entries are not alphabetically
ordered; reorder the three spec.add_dependency lines so the gems are
alphabetized: place "opentelemetry-exporter-otlp" before "opentelemetry-sdk" and
ensure "opentelemetry-semantic_conventions_ai" is correctly ordered relative to
them; update the three spec.add_dependency statements (the ones adding
opentelemetry-exporter-otlp, opentelemetry-sdk, and
opentelemetry-semantic_conventions_ai) to follow the alphabetical sequence.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

❓ Verification inconclusive

Script executed:

# Find and check the gemspec file
find . -name "traceloop-sdk.gemspec" -type f

Repository: traceloop/openllmetry-ruby

---

Repository: traceloop/openllmetry-ruby
Exit code: 0

stdout:

./traceloop-sdk/traceloop-sdk.gemspec

---

Script executed:

# Read the gemspec file, focusing on the dependency section
head -n 30 traceloop-sdk/traceloop-sdk.gemspec | tail -n +15

Repository: traceloop/openllmetry-ruby

---

Repository: traceloop/openllmetry-ruby
Exit code: 0

stdout:

  spec.require_paths = ['lib']
  spec.required_ruby_version = '>= 3.0'

  spec.add_dependency 'opentelemetry-semantic_conventions_ai', '~> 0.0.3'

  spec.add_dependency 'opentelemetry-sdk', '~> 1.10'
  spec.add_dependency 'opentelemetry-exporter-otlp', '~> 0.31'

  if spec.respond_to?(:metadata)
    spec.metadata['source_code_uri'] = 'https://github.com/traceloop/openllmetry-ruby/tree/main/traceloop-sdk'
    spec.metadata['bug_tracker_uri'] = 'https://github.com/traceloop/openllmetry-ruby/issues'
    spec.metadata['documentation_uri'] = "https://traceloop.com/docs/openllmetry"
  end
end

---

Script executed:

# Search for all add_dependency lines to understand the full context
rg "spec\.add_dependency" traceloop-sdk/traceloop-sdk.gemspec -n

Repository: traceloop/openllmetry-ruby

---

Repository: traceloop/openllmetry-ruby
Exit code: 0

stdout:

18:  spec.add_dependency 'opentelemetry-semantic_conventions_ai', '~> 0.0.3'
20:  spec.add_dependency 'opentelemetry-sdk', '~> 1.10'
21:  spec.add_dependency 'opentelemetry-exporter-otlp', '~> 0.31'

---

Keep gemspec dependencies alphabetically ordered.

The dependencies on lines 20-21 are out of alphabetical order. However, note that the complete alphabetical ordering of all dependencies should be:

1. opentelemetry-exporter-otlp
2. opentelemetry-sdk
3. opentelemetry-semantic_conventions_ai (line 18, currently first)

Apply the following reordering:

🧹 Proposed order fix

+  spec.add_dependency 'opentelemetry-exporter-otlp', '~> 0.31'
   spec.add_dependency 'opentelemetry-sdk', '~> 1.10'
-  spec.add_dependency 'opentelemetry-exporter-otlp', '~> 0.31'
+  spec.add_dependency 'opentelemetry-semantic_conventions_ai', '~> 0.0.3'
-  spec.add_dependency 'opentelemetry-semantic_conventions_ai', '~> 0.0.3'

🧰 Tools

🪛 RuboCop (1.82.1)

[convention] 21-21: Dependencies should be sorted in an alphabetical order within their section of the gemspec. Dependency opentelemetry-exporter-otlp should appear before opentelemetry-sdk.

(Gemspec/OrderedDependencies)

🤖 Prompt for AI Agents

In `@traceloop-sdk/traceloop-sdk.gemspec` around lines 20 - 21, The gemspec
dependency entries are not alphabetically ordered; reorder the three
spec.add_dependency lines so the gems are alphabetized: place
"opentelemetry-exporter-otlp" before "opentelemetry-sdk" and ensure
"opentelemetry-semantic_conventions_ai" is correctly ordered relative to them;
update the three spec.add_dependency statements (the ones adding
opentelemetry-exporter-otlp, opentelemetry-sdk, and
opentelemetry-semantic_conventions_ai) to follow the alphabetical sequence.