mirror of
https://github.com/open-telemetry/opentelemetry-go.git
synced 2026-06-03 18:35:08 +02:00
717c1b350501848078a721ac22a431e5dbd00150
4464 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 renovate[bot]
|
717c1b3505 |
fix(deps): update module github.com/golangci/golangci-lint/v2 to v2.11.4 (#8092)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/golangci/golangci-lint/v2](https://redirect.github.com/golangci/golangci-lint) | `v2.11.3` → `v2.11.4` |  |  | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>golangci/golangci-lint (github.com/golangci/golangci-lint/v2)</summary> ### [`v2.11.4`](https://redirect.github.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v2114) [Compare Source](https://redirect.github.com/golangci/golangci-lint/compare/v2.11.3...v2.11.4) *Released on 2026-03-22* 1. Linters bug fixes - `govet-modernize`: from 0.42.0 to 0.43.0 - `noctx`: from 0.5.0 to 0.5.1 - `sqlclosecheck`: from 0.5.1 to 0.6.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
edcfb1a5ab |
chore(deps): update github/codeql-action action to v4.34.1 (#8090)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | patch | `v4.34.0` → `v4.34.1` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v4.34.1`](https://redirect.github.com/github/codeql-action/releases/tag/v4.34.1) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.34.0...v4.34.1) - Downgrade default CodeQL bundle version to [2.24.3](https://redirect.github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3) due to issues with a small percentage of Actions and JavaScript analyses. [#​3762](https://redirect.github.com/github/codeql-action/pull/3762) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
b8301a29d9 |
chore(deps): update codspeedhq/action action to v4.12.1 (#8089)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [CodSpeedHQ/action](https://redirect.github.com/CodSpeedHQ/action) | action | minor | `v4.11.1` → `v4.12.1` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>CodSpeedHQ/action (CodSpeedHQ/action)</summary> ### [`v4.12.1`](https://redirect.github.com/CodSpeedHQ/action/releases/tag/v4.12.1) [Compare Source](https://redirect.github.com/CodSpeedHQ/action/compare/v4.11.1...v4.12.1) #### Release Notes In this release, we've focused on improving the local user experience.\ We've revamped the output of the cli to provide tailed logs while the benchmarks are being executed, and polished a bit the display of results after your run. We also added support to run multiple modes in a single command invocation, both for local and CI runs!\ For instance, that means you can now do `codspeed run --mode simulation --mode memory --mode walltime -- cargo codspeed run` Last but not least, you can now define `entrypoints` in your project config ```yaml # codspeed.yml # List of commands that are run when running `codspeed run` without further arguments benchmarks: - name: My ls command # Mutually exclusive with entrypoint # Expects a command that will run a benchmark for an arbitrary command exec: ls -al /usr/bin - name: My pytest-codspeed benchmark # Mutually exclusive with exec # Expects a command that will run a benchmark program that is using a codspeed integration entrypoint: pytest --codspeed src ``` Fix a bug where memory profiling with `codspeed exec` for binaries that use statically-linked allocators (e.g. jemalloc in Rust). Previously, we reported incorrect memory usage because it didn't attach to the statically linked allocators. #### Details ##### <!-- 0 -->🚀 Features - Set NODE\_OPTIONS to get perf map from node by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) in [#​267](https://redirect.github.com/CodSpeedHQ/runner/pull/267) - Disable node instrospection for exec-harness by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Support CODSPEED\_MEMTRACK\_BINARIES for static allocator discovery by [@​not-matthias](https://redirect.github.com/not-matthias) - Gracefully handle logs from the runner while rolling buffer is active by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Add `--show-full-output` to bypass the new rolling buffer by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Add a spinner while waiting for results by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Clean up group headers and emoji usage, make the executor title not dim after run by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Add rolling buffer to display logs from executors by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Polish impact reporting and upload feedback by [@​art049](https://redirect.github.com/art049) - Add color-coded metrics to benchmark result tables by [@​art049](https://redirect.github.com/art049) - Enhance local logger with richer visual hierarchy by [@​art049](https://redirect.github.com/art049) - Style the ASCII banner with CodSpeed orange by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Enforce CodSpeed CLI as single source of truth for all measurements by [@​art049](https://redirect.github.com/art049) - Add optimize and setup-harness skills by [@​art049](https://redirect.github.com/art049) - Add the cursor plugin by [@​art049](https://redirect.github.com/art049) - Check if user is logged in before doing a local run by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) in [#​263](https://redirect.github.com/CodSpeedHQ/runner/pull/263) - Skip respository resolve with `--skip-upload` by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Use an enum and fix schema for entry/entrypoint by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) in [#​260](https://redirect.github.com/CodSpeedHQ/runner/pull/260) - Accept a mix of entrypoint and exec targets in project config by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Introduce OrchestratorConfig and ExecutorConfig by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Unify run\_part\_id suffix computation between ci providers and local by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Add the claude plugin by [@​art049](https://redirect.github.com/art049) - Add local\_data to upload metadata by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Use repositoryOverview resolver rather than repository by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) ##### <!-- 1 -->🐛 Bug Fixes - Use fp unwinding mode when running `go test` by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) in [#​269](https://redirect.github.com/CodSpeedHQ/runner/pull/269) - Improve error message when no benchmarks are found by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) in [#​264](https://redirect.github.com/CodSpeedHQ/runner/pull/264) ##### <!-- 2 -->🏗️ Refactor - Extract shared test helpers for compile and track by [@​not-matthias](https://redirect.github.com/not-matthias) - Pass extra env via config instead of unsafe set\_var by [@​not-matthias](https://redirect.github.com/not-matthias) - Remove the closure argument to poll in favor of polling options by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Move EXEC\_HARNESS\_VERSION and EXEC\_HARNESS\_COMMAND to orchestrator mod by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Flatten orchestrator execution loop over (command, mode) pairs by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) - Introduce Orchestrator to support multi-mode execution by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) in [#​259](https://redirect.github.com/CodSpeedHQ/runner/pull/259) - Consolidate poll\_results into upload module by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) ##### <!-- 3 -->📚 Documentation - docs: add documentation about multiple modes in a single run by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) in [#​195](https://redirect.github.com/CodSpeedHQ/action/pull/195) ##### <!-- 6 -->🧪 Testing - Add spawn wrapper integration test for static allocator discovery by [@​not-matthias](https://redirect.github.com/not-matthias) in [#​266](https://redirect.github.com/CodSpeedHQ/runner/pull/266) ##### <!-- 7 -->⚙️ Internals - Bump linux-perf-data to use upstream version by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) in [#​271](https://redirect.github.com/CodSpeedHQ/runner/pull/271) - Remove lazy\_static in favor of LazyLock by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) in [#​265](https://redirect.github.com/CodSpeedHQ/runner/pull/265) - Rename skill directories with codspeed prefix by [@​art049](https://redirect.github.com/art049) - Move architecture docs out of this repo by [@​GuillaumeLagrange](https://redirect.github.com/GuillaumeLagrange) in [#​262](https://redirect.github.com/CodSpeedHQ/runner/pull/262) - Typo in plugin description by [@​art049](https://redirect.github.com/art049) - Bump memtrack version - chore: bump runner version to 4.12.0 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​194](https://redirect.github.com/CodSpeedHQ/action/pull/194) - chore: bump runner version to 4.12.1 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​196](https://redirect.github.com/CodSpeedHQ/action/pull/196) #### Install codspeed-runner 4.12.1 ##### Install prebuilt binaries via shell script ```sh curl --proto '=https' --tlsv1.2 -LsSf https://github.com/CodSpeedHQ/codspeed/releases/download/v4.12.1/codspeed-runner-installer.sh | sh ``` #### Download codspeed-runner 4.12.1 | File | Platform | Checksum | | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------- | | [codspeed-runner-aarch64-unknown-linux-musl.tar.gz](https://redirect.github.com/CodSpeedHQ/codspeed/releases/download/v4.12.1/codspeed-runner-aarch64-unknown-linux-musl.tar.gz) | ARM64 MUSL Linux | [checksum](https://redirect.github.com/CodSpeedHQ/codspeed/releases/download/v4.12.1/codspeed-runner-aarch64-unknown-linux-musl.tar.gz.sha256) | | [codspeed-runner-x86\_64-unknown-linux-musl.tar.gz](https://redirect.github.com/CodSpeedHQ/codspeed/releases/download/v4.12.1/codspeed-runner-x86_64-unknown-linux-musl.tar.gz) | x64 MUSL Linux | [checksum](https://redirect.github.com/CodSpeedHQ/codspeed/releases/download/v4.12.1/codspeed-runner-x86_64-unknown-linux-musl.tar.gz.sha256) | **Full Runner Changelog**: <https://github.com/CodSpeedHQ/codspeed/blob/main/CHANGELOG.md> **Full Changelog**: <https://github.com/CodSpeedHQ/action/compare/v4.11.1...v4.12.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
94ec25a242 |
chore(deps): update github/codeql-action action to v4.34.0 (#8088)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | minor | `v4.33.0` → `v4.34.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v4.34.0`](https://redirect.github.com/github/codeql-action/compare/v4.33.0...v4.34.0) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.33.0...v4.34.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
 Peter Nguyen
|
015ed1a7a4 |
sdk/metric: Support specifying cardinality limits per instrument kinds (#7855)
Previously, we only had `WithCardinalityLimit()`, which adds a global cardinality limit. This PR adds a new API on the reader `WithCardinalityLimitSelector` that can be used to specify limits per instrument kinds. [spec](https://github.com/open-telemetry/opentelemetry-specification/blob/49845849d2d8df07059f82033f39e96c561927cf/specification/metrics/sdk.md?plain=1#L1282) [schema](https://github.com/open-telemetry/opentelemetry-configuration/blob/3dbebe292912f0c0c96ce5dcfefc45dfe5e20f39/snippets/CardinalityLimits_kitchen_sink.yaml#L11-L18) closes #7786 --------- Co-authored-by: David Ashpole <dashpole@google.com> Co-authored-by: Damien Mathieu <42@dmathieu.com> |
||
|
renovate[bot]
|
e604da5eec |
fix(deps): update module google.golang.org/grpc to v1.79.3 [security] (#8075)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [google.golang.org/grpc](https://redirect.github.com/grpc/grpc-go) | `v1.79.2` → `v1.79.3` |  |  | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. ### GitHub Vulnerability Alerts #### [CVE-2026-33186](https://redirect.github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3) ### Impact _What kind of vulnerability is it? Who is impacted?_ It is an **Authorization Bypass** resulting from **Improper Input Validation** of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, "deny" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback "allow" rule was present. **Who is impacted?** This affects gRPC-Go servers that meet both of the following criteria: 1. They use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`. 2. Their security policy contains specific "deny" rules for canonical paths but allows other requests by default (a fallback "allow" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. ### Patches _Has the problem been patched? What versions should users upgrade to?_ Yes, the issue has been patched. The fix ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. Users should upgrade to the following versions (or newer): * **v1.79.3** * The latest **master** branch. It is recommended that all users employing path-based authorization (especially `grpc/authz`) upgrade as soon as the patch is available in a tagged release. ### Workarounds _Is there a way for users to fix or remediate the vulnerability without upgrading?_ While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: #### 1. Use a Validating Interceptor (Recommended Mitigation) Add an "outermost" interceptor to your server that validates the path before any other authorization logic runs: ```go func pathValidationInterceptor(ctx context.Context, req any, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (any, error) { if info.FullMethod == "" || info.FullMethod[0] != '/' { return nil, status.Errorf(codes.Unimplemented, "malformed method name") } return handler(ctx, req) } // Ensure this is the FIRST interceptor in your chain s := grpc.NewServer( grpc.ChainUnaryInterceptor(pathValidationInterceptor, authzInterceptor), ) ``` #### 2. Infrastructure-Level Normalization If your gRPC server is behind a reverse proxy or load balancer (such as Envoy, NGINX, or an L7 Cloud Load Balancer), ensure it is configured to enforce strict HTTP/2 compliance for pseudo-headers and reject or normalize requests where the `:path` header does not start with a leading slash. #### 3. Policy Hardening Switch to a "default deny" posture in your authorization policies (explicitly listing all allowed paths and denying everything else) to reduce the risk of bypasses via malformed inputs. --- ### Release Notes <details> <summary>grpc/grpc-go (google.golang.org/grpc)</summary> ### [`v1.79.3`](https://redirect.github.com/grpc/grpc-go/releases/tag/v1.79.3): Release 1.79.3 [Compare Source](https://redirect.github.com/grpc/grpc-go/compare/v1.79.2...v1.79.3) ### Security - server: fix an authorization bypass where malformed :path headers (missing the leading slash) could bypass path-based restricted "deny" rules in interceptors like `grpc/authz`. Any request with a non-canonical path is now immediately rejected with an `Unimplemented` error. ([#​8981](https://redirect.github.com/grpc/grpc-go/issues/8981)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
8742ba9cdc |
chore(deps): update golang.org/x/telemetry digest to b6b0c46 (#8076)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [golang.org/x/telemetry](https://pkg.go.dev/golang.org/x/telemetry) | indirect | digest | `1546bf4` → `b6b0c46` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
8ae173e566 |
fix(deps): update googleapis to d00831a (#8078)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [google.golang.org/genproto/googleapis/api](https://redirect.github.com/googleapis/go-genproto) | indirect | digest | `84a4fc4` → `d00831a` | | [google.golang.org/genproto/googleapis/rpc](https://redirect.github.com/googleapis/go-genproto) | indirect | digest | `84a4fc4` → `d00831a` | | [google.golang.org/genproto/googleapis/rpc](https://redirect.github.com/googleapis/go-genproto) | require | digest | `84a4fc4` → `d00831a` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
e6120a6f77 |
chore(deps): update module github.com/fatih/color to v1.19.0 (#8087)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/fatih/color](https://redirect.github.com/fatih/color) | `v1.18.0` → `v1.19.0` |  |  | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>fatih/color (github.com/fatih/color)</summary> ### [`v1.19.0`](https://redirect.github.com/fatih/color/releases/tag/v1.19.0) [Compare Source](https://redirect.github.com/fatih/color/compare/v1.18.0...v1.19.0) #### What's Changed - Bump golang.org/x/sys from 0.25.0 to 0.28.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​246](https://redirect.github.com/fatih/color/pull/246) - Fix for issue [#​230](https://redirect.github.com/fatih/color/issues/230) set/unsetwriter symmetric wrt color support detection by [@​ataypamart](https://redirect.github.com/ataypamart) in [#​243](https://redirect.github.com/fatih/color/pull/243) - chore: go mod cleanup by [@​sashamelentyev](https://redirect.github.com/sashamelentyev) in [#​244](https://redirect.github.com/fatih/color/pull/244) - Bump golang.org/x/sys from 0.28.0 to 0.30.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​249](https://redirect.github.com/fatih/color/pull/249) - Bump github.com/mattn/go-colorable from 0.1.13 to 0.1.14 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​248](https://redirect.github.com/fatih/color/pull/248) - Update CI and go deps by [@​fatih](https://redirect.github.com/fatih) in [#​254](https://redirect.github.com/fatih/color/pull/254) - Bump golang.org/x/sys from 0.31.0 to 0.37.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​268](https://redirect.github.com/fatih/color/pull/268) - fix: include escape codes in byte counts from `Fprint`, `Fprintf` by [@​qualidafial](https://redirect.github.com/qualidafial) in [#​282](https://redirect.github.com/fatih/color/pull/282) - Bump golang.org/x/sys from 0.37.0 to 0.40.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​277](https://redirect.github.com/fatih/color/pull/277) - fix: add nil check for os.Stdout to prevent panic on Windows services by [@​majiayu000](https://redirect.github.com/majiayu000) in [#​275](https://redirect.github.com/fatih/color/pull/275) - Bump dominikh/staticcheck-action from 1.3.1 to 1.4.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​259](https://redirect.github.com/fatih/color/pull/259) - Bump actions/checkout from 4 to 6 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​273](https://redirect.github.com/fatih/color/pull/273) - Optimize Color.Equals performance (O(n²) → O(n)) by [@​UnSubble](https://redirect.github.com/UnSubble) in [#​269](https://redirect.github.com/fatih/color/pull/269) - Bump actions/setup-go from 5 to 6 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​266](https://redirect.github.com/fatih/color/pull/266) #### New Contributors - [@​ataypamart](https://redirect.github.com/ataypamart) made their first contribution in [#​243](https://redirect.github.com/fatih/color/pull/243) - [@​sashamelentyev](https://redirect.github.com/sashamelentyev) made their first contribution in [#​244](https://redirect.github.com/fatih/color/pull/244) - [@​qualidafial](https://redirect.github.com/qualidafial) made their first contribution in [#​282](https://redirect.github.com/fatih/color/pull/282) - [@​majiayu000](https://redirect.github.com/majiayu000) made their first contribution in [#​275](https://redirect.github.com/fatih/color/pull/275) - [@​UnSubble](https://redirect.github.com/UnSubble) made their first contribution in [#​269](https://redirect.github.com/fatih/color/pull/269) **Full Changelog**: <https://github.com/fatih/color/compare/v1.18.0...v1.19.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
69e9181c6b |
chore(deps): update actions/cache action to v5.0.4 (#8079)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/cache](https://redirect.github.com/actions/cache) | action | patch | `v5.0.3` → `v5.0.4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>actions/cache (actions/cache)</summary> ### [`v5.0.4`](https://redirect.github.com/actions/cache/compare/v5.0.3...v5.0.4) [Compare Source](https://redirect.github.com/actions/cache/compare/v5.0.3...v5.0.4) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
09fb3e0f17 |
fix(deps): update module go.opentelemetry.io/collector/pdata to v1.54.0 (#8086)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [go.opentelemetry.io/collector/pdata](https://redirect.github.com/open-telemetry/opentelemetry-collector) | `v1.53.0` → `v1.54.0` |  |  | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>open-telemetry/opentelemetry-collector (go.opentelemetry.io/collector/pdata)</summary> ### [`v1.54.0`](https://redirect.github.com/open-telemetry/opentelemetry-collector/blob/HEAD/CHANGELOG.md#v1540v01480) ##### ❗ Known Issues ❗ - `service`: The collector's internal Prometheus metrics endpoint (`:8888`) now emits OTel service labels with underscore names (`service_name`, `service_instance_id`, `service_version`) instead of dot-notation names (`service.name`, `service.instance.id`, `service.version`). Users scraping this endpoint with the Prometheus receiver will see these renamed labels in resource and datapoint attributes. As a workaround, add the following `metric_relabel_configs` to your scrape config in prometheus receiver: ```yaml metric_relabel_configs: - source_labels: [service_name] target_label: service.name - source_labels: [service_instance_id] target_label: service.instance.id - source_labels: [service_version] target_label: service.version - regex: service_name|service_instance_id|service_version action: labeldrop ``` See [#​14814](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14814) for details and updates. ##### 🛑 Breaking changes 🛑 - `all`: Change metric units to be singular to match OTel specification, e.g. `{requests}` -> `{request}` ([#​14753](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14753)) ##### 💡 Enhancements 💡 - `cmd/mdatagen`: Add deprecated\_type field to allow specifying an alias for component types. ([#​14718](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14718)) - `cmd/mdatagen`: Generate entity-scoped MetricsBuilder API that enforces entity-metric associations at compile time ([#​14659](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14659)) - `cmd/mdatagen`: Skip generating reaggregation config options for metrics that have no aggregatable attributes. ([#​14689](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14689)) - `pkg/service`: The internal status reporter no longer drops repeated Ok and RecoverableError statuses ([#​14282](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14282)) Status events can now carry metadata and there's value in allowing them to be emitted despite the status value itself not changing. ##### 🧰 Bug fixes 🧰 - `cmd/builder`: Add `.exe` to output binary names when building for Windows targets. ([#​12591](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/12591)) - `exporter/debug`: Add printing of metric metadata in detailed verbosity. ([#​14667](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14667)) - `exporter/otlp_grpc`: Prevent nil pointer panic when push methods are called before the OTLP exporter initializes its gRPC clients. ([#​14663](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14663)) When the sending queue and retry are disabled, calling ConsumeTraces, ConsumeMetrics, ConsumeLogs, or ConsumeProfiles before the OTLP exporter initializes its gRPC clients could cause a nil pointer dereference panic. The push methods now return an error instead of panicking. - `exporter/otlp_http`: Show the actual destination URL in error messages when request URL is modified by middleware. ([#​14673](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14673)) Unwraps the `*url.Error` returned by `http.Client.Do()` to prevent misleading error logs when a middleware extension dynamically updates the endpoint. - `pdata/pprofile`: Switch the dictionary of dictionary tables entries only once when merging profiles ([#​14709](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14709)) For dictionary table data, we used to switch their dictionaries when doing the switch for the data that uses them. However, when an entry is associated with multiple other data (several samples can use the same stack), we would have been switching the dictionaries of the entry multiple times. We now switch dictionaries for dictionary table data only once, before switching the resource profiles. <!-- previous-version --> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
68f28d61db |
chore(deps): update module github.com/protonmail/go-crypto to v1.4.1 (#8081)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/ProtonMail/go-crypto](https://redirect.github.com/ProtonMail/go-crypto) | `v1.4.0` → `v1.4.1` |  |  | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>ProtonMail/go-crypto (github.com/ProtonMail/go-crypto)</summary> ### [`v1.4.1`](https://redirect.github.com/ProtonMail/go-crypto/releases/tag/v1.4.1) [Compare Source](https://redirect.github.com/ProtonMail/go-crypto/compare/v1.4.0...v1.4.1) ##### What's Changed - Properly handle ECC keys with invalid points in [#​304](https://redirect.github.com/ProtonMail/go-crypto/pull/304) **Full Changelog**: <https://github.com/ProtonMail/go-crypto/compare/v1.4.0...v1.4.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
47509accbc |
chore(deps): update module github.com/securego/gosec/v2 to v2.25.0 (#8084)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/securego/gosec/v2](https://redirect.github.com/securego/gosec) | `v2.24.8-0.20260316110558-744bfb5ef06e` → `v2.25.0` |  |  | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>securego/gosec (github.com/securego/gosec/v2)</summary> ### [`v2.25.0`](https://redirect.github.com/securego/gosec/releases/tag/v2.25.0) [Compare Source](https://redirect.github.com/securego/gosec/compare/v2.24.7...v2.25.0) #### Changelog - [`223e19b`](https://redirect.github.com/securego/gosec/commit/223e19b8856e00f02cc67804499a83f77e208f3c) chore(deps): bump google.golang.org/grpc from 1.75.0 to 1.79.3 ([#​1617](https://redirect.github.com/securego/gosec/issues/1617)) - [`b23a9e5`](https://redirect.github.com/securego/gosec/commit/b23a9e534822ec656207d6d33116b9c48fcde6c7) fix: allow barry action to access secrets on fork PRs ([#​1616](https://redirect.github.com/securego/gosec/issues/1616)) - [`355cfa5`](https://redirect.github.com/securego/gosec/commit/355cfa5a43916c57b7727eece120dd54665c1427) fix: reduce G117 false positives for custom marshalers and transformed values ([#​1614](https://redirect.github.com/securego/gosec/issues/1614)) ([#​1615](https://redirect.github.com/securego/gosec/issues/1615)) - [`744bfb5`](https://redirect.github.com/securego/gosec/commit/744bfb5ef06e24230087a2470dd1eda8cf5ac48a) Add barry security scanner as a step in the CI ([#​1612](https://redirect.github.com/securego/gosec/issues/1612)) - [`4fde15d`](https://redirect.github.com/securego/gosec/commit/4fde15d2287caa7ba8480e14d3ccd49579d17f42) chore(deps): update all dependencies ([#​1611](https://redirect.github.com/securego/gosec/issues/1611)) - [`dec52c4`](https://redirect.github.com/securego/gosec/commit/dec52c4101b534ac9bc8cf22ac051a65c90d75e0) fix: prevent taint analysis hang on packages with many CHA call graph edges ([#​1608](https://redirect.github.com/securego/gosec/issues/1608)) ([#​1610](https://redirect.github.com/securego/gosec/issues/1610)) - [`a0de8b6`](https://redirect.github.com/securego/gosec/commit/a0de8b6aab054e0fe97bec94d1f5e635dc5dc495) Add some skills for claude code to automate some tasks ([#​1609](https://redirect.github.com/securego/gosec/issues/1609)) - [`c2dfcec`](https://redirect.github.com/securego/gosec/commit/c2dfcec7f34bdbb3591c1dccd4aafde1d49c5bd6) Add G701-G706 rule-to-CWE mappings and CWE-117, CWE-918 entries ([#​1606](https://redirect.github.com/securego/gosec/issues/1606)) - [`8aec3f4`](https://redirect.github.com/securego/gosec/commit/8aec3f48a22ee5404185b01ac7667302ba73e51c) fix: skip SSA analysis on ill-typed packages to prevent panic ([#​1607](https://redirect.github.com/securego/gosec/issues/1607)) - [`1ced32d`](https://redirect.github.com/securego/gosec/commit/1ced32df147e2dd7bb9400023c246235bb32be92) Port G120 from SSA-based to taint analysis (fixes [#​1600](https://redirect.github.com/securego/gosec/issues/1600), [#​1603](https://redirect.github.com/securego/gosec/issues/1603)) ([#​1605](https://redirect.github.com/securego/gosec/issues/1605)) - [`befce8d`](https://redirect.github.com/securego/gosec/commit/befce8de5da965121ad143b3c1eba58b0c3941bb) fix(G118): eliminate false positive for package-level cancel variables ([#​1602](https://redirect.github.com/securego/gosec/issues/1602)) - [`b7b2c7b`](https://redirect.github.com/securego/gosec/commit/b7b2c7b668f3f2bef8a8ae04d72f0eb60492322c) feat: add G124 rule for insecure HTTP cookie configuration ([#​1599](https://redirect.github.com/securego/gosec/issues/1599)) - [`6e66a94`](https://redirect.github.com/securego/gosec/commit/6e66a943db54eb8d235ac766fa2fd414d44e8821) feat: add G709 rule for unsafe deserialization of untrusted data ([#​1598](https://redirect.github.com/securego/gosec/issues/1598)) - [`e7ea237`](https://redirect.github.com/securego/gosec/commit/e7ea2377aa2138d550e6d466ceef7a3164b4d7ea) feat: add G708 rule for server-side template injection via text/template ([#​1597](https://redirect.github.com/securego/gosec/issues/1597)) - [`8895462`](https://redirect.github.com/securego/gosec/commit/889546214c90564feb348e14fd1bf526295e0b2d) fix(G118): eliminate false positive when cancel is called via struct field in a closure ([#​1596](https://redirect.github.com/securego/gosec/issues/1596)) - [`619ce21`](https://redirect.github.com/securego/gosec/commit/619ce2117e086b696f9357dc3422c18c2d0262bf) Fix infinite recursion in interprocedural taint analysis ([#​1594](https://redirect.github.com/securego/gosec/issues/1594)) - [`0e0eb17`](https://redirect.github.com/securego/gosec/commit/0e0eb1792f3ced1edfe332daa388f088d4bd2f08) Fix G118 false positive when cancel is stored in returned struct field ([#​1593](https://redirect.github.com/securego/gosec/issues/1593)) - [`59a9da0`](https://redirect.github.com/securego/gosec/commit/59a9da022f37d928b5c26c2b720e5f43f4a3e9b4) Fix G118 false positive on cancel called inside goroutine closure ([#​1592](https://redirect.github.com/securego/gosec/issues/1592)) - [`cbf46b8`](https://redirect.github.com/securego/gosec/commit/cbf46b8771cfe2f02d3f935469c7898198d901f4) fix(analyzer): per-package rule instantiation eliminates concurrent map crash ([#​1589](https://redirect.github.com/securego/gosec/issues/1589)) - [`c6c3ba8`](https://redirect.github.com/securego/gosec/commit/c6c3ba865980cf3333c8bcaa93b4b9b7a4858bba) chore(deps): update all dependencies ([#​1588](https://redirect.github.com/securego/gosec/issues/1588)) - [`c709ed8`](https://redirect.github.com/securego/gosec/commit/c709ed8be30a01d52ef51a099f5da6fc23dd3e31) fix(G118): treat returned cancel func as called (fixes [#​1584](https://redirect.github.com/securego/gosec/issues/1584)) ([#​1585](https://redirect.github.com/securego/gosec/issues/1585)) - [`fa74dd7`](https://redirect.github.com/securego/gosec/commit/fa74dd7069d482a37b1207afbeffbfc7681a47f8) chore(go): update supported Go versions to 1.25.8 and 1.26.1 ([#​1583](https://redirect.github.com/securego/gosec/issues/1583)) - [`cd1f29e`](https://redirect.github.com/securego/gosec/commit/cd1f29ec710ed24a305edf5908f52240addb1811) Update the README with the correct version of the Github action for gosec ([#​1582](https://redirect.github.com/securego/gosec/issues/1582)) - [`5887aee`](https://redirect.github.com/securego/gosec/commit/5887aee36f8b982ecb71885fde827ec0e84d98a2) chore(deps): update all dependencies ([#​1579](https://redirect.github.com/securego/gosec/issues/1579)) - [`6641fcf`](https://redirect.github.com/securego/gosec/commit/6641fcf966593bf52ed426aa262839b340d56375) Fix G115 false positives for guarded int64-to-byte conversions ([#​1578](https://redirect.github.com/securego/gosec/issues/1578)) - [`3c9c3da`](https://redirect.github.com/securego/gosec/commit/3c9c3da6924bb1daeea428e28ec9ac5fa5a09c25) Update the container image migration notice ([#​1576](https://redirect.github.com/securego/gosec/issues/1576)) - [`973e94e`](https://redirect.github.com/securego/gosec/commit/973e94e8fc181de08ab86b212e6475221e777069) chore(action): bump gosec to 2.24.7 ([#​1575](https://redirect.github.com/securego/gosec/issues/1575)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
02d1881218 |
chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.54.0 (#8085)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [go.opentelemetry.io/collector/featuregate](https://redirect.github.com/open-telemetry/opentelemetry-collector) | `v1.53.0` → `v1.54.0` |  |  | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>open-telemetry/opentelemetry-collector (go.opentelemetry.io/collector/featuregate)</summary> ### [`v1.54.0`](https://redirect.github.com/open-telemetry/opentelemetry-collector/blob/HEAD/CHANGELOG.md#v1540v01480) ##### ❗ Known Issues ❗ - `service`: The collector's internal Prometheus metrics endpoint (`:8888`) now emits OTel service labels with underscore names (`service_name`, `service_instance_id`, `service_version`) instead of dot-notation names (`service.name`, `service.instance.id`, `service.version`). Users scraping this endpoint with the Prometheus receiver will see these renamed labels in resource and datapoint attributes. As a workaround, add the following `metric_relabel_configs` to your scrape config in prometheus receiver: ```yaml metric_relabel_configs: - source_labels: [service_name] target_label: service.name - source_labels: [service_instance_id] target_label: service.instance.id - source_labels: [service_version] target_label: service.version - regex: service_name|service_instance_id|service_version action: labeldrop ``` See [#​14814](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14814) for details and updates. ##### 🛑 Breaking changes 🛑 - `all`: Change metric units to be singular to match OTel specification, e.g. `{requests}` -> `{request}` ([#​14753](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14753)) ##### 💡 Enhancements 💡 - `cmd/mdatagen`: Add deprecated\_type field to allow specifying an alias for component types. ([#​14718](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14718)) - `cmd/mdatagen`: Generate entity-scoped MetricsBuilder API that enforces entity-metric associations at compile time ([#​14659](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14659)) - `cmd/mdatagen`: Skip generating reaggregation config options for metrics that have no aggregatable attributes. ([#​14689](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14689)) - `pkg/service`: The internal status reporter no longer drops repeated Ok and RecoverableError statuses ([#​14282](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14282)) Status events can now carry metadata and there's value in allowing them to be emitted despite the status value itself not changing. ##### 🧰 Bug fixes 🧰 - `cmd/builder`: Add `.exe` to output binary names when building for Windows targets. ([#​12591](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/12591)) - `exporter/debug`: Add printing of metric metadata in detailed verbosity. ([#​14667](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14667)) - `exporter/otlp_grpc`: Prevent nil pointer panic when push methods are called before the OTLP exporter initializes its gRPC clients. ([#​14663](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14663)) When the sending queue and retry are disabled, calling ConsumeTraces, ConsumeMetrics, ConsumeLogs, or ConsumeProfiles before the OTLP exporter initializes its gRPC clients could cause a nil pointer dereference panic. The push methods now return an error instead of panicking. - `exporter/otlp_http`: Show the actual destination URL in error messages when request URL is modified by middleware. ([#​14673](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14673)) Unwraps the `*url.Error` returned by `http.Client.Do()` to prevent misleading error logs when a middleware extension dynamically updates the endpoint. - `pdata/pprofile`: Switch the dictionary of dictionary tables entries only once when merging profiles ([#​14709](https://redirect.github.com/open-telemetry/opentelemetry-collector/issues/14709)) For dictionary table data, we used to switch their dictionaries when doing the switch for the data that uses them. However, when an entry is associated with multiple other data (several samples can use the same stack), we would have been switching the dictionaries of the entry multiple times. We now switch dictionaries for dictionary table data only once, before switching the resource profiles. <!-- previous-version --> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
b471ef15b4 |
fix(deps): update github.com/opentracing-contrib/go-grpc/test digest to de6f1cc (#8082)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/opentracing-contrib/go-grpc/test](https://redirect.github.com/opentracing-contrib/go-grpc) | require | digest | `190d7d4` → `de6f1cc` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
ec4a15962c |
chore(deps): update module github.com/ryanrolds/sqlclosecheck to v0.6.0 (#8083)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/ryanrolds/sqlclosecheck](https://redirect.github.com/ryanrolds/sqlclosecheck) | `v0.5.1` → `v0.6.0` |  |  | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>ryanrolds/sqlclosecheck (github.com/ryanrolds/sqlclosecheck)</summary> ### [`v0.6.0`](https://redirect.github.com/ryanrolds/sqlclosecheck/releases/tag/v0.6.0) [Compare Source](https://redirect.github.com/ryanrolds/sqlclosecheck/compare/v0.5.1...v0.6.0) #### What's Changed - \[WIP] Support correct non-defer usage by [@​ryanrolds](https://redirect.github.com/ryanrolds) in [#​28](https://redirect.github.com/ryanrolds/sqlclosecheck/pull/28) - Add support for deferred closer functions which are not methods by [@​vanntile](https://redirect.github.com/vanntile) in [#​33](https://redirect.github.com/ryanrolds/sqlclosecheck/pull/33) - (cont) Add support for deferred closer functions which are not methods by [@​vanntile](https://redirect.github.com/vanntile) in [#​34](https://redirect.github.com/ryanrolds/sqlclosecheck/pull/34) - bump golang.org/x/tools to v0.13.0 to fix panic in tests by [@​alexandear](https://redirect.github.com/alexandear) in [#​38](https://redirect.github.com/ryanrolds/sqlclosecheck/pull/38) - CVE-2024-27304 with vendoring by [@​ryanrolds](https://redirect.github.com/ryanrolds) in [#​41](https://redirect.github.com/ryanrolds/sqlclosecheck/pull/41) - Bump golang.org/x/crypto from 0.17.0 to 0.35.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​42](https://redirect.github.com/ryanrolds/sqlclosecheck/pull/42) - fix: Referrers() may return nil by [@​didebughu](https://redirect.github.com/didebughu) in [#​46](https://redirect.github.com/ryanrolds/sqlclosecheck/pull/46) - Upgrade for Go 1.25 compatibility, and upgrade crypto dependency for CVE by [@​LeMikaelF](https://redirect.github.com/LeMikaelF) in [#​47](https://redirect.github.com/ryanrolds/sqlclosecheck/pull/47) #### New Contributors - [@​vanntile](https://redirect.github.com/vanntile) made their first contribution in [#​33](https://redirect.github.com/ryanrolds/sqlclosecheck/pull/33) - [@​alexandear](https://redirect.github.com/alexandear) made their first contribution in [#​38](https://redirect.github.com/ryanrolds/sqlclosecheck/pull/38) - [@​dependabot](https://redirect.github.com/dependabot)\[bot] made their first contribution in [#​42](https://redirect.github.com/ryanrolds/sqlclosecheck/pull/42) - [@​didebughu](https://redirect.github.com/didebughu) made their first contribution in [#​46](https://redirect.github.com/ryanrolds/sqlclosecheck/pull/46) - [@​LeMikaelF](https://redirect.github.com/LeMikaelF) made their first contribution in [#​47](https://redirect.github.com/ryanrolds/sqlclosecheck/pull/47) **Full Changelog**: <https://github.com/ryanrolds/sqlclosecheck/compare/v0.5.1...v0.6.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
8f3f09505c |
chore(deps): update codecov/codecov-action action to v5.5.3 (#8080)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [codecov/codecov-action](https://redirect.github.com/codecov/codecov-action) | action | patch | `v5.5.2` → `v5.5.3` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>codecov/codecov-action (codecov/codecov-action)</summary> ### [`v5.5.3`](https://redirect.github.com/codecov/codecov-action/releases/tag/v5.5.3) [Compare Source](https://redirect.github.com/codecov/codecov-action/compare/v5.5.2...v5.5.3) ##### What's Changed - build(deps): bump actions/github-script from 7.0.1 to 8.0.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1874](https://redirect.github.com/codecov/codecov-action/pull/1874) - chore(release): bump to 5.5.3 by [@​thomasrockhu-codecov](https://redirect.github.com/thomasrockhu-codecov) in [#​1922](https://redirect.github.com/codecov/codecov-action/pull/1922) **Full Changelog**: <https://github.com/codecov/codecov-action/compare/v5.5.2...v5.5.3> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
 David Ashpole
|
911ed35fa0 |
Cleanup exemplar featuregate readme (#8072)
Exemplars are no longer behind a feature gate. |
||
 yoshimura
|
528ebabbf0 |
sdk/trace/internal/observ: guard SpanStarted and spanLive with Enabled (#8067)
Guards SpanStarted and spanLive with Enabled(ctx) to avoid building metric options/attributes when instruments are disabled. ``` BenchmarkTracer (noop MeterProvider): SpanStarted: ~1.77 ns/op -> ~0.48 ns/op (~3.7x) SpanLive: ~2.05 ns/op -> ~0.52 ns/op (~3.9x) SpanEnded: ~2.05 ns/op -> ~0.52 ns/op (~3.9x) ``` No behavior change when enabled; existing tests cover enabled path. ~~No CHANGELOG entry, following #7848.~~ Issue: #7800 --------- Co-authored-by: Damien Mathieu <42@dmathieu.com> |
||
|
David Ashpole
|
025b01be59 |
Add support for the development per-series starttime feature (#8060)
Add a feature to use per-series start times to match the spec: https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/metrics/sdk.md#start-timestamps This is a prerequisite to [finishing / closing](https://github.com/open-telemetry/opentelemetry-specification/pull/4702). Previous prototype: https://github.com/open-telemetry/opentelemetry-go/pull/7719 --------- Co-authored-by: Tyler Yahn <MrAlias@users.noreply.github.com> Co-authored-by: Robert Pająk <pellared@hotmail.com> |
||
 ian
|
768e930779 |
Added the internal/observ package to stdoutlog (#7735)
a part of #7020 ```txt goos: windows goarch: amd64 pkg: go.opentelemetry.io/otel/exporters/stdout/stdoutlog/internal/observ cpu: Intel(R) Core(TM) i7-14700 │ result.txt │ │ sec/op │ InstrumentationExportLogs/NoError-28 47.68n ± 5% InstrumentationExportLogs/PartialError-28 471.6n ± 2% InstrumentationExportLogs/FullError-28 471.9n ± 10% geomean 219.7n │ result.txt │ │ B/op │ InstrumentationExportLogs/NoError-28 0.000 ± 0% InstrumentationExportLogs/PartialError-28 305.0 ± 0% InstrumentationExportLogs/FullError-28 305.0 ± 0% geomean ¹ ¹ summaries must be >0 to compute geomean │ result.txt │ │ allocs/op │ InstrumentationExportLogs/NoError-28 0.000 ± 0% InstrumentationExportLogs/PartialError-28 4.000 ± 0% InstrumentationExportLogs/FullError-28 4.000 ± 0% geomean ¹ ¹ summaries must be >0 to compute geomean ``` --------- Co-authored-by: Damien Mathieu <42@dmathieu.com> |
||
|
David Ashpole
|
5576bc22e7 |
Use atomics for exponential histogram buckets (#8057)
Follows https://github.com/open-telemetry/opentelemetry-go/pull/8025 This is the second PR towards a lockless fast-path for the exponential histogram aggregation. It replaces use of uint64 with atomic.Uint64. It does not make buckets concurrent-safe. That will come in future PRs. This is a refactor to make future PRs easier to review since it has a large diff, but is relatively simple. The record and measure calls are still guarded by a lock at this point. You can see the full set of planned changes in https://github.com/open-telemetry/opentelemetry-go/compare/main...dashpole:opentelemetry-go:lockless_exphist_ai. The implementation is largely based on https://github.com/open-telemetry/opentelemetry-go/pull/7535 (which I implemented by hand), but with help from an AI to break it down into smaller PRs, and simplify aspects of the design. Part of https://github.com/open-telemetry/opentelemetry-go/issues/7796 |
||
 Ijas
|
d5f403cab5 |
sdk/resource: add WithContext variants for Default and Environment (#7808) (#8051)
## Description Address issue #7808 by plumbing `context.Context` through `resource.Environment` and `resource.Default`. Currently, these functions hardcode `context.Background()`, which prevents detectors (especially those that might perform network lookups or OS calls) from respecting timeouts or cancellations provided by the caller. ## Changes - Adds `EnvironmentWithContext(ctx context.Context)` as a new public function. - Adds `DefaultWithContext(ctx context.Context)` as a new public function. - Maintains backward compatibility by making `Environment()` and `Default()` thin wrappers around the new WithContext variants. ## Testing - Added unit tests in `sdk/resource/resource_test.go` to verify the new functions. - Verified that all `sdk/resource` tests pass. - Verified that make `golangci-lint` passes repository-wide. Fixes #7808 --------- Co-authored-by: Damien Mathieu <42@dmathieu.com> |
||
 Trask Stalnaker
|
08efeb47e7 |
Migrate to new bare metal runner (Ubuntu 24) (#8068)
Old runner: - name: `oracle-bare-metal-64cpu-512gb-x86-64` - 512gb memory - Oracle Linux 8 New runner: - name: `oracle-bare-metal-64cpu-1024gb-x86-64-ubuntu-24` - 1024gb memory - Ubuntu 24 I realize this could have some impact on benchmark baselines, so please post on https://github.com/open-telemetry/community/issues/3333 once you have migrated and are comfortable with the old one being removed. |
||
|
renovate[bot]
|
7e13b024d4 | chore(deps): update github.com/securego/gosec/v2 digest to 744bfb5 (#8064) | ||
|
David Ashpole
|
206ac291d0 |
Fix race in the lastvalue aggregation where 0 could be observed (#8056)
This initializes the value of the gauge with the correct value before it is stored in the map. We end up storing the same thing twice on the first call, but that isn't a big deal performance-wise. Discovered during https://github.com/open-telemetry/opentelemetry-go/pull/8021 |
||
|
renovate[bot]
|
b201d73b24 |
chore(deps): update github/codeql-action action to v4.33.0 (#8065)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | minor | `v4.32.6` → `v4.33.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v4.33.0`](https://redirect.github.com/github/codeql-action/compare/v4.32.6...v4.33.0) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.32.6...v4.33.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
a029201d1b |
chore(deps): update otel/weaver docker tag to v0.22.1 (#8061)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [otel/weaver](https://redirect.github.com/open-telemetry/weaver) | stage | patch | `v0.22.0` → `v0.22.1` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>open-telemetry/weaver (otel/weaver)</summary> ### [`v0.22.1`](https://redirect.github.com/open-telemetry/weaver/releases/tag/v0.22.1): 0.22.1 - 2026-03-13 [Compare Source](https://redirect.github.com/open-telemetry/weaver/compare/v0.22.0...v0.22.1) #### Release Notes *Note: 0.22.0 release was skipped due to release CI/CD issues.* - Fix: Update release workflow for pnpm migration (use pnpm lockfile instead of npm lockfile). ([#​1289](https://redirect.github.com/open-telemetry/weaver/pull/1289) by [@​jerbly](https://redirect.github.com/jerbly)) - Add support for git references in the registry url ([#​182](https://redirect.github.com/open-telemetry/weaver/issues/182) by [@​sebasnabas](https://redirect.github.com/sebasnabas)) - New feature ([#​1153](https://redirect.github.com/open-telemetry/weaver/issues/1153)) - Live-check now has a `/health` endpoint that can be used in long-running scenarios to confirm readiness and liveness of the live-check server. ([#​1193](https://redirect.github.com/open-telemetry/weaver/pull/1193) by [@​jerbly](https://redirect.github.com/jerbly)) - New feature ([#​1100](https://redirect.github.com/open-telemetry/weaver/issues/1100)) - Set `--output=http` to have live-check send its report as the response to `/stop`. ([#​1193](https://redirect.github.com/open-telemetry/weaver/pull/1193) by [@​jerbly](https://redirect.github.com/jerbly)) - Unified output handling across all registry subcommands. Builtin output formats (json, yaml, jsonl) are now available in `registry stats`, `registry diff`, and `registry resolve`. `registry stats` also supports `--templates` for custom text output templates. ([#​1200](https://redirect.github.com/open-telemetry/weaver/pull/1200) by [@​jerbly](https://redirect.github.com/jerbly)) - New feature ([#​1152](https://redirect.github.com/open-telemetry/weaver/issues/1152)) - Live-check with `--emit-otlp-logs` will now include the attributes from the resource in the emitted log record, this helps to identify the source of the finding in a multi-source environment. ([#​1206](https://redirect.github.com/open-telemetry/weaver/pull/1206) by [@​jerbly](https://redirect.github.com/jerbly)) - New Experimental feature: `weaver registry infer` command that listens for OTLP telemetry and infers a semantic convention registry file from the received data. Supports spans, metrics, events, and resource attributes. Includes configurable gRPC address/port, admin server for graceful shutdown, and inactivity timeout. ([#​1138](https://redirect.github.com/open-telemetry/weaver/pull/1138) by [@​ArthurSens](https://redirect.github.com/ArthurSens)) - Fix: Include unit in inferred schema even if empty to prevent live-check failures. ([#​1284](https://redirect.github.com/open-telemetry/weaver/pull/1284) by [@​ArthurSens](https://redirect.github.com/ArthurSens)) - Use `schema_url` in registry manifest, dependencies, and resolved schema instead of `registry_url`. Parse registry name and version from it. ([#​1202](https://redirect.github.com/open-telemetry/weaver/pull/1202) by [@​lmolkova](https://redirect.github.com/lmolkova)) - Default to `manifest.yaml` for registry manifest file, deprecate `registry_manifest.yaml` and add warning when it's used. ([#​1202](https://redirect.github.com/open-telemetry/weaver/pull/1202) by [@​lmolkova](https://redirect.github.com/lmolkova)) - 💥 BREAKING CHANGE 💥 (Fixes [#​760](https://redirect.github.com/open-telemetry/weaver/issues/760)) - Auto-escaping is now off by default (`none`) for all templates, regardless of file extension. To opt in, set `auto_escape: html` or `auto_escape: json` per template in `weaver.yaml`. Within a template, `{% autoescape false %}` blocks can selectively disable escaping for sections. Use `|tojson` for explicit JSON/YAML value escaping where needed. ([#​1239](https://redirect.github.com/open-telemetry/weaver/pull/1239) by [@​jerbly](https://redirect.github.com/jerbly)) - 💥 BREAKING CHANGE 💥 Replace `version: "2"` with `file_format: definition/2` for v2 definition schema ([#​1154](https://redirect.github.com/open-telemetry/weaver/pull/1154) by [@​lmolkova](https://redirect.github.com/lmolkova)) - Add JSON schema for resolved registry v2 ([#​1261](https://redirect.github.com/open-telemetry/weaver/pull/1261) by [@​lmolkova](https://redirect.github.com/lmolkova)) - Add `weaver registry package` command to generate manifest and write resolved schema. ([#​1254](https://redirect.github.com/open-telemetry/weaver/pull/1254) by [@​lmolkova](https://redirect.github.com/lmolkova)) - Fix: `weaver registry package` command not producing output due to warnings. ([#​1271](https://redirect.github.com/open-telemetry/weaver/pull/1271) by [@​lmolkova](https://redirect.github.com/lmolkova)) - Update JSON Schema v2 to include `file_format` ([#​1262](https://redirect.github.com/open-telemetry/weaver/pull/1262) by [@​lmolkova](https://redirect.github.com/lmolkova)) - Add JSON schema for `PolicyFinding`, make `context` field optional. ([#​1270](https://redirect.github.com/open-telemetry/weaver/pull/1270) by [@​lmolkova](https://redirect.github.com/lmolkova)) - Deprecate `weaver registry resolve` command, please use `weaver registry generate` or `package` instead ([#​1255](https://redirect.github.com/open-telemetry/weaver/pull/1255) by [@​lmolkova](https://redirect.github.com/lmolkova)) - Support `imports` for all signal types and public attribute groups in v2 registry. ([#​1267](https://redirect.github.com/open-telemetry/weaver/pull/1267) by [@​jsuereth](https://redirect.github.com/jsuereth)) - Support refinements in v2 syntax: metric names, notes, etc. are now copied from the refined group. ([#​1250](https://redirect.github.com/open-telemetry/weaver/pull/1250) by [@​jsuereth](https://redirect.github.com/jsuereth)) - Fix stability/ordering issues in v2 publishing; attributes are now sorted and deduplicated consistently. ([#​1282](https://redirect.github.com/open-telemetry/weaver/pull/1282) by [@​jsuereth](https://redirect.github.com/jsuereth)) - Fix resolution for dependencies: both v1 and v2 resolution now returns the correct attribute from the right registry when using dependencies. ([#​1280](https://redirect.github.com/open-telemetry/weaver/pull/1280) by [@​lmolkova](https://redirect.github.com/lmolkova)) - JQ helper v2 for spans: fixes and improvements. ([#​1251](https://redirect.github.com/open-telemetry/weaver/pull/1251) by [@​lmolkova](https://redirect.github.com/lmolkova)) - Fix 404 on template-type attributes in the `weaver serve` API. ([#​1240](https://redirect.github.com/open-telemetry/weaver/pull/1240) by [@​jerbly](https://redirect.github.com/jerbly)) - New Experimental feature: `weaver serve` UI migrated to React. ([#​1147](https://redirect.github.com/open-telemetry/weaver/pull/1147) by [@​nicolastakashi](https://redirect.github.com/nicolastakashi)) #### Install weaver 0.22.1 ##### Install prebuilt binaries via shell script ```sh curl --proto '=https' --tlsv1.2 -LsSf https://github.com/open-telemetry/weaver/releases/download/v0.22.1/weaver-installer.sh | sh ``` ##### Install prebuilt binaries via powershell script ```sh powershell -ExecutionPolicy Bypass -c "irm https://github.com/open-telemetry/weaver/releases/download/v0.22.1/weaver-installer.ps1 | iex" ``` #### Download weaver 0.22.1 | File | Platform | Checksum | | ---------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | ---------------------------------------------------------------------------------------------------------------------------- | | [weaver-aarch64-apple-darwin.tar.xz](https://redirect.github.com/open-telemetry/weaver/releases/download/v0.22.1/weaver-aarch64-apple-darwin.tar.xz) | Apple Silicon macOS | [checksum](https://redirect.github.com/open-telemetry/weaver/releases/download/v0.22.1/weaver-aarch64-apple-darwin.tar.xz.sha256) | | [weaver-x86\_64-apple-darwin.tar.xz](https://redirect.github.com/open-telemetry/weaver/releases/download/v0.22.1/weaver-x86_64-apple-darwin.tar.xz) | Intel macOS | [checksum](https://redirect.github.com/open-telemetry/weaver/releases/download/v0.22.1/weaver-x86_64-apple-darwin.tar.xz.sha256) | | [weaver-x86\_64-pc-windows-msvc.zip](https://redirect.github.com/open-telemetry/weaver/releases/download/v0.22.1/weaver-x86_64-pc-windows-msvc.zip) | x64 Windows | [checksum](https://redirect.github.com/open-telemetry/weaver/releases/download/v0.22.1/weaver-x86_64-pc-windows-msvc.zip.sha256) | | [weaver-x86\_64-pc-windows-msvc.msi](https://redirect.github.com/open-telemetry/weaver/releases/download/v0.22.1/weaver-x86_64-pc-windows-msvc.msi) | x64 Windows | [checksum](https://redirect.github.com/open-telemetry/weaver/releases/download/v0.22.1/weaver-x86_64-pc-windows-msvc.msi.sha256) | | [weaver-x86\_64-unknown-linux-gnu.tar.xz](https://redirect.github.com/open-telemetry/weaver/releases/download/v0.22.1/weaver-x86_64-unknown-linux-gnu.tar.xz) | x64 Linux | [checksum](https://redirect.github.com/open-telemetry/weaver/releases/download/v0.22.1/weaver-x86_64-unknown-linux-gnu.tar.xz.sha256) | #### Verifying GitHub Artifact Attestations The artifacts in this release have attestations generated with GitHub Artifact Attestations. These can be verified by using the [GitHub CLI](https://cli.github.com/manual/gh_attestation_verify): ```sh gh attestation verify <file-path of downloaded artifact> --repo open-telemetry/weaver ``` You can also download the attestation from [GitHub](https://redirect.github.com/open-telemetry/weaver/attestations) and verify against that directly: ```sh gh attestation verify <file-path of downloaded artifact> --bundle <file-path of downloaded attestation> ``` </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
fc02fe0927 |
chore(deps): update github.com/securego/gosec/v2 digest to dec52c4 (#8063)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/securego/gosec/v2](https://redirect.github.com/securego/gosec) | indirect | digest | `c2dfcec` → `dec52c4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
972a6e570e |
chore(deps): update otel/weaver docker tag to v0.22.0 (#8058)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [otel/weaver](https://redirect.github.com/open-telemetry/weaver) | stage | minor | `v0.21.2` → `v0.22.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>open-telemetry/weaver (otel/weaver)</summary> ### [`v0.22.0`](https://redirect.github.com/open-telemetry/weaver/compare/v0.21.2...v0.22.0) [Compare Source](https://redirect.github.com/open-telemetry/weaver/compare/v0.21.2...v0.22.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
bdc1b511c8 |
chore(deps): update github.com/securego/gosec/v2 digest to c2dfcec (#8055)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/securego/gosec/v2](https://redirect.github.com/securego/gosec) | indirect | digest | `befce8d` → `c2dfcec` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My42Ni40IiwidXBkYXRlZEluVmVyIjoiNDMuNjYuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
David Ashpole
|
4c89d3345a |
exphist: replace min, max, sum, and count with atomics (#8025)
This is the first PR towards a lockless fast-path for the exponential histogram aggregation. It just replaces use of min, max, sum and counts with atomic types. You can see the full set of planned changes in https://github.com/open-telemetry/opentelemetry-go/compare/main...dashpole:opentelemetry-go:lockless_exphist_ai. The implementation is largely based on https://github.com/open-telemetry/opentelemetry-go/pull/7535 (which I implemented by hand), but with help from an AI to break it down into smaller PRs, and simplify aspects of the design. Part of https://github.com/open-telemetry/opentelemetry-go/issues/7796 |
||
|
David Ashpole
|
82d57cc8b6 |
Add tests for exponential histogram concurrent-safety edge-cases (#8024)
Part of https://github.com/open-telemetry/opentelemetry-go/issues/7796 Improve test coverage of the concurrent-safety of exponential histogram aggregations. This adds two tests: * ZeroValues, which checks that the handling of zero values is correct in concurrent scenarios * RescalingStress, which generates inputs that intentionally cause lots of concurrent rescales. The RescalingStress test inputs the same values into a serial version and parallel version of the exponential histogram aggregation and verifies that the output buckets match afterwards. I used AI to identify where we were missing coverage, and to design and help implement the tests. I've reviewed and modified the tests as needed. |
||
|
David Ashpole
|
65f85fc93a |
Improve aggregation concurrent safe tests (#8021)
I'm taking a stab at improving the ConcurrentSafe tests for aggregations before taking on the lockless exponential histogram implementation again. Part of https://github.com/open-telemetry/opentelemetry-go/issues/7796 This PR includes a few improvements: * All concurrent-safe tests now use 10 different attribute sets to make sure we are testing concurrent increments that result in an overflow (the cardinality limit of the test is 3). * All concurrent-safe tests for floats now include decimal valued-inputs. * Improved the validation of the collected metrics: * Validate the total after multiple collects. * Validate that increments are made to the correct bucket for histograms * Validate that the overflow attribute set has the correct total value. This uncovered an apparent race condition where the lastvalue aggregation can collect a value of zero even when no zero-value is recorded. I added a TODO, and will fix this in a follow-up. I used AI to help me design and implement tests, but requested each of the changes, and reviewed the output. --------- Co-authored-by: Tyler Yahn <MrAlias@users.noreply.github.com> |
||
 Yuanyuan Zhao
|
2ffde5a428 |
trace: add Random Trace ID Flag (#8012)
## Summary Adds API support for the W3C tracecontext random flag on `TraceFlags` and `SpanContext` in `go.opentelemetry.io/otel/trace`: - **`TraceFlags.IsRandom()`** — reports whether the random bit is set - **`TraceFlags.WithRandom(bool)`** — sets or clears the random bit in a copy of the flags - **`SpanContext.IsRandom()`** — reports whether the random bit is set in the span context's trace flags These mirror the existing `IsSampled` / `WithSampled` pattern. ## Motivation The W3C Trace Context spec defines a random bit in trace flags to indicate probabilistic sampling. This is required for [TraceIdRatioBased sampler](https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/trace/sdk.md#traceidratiobased) support, where the random bit is set when a trace is probabilistically sampled and is used for extrapolated span metrics. ## Related Part of #7928 (Support TraceIdRatioBased Sampler). This PR adds the trace API needed for that work; sampler implementation and tracestate `th` handling will follow in separate PRs. ## Co-Author Joshua MacDonald <jmacd@users.noreply.github.com> --------- Co-authored-by: Joshua MacDonald <jmacd@users.noreply.github.com> Co-authored-by: Robert Pająk <pellared@hotmail.com> Co-authored-by: Damien Mathieu <42@dmathieu.com> |
||
|
renovate[bot]
|
9c5a5df1a5 |
chore(deps): update github.com/securego/gosec/v2 digest to befce8d (#8053)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/securego/gosec/v2](https://redirect.github.com/securego/gosec) | indirect | digest | `b7b2c7b` → `befce8d` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41OS4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
362bd1f360 |
fix(deps): update golang.org/x (#8052)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [golang.org/x/exp](https://pkg.go.dev/golang.org/x/exp) | require | digest | `3dfff04` → `7ab1446` | | [golang.org/x/exp/typeparams](https://pkg.go.dev/golang.org/x/exp/typeparams) | indirect | digest | `3dfff04` → `7ab1446` | | [golang.org/x/telemetry](https://pkg.go.dev/golang.org/x/telemetry) | indirect | digest | `579e4da` → `1546bf4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41OS4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
David Ashpole
|
f0294a3921 |
Add benchmarks for end-to-end metrics SDK usage (#7768)
### Objective Part of https://github.com/open-telemetry/opentelemetry-go/issues/7743. I need a benchmark that can demonstrate the performance of using our API, SDK, and attributes packages together when following our performance guide. https://github.com/open-telemetry/opentelemetry-go/blob/main/CONTRIBUTING.md#attribute-and-option-allocation-management. I settled on benchmarking three scenarios: "Precomputed", "Dynamic", and "Naive". In the "Precomputed" scenario, it is assumed that the attribute set being measured against is known ahead of time, and that the instrumentation author can enumerate all possible sets, and precompute whatever they want, and keep references to it. In the "Dynamic" scenario, it is assumed that the attribute set being measured against is not known ahead of time, and that it is not feasible to enumerate all possible attribute sets ahead of time. However, this scenario still assumes bounded cardinality, as writing metrics with an unbounded cardinality is not the intended use of the API. I had originally written these benchmarks with varying overall cardinality, but the cardinality does not impact the test results, as long as it is reasonable and bounded (e.g. < 100,000). In the "Naive" scenario, it is assumed the user uses the API in the simplest, most ergonomic way. This is an attempt to measure the "default" experience of our API + SDK that users get when they use it. I also found that relative benchmark results did not change when different levels of parallelism are used, so all benchmark results are single-threaded. ### Results ``` goos: linux goarch: amd64 pkg: go.opentelemetry.io/otel/sdk/metric cpu: Intel(R) Xeon(R) CPU @ 2.20GHz │ out.txt │ │ sec/op │ EndToEndCounterAdd/NoFilter/Attributes/1/Precomputed/WithAttributeSet-24 59.47n ± 12% EndToEndCounterAdd/NoFilter/Attributes/1/Precomputed/WithAttributes-24 54.50n ± 3% EndToEndCounterAdd/NoFilter/Attributes/1/Dynamic/WithAttributeSet-24 164.3n ± 16% EndToEndCounterAdd/NoFilter/Attributes/1/Dynamic/WithAttributes-24 219.5n ± 4% EndToEndCounterAdd/NoFilter/Attributes/1/Naive/WithAttributes-24 268.9n ± 7% EndToEndCounterAdd/NoFilter/Attributes/5/Precomputed/WithAttributeSet-24 51.78n ± 6% EndToEndCounterAdd/NoFilter/Attributes/5/Precomputed/WithAttributes-24 52.95n ± 8% EndToEndCounterAdd/NoFilter/Attributes/5/Dynamic/WithAttributeSet-24 434.9n ± 3% EndToEndCounterAdd/NoFilter/Attributes/5/Dynamic/WithAttributes-24 646.0n ± 3% EndToEndCounterAdd/NoFilter/Attributes/5/Naive/WithAttributes-24 802.3n ± 4% EndToEndCounterAdd/NoFilter/Attributes/10/Precomputed/WithAttributeSet-24 52.00n ± 5% EndToEndCounterAdd/NoFilter/Attributes/10/Precomputed/WithAttributes-24 51.88n ± 8% EndToEndCounterAdd/NoFilter/Attributes/10/Dynamic/WithAttributeSet-24 815.9n ± 3% EndToEndCounterAdd/NoFilter/Attributes/10/Dynamic/WithAttributes-24 1.202µ ± 3% EndToEndCounterAdd/NoFilter/Attributes/10/Naive/WithAttributes-24 1.527µ ± 7% EndToEndCounterAdd/Filtered/Attributes/1/Precomputed/WithAttributeSet-24 136.6n ± 5% EndToEndCounterAdd/Filtered/Attributes/1/Precomputed/WithAttributes-24 138.4n ± 3% EndToEndCounterAdd/Filtered/Attributes/1/Dynamic/WithAttributeSet-24 251.6n ± 5% EndToEndCounterAdd/Filtered/Attributes/1/Dynamic/WithAttributes-24 314.7n ± 7% EndToEndCounterAdd/Filtered/Attributes/1/Naive/WithAttributes-24 357.9n ± 6% EndToEndCounterAdd/Filtered/Attributes/5/Precomputed/WithAttributeSet-24 499.7n ± 4% EndToEndCounterAdd/Filtered/Attributes/5/Precomputed/WithAttributes-24 510.5n ± 5% EndToEndCounterAdd/Filtered/Attributes/5/Dynamic/WithAttributeSet-24 987.1n ± 6% EndToEndCounterAdd/Filtered/Attributes/5/Dynamic/WithAttributes-24 1.169µ ± 9% EndToEndCounterAdd/Filtered/Attributes/5/Naive/WithAttributes-24 1.297µ ± 5% EndToEndCounterAdd/Filtered/Attributes/10/Precomputed/WithAttributeSet-24 1.044µ ± 7% EndToEndCounterAdd/Filtered/Attributes/10/Precomputed/WithAttributes-24 992.6n ± 7% EndToEndCounterAdd/Filtered/Attributes/10/Dynamic/WithAttributeSet-24 1.838µ ± 6% EndToEndCounterAdd/Filtered/Attributes/10/Dynamic/WithAttributes-24 2.258µ ± 4% EndToEndCounterAdd/Filtered/Attributes/10/Naive/WithAttributes-24 2.553µ ± 6% geomean 375.7n │ out.txt │ │ B/op │ EndToEndCounterAdd/NoFilter/Attributes/1/Precomputed/WithAttributeSet-24 0.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/1/Precomputed/WithAttributes-24 0.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/1/Dynamic/WithAttributeSet-24 88.00 ± 0% EndToEndCounterAdd/NoFilter/Attributes/1/Dynamic/WithAttributes-24 152.0 ± 0% EndToEndCounterAdd/NoFilter/Attributes/1/Naive/WithAttributes-24 232.0 ± 0% EndToEndCounterAdd/NoFilter/Attributes/5/Precomputed/WithAttributeSet-24 0.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/5/Precomputed/WithAttributes-24 0.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/5/Dynamic/WithAttributeSet-24 345.0 ± 0% EndToEndCounterAdd/NoFilter/Attributes/5/Dynamic/WithAttributes-24 665.0 ± 0% EndToEndCounterAdd/NoFilter/Attributes/5/Naive/WithAttributes-24 1000.0 ± 0% EndToEndCounterAdd/NoFilter/Attributes/10/Precomputed/WithAttributeSet-24 0.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/10/Precomputed/WithAttributes-24 0.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/10/Dynamic/WithAttributeSet-24 730.0 ± 0% EndToEndCounterAdd/NoFilter/Attributes/10/Dynamic/WithAttributes-24 1.401Ki ± 0% EndToEndCounterAdd/NoFilter/Attributes/10/Naive/WithAttributes-24 2.102Ki ± 0% EndToEndCounterAdd/Filtered/Attributes/1/Precomputed/WithAttributeSet-24 64.00 ± 0% EndToEndCounterAdd/Filtered/Attributes/1/Precomputed/WithAttributes-24 64.00 ± 0% EndToEndCounterAdd/Filtered/Attributes/1/Dynamic/WithAttributeSet-24 152.0 ± 0% EndToEndCounterAdd/Filtered/Attributes/1/Dynamic/WithAttributes-24 216.0 ± 0% EndToEndCounterAdd/Filtered/Attributes/1/Naive/WithAttributes-24 296.0 ± 0% EndToEndCounterAdd/Filtered/Attributes/5/Precomputed/WithAttributeSet-24 576.0 ± 0% EndToEndCounterAdd/Filtered/Attributes/5/Precomputed/WithAttributes-24 576.0 ± 0% EndToEndCounterAdd/Filtered/Attributes/5/Dynamic/WithAttributeSet-24 922.0 ± 0% EndToEndCounterAdd/Filtered/Attributes/5/Dynamic/WithAttributes-24 1.213Ki ± 0% EndToEndCounterAdd/Filtered/Attributes/5/Naive/WithAttributes-24 1.539Ki ± 0% EndToEndCounterAdd/Filtered/Attributes/10/Precomputed/WithAttributeSet-24 1.312Ki ± 0% EndToEndCounterAdd/Filtered/Attributes/10/Precomputed/WithAttributes-24 1.312Ki ± 0% EndToEndCounterAdd/Filtered/Attributes/10/Dynamic/WithAttributeSet-24 2.027Ki ± 0% EndToEndCounterAdd/Filtered/Attributes/10/Dynamic/WithAttributes-24 2.716Ki ± 0% EndToEndCounterAdd/Filtered/Attributes/10/Naive/WithAttributes-24 3.414Ki ± 0% geomean ¹ ¹ summaries must be >0 to compute geomean │ out.txt │ │ allocs/op │ EndToEndCounterAdd/NoFilter/Attributes/1/Precomputed/WithAttributeSet-24 0.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/1/Precomputed/WithAttributes-24 0.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/1/Dynamic/WithAttributeSet-24 2.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/1/Dynamic/WithAttributes-24 3.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/1/Naive/WithAttributes-24 5.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/5/Precomputed/WithAttributeSet-24 0.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/5/Precomputed/WithAttributes-24 0.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/5/Dynamic/WithAttributeSet-24 2.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/5/Dynamic/WithAttributes-24 3.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/5/Naive/WithAttributes-24 5.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/10/Precomputed/WithAttributeSet-24 0.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/10/Precomputed/WithAttributes-24 0.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/10/Dynamic/WithAttributeSet-24 2.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/10/Dynamic/WithAttributes-24 3.000 ± 0% EndToEndCounterAdd/NoFilter/Attributes/10/Naive/WithAttributes-24 5.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/1/Precomputed/WithAttributeSet-24 1.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/1/Precomputed/WithAttributes-24 1.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/1/Dynamic/WithAttributeSet-24 3.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/1/Dynamic/WithAttributes-24 4.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/1/Naive/WithAttributes-24 6.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/5/Precomputed/WithAttributeSet-24 2.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/5/Precomputed/WithAttributes-24 2.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/5/Dynamic/WithAttributeSet-24 4.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/5/Dynamic/WithAttributes-24 5.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/5/Naive/WithAttributes-24 7.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/10/Precomputed/WithAttributeSet-24 2.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/10/Precomputed/WithAttributes-24 2.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/10/Dynamic/WithAttributeSet-24 4.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/10/Dynamic/WithAttributes-24 5.000 ± 0% EndToEndCounterAdd/Filtered/Attributes/10/Naive/WithAttributes-24 7.000 ± 0% geomean ¹ ¹ summaries must be >0 to compute geomean ``` ### Observations * When the attributes are known ahead of time (Precomputed), WithAttributes and WithAttributeSet have equal performance. * When attributes are not known ahead of time (Dynamic), WithAttributes is worse than WithAttributeSet (mostly 1 extra allocation). * When an attribute filter is applied, the performance of the SDK degrades significantly. In the Precomputed case with 10 attributes, the performance goes from 50ns to 1000ns, and from 0 allocations to 2 allocations. |
||
 Tyler Yahn
|
9587c57d48 |
Optimize attribute slice conversion (#8039)
This PR refactors the internal slice conversion helpers in
`attribute/internal` to use generics and adds explicit short-length fast
paths for slice-backed attribute values.
The main changes are:
- replace the old type-specific internal helpers with generic
`SliceValue[T]` and `AsSlice[T]`
- preserve the comparable-array storage model used by `Value` and
`KeyValue`
- add fixed-size fast paths for lengths `0..3`
- add a matching short-length fast path in `IntSliceValue` before
falling back to `[]int64` conversion
- keep reflection as the fallback for larger slice lengths
- keep the existing `Value.As*Slice()` methods in `attribute` as thin
wrappers over the generic internal helpers
- add type-mismatch coverage for `AsSlice[T]`
- expand the benchmark suite so it measures both:
- short slices that hit the new fixed-size path
- longer slices that still use the reflective fallback
## Rationale
The package still needs reflection for arbitrary runtime lengths because
slice values are stored as comparable arrays behind `any`, and Go cannot
construct a runtime-sized array type without `reflect.ArrayOf`.
The fast path is intentionally small. The cutoff of `0..3` is based on a
combination of:
- benchmark gains for short slices
- semantic convention examples where `1..3` values are common
- downstream source analysis, which found that most external call sites
pass variables rather than inline literals, so static source scanning
does not justify a larger cutoff
## External Usage Validation
Downstream scan:
- sampled repos cloned and scanned: `285`
- most external call sites pass dynamic slice variables, not inline
literals
- final literal counts recovered statically:
- `StringSlice`: total `131`, dynamic `121`, literal len `0`: `1`, len
`1`: `8`, len `2`: `1`
- `IntSlice`: total `5`, all dynamic
- `Int64Slice`: total `6`, all dynamic
- `BoolSlice`: total `3`, all dynamic
- `Float64Slice`: total `3`, all dynamic
Semantic conventions reviewed locally in `semantic-conventions` include
several slice-valued attributes where short lists are normal, for
example:
- `browser.brands`
- `gen_ai.request.stop_sequences`
- `gen_ai.request.encoding_formats`
- `gen_ai.response.finish_reasons`
- `user.roles`
- `file.attributes`
There are also clearly unbounded cases like headers, metadata, command
args, and some cloud/provider arrays. That combination supports a small
fast path, but not an assumption that all real-world slices are tiny.
## Benchmarks
Changes to the benchmarks:
- internal microbenchmarks now run both `Len2` and `Len8`
- public `attribute` benchmarks now run both `Len2` and `Len8`
- repeated benchmark runs were compared with `benchstat`
`Len2` exercises the new fixed-size path. `Len8` exercises the
reflective fallback path.
Headline result:
- short slices improve substantially
- large slices stay close to baseline because they still use reflection
- `IntSlice` now gets the same short-slice win as the other slice types,
but larger `[]int` values still pay the `[]int` to `[]int64` conversion
cost
### Internal Helpers
```text
goos: linux
goarch: amd64
pkg: go.opentelemetry.io/otel/attribute/internal
cpu: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
│ /tmp/bench-internal-base-v2.txt │ /tmp/bench-internal-current-v2.txt │
│ sec/op │ sec/op vs base │
BoolSliceValue/Len2-8 124.00n ± 4% 19.36n ± 12% -84.39% (p=0.000 n=12)
BoolSliceValue/Len8-8 129.9n ± 2% 136.8n ± 3% +5.31% (p=0.000 n=12)
Int64SliceValue/Len2-8 146.00n ± 26% 26.13n ± 3% -82.10% (p=0.000 n=12)
Int64SliceValue/Len8-8 172.1n ± 4% 174.9n ± 5% ~ (p=0.443 n=12)
Float64SliceValue/Len2-8 151.70n ± 2% 26.25n ± 2% -82.70% (p=0.000 n=12)
Float64SliceValue/Len8-8 173.6n ± 2% 169.7n ± 4% ~ (p=0.155 n=12)
StringSliceValue/Len2-8 177.15n ± 2% 42.03n ± 3% -76.27% (p=0.000 n=12)
StringSliceValue/Len8-8 217.2n ± 6% 219.1n ± 6% ~ (p=0.504 n=12)
AsFloat64Slice/Len2-8 96.77n ± 3% 63.05n ± 27% -34.84% (p=0.000 n=12)
AsFloat64Slice/Len8-8 123.8n ± 18% 117.1n ± 4% ~ (p=1.000 n=12)
geomean 147.6n 71.85n -51.33%
│ /tmp/bench-internal-base-v2.txt │ /tmp/bench-internal-current-v2.txt │
│ B/op │ B/op vs base │
BoolSliceValue/Len2-8 4.000 ± 0% 2.000 ± 0% -50.00% (p=0.000 n=12)
BoolSliceValue/Len8-8 16.00 ± 0% 16.00 ± 0% ~ (p=1.000 n=12) ¹
Int64SliceValue/Len2-8 32.00 ± 0% 16.00 ± 0% -50.00% (p=0.000 n=12)
Int64SliceValue/Len8-8 128.0 ± 0% 128.0 ± 0% ~ (p=1.000 n=12) ¹
Float64SliceValue/Len2-8 32.00 ± 0% 16.00 ± 0% -50.00% (p=0.000 n=12)
Float64SliceValue/Len8-8 128.0 ± 0% 128.0 ± 0% ~ (p=1.000 n=12) ¹
StringSliceValue/Len2-8 64.00 ± 0% 32.00 ± 0% -50.00% (p=0.000 n=12)
StringSliceValue/Len8-8 256.0 ± 0% 256.0 ± 0% ~ (p=1.000 n=12) ¹
AsFloat64Slice/Len2-8 40.00 ± 0% 40.00 ± 0% ~ (p=1.000 n=12) ¹
AsFloat64Slice/Len8-8 88.00 ± 0% 88.00 ± 0% ~ (p=1.000 n=12) ¹
geomean 47.77 36.21 -24.21%
¹ all samples are equal
│ /tmp/bench-internal-base-v2.txt │ /tmp/bench-internal-current-v2.txt │
│ allocs/op │ allocs/op vs base │
BoolSliceValue/Len2-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
BoolSliceValue/Len8-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
Int64SliceValue/Len2-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
Int64SliceValue/Len8-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
Float64SliceValue/Len2-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
Float64SliceValue/Len8-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
StringSliceValue/Len2-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
StringSliceValue/Len8-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
AsFloat64Slice/Len2-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
AsFloat64Slice/Len8-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
geomean 2.000 1.516 -24.21%
¹ all samples are equal
```
### Public `attribute` API
```text
goos: linux
goarch: amd64
pkg: go.opentelemetry.io/otel/attribute
cpu: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
│ /tmp/bench-attr-base-v2.txt │ /tmp/bench-attr-current-v3.txt │
│ sec/op │ sec/op vs base │
BoolSlice/Len2/Value-8 130.65n ± 3% 16.90n ± 3% -87.06% (p=0.000 n=12)
BoolSlice/Len2/KeyValue-8 135.85n ± 14% 23.49n ± 2% -82.71% (p=0.000 n=12)
BoolSlice/Len2/AsBoolSlice-8 50.22n ± 1% 19.12n ± 15% -61.92% (p=0.000 n=12)
BoolSlice/Len2/Emit-8 343.9n ± 1% 293.4n ± 1% -14.68% (p=0.000 n=12)
BoolSlice/Len8/Value-8 134.7n ± 2% 136.4n ± 2% +1.22% (p=0.011 n=12)
BoolSlice/Len8/KeyValue-8 137.7n ± 2% 140.6n ± 2% +2.11% (p=0.046 n=12)
BoolSlice/Len8/AsBoolSlice-8 53.59n ± 22% 61.15n ± 22% +14.11% (p=0.020 n=12)
BoolSlice/Len8/Emit-8 773.5n ± 1% 788.5n ± 2% +1.93% (p=0.028 n=12)
IntSlice/Len2/Value-8 140.85n ± 2% 36.20n ± 3% -74.30% (p=0.000 n=12)
IntSlice/Len2/KeyValue-8 149.65n ± 2% 42.84n ± 3% -71.37% (p=0.000 n=12)
IntSlice/Len2/Emit-8 318.2n ± 3% 279.6n ± 15% -12.15% (p=0.012 n=12)
IntSlice/Len8/Value-8 217.9n ± 1% 228.8n ± 2% +5.00% (p=0.001 n=12)
IntSlice/Len8/KeyValue-8 225.6n ± 29% 232.3n ± 3% ~ (p=0.767 n=12)
IntSlice/Len8/Emit-8 480.0n ± 1% 478.6n ± 2% ~ (p=0.899 n=12)
Int64Slice/Len2/Value-8 150.90n ± 1% 27.43n ± 3% -81.82% (p=0.000 n=12)
Int64Slice/Len2/KeyValue-8 152.05n ± 1% 34.34n ± 3% -77.42% (p=0.000 n=12)
Int64Slice/Len2/AsInt64Slice-8 58.69n ± 4% 28.58n ± 3% -51.30% (p=0.000 n=12)
Int64Slice/Len2/Emit-8 318.4n ± 3% 273.9n ± 1% -13.99% (p=0.000 n=12)
Int64Slice/Len8/Value-8 173.0n ± 8% 177.8n ± 2% ~ (p=0.173 n=12)
Int64Slice/Len8/KeyValue-8 184.0n ± 24% 184.3n ± 2% ~ (p=0.701 n=12)
Int64Slice/Len8/AsInt64Slice-8 72.04n ± 2% 83.05n ± 2% +15.30% (p=0.000 n=12)
Int64Slice/Len8/Emit-8 474.9n ± 19% 501.9n ± 18% +5.67% (p=0.020 n=12)
Float64Slice/Len2/Value-8 150.95n ± 3% 26.92n ± 3% -82.17% (p=0.000 n=12)
Float64Slice/Len2/KeyValue-8 153.95n ± 3% 33.08n ± 2% -78.52% (p=0.000 n=12)
Float64Slice/Len2/AsFloat64Slice-8 60.31n ± 24% 27.02n ± 1% -55.19% (p=0.000 n=12)
Float64Slice/Len2/Emit-8 434.2n ± 2% 380.4n ± 1% -12.40% (p=0.000 n=12)
Float64Slice/Len8/Value-8 173.7n ± 2% 175.2n ± 25% ~ (p=0.248 n=12)
Float64Slice/Len8/KeyValue-8 174.0n ± 4% 175.2n ± 2% ~ (p=0.702 n=12)
Float64Slice/Len8/AsFloat64Slice-8 71.17n ± 8% 78.00n ± 4% +9.58% (p=0.007 n=12)
Float64Slice/Len8/Emit-8 920.6n ± 20% 909.9n ± 8% ~ (p=0.378 n=12)
StringSlice/Len2/Value-8 174.00n ± 5% 41.97n ± 20% -75.88% (p=0.000 n=12)
StringSlice/Len2/KeyValue-8 179.85n ± 2% 46.76n ± 2% -74.00% (p=0.000 n=12)
StringSlice/Len2/AsStringSlice-8 76.03n ± 5% 39.83n ± 3% -47.61% (p=0.000 n=12)
StringSlice/Len2/Emit-8 386.0n ± 2% 332.3n ± 3% -13.91% (p=0.000 n=12)
StringSlice/Len8/Value-8 225.4n ± 4% 226.2n ± 4% ~ (p=0.311 n=12)
StringSlice/Len8/KeyValue-8 228.1n ± 7% 234.2n ± 4% ~ (p=0.386 n=12)
StringSlice/Len8/AsStringSlice-8 110.8n ± 25% 117.8n ± 4% ~ (p=0.173 n=12)
StringSlice/Len8/Emit-8 658.7n ± 3% 647.9n ± 5% ~ (p=0.319 n=12)
geomean 181.7n 110.7n -39.08%
│ /tmp/bench-attr-base-v2.txt │ /tmp/bench-attr-current-v3.txt │
│ B/op │ B/op vs base │
BoolSlice/Len2/Value-8 4.000 ± 0% 2.000 ± 0% -50.00% (p=0.000 n=12)
BoolSlice/Len2/KeyValue-8 4.000 ± 0% 2.000 ± 0% -50.00% (p=0.000 n=12)
BoolSlice/Len2/AsBoolSlice-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
BoolSlice/Len2/Emit-8 40.00 ± 0% 40.00 ± 0% ~ (p=1.000 n=12) ¹
BoolSlice/Len8/Value-8 16.00 ± 0% 16.00 ± 0% ~ (p=1.000 n=12) ¹
BoolSlice/Len8/KeyValue-8 16.00 ± 0% 16.00 ± 0% ~ (p=1.000 n=12) ¹
BoolSlice/Len8/AsBoolSlice-8 8.000 ± 0% 8.000 ± 0% ~ (p=1.000 n=12) ¹
BoolSlice/Len8/Emit-8 88.00 ± 0% 88.00 ± 0% ~ (p=1.000 n=12) ¹
IntSlice/Len2/Value-8 32.00 ± 0% 16.00 ± 0% -50.00% (p=0.000 n=12)
IntSlice/Len2/KeyValue-8 32.00 ± 0% 16.00 ± 0% -50.00% (p=0.000 n=12)
IntSlice/Len2/Emit-8 56.00 ± 0% 56.00 ± 0% ~ (p=1.000 n=12) ¹
IntSlice/Len8/Value-8 128.0 ± 0% 192.0 ± 0% +50.00% (p=0.000 n=12)
IntSlice/Len8/KeyValue-8 128.0 ± 0% 192.0 ± 0% +50.00% (p=0.000 n=12)
IntSlice/Len8/Emit-8 136.0 ± 0% 136.0 ± 0% ~ (p=1.000 n=12) ¹
Int64Slice/Len2/Value-8 32.00 ± 0% 16.00 ± 0% -50.00% (p=0.000 n=12)
Int64Slice/Len2/KeyValue-8 32.00 ± 0% 16.00 ± 0% -50.00% (p=0.000 n=12)
Int64Slice/Len2/AsInt64Slice-8 16.00 ± 0% 16.00 ± 0% ~ (p=1.000 n=12) ¹
Int64Slice/Len2/Emit-8 56.00 ± 0% 56.00 ± 0% ~ (p=1.000 n=12) ¹
Int64Slice/Len8/Value-8 128.0 ± 0% 128.0 ± 0% ~ (p=1.000 n=12) ¹
Int64Slice/Len8/KeyValue-8 128.0 ± 0% 128.0 ± 0% ~ (p=1.000 n=12) ¹
Int64Slice/Len8/AsInt64Slice-8 64.00 ± 0% 64.00 ± 0% ~ (p=1.000 n=12) ¹
Int64Slice/Len8/Emit-8 136.0 ± 0% 136.0 ± 0% ~ (p=1.000 n=12) ¹
Float64Slice/Len2/Value-8 32.00 ± 0% 16.00 ± 0% -50.00% (p=0.000 n=12)
Float64Slice/Len2/KeyValue-8 32.00 ± 0% 16.00 ± 0% -50.00% (p=0.000 n=12)
Float64Slice/Len2/AsFloat64Slice-8 16.00 ± 0% 16.00 ± 0% ~ (p=1.000 n=12) ¹
Float64Slice/Len2/Emit-8 56.00 ± 0% 56.00 ± 0% ~ (p=1.000 n=12) ¹
Float64Slice/Len8/Value-8 128.0 ± 0% 128.0 ± 0% ~ (p=1.000 n=12) ¹
Float64Slice/Len8/KeyValue-8 128.0 ± 0% 128.0 ± 0% ~ (p=1.000 n=12) ¹
Float64Slice/Len8/AsFloat64Slice-8 64.00 ± 0% 64.00 ± 0% ~ (p=1.000 n=12) ¹
Float64Slice/Len8/Emit-8 136.0 ± 0% 136.0 ± 0% ~ (p=1.000 n=12) ¹
StringSlice/Len2/Value-8 64.00 ± 0% 32.00 ± 0% -50.00% (p=0.000 n=12)
StringSlice/Len2/KeyValue-8 64.00 ± 0% 32.00 ± 0% -50.00% (p=0.000 n=12)
StringSlice/Len2/AsStringSlice-8 32.00 ± 0% 32.00 ± 0% ~ (p=1.000 n=12) ¹
StringSlice/Len2/Emit-8 120.0 ± 0% 120.0 ± 0% ~ (p=1.000 n=12) ¹
StringSlice/Len8/Value-8 256.0 ± 0% 256.0 ± 0% ~ (p=1.000 n=12) ¹
StringSlice/Len8/KeyValue-8 256.0 ± 0% 256.0 ± 0% ~ (p=1.000 n=12) ¹
StringSlice/Len8/AsStringSlice-8 128.0 ± 0% 128.0 ± 0% ~ (p=1.000 n=12) ¹
StringSlice/Len8/Emit-8 344.0 ± 0% 344.0 ± 0% ~ (p=1.000 n=12) ¹
geomean 49.39 42.05 -14.88%
¹ all samples are equal
│ /tmp/bench-attr-base-v2.txt │ /tmp/bench-attr-current-v3.txt │
│ allocs/op │ allocs/op vs base │
BoolSlice/Len2/Value-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
BoolSlice/Len2/KeyValue-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
BoolSlice/Len2/AsBoolSlice-8 1.000 ± 0% 1.000 ± 0% ~ (p=1.000 n=12) ¹
BoolSlice/Len2/Emit-8 5.000 ± 0% 5.000 ± 0% ~ (p=1.000 n=12) ¹
BoolSlice/Len8/Value-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
BoolSlice/Len8/KeyValue-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
BoolSlice/Len8/AsBoolSlice-8 1.000 ± 0% 1.000 ± 0% ~ (p=1.000 n=12) ¹
BoolSlice/Len8/Emit-8 11.00 ± 0% 11.00 ± 0% ~ (p=1.000 n=12) ¹
IntSlice/Len2/Value-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
IntSlice/Len2/KeyValue-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
IntSlice/Len2/Emit-8 4.000 ± 0% 4.000 ± 0% ~ (p=1.000 n=12) ¹
IntSlice/Len8/Value-8 2.000 ± 0% 3.000 ± 0% +50.00% (p=0.000 n=12)
IntSlice/Len8/KeyValue-8 2.000 ± 0% 3.000 ± 0% +50.00% (p=0.000 n=12)
IntSlice/Len8/Emit-8 4.000 ± 0% 4.000 ± 0% ~ (p=1.000 n=12) ¹
Int64Slice/Len2/Value-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
Int64Slice/Len2/KeyValue-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
Int64Slice/Len2/AsInt64Slice-8 1.000 ± 0% 1.000 ± 0% ~ (p=1.000 n=12) ¹
Int64Slice/Len2/Emit-8 4.000 ± 0% 4.000 ± 0% ~ (p=1.000 n=12) ¹
Int64Slice/Len8/Value-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
Int64Slice/Len8/KeyValue-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
Int64Slice/Len8/AsInt64Slice-8 1.000 ± 0% 1.000 ± 0% ~ (p=1.000 n=12) ¹
Int64Slice/Len8/Emit-8 4.000 ± 0% 4.000 ± 0% ~ (p=1.000 n=12) ¹
Float64Slice/Len2/Value-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
Float64Slice/Len2/KeyValue-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
Float64Slice/Len2/AsFloat64Slice-8 1.000 ± 0% 1.000 ± 0% ~ (p=1.000 n=12) ¹
Float64Slice/Len2/Emit-8 4.000 ± 0% 4.000 ± 0% ~ (p=1.000 n=12) ¹
Float64Slice/Len8/Value-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
Float64Slice/Len8/KeyValue-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
Float64Slice/Len8/AsFloat64Slice-8 1.000 ± 0% 1.000 ± 0% ~ (p=1.000 n=12) ¹
Float64Slice/Len8/Emit-8 4.000 ± 0% 4.000 ± 0% ~ (p=1.000 n=12) ¹
StringSlice/Len2/Value-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
StringSlice/Len2/KeyValue-8 2.000 ± 0% 1.000 ± 0% -50.00% (p=0.000 n=12)
StringSlice/Len2/AsStringSlice-8 1.000 ± 0% 1.000 ± 0% ~ (p=1.000 n=12) ¹
StringSlice/Len2/Emit-8 4.000 ± 0% 4.000 ± 0% ~ (p=1.000 n=12) ¹
StringSlice/Len8/Value-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
StringSlice/Len8/KeyValue-8 2.000 ± 0% 2.000 ± 0% ~ (p=1.000 n=12) ¹
StringSlice/Len8/AsStringSlice-8 1.000 ± 0% 1.000 ± 0% ~ (p=1.000 n=12) ¹
StringSlice/Len8/Emit-8 4.000 ± 0% 4.000 ± 0% ~ (p=1.000 n=12) ¹
geomean 2.143 1.824 -14.88%
¹ all samples are equal
```
## Notes
- `Len2` is where the wins show up because those calls avoid
`reflect.ArrayOf` and one allocation.
- `Len8` stays much closer to baseline because it still uses the
reflective path.
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: David Ashpole <dashpole@google.com>
|
||
|
renovate[bot]
|
6d79ac3936 |
fix(deps): update golang.org/x (#8045)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | Type | Update | |---|---|---|---|---|---| | [golang.org/x/crypto](https://pkg.go.dev/golang.org/x/crypto) | [`v0.48.0` → `v0.49.0`](https://cs.opensource.google/go/x/crypto/+/refs/tags/v0.48.0...refs/tags/v0.49.0) |  |  | indirect | minor | | [golang.org/x/mod](https://pkg.go.dev/golang.org/x/mod) | [`v0.33.0` → `v0.34.0`](https://cs.opensource.google/go/x/mod/+/refs/tags/v0.33.0...refs/tags/v0.34.0) |  |  | indirect | minor | | [golang.org/x/net](https://pkg.go.dev/golang.org/x/net) | [`v0.51.0` → `v0.52.0`](https://cs.opensource.google/go/x/net/+/refs/tags/v0.51.0...refs/tags/v0.52.0) |  |  | indirect | minor | | [golang.org/x/telemetry](https://pkg.go.dev/golang.org/x/telemetry) | `e526e8a` → `579e4da` |  |  | indirect | digest | | [golang.org/x/text](https://pkg.go.dev/golang.org/x/text) | [`v0.34.0` → `v0.35.0`](https://cs.opensource.google/go/x/text/+/refs/tags/v0.34.0...refs/tags/v0.35.0) |  |  | indirect | minor | | [golang.org/x/tools](https://pkg.go.dev/golang.org/x/tools) | [`v0.42.0` → `v0.43.0`](https://cs.opensource.google/go/x/tools/+/refs/tags/v0.42.0...refs/tags/v0.43.0) |  |  | require | minor | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41OS4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: dmathieu <damien.mathieu@elastic.co> |
||
|
renovate[bot]
|
45173ad648 |
chore(deps): update github.com/securego/gosec/v2 digest to b7b2c7b (#8044)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/securego/gosec/v2](https://redirect.github.com/securego/gosec) | indirect | digest | `6e66a94` → `b7b2c7b` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41OS4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
renovate[bot]
|
e04a399c9b |
chore(deps): update actions/download-artifact action to v8.0.1 (#8046)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/download-artifact](https://redirect.github.com/actions/download-artifact) | action | patch | `v8.0.0` → `v8.0.1` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Release Notes <details> <summary>actions/download-artifact (actions/download-artifact)</summary> ### [`v8.0.1`](https://redirect.github.com/actions/download-artifact/releases/tag/v8.0.1) [Compare Source](https://redirect.github.com/actions/download-artifact/compare/v8.0.0...v8.0.1) ##### What's Changed - Support for CJK characters in the artifact name by [@​danwkennedy](https://redirect.github.com/danwkennedy) in [#​471](https://redirect.github.com/actions/download-artifact/pull/471) - Add a regression test for artifact name + content-type mismatches by [@​danwkennedy](https://redirect.github.com/danwkennedy) in [#​472](https://redirect.github.com/actions/download-artifact/pull/472) **Full Changelog**: <https://github.com/actions/download-artifact/compare/v8...v8.0.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41OS4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
Ijas
|
88f8c10823 |
linting: add depguard rule to enforce semconv version (#8041)
### Description This PR adds a `depguard` linter rule to [.golangci.yml](file:///Users/ijasahammed/Documents/open_source/opentelemetry-go/.golangci.yml) to enforce the use of the latest semantic convention version (`v1.40.0`). This rule ensures that: - Any new code importing `otel/semconv` must use `v1.40.0`. - The `semconv/` directory itself is excluded from this check to avoid linting legacy definitions. - The `zipkin exporter` is excluded from this check - Updated `semconv` version to v1.40.0 in the `sdk/log/logger_bench_test.go` test. ### Verification Results I verified this change locally using the following steps: 1. **Full Linter Run**: Ran `make precommit` (which executes `golangci-lint run`). It passed with **0 issues** across the entire repository. 2. **Smoke Test**: Added a temporary import of `go.opentelemetry.io/otel/semconv/v1.20.0` in trace.go. The linter correctly reported the violation: > `trace.go:7:2: import 'go.opentelemetry.io/otel/semconv/v1.20.0' is not allowed from list 'semconv': Use go.opentelemetry.io/otel/semconv/v1.40.0 instead. (depguard)` This change is not performance-critical and does not affect the library's runtime behavior. ### Checklist - [x] Signed CLA - [x] `make precommit` passes. - [x] CHANGELOG.md updated. (Not required) Fixes #7842 --------- Co-authored-by: Robert Pająk <pellared@hotmail.com> Co-authored-by: Damien Mathieu <42@dmathieu.com> |
||
 Mikhail Mazurskiy
|
ddd2b0e398 |
fix(sdk/trace): return spec-compliant TraceIdRatioBased description (#8027)
Optimize performance when sampling is disabled - no need to calculate fraction based on trace id (in `traceIDRatioSampler`) if fraction is zero. --------- Co-authored-by: David Ashpole <dashpole@google.com> Co-authored-by: Damien Mathieu <42@dmathieu.com> |
||
 Robert Pająk
|
f4da59e651 |
attribute: change INVALID Type to EMPTY and mark INVALID as deprecated (#8038)
Fixes https://github.com/open-telemetry/opentelemetry-go/issues/7932 Noticeable comment from previous PR: https://github.com/open-telemetry/opentelemetry-go/pull/7942#discussion_r2913179215 Print the empty value as empty string per https://opentelemetry.io/docs/specs/otel/common/#empty-values |
||
|
renovate[bot]
|
205e24407e |
fix(deps): update googleapis to 84a4fc4 (#8048)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [google.golang.org/genproto/googleapis/api](https://redirect.github.com/googleapis/go-genproto) | indirect | digest | `a57be14` → `84a4fc4` | | [google.golang.org/genproto/googleapis/rpc](https://redirect.github.com/googleapis/go-genproto) | indirect | digest | `a57be14` → `84a4fc4` | | [google.golang.org/genproto/googleapis/rpc](https://redirect.github.com/googleapis/go-genproto) | require | digest | `a57be14` → `84a4fc4` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41OS4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
Mikhail Mazurskiy
|
aff375ac62 |
chore(sdk/trace): join errors properly (#8030)
Co-authored-by: Robert Pająk <pellared@hotmail.com> |
||
|
Tyler Yahn
|
cb0de1f26c |
Rebuild semconvkit and verifyreadmes on changes (#7995)
This updates the tool build dependencies in `Makefile` so local tools are rebuilt when their source files change, instead of requiring manual deletion from `.tools`. |
||
 Marc Schäfer
|
526b68f39b |
docs(otlp): document HTTP/protobuf insecure env vars (#8037)
Update the package documentation for: - otlptracehttp - otlpmetrichttp - otlploghttp to document the already-supported OTEL_EXPORTER_OTLP_INSECURE and signal-specific *_INSECURE environment variables. |
||
|
renovate[bot]
|
3447d093ca |
chore(deps): update github.com/securego/gosec/v2 digest to 6e66a94 (#8043)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/securego/gosec/v2](https://redirect.github.com/securego/gosec) | indirect | digest | `8895462` → `6e66a94` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/5322) for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/open-telemetry/opentelemetry-go). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41OS4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiU2tpcCBDaGFuZ2Vsb2ciLCJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |