Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the go_modules group group with 11 updates #7329

Closed
wants to merge 1 commit into from
Closed

Bump the go_modules group group with 11 updates #7329

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 14, 2024
edited
Loading

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps the go_modules group group with 11 updates:

Package From To
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp 0.42.0 0.44.0
helm.sh/helm/v3 3.12.2 3.14.3
github.com/cloudflare/circl 1.3.3 1.3.7
github.com/containerd/containerd 1.7.0 1.7.12
github.com/cyphar/filepath-securejoin 0.2.3 0.2.4
github.com/docker/docker 23.0.1+incompatible 24.0.7+incompatible
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc 0.42.0 0.45.0
golang.org/x/crypto 0.11.0 0.17.0
golang.org/x/net 0.12.0 0.17.0
google.golang.org/grpc 1.57.0 1.58.3
google.golang.org/protobuf 1.31.0 1.33.0

Updates go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.42.0 to 0.44.0

Release notes

Sourced from go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp's releases.

Release v1.24.0/v0.49.0/v0.18.0/v0.4.0

This release is the last to support Go 1.20. The next release will require at least Go 1.21.

Added

  • Support Go 1.22. (#5082)
  • Add support for Summary metrics to go.opentelemetry.io/contrib/bridges/prometheus. (#5089)
  • Add support for Exponential (native) Histograms in go.opentelemetry.io/contrib/bridges/prometheus. (#5093)

Removed

  • The deprecated RequestCount constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
  • The deprecated RequestContentLength constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
  • The deprecated ResponseContentLength constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
  • The deprecated ServerLatency constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)

Fixed

  • Retrieving the body bytes count in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp does not cause a data race anymore. (#5080)

New Contributors

Full Changelog: open-telemetry/opentelemetry-go-contrib@v1.23.0...v1.24.0

Release v1.23.0/v0.48.0/v0.17.0/v0.3.0

Added

  • Add client metric support to go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4707)
  • Add peer attributes to spans recorded by NewClientHandler, NewServerHandler in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#4873)
  • Add support for cloud.account.id, cloud.availability_zone and cloud.region in the AWS ECS detector. (#4860)

Changed

  • The fallback options in go.opentelemetry.io/contrib/exporters/autoexport now accept factory functions. (#4891)
    • WithFallbackMetricReader(metric.Reader) MetricOption is replaced with func WithFallbackMetricReader(func(context.Context) (metric.Reader, error)) MetricOption.
    • WithFallbackSpanExporter(trace.SpanExporter) SpanOption is replaced with WithFallbackSpanExporter(func(context.Context) (trace.SpanExporter, error)) SpanOption.
  • The http.server.request_content_length metric in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is changed to http.server.request.size.(#4707)
  • The http.server.response_content_length metric in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is changed to http.server.response.size.(#4707)

Deprecated

  • The RequestCount, RequestContentLength, ResponseContentLength, ServerLatency constants in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp are deprecated. (#4707)

... (truncated)

Changelog

Sourced from go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp's changelog.

[1.19.0/0.44.0/0.13.0] - 2023-09-12

Added

  • Add gcp.gce.instance.name and gcp.gce.instance.hostname resource attributes to go.opentelemetry.io/contrib/detectors/gcp. (#4263)

Changed

  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/ec2 have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/ecs have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/eks have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/lambda have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda have been upgraded to v1.21.0. (#4265)
    • The faas.execution attribute is now faas.invocation_id.
    • The faas.id attribute is now aws.lambda.invoked_arn.
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws have been upgraded to v1.21.0. (#4265)
  • The http.request.method attribute will only allow known HTTP methods from the metrics generated by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4277)

Removed

  • The high cardinality attributes net.sock.peer.addr, net.sock.peer.port, http.user_agent, enduser.id, and http.client_ip were removed from the metrics generated by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4277)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/astaxie/beego/otelbeego module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/go-kit/kit/otelkit module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/Shopify/sarama/otelsarama module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/bradfitz/gomemcache/memcache/otelmemcache module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/gocql/gocql/otelgocql module is removed. (#4295)

[1.18.0/0.43.0/0.12.0] - 2023-08-28

Added

  • Add NewMiddleware function in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#2964)
  • The go.opentelemetry.io/contrib/exporters/autoexport package to provide configuration of trace exporters with useful defaults and environment variable support. (#2753, #4100, #4130, #4132, #4134)
  • WithRouteTag in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp adds HTTP route attribute to metrics. (#615)
  • Add WithSpanOptions option in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#3768)
  • Add testing support for Go 1.21. (#4233)
  • Add WithFilter option to go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux. (#4230)

Changed

  • Change interceptors in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to disable SENT/RECEIVED events. Use WithMessageEvents() to turn back on. (#3964)

Changed

  • go.opentelemetry.io/contrib/detectors/gcp: Detect faas.instance instead of faas.id, since faas.id is being removed. (#4198)

Fixed

  • AWS XRay Remote Sampling to cap quotaBalance to 1x quota in go.opentelemetry.io/contrib/samplers/aws/xray. (#3651, #3652)

... (truncated)

Commits

Updates helm.sh/helm/v3 from 3.12.2 to 3.14.3

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.14.3 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.14.3. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.14.4 will contain only bug fixes and be released on April 10, 2024.
  • 3.15.0 is the next feature release and will be on May 08, 2024.

Changelog

  • Add a note about --dry-run displaying secrets f03cc04caaa8f6d7c3e67cf918929150cf6f3f12 (Matt Farina)
  • add error messages 1a7330fe3802beeb3f897a1c701d8a4b9c1316c5 (George Jenkins)
  • Fix: Ignore alias validation error for index load d6acc0027dca47dec40ccdd66febd0c8bcf4813f (George Jenkins)
  • chore(deps): bump github.com/containerd/containerd from 1.7.11 to 1.7.12 b2738fb782d149ffa4748cb0ee78d674986d04b0 (dependabot[bot])
  • chore(deps): bump github.com/DATA-DOG/go-sqlmock from 1.5.0 to 1.5.2 5b0847e0e763e98bcbf8a12e8f9c5f7c11d123a1 (dependabot[bot])
  • Update architecture detection method 7e18c39f0753c73e4660f3796f01f5b33f2552b5 (weidongkl)

Helm v3.14.2 is a security (patch) release. Users are strongly recommended to update to this release.

A Helm contributor discovered uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content.

Jakub Ciolek with AlphaSense discovered the vulnerability.

Installation and Upgrading

... (truncated)

Commits
  • f03cc04 Add a note about --dry-run displaying secrets
  • 1a7330f add error messages
  • d6acc00 Fix: Ignore alias validation error for index load
  • b2738fb chore(deps): bump github.com/containerd/containerd from 1.7.11 to 1.7.12
  • 5b0847e chore(deps): bump github.com/DATA-DOG/go-sqlmock from 1.5.0 to 1.5.2
  • 7e18c39 Update architecture detection method
  • c309b6f Some fixes
  • e8858f8 validation fix
  • 3fc9f4b Improve release action
  • 69dcc92 bump version to
  • Additional commits viewable in compare view

Updates github.com/cloudflare/circl from 1.3.3 to 1.3.7

Release notes

Sourced from github.com/cloudflare/circl's releases.

CIRCL v1.3.7

What's Changed

New Contributors

Full Changelog: cloudflare/circl@v1.3.6...v1.3.7

CIRCL v1.3.6

What's Changed

New Contributors

Full Changelog: cloudflare/circl@v1.3.3...v1.3.6

Commits
  • c48866b Releasing CIRCL v1.3.7
  • 75ef91e kyber: remove division by q in ciphertext compression
  • 899732a build(deps): bump golang.org/x/crypto
  • 99f0f71 Releasing CIRCL v1.3.6
  • e728d0d Apply thibmeu code review suggestions
  • ceb2d90 Updating blindrsa to be compliant with RFC9474.
  • 44133f7 spelling: tripped
  • c2076d6 spelling: transposes
  • dad2166 spelling: title
  • 171c418 spelling: threshold
  • Additional commits viewable in compare view

Updates github.com/containerd/containerd from 1.7.0 to 1.7.12

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.12

Welcome to the v1.7.12 release of containerd!

The twelfth patch release for containerd 1.7 contains various fixes and updates.

Notable Updates

  • Fix on dialer function for Windows (#9501)
  • Improve /etc/group handling when appending groups (#9544)
  • Update shim pidfile permissions to 0644 (#9548)
  • Update runc binary to v1.1.11 (#9596)
  • Allow import and export to reference missing content (#9600)
  • Remove runc import (#9605)
  • Update Go version to 1.20.13 (#9624)

Deprecation Warnings

  • Emit deprecation warning for containerd.io/restart.logpath label usage (#9567)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Akihiro Suda
  • Sebastiaan van Stijn
  • Wei Fu
  • Derek McGowan
  • Paweł Gronowski
  • Jaroslav Jindrak
  • Maksym Pavlenko
  • Samuel Karp
  • Anthony Nandaa
  • Bjorn Neergaard
  • Djordje Lukic
  • Kay Yan

Changes

  • [release/1.7] Prepare release notes for v1.7.12 (#9632)
    • 775d544fe Prepare release notes for v1.7.12
  • [release/1.7] update to go1.20.13, test go1.21.6 (#9624)
    • a5dc5b894 update to go1.20.13, test go1.21.6
  • [release/1.7] shim: Create pid-file and address with 0644 permissions (#9548)
    • 8d82242eb shim: Create address file with 0644 permissions
    • 260963a35 shim: Create pid-file with 0644 permissions

... (truncated)

Commits
  • 71909c1 Merge pull request #9632 from dmcgowan/prepare-v1.7.12
  • 775d544 Prepare release notes for v1.7.12
  • 4ebe8e2 Merge pull request #9624 from thaJeztah/1.7_update_golang_1.20.13
  • a5dc5b8 update to go1.20.13, test go1.21.6
  • 50e7359 Merge pull request #9548 from Dzejrou/1.7_fix_ignoring_umask
  • 5a675f2 Merge pull request #9602 from thaJeztah/1.7_backport_no_execabs
  • ccca466 Merge pull request #9605 from thaJeztah/1.7_backport_switch_moby_user
  • 9251072 remove github.com/opencontainers/runc dependency
  • 4e67213 vendor: github.com/cncf-tags/container-device-interface v0.6.1
  • e0ee0be go.mod: github.com/opencontainers/runtime-spec v1.1.0
  • Additional commits viewable in compare view

Updates github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.2.4

This release fixes a potential security issue in filepath-securejoin when used on Windows (GHSA-6xv5-86q9-7xr8, which could be used to generate paths outside of the provided rootfs in certain cases), as well as improving the overall behaviour of filepath-securejoin when dealing with Windows paths that contain volume names. Thanks to Paulo Gomes for discovering and fixing these issues.

In addition, we've switched (at long last) to GitHub Actions and have continuous integration testing on Linux, MacOS, and Windows.

Thanks to the following contributors for making this release possible:

Signed-off-by: Aleksa Sarai [email protected]

Commits

Updates github.com/docker/docker from 23.0.1+incompatible to 24.0.7+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v24.0.7

24.0.7

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

  • Write overlay2 layer metadata atomically. moby/moby#46703
  • Fix "Rootful-in-Rootless" Docker-in-Docker on systemd version 250 and later. moby/moby#46626
  • Fix dockerd-rootless-setuptools.sh when username contains a backslash. moby/moby#46407
  • Fix a bug that would prevent network sandboxes to be fully deleted when stopping containers with no network attachments and when dockerd --bridge=none is used. moby/moby#46702
  • Fix a bug where cancelling an API request could interrupt container restart. moby/moby#46697
  • Fix an issue where containers would fail to start when providing --ip-range with a range larger than the subnet. docker/for-mac#6870
  • Fix data corruption with zstd output. moby/moby#46709
  • Fix the conditions under which the container's MAC address is applied. moby/moby#46478
  • Improve the performance of the stats collector. moby/moby#46448
  • Fix an issue with source policy rules ending up in the wrong order. moby/moby#46441

Packaging updates

Security

v24.0.6

24.0.6

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

  • containerd storage backend: Fix docker ps failing when a container image is no longer present in the content store. moby/moby#46095
  • containerd storage backend: Fix docker ps -s -a and docker container prune failing when a container image config is no longer present in the content store. moby/moby#46097
  • containerd storage backend: Fix docker inspect failing when a container image config is no longer (or was never) present in the content store. moby/moby#46244
  • containerd storage backend: Fix diff and export with the overlayfs snapshotter by using reference-counted rootfs mounts. moby/moby#46266
  • containerd storage backend: Fix a misleading error message when the image platforms available locally do not match the desired platform. moby/moby#46300
  • containerd storage backend: Fix the FROM scratch Dockerfile instruction with the classic builder. moby/moby#46302
  • containerd storage backend: Fix mismatched image rootfs and manifest layers errors with the classic builder. moby/moby#46310

... (truncated)

Commits
  • 311b9ff Merge pull request #46697 from thaJeztah/24.0_backport_restart_nocancel
  • af60804 Merge pull request from GHSA-jq35-85cj-fj4p
  • 3cf363e Merge pull request #46709 from thaJeztah/24.0_backport_bump_compress
  • 05d7386 daemon: daemon.containerRestart: don't cancel restart on context cancel
  • 649c944 Merge pull request #46703 from thaJeztah/24.0_backport_atomic-layer-data-write
  • 9b20b1a Merge pull request #46702 from thaJeztah/24.0_backport_releaseNetwork_Network...
  • dd37b0b vendor: github.com/klauspost/compress v1.17.2
  • 7058c0d vendor: github.com/klauspost/compress v1.16.5
  • 57bd388 daemon: overlay2: Write layer metadata atomically
  • 05d95fd daemon: release sandbox even when NetworkDisabled
  • Additional commits viewable in compare view

Updates go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.42.0 to 0.45.0

Release notes

Sourced from go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc's releases.

Release v1.24.0/v0.49.0/v0.18.0/v0.4.0

This release is the last to support Go 1.20. The next release will require at least Go 1.21.

Added

  • Support Go 1.22. (#5082)
  • Add support for Summary metrics to go.opentelemetry.io/contrib/bridges/prometheus. (#5089)
  • Add support for Exponential (native) Histograms in go.opentelemetry.io/contrib/bridges/prometheus. (#5093)

Removed

  • The deprecated RequestCount constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
  • The deprecated RequestContentLength constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
  • The deprecated ResponseContentLength constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
  • The deprecated ServerLatency constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)

Fixed

  • Retrieving the body bytes count in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp does not cause a data race anymore. (#5080)

New Contributors

Full Changelog: open-telemetry/opentelemetry-go-contrib@v1.23.0...v1.24.0

Release v1.23.0/v0.48.0/v0.17.0/v0.3.0

Added

  • Add client metric support to go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4707)
  • Add peer attributes to spans recorded by NewClientHandler, NewServerHandler in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#4873)
  • Add support for cloud.account.id, cloud.availability_zone and cloud.region in the AWS ECS detector. (#4860)

Changed

  • The fallback options in go.opentelemetry.io/contrib/exporters/autoexport now accept factory functions. (#4891)
    • WithFallbackMetricReader(metric.Reader) MetricOption is replaced with func WithFallbackMetricReader(func(context.Context) (metric.Reader, error)) MetricOption.
    • WithFallbackSpanExporter(trace.SpanExporter) SpanOption is replaced with WithFallbackSpanExporter(func(context.Context) (trace.SpanExporter, error)) SpanOption.
  • The http.server.request_content_length metric in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is changed to http.server.request.size.(#4707)
  • The http.server.response_content_length metric in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is changed to http.server.response.size.(#4707)

Deprecated

  • The RequestCount, RequestContentLength, ResponseContentLength, ServerLatency constants in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp are deprecated. (#4707)

... (truncated)

Changelog

Sourced from go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc's changelog.

[1.20.0/0.45.0/0.14.0] - 2023-09-28

Added

  • Set the description for the rpc.server.duration metric in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#4302)
  • Add NewServerHandler and NewClientHandler that return a grpc.StatsHandler used for gRPC instrumentation in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#3002)
  • Add new Prometheus bridge module in go.opentelemetry.io/contrib/bridges/prometheus. (#4227)

Changed

  • Upgrade dependencies of OpenTelemetry Go to use the new v1.19.0/v0.42.0/v0.0.7 release.
  • Use grpc.StatsHandler for gRPC instrumentation in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/example. (#4325)

[1.19.0/0.44.0/0.13.0] - 2023-09-12

Added

  • Add gcp.gce.instance.name and gcp.gce.instance.hostname resource attributes to go.opentelemetry.io/contrib/detectors/gcp. (#4263)

Changed

  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/ec2 have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/ecs have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/eks have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/lambda have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda have been upgraded to v1.21.0. (#4265)
    • The faas.execution attribute is now faas.invocation_id.
    • The faas.id attribute is now aws.lambda.invoked_arn.
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws have been upgraded to v1.21.0. (#4265)
  • The http.request.method attribute will only allow known HTTP methods from the metrics generated by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4277)

Removed

  • The high cardinality attributes net.sock.peer.addr, net.sock.peer.port, http.user_agent, enduser.id, and http.client_ip were removed from the metrics generated by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4277)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/astaxie/beego/otelbeego module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/go-kit/kit/otelkit module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/Shopify/sarama/otelsarama module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/bradfitz/gomemcache/memcache/otelmemcache module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/gocql/gocql/otelgocql module is removed. (#4295)

[1.18.0/0.43.0/0.12.0] - 2023-08-28

Added

  • Add NewMiddleware function in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#2964)
  • The go.opentelemetry.io/contrib/exporters/autoexport package to provide configuration of trace exporters with useful defaults and environment variable support. (#2753, #4100, #4130, #4132, #4134)
  • WithRouteTag in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp adds HTTP route attribute to metrics. (#615)
  • Add WithSpanOptions option in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#3768)
  • Add testing support for Go 1.21. (#4233)
  • Add WithFilter option to go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux. (#4230)

... (truncated)

Commits

Updates golang.org/x/crypto from 0.11.0 to 0.17.0

Commits
  • 9d2ee97 ssh: implement strict KEX protocol changes
  • 4e5a261 ssh: close net.Conn on all NewServerConn errors
  • 152cdb1 x509roots/fallback: update bundle
  • fdfe1f8 ssh: defer channel window adjustment
  • b8ffc16 blake2b: drop Go 1.6, Go 1.8 compatibility

@dependabot
Bump the go_modules group group with 11 updates
c5beb65 
Bumps the go_modules group group with 11 updates:

| Package | From | To |
| --- | --- | --- |
| [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.42.0` | `0.44.0` |
| [helm.sh/helm/v3](https://github.com/helm/helm) | `3.12.2` | `3.14.3` |
| [github.com/cloudflare/circl](https://github.com/cloudflare/circl) | `1.3.3` | `1.3.7` |
| [github.com/containerd/containerd](https://github.com/containerd/containerd) | `1.7.0` | `1.7.12` |
| [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) | `0.2.3` | `0.2.4` |
| [github.com/docker/docker](https://github.com/docker/docker) | `23.0.1+incompatible` | `24.0.7+incompatible` |
| [go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.42.0` | `0.45.0` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.11.0` | `0.17.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.12.0` | `0.17.0` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.57.0` | `1.58.3` |
| google.golang.org/protobuf | `1.31.0` | `1.33.0` |


Updates `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp` from 0.42.0 to 0.44.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.42.0...zpages/v0.44.0)

Updates `helm.sh/helm/v3` from 3.12.2 to 3.14.3
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.12.2...v3.14.3)

Updates `github.com/cloudflare/circl` from 1.3.3 to 1.3.7
- [Release notes](https://github.com/cloudflare/circl/releases)
- [Commits](cloudflare/circl@v1.3.3...v1.3.7)

Updates `github.com/containerd/containerd` from 1.7.0 to 1.7.12
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v1.7.0...v1.7.12)

Updates `github.com/cyphar/filepath-securejoin` from 0.2.3 to 0.2.4
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases)
- [Commits](cyphar/filepath-securejoin@v0.2.3...v0.2.4)

Updates `github.com/docker/docker` from 23.0.1+incompatible to 24.0.7+incompatible
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v23.0.1...v24.0.7)

Updates `go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc` from 0.42.0 to 0.45.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.42.0...zpages/v0.45.0)

Updates `golang.org/x/crypto` from 0.11.0 to 0.17.0
- [Commits](golang/crypto@v0.11.0...v0.17.0)

Updates `golang.org/x/net` from 0.12.0 to 0.17.0
- [Commits](golang/net@v0.12.0...v0.17.0)

Updates `google.golang.org/grpc` from 1.57.0 to 1.58.3
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.57.0...v1.58.3)

Updates `google.golang.org/protobuf` from 1.31.0 to 1.33.0

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
  dependency-type: direct:production
  dependency-group: go_modules-security-group
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  dependency-group: go_modules-security-group
- dependency-name: github.com/cloudflare/circl
  dependency-type: indirect
  dependency-group: go_modules-security-group
- dependency-name: github.com/containerd/containerd
  dependency-type: indirect
  dependency-group: go_modules-security-group
- dependency-name: github.com/cyphar/filepath-securejoin
  dependency-type: indirect
  dependency-group: go_modules-security-group
- dependency-name: github.com/docker/docker
  dependency-type: indirect
  dependency-group: go_modules-security-group
- dependency-name: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
  dependency-type: indirect
  dependency-group: go_modules-security-group
- dependency-name: golang.org/x/crypto
  dependency-type: indirect
  dependency-group: go_modules-security-group
- dependency-name: golang.org/x/net
  dependency-type: indirect
  dependency-group: go_modules-security-group
- dependency-name: google.golang.org/grpc
  dependency-type: indirect
  dependency-group: go_modules-security-group
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
  dependency-group: go_modules-security-group
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested review from a team as code owners March 14, 2024 00:31
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 14, 2024
@dependabot dependabot bot mentioned this pull request Mar 14, 2024
Closed
@dependabot dependabot bot had a problem deploying to functional-tests March 14, 2024 00:31 Failure
This was referenced Mar 14, 2024
Closed
Closed
Closed
Closed
@rynowak
Copy link
Contributor

rynowak commented Apr 11, 2024

Closing as stale

@rynowak rynowak closed this Apr 11, 2024
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Apr 11, 2024

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot bot deleted the dependabot/go_modules/go_modules-security-group-722a9044bf branch April 11, 2024 18:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@rynowak