Skip to content

security(go): bump go.opentelemetry.io/contrib/bridges/otelslog from 0.13.0 to 0.14.0 #717

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

security(go): bump go.opentelemetry.io/contrib/bridges/otelslog from 0.13.0 to 0.14.0 #717

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 5, 2026

Bumps go.opentelemetry.io/contrib/bridges/otelslog from 0.13.0 to 0.14.0.

Release notes

Sourced from go.opentelemetry.io/contrib/bridges/otelslog's releases.

Release v0.14.0

Added

  • otelhttp.{Get,Head,Post,PostForm} convenience wrappers for their http counterparts. (#390)
  • The AWS detector now adds the cloud zone, host image ID, host type, and host name to the returned Resource. (#410)

Changed

  • Add semantic version to Tracer / Meter created by instrumentation packages otelsaram, otelrestful, otelmongo, otelhttp and otelhttptrace. (#412)
  • Update instrumentation guidelines about tracer / meter semantic version. (#412)
  • Replace internal tracer and meter helpers by helpers from go.opentelemetry.io/otel. (#414)
  • gRPC instrumentation sets span attribute rpc.grpc.status_code. (#453)

Fixed

  • /detectors/aws no longer fails if instance metadata is not available (e.g. not running in AWS) (#401)
  • The AWS detector now returns a partial resource and an appropriate error if it encounters an error part way through determining a Resource identity. (#410)
  • The host instrumentation unit test has been updated to not depend on the system it runs on. (#426)

Raw changes made between v0.13.0 and v0.14.0

f284e2828c7729d0575eb2ed9de98397e8aff04c (HEAD -> master, tag: v0.14.0, tag: propagators/v0.14.0, tag: instrumentation/runtime/v0.14.0, tag: instrumentation/runtime/example/v0.14.0, tag: instrumentation/net/http/otelhttp/v0.14.0, tag: instrumentation/net/http/otelhttp/example/v0.14.0, tag: instrumentation/net/http/httptrace/otelhttptrace/v0.14.0, tag: instrumentation/net/http/httptrace/otelhttptrace/example/v0.14.0, tag: instrumentation/host/v0.14.0, tag: instrumentation/host/example/v0.14.0, tag: instrumentation/gopkg.in/macaron.v1/otelmacaron/v0.14.0, tag: instrumentation/gopkg.in/macaron.v1/otelmacaron/example/v0.14.0, tag: instrumentation/google.golang.org/grpc/otelgrpc/v0.14.0, tag: instrumentation/google.golang.org/grpc/otelgrpc/example/v0.14.0, tag: instrumentation/go.mongodb.org/mongo-driver/mongo/otelmongo/v0.14.0, tag: instrumentation/github.com/labstack/echo/otelecho/v0.14.0, tag: instrumentation/github.com/labstack/echo/otelecho/example/v0.14.0, tag: instrumentation/github.com/gorilla/mux/otelmux/v0.14.0, tag: instrumentation/github.com/gorilla/mux/otelmux/example/v0.14.0, tag: instrumentation/github.com/gocql/gocql/otelgocql/v0.14.0, tag: instrumentation/github.com/gocql/gocql/otelgocql/example/v0.14.0, tag: instrumentation/github.com/gin-gonic/gin/otelgin/v0.14.0, tag: instrumentation/github.com/gin-gonic/gin/otelgin/example/v0.14.0, tag: instrumentation/github.com/emicklei/go-restful/otelrestful/v0.14.0, tag: instrumentation/github.com/emicklei/go-restful/otelrestful/example/v0.14.0, tag: instrumentation/github.com/bradfitz/gomemcache/memcache/otelmemcache/v0.14.0, tag: instrumentation/github.com/bradfitz/gomemcache/memcache/otelmemcache/example/v0.14.0, tag: instrumentation/github.com/astaxie/beego/otelbeego/v0.14.0, tag: instrumentation/github.com/astaxie/beego/otelbeego/example/v0.14.0, tag: instrumentation/github.com/Shopify/sarama/otelsarama/v0.14.0, tag: instrumentation/github.com/Shopify/sarama/otelsarama/example/v0.14.0, tag: exporters/metric/dogstatsd/v0.14.0, tag: exporters/metric/datadog/v0.14.0, tag: exporters/metric/cortex/v0.14.0, tag: exporters/metric/cortex/utils/v0.14.0, tag: exporters/metric/cortex/example/v0.14.0, tag: detectors/gcp/v0.14.0, tag: detectors/aws/v0.14.0, upstream/master, origin/master, origin/HEAD) Release v0.14.0 (#461) b83f931760121defb061ecba196867e98faa23d9 Use tracer and meter test helpers from the OTEL repository instead of the internal ones (#414) 1d3290da84503fb5db489381087dabd08b8a5141 otelgrpc: Set attribute with gRPC status code (#453) 1010e02a1c7f0a045157fd167352b258b34cb800 Bump gopkg.in/macaron.v1 from 1.3.9 to 1.4.0 in /instrumentation/gopkg.in/macaron.v1/otelmacaron/example (#452) f41bf49f3be5db3970344bc5e99ffca03a9b947a Bump github.com/emicklei/go-restful/v3 from 3.3.3 to 3.4.0 in /instrumentation/github.com/emicklei/go-restful/otelrestful/example (#451) 4ae0732601212558cd609b13c91a6224b91d91c5 Bump github.com/google/go-cmp from 0.5.2 to 0.5.3 in /instrumentation/net/http/httptrace/otelhttptrace (#450) 1fed75644add27772ccc8aeebe063ca26d1b52ae Bump github.com/google/go-cmp from 0.5.2 to 0.5.3 in /exporters/metric/cortex (#449) 7eac438f8f8f2eccff50a66a39cc737e742381e2 Bump cloud.google.com/go from 0.71.0 to 0.72.0 in /detectors/gcp (#448) 905ae72df1249b388690c6410467e584a6e04142 Bump github.com/aws/aws-sdk-go from 1.35.23 to 1.35.28 in /detectors/aws (#447) a459621306ace185065771ca31a46c50eced8504 Bump github.com/golangci/golangci-lint from 1.32.1 to 1.32.2 in /tools (#440) 19d1285e62ce216105e6482cacdef2c1c083c287 Bump github.com/aws/aws-sdk-go from 1.35.19 to 1.35.23 in /detectors/aws (#441) 3757c76807563ae2f6807c5e4bfe30f21e9ac362 Bump cloud.google.com/go from 0.70.0 to 0.71.0 in /detectors/gcp (#442) cb3b58f07d10bfafbcce0b09a8ee149f3026cb10 Bump google.golang.org/grpc from 1.33.1 to 1.33.2 in /instrumentation/google.golang.org/grpc/otelgrpc/example (#443) f43ce8d8f9366c0435f7e0ace95cbc2be4e0fc7c Bump github.com/astaxie/beego from 1.12.2 to 1.12.3 in /instrumentation/github.com/astaxie/beego/otelbeego/example (#444) 520ddc709136e5131ac687441fce97b4e6cae7cc Bump google.golang.org/grpc from 1.33.1 to 1.33.2 in /instrumentation/google.golang.org/grpc/otelgrpc (#445) 5ad98bfda3dc116c08f0fa7a2c54a403a9f12e54 Tiny README.md fix (#438) e7ba12942d4546d66b5853af7310c321888ff8de Bump github.com/aws/aws-sdk-go from 1.35.14 to 1.35.19 in /detectors/aws (#431) 0ceee0528535e55bb791cd14d9ee36fd070cb4cd Bump github.com/golangci/golangci-lint from 1.32.0 to 1.32.1 in /tools (#430) 13ae395efa2d5c348f5bbc28c25e92b9c5c235f0 [aws detector] Additional Attributes (#410) a3f208a586ac0b36803f566bd047e9a6a8a09114 Replace flaky host instrumentation test (#426) 1d9c921b1ad4f669271608b192a30402f7eb2873 Bump google.golang.org/grpc from 1.32.0 to 1.33.1 in /instrumentation/google.golang.org/grpc/otelgrpc (#421) a0dc004c4bea08d463e7ee9f9e9e8e26511defc7 Add sem version to remaining instrumentation packages (#412) 4a5c9349af1b10e275b1b0f9dab8475136b4a1a6 Bump cloud.google.com/go from 0.69.1 to 0.70.0 in /detectors/gcp (#420) 119660997a4094cc6ffab555329f2a2251ebdd78 Bump github.com/emicklei/go-restful/v3 from 3.3.1 to 3.3.3 in /instrumentation/github.com/emicklei/go-restful/otelrestful/example (#422) c2124f7c2f4cd581e3ee6ed0610bcc0eca07ed44 Bump github.com/Shopify/sarama from 1.27.1 to 1.27.2 in /instrumentation/github.com/Shopify/sarama/otelsarama/example (#423) 92191577d4e15838b368551dd861c7751d854d10 Bump google.golang.org/grpc from 1.32.0 to 1.33.1 in /instrumentation/google.golang.org/grpc/otelgrpc/example (#424) ca00abdfbe34dff26eaaeaa958d83cc5d0ed0ed0 Bump github.com/aws/aws-sdk-go from 1.35.9 to 1.35.14 in /detectors/aws (#419) a7a9242b7ab2b3b687aebf69aa2526f151c4a9f3 Bump github.com/golangci/golangci-lint from 1.31.0 to 1.32.0 in /tools (#418) 6fcf9963dd0268d6e2bcce8e202a26b351fecae5 Bump cloud.google.com/go from 0.68.0 to 0.69.1 in /detectors/gcp (#405)

... (truncated)

Changelog

Sourced from go.opentelemetry.io/contrib/bridges/otelslog's changelog.

[1.39.0/2.1.0/0.64.0/0.33.0/0.19.0/0.14.0/0.12.0/0.11.0] - 2025-12-08

Added

  • ParseYAML in go.opentelemetry.io/contrib/otelconf now supports environment variables substitution in the format ${[env:]VAR_NAME[:-defaultvalue]}. (#6215)
  • Add the http.route metric attribute to go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux. (#7966)
  • Support db.client.operation.duration metric for go.opentelemetry.io/contrib/instrumentation/go.mongodb.org/mongo-driver/v2/mongo/otelmongo. (#7983)
  • Add a WithSpanNameFormatter option to go.opentelemetry.io/contrib/instrumentation/go.mongodb.org/mongo-driver/v2/mongo/otelmongo. (#7986)
  • WithOnError option for otelecho middleware in go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho to specify the behavior when an error occurs. (#8025)
  • Updated go.opentelemetry.io/contrib/otelconf to include the v1.0.0-rc2 release candidate of schema which includes backwards incompatible changes. (#8026)
  • Introduce v1.0.0-rc.2 model in go.opentelemetry.io/contrib/otelconf. (#8031)
  • Add unmarshaling and validation for CardinalityLimits and SpanLimits to v1.0.0 model in go.opentelemetry.io/contrib/otelconf. (#8043)
  • Add unmarshaling and validation for BatchLogRecordProcessor, BatchSpanProcessor, and PeriodicMetricReader to v1.0.0 model in go.opentelemetry.io/contrib/otelconf. (#8049)
  • Add unmarshaling and validation for TextMapPropagator to v1.0.0 model in go.opentelemetry.io/contrib/otelconf. (#8052)
  • Add jaeger.sampler.type/jaeger.sampler.param attributes for adaptive sampling support and option WithAttributesDisabled in go.opentelemetry.io/contrib/samplers/jaegerremote. (#8073)
  • Add support for OTEL_EXPERIMENTAL_CONFIG_FILE via the NewSDK function in go.opentelemetry.io/contrib/otelconf (#8106)
  • Add unmarshaling and validation for OTLPHttpExporter, OTLPGrpcExporter, OTLPGrpcMetricExporter and OTLPHttpMetricExporter to v1.0.0 model in go.opentelemetry.io/contrib/otelconf. (#8112)
  • Add unmarshaling and validation for AttributeType, AttributeNameValue, SimpleSpanProcessor, SimpleLogRecordProcessor, ZipkinSpanExporter, NameStringValuePair, InstrumentType, ExperimentalPeerInstrumentationServiceMappingElem, ExporterDefaultHistogramAggregation, PullMetricReader to v1.0.0 model in go.opentelemetry.io/contrib/otelconf. (#8127)
  • Add support for container, host, process resource detectors in go.opentelemetry.io/contrib/otelconf. (#8180)

Changed

  • Improve performance by reducing allocations in the gRPC stats handler in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#8035)
  • Export the ReadEvents and WriteEvents constants in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp so they can be used in WithMessageEvents. (#8153)
  • Switched the default for OTEL_SEMCONV_STABILITY_OPT_IN to emit the v1.37.0 semantic conventions by default in go.opentelemetry.io/contrib/instrumentation/go.mongodb.org/mongo-driver/mongo/otelmongo. Use the environment variable OTEL_SEMCONV_STABILITY_OPT_IN to configure duplication with old semantic conventions if needed (i.e. OTEL_SEMCONV_STABILITY_OPT_IN="database/dup"). (#8230)

Deprecated

  • WithRouteTag in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is deprecated. The route is already added automatically for spans. For metrics, the alternative is to use the WithMetricAttributesFn option. (#8117)
  • WithPublicEndpoint in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is deprecated. Use WithPublicEndpointFn instead. (#8152)
  • DefaultClient, Get, Head, Post, and PostForm in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp are deprecated. Use a custom *http.Client with otelhttp.NewTransport(http.DefaultTransport) instead. (#8140, #8201)

Removed

  • Drop support for [Go 1.23]. (#7831)
  • Remove deprecated go.opentelemetry.io/contrib/detectors/aws/ec2 module, please use go.opentelemetry.io/contrib/detectors/aws/ec2/v2 instead. (#7841)
  • Remove the deprecated Extract and Inject functions from go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#7952)
Commits
  • f284e28 Release v0.14.0 (#461)
  • b83f931 Use tracer and meter test helpers from the OTEL repository instead of the int...
  • 1d3290d otelgrpc: Set attribute with gRPC status code (#453)
  • 1010e02 Bump gopkg.in/macaron.v1 from 1.3.9 to 1.4.0 in /instrumentation/gopkg.in/mac...
  • f41bf49 Bump github.com/emicklei/go-restful/v3 from 3.3.3 to 3.4.0 in /instrumentatio...
  • 4ae0732 Bump github.com/google/go-cmp from 0.5.2 to 0.5.3 in /instrumentation/net/htt...
  • 1fed756 Bump github.com/google/go-cmp from 0.5.2 to 0.5.3 in /exporters/metric/cortex...
  • 7eac438 Bump cloud.google.com/go from 0.71.0 to 0.72.0 in /detectors/gcp (#448)
  • 905ae72 Bump github.com/aws/aws-sdk-go from 1.35.23 to 1.35.28 in /detectors/aws (#447)
  • a459621 Bump github.com/golangci/golangci-lint from 1.32.1 to 1.32.2 in /tools (#440)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
security(go): bump go.opentelemetry.io/contrib/bridges/otelslog
fe54659 
Bumps [go.opentelemetry.io/contrib/bridges/otelslog](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.13.0 to 0.14.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go-contrib@v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/bridges/otelslog
  dependency-version: 0.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jan 5, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Jan 5, 2026

Libyears decreased from 3.58 to 3.02

@github-actions
Copy link
Contributor

github-actions bot commented Jan 5, 2026

Code coverage increased from 89.1% to 89.2%

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant