chore(deps): update all dependencies #166
Merged
+282
−264
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
ℹ Artifact update noticeFile name: go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
|
renovate
bot
force-pushed
the
renovate/all
branch
5 times, most recently
from
5d28e8b to
d737584
Compare
renovate
bot
force-pushed
the
renovate/all
branch
7 times, most recently
from
1d09fa1 to
61f1594
Compare
renovate
bot
force-pushed
the
renovate/all
branch
5 times, most recently
from
0a982ef to
c69e2ba
Compare
renovate
bot
force-pushed
the
renovate/all
branch
5 times, most recently
from
5531460 to
ced1b9c
Compare
renovate
bot
force-pushed
the
renovate/all
branch
5 times, most recently
from
3013fd0 to
bcd1592
Compare
renovate
bot
force-pushed
the
renovate/all
branch
from
bcd1592 to
ab6e4c1
Compare
csatib02
approved these changes
Jun 6, 2025
Signed-off-by: Bence Csati <[email protected]>
Signed-off-by: Bence Csati <[email protected]>
Signed-off-by: Bence Csati <[email protected]>
Signed-off-by: Bence Csati <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v5.4.0->v5.5.00.30.0->0.31.0v6.16.0->v6.18.0c0f429e->188ddfbv1.4.2->v1.4.3v0.124.0->v0.127.0v3.28.16->v3.28.19v1.30.0->v1.33.0v0.124.0->v0.127.0v1.30.0->v1.33.0v1.30.0->v1.33.0v0.124.0->v0.127.0v0.124.0->v0.127.0v0.124.0->v0.127.0v0.124.0->v0.127.01.24.2-alpine3.20->1.24.3-alpine3.202.1.5->2.1.6v0.33.0->v0.33.1v0.33.0->v0.33.1v0.33.0->v0.33.10.17.3->0.18.00.87.0->0.90.3v0.20.4->v0.21.0Release Notes
actions/setup-go (actions/setup-go)
v5.5.0Compare Source
What's Changed
Bug fixes:
Dependency updates:
New Contributors
Full Changelog: actions/setup-go@v5...v5.5.0
aquasecurity/trivy-action (aquasecurity/trivy-action)
v0.31.0Compare Source
What's Changed
unix:/prefix is required fordocker-hostinput by @DmitriyLewen in https://github.com/aquasecurity/trivy-action/pull/455New Contributors
Full Changelog: aquasecurity/trivy-action@0.30.0...0.31.0
docker/build-push-action (docker/build-push-action)
v6.18.0Compare Source
Full Changelog: docker/build-push-action@v6.17.0...v6.18.0
v6.17.0Compare Source
Full Changelog: docker/build-push-action@v6.16.0...v6.17.0
go-logr/logr (github.com/go-logr/logr)
v1.4.3Compare Source
Minor release.
What's Changed
New Contributors
Full Changelog: go-logr/logr@v1.4.2...v1.4.3
open-telemetry/opentelemetry-operator (github.com/open-telemetry/opentelemetry-operator)
v0.127.0Compare Source
0.127.0
💡 Enhancements 💡
collector: Move validation to be part of the CRD for sidecar mode (#3319)target allocator: Promote the operator.collector.targetallocatorcr feature flag to Beta (#2422)As a result of this change, when the target allocator section is enabled in the Collector CR,
this now creates a TargetAllocator CR instead of generating the manifests directly. Behavior should otherwise be
unchanged. You can go back to the previous behaviour by passing the
--feature-gates=-operator.collector.targetallocatorcrcommand-line option to the operator.collector: Set the default spec.replicas to 1 in the OpenTelemetryCollector CRD. (#4042)This default no longer relies on the admission webhook.
🧰 Bug fixes 🧰
collector, target allocator: Fix operator RBAC for managing targetallocator finalizers on OpenShift. (#4069)On OpenShift
OwnerReferencesPermissionEnforcementis enabled by default, which requires the operator to have permissions to remove finalizers from resources it owns.https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement
target allocator: Add app.kubernetes.io/managed-by label to Target Allocator CRs created by the Collector CR (#4025)target allocator: Fixes an issue where the same target from two different jobs was being allocated for only one job (#4044)Components
v0.126.0Compare Source
0.126.0
🛑 Breaking changes 🛑
target-allocator: Switch to Prometheus 3.0 defaults for ScraperProtocols, requires prometheusreceiver >0.120.0 (#3872)💡 Enhancements 💡
target-allocator: Allow to configure ScraperProtocols in prometheus common config (#4000)target allocator: set default target allocator grace period to 30 seconds (#3989)The config option collectorNotReadyGracePeriod have been set to 30s by default. The target allocator now waits for 30 seconds before reallocating targets from a collector which isn't Ready.
Setting this value to 0 will restore previous behaviour.
🧰 Bug fixes 🧰
otel-allocator: Remove overwrite of global config ScraperProtocols (#3996)target allocator: Fix user-defined volumes in the TargetAllocator CR (#3992)collector: add terminationGracePeriodSeconds to DaemonSet and StatefulSet specs (#4003)Components
v0.125.0Compare Source
0.125.0
💡 Enhancements 💡
webhook: Allow to run the operator without the OpenTelemetry CRDs present (#3568)Skip registering the webhook and keep the operator working in case the OpenTelemetryCollector CRDs are not deployed.
🧰 Bug fixes 🧰
collector: Fixes container port duplication for user-provided and operator inferred ports (#3950)This patch improves container port collisions when the user defines additional ports in the CR.
When ports are specified in the CR:
collector: Prevent the operator from overriding the env vars defined by the user in the OpenTelemetryCollector spec. (#3963)This change ensures that the operator does not override the environment variables defined by the user in the OpenTelemetryCollector spec.
It combines user-defined environment variables with automatically inferred ones, giving precedence to user-defined ones.
opamp: Fix config loading priority (#3928)target allocator: Fix config loading priority (#3928)collector: Set thestatusReplicasfield for theDaemonSet(#3930)collector: Fix OpenShift internal collector metrics dashboards to use_totalsuffix (#3994)The following settings (or missing metrics configuration since 0.119.0) exposes metrics with
_totalsuffix:The following settings exposes metrics without
_totalsuffix:targetallocator: Do not override the collector namespace from the config file if the environment variable is not set. (#3976)Components
github/codeql-action (github/codeql-action)
v3.28.19Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.28.19 - 03 Jun 2025
actionslanguage, which is currently in public preview.The
actionsextractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled theactionslanguage and you have pinnedyour
tools:property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disableactionsanalysis.See the full CHANGELOG.md for more information.
v3.28.18Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.28.18 - 16 May 2025
CODEQL_THREADSandCODEQL_RAMrunner environment variables. If set, these environment variables override thethreadsandraminputs respectively. #2891See the full CHANGELOG.md for more information.
v3.28.17Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.28.17 - 02 May 2025
See the full CHANGELOG.md for more information.
open-telemetry/opentelemetry-collector (go.opentelemetry.io/collector/component)
v1.33.0🚩 Deprecations 🚩
semconv: Deprecating the semconv package in favour of go.opentelemetry.io/otel/semconv (#13012)💡 Enhancements 💡
exporter/debug: Display resource and scope innormalverbosity (#10515)service: Add size metrics defined in Pipeline Component Telemetry RFC (#13032)See Pipeline Component Telemetry RFC for more details:
otelcol.receiver.produced.sizeotelcol.processor.consumed.sizeotelcol.processor.produced.sizeotelcol.connector.consumed.sizeotelcol.connector.produced.sizeotelcol.exporter.consumed.sizev1.32.0🛑 Breaking changes 🛑
configauth: Removes deprecatedconfigauth.Authenticationandextensionauthtest.NewErrorClient(#12992)The following have been removed:
configauth.Authenticationuseconfigauth.Configinsteadextensionauthtest.NewErrorClientuseextensionauthtest.NewErrinstead💡 Enhancements 💡
service: Replacego.opentelemetry.io/collector/semconvusage withgo.opentelemetry.io/otel/semconv(#12991)confmap: Update the behavior of the confmap.enableMergeAppendOption feature gate to merge only component lists. (#12926)service: Add item count metrics defined in Pipeline Component Telemetry RFC (#12812)See Pipeline Component Telemetry RFC for more details:
otelcol.receiver.produced.itemsotelcol.processor.consumed.itemsotelcol.processor.produced.itemsotelcol.connector.consumed.itemsotelcol.connector.produced.itemsotelcol.exporter.consumed.itemstls: Add trusted platform module (TPM) support to TLS authentication. (#12801)Now the TLS allows the use of TPM for loading private keys (e.g. in TSS2 format).
🧰 Bug fixes 🧰
exporterhelper: Add validation error for batch config if min_size is greater than queue_size. (#12948)telemetry: Allocate less memory per component when OTLP exporting of logs is disabled (#13014)confmap: Use reflect.DeepEqual to avoid panic when confmap.enableMergeAppendOption feature gate is enabled. (#12932)internal telemetry: Add resource attributes from telemetry.resource to the logger (#12582)Resource attributes from telemetry.resource were not added to the internal
console logs.
Now, they are added to the logger as part of the "resource" field.
confighttp and configcompression: Fix handling ofsnappycontent-encoding in a backwards-compatible way (#10584, #12825)The collector used the Snappy compression type of "framed" to handle the HTTP
content-encoding "snappy". However, this encoding is typically used to indicate
the "block" compression variant of "snappy". This change allows the collector to:
at the first bytes of the payload to determine if it is "framed" or "block" snappy,
and will decompress accordingly. This is a backwards-compatible change.
If the feature-gate "confighttp.framedSnappy" is enabled, you'll see new behavior for both client and server:
instead of "framed". Client compression type "x-snappy-framed" will now compress to the "framed" variant of snappy.
tlsconfig: Disable TPM tests on MacOS/Darwin (#12964)v1.31.0🛑 Breaking changes 🛑
service: Lowercase values for 'otelcol.component.kind' attributes. (#12865)service: Restrict thetelemetry.newPipelineTelemetryfeature gate to metrics. (#12856, #12933)The "off" state of this feature gate introduced a regression, where the Collector's internal logs were missing component attributes. See issue #12870 for more details on this bug.
On the other hand, the "on" state introduced an issue with the Collector's default internal metrics, because the Prometheus exporter does not currently support instrumentation scope attributes.
To solve both of these issues, this change turns on the new scope attributes for logs and traces by default regardless of the feature gate.
However, the new scope attributes for metrics stay locked behind the feature gate, and will remain off by default until the Prometheus exporter is updated to support scope attributes.
Please understand that enabling the
telemetry.newPipelineTelemetryfeature gate may break the export of Collector metrics through, depending on your configuration.Having a
batchprocessor in multiple pipelines is a known trigger for this.This comes with a breaking change, where internal logs exported through OTLP will now use instrumentation scope attributes to identify the source component instead of log attributes.
This does not affect the Collector's stderr output. See the changelog for v0.123.0 for a more detailed description of the gate's effects.
💡 Enhancements 💡
mdatagen: Add support for attributes for telemetry configuration in metadata. (#12919)configmiddleware: Add extensionmiddleware interface. (#12603, #9591)configgrpc: Add gRPC middleware support. (#12603, #9591)confighttp: Add HTTP middleware support. (#12603, #9591, #7441)configmiddleware: Add configmiddleware struct. (#12603, #9591)🧰 Bug fixes 🧰
exporterhelper: Do not ignore thenum_consumerssetting when batching is enabled. (#12244)exporterhelper: Reject elements larger than the queue capacity (#12847)mdatagen: Add time and plog package imports (#12907)confmap: Maintain nil values when marshaling or unmarshaling nil slices (#11882)Previously, nil slices were converted to empty lists, which are semantically different
than a nil slice. This change makes this conversion more consistent when encoding
or decoding config, and these values are now maintained.
golangci/golangci-lint (golangci/golangci-lint)
v2.1.6Compare Source
godot: from 1.5.0 to 1.5.1musttag: from 0.13.0 to 0.13.1kubernetes/api (k8s.io/api)
v0.33.1Compare Source
kubernetes/apimachinery (k8s.io/apimachinery)
v0.33.1Compare Source
kubernetes/client-go (k8s.io/client-go)
v0.33.1Compare Source
kubernetes-sigs/controller-tools (kubernetes-sigs/controller-tools)
v0.18.0Compare Source
What's Changed
--load-build-tagsflag by @joelanford in https://github.com/kubernetes-sigs/controller-tools/pull/1161Misc
kubebuilderby @davidxia in https://github.com/kubernetes-sigs/controller-tools/pull/1141envtest
Dependency bumps
Configuration
📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) in timezone Etc/UTC, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.